0

I work on a Hotspot Project with Coova Chilli and Freeradius. I Use FreeRADIUS in the latest stable Version 3.0.11.

I created my rest and sites-enabled config file according to this post: Configuring rlm_rest module in FreeRadius

Sadly, there is no Information about setting up accounting via rest, so i tried following: sites-enabled/default:

accounting {
    rest
    detail
    unix
    exec
    attr_filter-accounting_response
}

mods-enabled/rest:

accounting {
        uri = "${..connect_uri}/aaa/accounting/sessions/%{Acct-Unique-Session-ID}"
        method = 'post'
        body = 'json'
}

But no Data is send to my REST Service. There is just an empty String given...

In FreeRadius debug mode (radiusd -X) following is printed:

(10)   accounting {
rlm_rest (rest): Reserved connection (13)
(10) rest: Expanding URI components
(10) rest: EXPAND http://SERVERIP:PORT
(10) rest:    --> http://SERVERIP:PORT
(10) rest: EXPAND /radius/rest/aaa/accounting/sessions/%{Acct-Unique-Session-ID}
(10) rest:    --> /radius/rest/aaa/accounting/sessions/8f7d662e6afaaa0427598e03cc908379
(10) rest: Sending HTTP POST to "http://SERVERIP:PORT/radius/rest/aaa/accounting/sessions/8f7d662e6afaaa0427598e03cc908379"
(10) rest: Encoding attribute "User-Name"
(10) rest: Encoding attribute "NAS-IP-Address"
(10) rest: Encoding attribute "Service-Type"
(10) rest: Encoding attribute "Called-Station-Id"
(10) rest: Encoding attribute "Calling-Station-Id"
(10) rest: Encoding attribute "NAS-Identifier"
(10) rest: Encoding attribute "NAS-Port-Type"
(10) rest: Encoding attribute "Acct-Status-Type"
(10) rest: Encoding attribute "Acct-Input-Octets"
(10) rest: Encoding attribute "Acct-Output-Octets"
(10) rest: Encoding attribute "Acct-Session-Id"
(10) rest: Encoding attribute "Acct-Session-Time"
(10) rest: Encoding attribute "Acct-Input-Packets"
(10) rest: Encoding attribute "Acct-Output-Packets"
(10) rest: Encoding attribute "Acct-Input-Gigawords"
(10) rest: Encoding attribute "Acct-Output-Gigawords"
(10) rest: Encoding attribute "Event-Timestamp"
(10) rest: Encoding attribute "ChilliSpot-Version"
(10) rest: Returning 1022 bytes of JSON data (buffer full or chunk exceeded)
(10) rest: Encoding attribute "ChilliSpot-Max-Total-Gigawords"
(10) rest: Encoding attribute "FreeRADIUS-Acct-Session-Start-Time"
(10) rest: Encoding attribute "WISPr-Location-ID"
(10) rest: Encoding attribute "WISPr-Location-Name"
(10) rest: Encoding attribute "Acct-Unique-Session-Id"
(10) rest: Encoding attribute "Attr-26.14559.40"
(10) rest: Encoding attribute "Attr-26.14559.41"
(10) rest: Encoding attribute "Attr-26.14559.42"
(10) rest: Processing response header
(10) rest:   Status : 100 (Continue)
(10) rest: Continuing...
(10) rest: Processing response header
(10) rest: ERROR: Malformed HTTP header: Missing HTTP version
(10) rest: ERROR: Received 19 bytes of response data: Content-Length: 0
(10) rest: ERROR: Request failed: 23 - Failed writing received data to disk/application
(10) rest: ERROR: Server returned no data
rlm_rest (rest): Released connection (13)
rlm_rest (rest): Need 1 more connections to reach 10 spares
rlm_rest (rest): Opening additional connection (15), 1 of 30 pending slots used
rlm_rest (rest): Connecting to "http://SERVERIP:PORT/radius/rest"
(10)     [rest] = fail
(10)   } # accounting = fail

If i try a test like this (just a incomplete sample in the JSON specification of rest module):

curl -X POST -H "Content-Type: application/json" --data '{ "User-Name": {"type":"string","value":["elise"]}, "NAS-IP-Address": {"type":"ipaddr","value":["10.1.0.1"]}, "NAS-Port": {"type":"integer","value":["1"]}, "Framed-IP-Address": {"type":"ipaddr","value":["10.1.0.177"]}, "Called-Station-Id": {"type":"string","value":["B8-AC-6F-8D-00-CA"]}, "NAS-Identifier": {"type":"string","value":["nas01"]}, "Acct-Status-Type": {"type":"integer","value":[1]}, "Acct-Session-Id": {"type":"string","value":["56f00f8100000000"]}, "Event-Timestamp": {"type":"date","value":["Jul 29 2015 16:06:40 CEST"]}, "WISPr-Location-ID": {"type":"string","value":["isocc=,cc=,ac=,network=MeteringService_GmbH,"]}, "WISPr-Location-Name": {"type":"string","value":["KomDSL_Hotspot"]}, "Acct-Unique-Session-Id": {"type":"string","value":["8f7d662e6afaaa0427598e03cc908379"]} } ' http://SERVER_PATH/aaa/accounting/sessions/8f7d662e6afaaa0427598e03cc908379

everything is fine, so my REST service seems to work....

The other Sections (authenticate etc.) are working with method='get' and everything is fine.

Has anybody implemented this feature and can help me?

Following the answers on serverfaul.com maybe Arran Cudbard-Bell has an answer?

I'm looking forward for your help!

Lukas S
  • 1
  • 1
  • 1
  • i just updated to version 3.1.1. Everything stays the same... in addition i made a Wireshark.. it shows following: POST radius/rest/aaa/accounting/sessions/670aac34499396b19a70d528701c7233 HTTP/1.1 User-Agent: FreeRADIUS 3.0.11 Host: 127.0.0.1:1234 Accept: */* Content-Type: application/json X-FreeRADIUS-Section: accounting X-FreeRADIUS-Server: default Content-Length: 1573 Expect: 100-continue HTTP/1.1 100 Continue Content-Length: 0 HTTP/1.1 204 No Content Date: Wed, 23 Mar 2016 13:41:01 GMT Content-type: application/json Content-length: 0 – Lukas S Mar 23 '16 at 14:22
  • After long experimentations and researches, i came to the point, that the Java Jersey RESTServer sends per default a 100 Continue, and the FreeRADIUS module won't accept it because of unknown problems with the HTTP Header. I tried to get away with refactoring to a get request. This is not possible, because the Accounting requests are different between start, stop, update etc. – Lukas S Mar 24 '16 at 17:17
  • Too hard to debug on stackoverflow. Contact me directly (google) if you still want help with this. – Arran Cudbard-Bell Apr 26 '16 at 13:31
  • Thank you very much for response, i already thought this would be uncommented for the rest of my life.. i will definitly contact you in future, but the improvised solution works and I'm to busy right now.. – Lukas S May 02 '16 at 11:22
  • I forgot to add the last comment: the solution with GET works right now, but is not very nice... I have to wrap the attributes with ' and unwrap it in my Java-Code, because empty path variables could not be overgiven in the rest URL... – Lukas S May 02 '16 at 11:28
  • just started to use Dropwizard. Now the 100 Continue Process works... – Lukas S Oct 11 '16 at 08:19

1 Answers1

0

The attribute data is missing in rest configuration.

In mods-enabled/rest:

accounting {
    uri = "${..connect_uri}/aaa/accounting/sessions/%{Acct-Unique-Session-ID}"
    method = 'post'
    body = 'json'
    data = '{ "User-Name": {"type":"string","value":["elise"]}, "NAS-IP-Address": {"type":"ipaddr","value":["10.1.0.1"]}, "NAS-Port": {"type":"integer","value":["1"]}, "Framed-IP-Address": {"type":"ipaddr","value":["10.1.0.177"]}, "Called-Station-Id": {"type":"string","value":["B8-AC-6F-8D-00-CA"]}, "NAS-Identifier": {"type":"string","value":["nas01"]}, "Acct-Status-Type": {"type":"integer","value":[1]}, "Acct-Session-Id": {"type":"string","value":["56f00f8100000000"]}, "Event-Timestamp": {"type":"date","value":["Jul 29 2015 16:06:40 CEST"]}, "WISPr-Location-ID": {"type":"string","value":["isocc=,cc=,ac=,network=MeteringService_GmbH,"]}, "WISPr-Location-Name": {"type":"string","value":["KomDSL_Hotspot"]}, "Acct-Unique-Session-Id": {"type":"string","value":["8f7d662e6afaaa0427598e03cc908379"]} }'
}

Note you must substitute the example data by the Attributes provided by FreeRadius, like %{User-Name}