2012-02-07 - Re: [GRASE-Hotspot] Save log on remote server

Header Data

From: Tim White <ti***8@gmail.com>
Message Hash: 998f9fb18e23ccfbd6fcb24f9a181352fea8ff7f34f5aeeee79a4079881cf518
Message ID: <4F31F0C5.6070804@gmail.com>
Reply To: <0B6A2E0E-1766-41FF-A612-B6AC21B81AF1@kvs-lyngdal.no>
UTC Datetime: 2012-02-07 20:49:25 UTC
Raw Date: Wed, 08 Feb 2012 13:49:25 +1000

Raw message 

On 07/02/12 18:45, Frank wrote:
> I'm setting up a Grase hotspot on a school-network, and most things seems to work smoothly.
> However, the admin is suspicious about anything not labeled "Microsoft Windows", and since Grase is open for modifications the logs could end up on sourceforge. I'm therefore wondering if there is a way to make Grase save data to a database on a different server on our network, and then preferably a Microsoft SQL solution of some kind (if such a thing exists..).
I'm actually suspicious of anything labeled Microsoft myself, as being 
closed source there is no way of knowing what is happening behind the 
closed doors.
You also misunderstand a little of what open source means. While it is 
open for modification, that doesn't mean your logs will end up on 
sourceforge.


The grase admin interface itself, doesn't create any logs except logging 
the admin actions (i.e. user creations, deletions, setting changes). 
These are logged in the adminlog table in the radmin database table. 
(MySQL database).
The users websites that they visit are logged via the Squid proxy, which 
logs via syslog and should be in /var/log/squid3/... These are important 
logs for places that need to be monitoring what users are looking at, 
and some places require them to be kept for 6 months.
The users data/time sessions are monitored by firstly the Coova Chilli 
process, which doesn't keep any logs but sends accounting packets to 
Freeradius every 5 minutes or so (this is how it can limit the users 
time/data usage). Freeradius keeps session logs in the SQL database, 
which is the radius database powered by MySQL. This is normally one row 
per session, containing things like start and stop time, mac address, ip 
address, data transferred and things like that. Monthly this data is 
"archived" by merging all rows for a user into a single row that 
contains just time used, and data used, and then the radcheck table is 
updated to reflect this archiving, and the archive is stored in another 
table, so it's one row per user per month.

It /is/ possible to have these database tables on another machine, and 
possibly even on a Microsoft SQL solution. However this is unsupported 
by me as I can't guarrante that the sql calls will work on another SQL 
server, thanks to different servers supporting different things. For 
simplicity, it's also recommended keeping the database on the same 
server as the Freeradius server, as this ensures that the database is 
available and no network issues cause accounting issues.

So none of the data will end up on sourceforge (although as you saw in 
my previous email, I am now aware of the security issue due to old 
relics from pre-release days).

For backup purposes, I recommend backing up the squid logs at least 
weekly and keeping for up to 12 months (so you can look back and see 
what was accessed when). You'll also need the radius database backups to 
match sessions in the squid logs, to usernames. Backups are done daily 
and are in /var/backups/grase/

Being open source software, you are free to look at all the code and see 
exactly what is happening, what is going where, and change it to fit 
your needs. (Just turn off automatic updates if you modify any files not 
protected by debian conffiles).

Hope that helps.

TIm

Thread