From 225eb0971e33d4bdbed22dfeea6d18324ed8b80c Mon Sep 17 00:00:00 2001 From: James Rouzier Date: Thu, 12 Nov 2020 13:31:44 -0500 Subject: [PATCH] accounting requests are proxied to pfacct when radiusd-acct is enabled Fixes #5969 --- go/cmd/pfacct/pfacct.go | 48 ++++++++++++++++++++++++----------------- go/cmd/pfacct/radius.go | 5 +---- 2 files changed, 29 insertions(+), 24 deletions(-) diff --git a/go/cmd/pfacct/pfacct.go b/go/cmd/pfacct/pfacct.go index bc1ba265e085..1b8acec03a72 100644 --- a/go/cmd/pfacct/pfacct.go +++ b/go/cmd/pfacct/pfacct.go @@ -16,6 +16,7 @@ import ( "github.com/inverse-inc/packetfence/go/mac" "github.com/inverse-inc/packetfence/go/pfconfigdriver" "github.com/inverse-inc/packetfence/go/tryableonce" + "github.com/inverse-inc/packetfence/go/sharedutils" statsd "gopkg.in/alexcesaro/statsd.v2" ) @@ -33,23 +34,24 @@ type radiusRequest struct { type PfAcct struct { RadiusStatements - Db *sql.DB - TimeDuration time.Duration - AllowedNetworks []net.IPNet - NetFlowPort string - AllNetworks bool - Management pfconfigdriver.ManagementNetwork - AAAClient *jsonrpc2.Client - LoggerCtx context.Context - Dispatcher *Dispatcher - SwitchInfoCache *cache.Cache - StatsdOnce tryableonce.TryableOnce - StatsdAddress string - StatsdOption statsd.Option - StatsdClient *statsd.Client - radiusRequests []chan<- radiusRequest - localSecret string - isProxied bool + TimeDuration time.Duration + Db *sql.DB + AllowedNetworks []net.IPNet + NetFlowPort string + Management pfconfigdriver.ManagementNetwork + AAAClient *jsonrpc2.Client + LoggerCtx context.Context + Dispatcher *Dispatcher + SwitchInfoCache *cache.Cache + StatsdOnce tryableonce.TryableOnce + StatsdAddress string + StatsdOption statsd.Option + StatsdClient *statsd.Client + radiusRequests []chan<- radiusRequest + localSecret string + isProxied bool + radiusdAcctEnabled bool + AllNetworks bool } func NewPfAcct() *PfAcct { @@ -78,6 +80,7 @@ func NewPfAcct() *PfAcct { pfAcct.SwitchInfoCache = cache.New(5*time.Minute, 10*time.Minute) pfAcct.LoggerCtx = ctx pfAcct.RadiusStatements.Setup(pfAcct.Db) + pfAcct.SetupConfig(ctx) pfAcct.radiusRequests = makeRadiusRequests(pfAcct, 5, 10) pfAcct.AAAClient = jsonrpc2.NewAAAClientFromConfig(ctx) @@ -133,10 +136,15 @@ func (pfAcct *PfAcct) SetupConfig(ctx context.Context) { pfAcct.NetFlowPort = ports.PFAcctNetflow pfconfigdriver.FetchDecodeSocket(ctx, &pfAcct.Management) + var servicesConf pfconfigdriver.PfConfServices + pfconfigdriver.FetchDecodeSocket(ctx, &servicesConf) + pfAcct.radiusdAcctEnabled = sharedutils.IsEnabled(servicesConf.RadiusdAcct) + localSecret := pfconfigdriver.LocalSecret{} pfconfigdriver.FetchDecodeSocket(ctx, &localSecret) pfAcct.localSecret = localSecret.Element - pfAcct.isProxied = isProxied() + + pfAcct.isProxied = isProxied(pfAcct) } // Timing struct @@ -161,8 +169,8 @@ func (pfAcct *PfAcct) NewTiming() *Timing { return &Timing{timing: pfAcct.StatsdClient.NewTiming()} } -func isProxied() bool { - return pfconfigdriver.GetClusterSummary(context.Background()).ClusterEnabled == 1 +func isProxied(pfAcct *PfAcct) bool { + return pfconfigdriver.GetClusterSummary(context.Background()).ClusterEnabled == 1 || pfAcct.radiusdAcctEnabled } // Send function to add pf prefix diff --git a/go/cmd/pfacct/radius.go b/go/cmd/pfacct/radius.go index 9c3705cc7b64..b92d06ef3543 100644 --- a/go/cmd/pfacct/radius.go +++ b/go/cmd/pfacct/radius.go @@ -261,11 +261,8 @@ func (h *PfAcct) radiusListen(w *sync.WaitGroup) *radius.PacketServer { var RADIUSinterfaces pfconfigdriver.RADIUSInts pfconfigdriver.FetchDecodeSocket(ctx, &RADIUSinterfaces) - var servicesConf pfconfigdriver.PfConfServices - pfconfigdriver.FetchDecodeSocket(ctx, &servicesConf) - var ipRADIUS []string - if sharedutils.IsEnabled(servicesConf.RadiusdAcct) { + if h.radiusdAcctEnabled { ipRADIUS = []string{"127.0.0.1"} } else { for _, vi := range RADIUSinterfaces.Element {