In SoftWLC v.1.8.1 and above, user accounting archiving mechanism is implemented with the help of shell scripts using cron utility. The scripts are included into eltex-radius-db (1.8-123) package.
A new script allows performing more flexible setup of data archiving, cleaning and export algorithm.
Partitioning is done weekly, not monthly, that allows keeping less data in a database.
Data archiving is done weekly.
Automatic start configuration
When eltex-radius-db package is installed/updated, a user will be offered to add the script running to cron:
Do you want to add ThreeYearsRadacct monitor to cron? [Y/n] y CRON server will be restarted with "service cron restart" cron stop/waiting cron start/running, process 7042
If a user agrees to add the script to cron, /etc/cron.d/eltex-radius-db file with the following contents is created:
root@vagrant-ubuntu-trusty-64:/home/vagrant# cat /etc/cron.d/eltex-radius-db # Launch every Monday 0 0 * * 1 root /usr/lib/eltex-radius-db/three_years_radacct_wrap.sh
Creating partitions
In previous versions, raddact table partitioning was done monthly by launching a script creating partitions for a month ahead on a regular basis.
In the current version, partitions are created weekly. To create new partitions, /etc/cron.daily/radius-db-partitions script is used. The script is launched daily and checks for a partition for next week. If there are no partitions, a new partition is created.
When eltex-radius-db is installed for the first time, partitions for previous 3 years and for next week (regarding current server time) are created.
When upgrading from freeradius-eltex-db versions earlier than 3.2.0 with no month partitioning, a database is upgraded. This process may take a long time.
When upgrading from later versions, old partitions splitted per month will remain the same, and new partitions will be created monthly.
Configuration files
/etc/eltex-radius-db/manager-login
The file contains login and password for database connection.
/etc/eltex-radius-db/three_years_radacct
The file contains monitor configuration.
Parameter | Default value | Description |
ARCHIVE_DIR | "/var/ems-backup/radius/csv/" | The directory for storing accounting archives. |
PART_WEEK | 26 | Accounting storage time is measured in weeks. On expiry of the time, data is removed from the database. |
ARCHIVE_WEEK | 156 | Archive storage time for $ARCHIVE_DIR directory is measured in weeks. On expiry of the time, archives are removed from the directory. |
NOTIFICATION_ADDR | administrator's e-mail address for sending notifications on script operation errors. To send e-mail notifications, install and configure mailutils and ssmtp packages. The instruction on configuring the packages can be found in this manual. In mailutils 1:2.99.99-1ubuntu2 and higher versions, simultaneous sending to more than one recipients is supported. Recipients should be added to a space-separated list in double quotes. For example: "example@mail.org example2@mail.org" |
Automatic data export to a remote storage
In addition to archiving and accounting rotation, the script is able to perform automatic export of archived data to remote servers. The export is implemented with the help of rsync and FTP.
Configuring rcync data export
Parameter | Default value | Description |
RSYNC_REMOTE | N | Enabling rsync data export to a remote storage. |
RSYNC_REMOTE_HOST | 192.168.0.1 | Remote storage address for rsync data export. |
RSYNC_REMOTE_PORT | 22 | The port for rsync connection. |
RSYNC_REMOTE_USER | admin | Username for rsync connection. |
RSYNC_REMOTE_PASSWORD | password | User password for rsync connection. |
RSYNC_REMOTE_PATH | "/var/ems-backup/radius/csv/" | The path to save archives (in a remote storage). |
Configuring FTP data export
Parameter | Default value | Description |
FTP_REMOTE | N | Enabling FTP data export to a remote storage. |
FTP_REMOTE_HOST | 192.168.0.1 | Remote storage address for FTP data export. |
FTP_REMOTE_PORT | 21 | A port for FTP connection. |
FTP_REMOTE_USER | admin | Username for FTP connection. |
FTP_REMOTE_PASSWORD | password | User password for FTP connection. |
FTP_REMOTE_PATH | "/var/ems-backup/radius/csv/" | The path to save archives (in a remote storage). |
Script logging
Script operation logs are saved to /var/log/eltex-radius-db/ directory.
Log rotation is configured in /etc/logrotate.d/radacct.
Configuring e-mail notification
mailutils ssmtp packages (from standard Ubuntu repositories) are used for e-mail notifying. Quickstart guide:
Install the packages by using a command:
apt-get install mailutils ssmtp
Specify the data for SMTP server connection in /etc/ssmtp/ssmtp.conf configuration file, for example:
mailhub=192.168.1.1 AuthUser=tester@example.loc AuthPass=password UseTLS=NO UseSTARTTLS=YES
Define a sender's address in /etc/ssmtp/revaliases configuration file, for example:
root:tester@example.loc:192.168.1.1:25
Process restart is not required.
To check if notifications were sent, use a console command:
echo "This is a test message from console" | ssmtp -v -s test-destination@example.loc
Data selection when creating an archive
When archives are created, data is exported according to the following condition:
(starttime <= end and starttime >= start) or (stoptime <= end and stoptime >= start)
where
start - data selection start time;
end - data selection end time;
starttime - the time of radacct-start package receipt (user's session start time);
stoptime - the time of radacct-stop package receipt (user's session stop time).
The selection rule allows keeping data on sessions that have not finished by the moment of archive creation (that have not a stoptime mark). Such sessions will be finished later, and complete information on them will be added to the relevant archives.