Nie jesteś zalogowany.
Jeśli nie posiadasz konta, zarejestruj je już teraz! Pozwoli Ci ono w pełni korzystać z naszego serwisu. Spamerom dziękujemy!
Prosimy o pomoc dla małej Julki — przekaż 1% podatku na Fundacji Dzieciom zdazyć z Pomocą.
Więcej informacji na dug.net.pl/pomagamy/.
bazy
radius=> SELECT username, attribute, op, value FROM radcheck; username | attribute | op | value ----------+--------------------+----+------------------- test | Calling-Station-Id | == | 00:22:43:79:1A:72 test | Cleartext-Password | == | test (2 rows) radius=> SELECT username, attribute, op, value FROM radreply; username | attribute | op | value ----------+-------------------+----+-------------- test | Framed-IP-Address | = | 192.168.1.10 test | Port-Limit | := | 1 test | Auth-Type | := | mschap (3 rows) radius=> SELECT UserName, GroupName FROM radusergroup; username | groupname ----------+----------- test | static (1 row) radius=> SELECT GroupName, Attribute, Value, op FROM radgroupcheck; groupname | attribute | value | op -----------+-----------+-------+---- (0 rows) radius=> SELECT GroupName, Attribute, Value, Op FROM radgroupreply; groupname | attribute | value | op -----------+--------------------+---------------------+---- static | Service-Type | Login-User | := static | Framed-Compression | Van-Jacobsen-TCP-IP | == static | Framed-Protocol | PPP | == static | Framed-MTU | 1500 | == static | Service-Type | Framed-User | == (5 rows)
[b]/etc/raddb/radiusd.conf [/b]
prefix = /usr exec_prefix = ${prefix} sysconfdir = /etc localstatedir = /var sbindir = ${exec_prefix}/sbin logdir = ${localstatedir}/log/radius raddbdir = ${sysconfdir}/raddb radacctdir = ${logdir}/radacct confdir = ${raddbdir} run_dir = ${localstatedir}/run/radiusd db_dir = $(raddbdir) libdir = /usr/lib64 pidfile = ${run_dir}/radiusd.pid max_request_time = 30 cleanup_delay = 5 max_requests = 1024 listen { type = auth ipaddr = * port = 0 } listen { ipaddr = * port = 0 type = acct } hostname_lookups = no allow_core_dumps = no regular_expressions = yes extended_expressions = yes log { destination = files file = ${logdir}/radius.log syslog_facility = daemon stripped_names = no auth = no auth_badpass = no auth_goodpass = no } checkrad = ${sbindir}/checkrad security { max_attributes = 200 reject_delay = 1 status_server = yes } proxy_requests = yes $INCLUDE proxy.conf $INCLUDE clients.conf snmp = no $INCLUDE snmp.conf thread pool { start_servers = 5 max_servers = 32 min_spare_servers = 3 max_spare_servers = 10 max_requests_per_server = 0 } modules { $INCLUDE ${confdir}/modules/ $INCLUDE eap.conf $INCLUDE sql.conf $INCLUDE sql/postgresql/counter.conf } instantiate { } $INCLUDE policy.conf $INCLUDE sites-enabled/
[b]/etc/raddb/modules/mschap[/b]
mschap { use_mppe = yes require_encryption = yes require_strong = yes authtype = "MS-CHAPv2" }
[b]/etc/raddb/sql.conf [/b]
sql { database = "postgresql" driver = "rlm_sql_${database}" server = "localhost" login = "radius" password = "radius" radius_db = "radius" acct_table1 = "radacct" acct_table2 = "radacct" postauth_table = "radpostauth" authcheck_table = "radcheck" authreply_table = "radreply" groupcheck_table = "radgroupcheck" groupreply_table = "radgroupreply" usergroup_table = "radusergroup" deletestalesessions = yes sqltrace = no sqltracefile = ${logdir}/sqltrace.sql num_sql_socks = 5 connect_failure_retry_delay = 60 readclients = yes nas_table = "nas" $INCLUDE sql/${database}/dialup.conf }
[b]/etc/raddb/sites-enabled/default [/b]
authorize { preprocess mschap suffix unix sql } authenticate { Auth-Type MS-CHAP { mschap } unix } preacct { acct_unique } accounting { detail sql } session { radutmp } post-auth { sql } pre-proxy { } post-proxy { }
[b]/etc/raddb/sql/postgresql/dialup.conf [/b]
sql_user_name = "%{User-Name}" nas_query = "SELECT id, nasname, shortname, type, secret FROM ${nas_table}" authorize_check_query = "SELECT id, UserName, Attribute, Value, Op \ FROM ${authcheck_table} \ WHERE Username = '%{SQL-User-Name}' \ ORDER BY id" authorize_reply_query = "SELECT id, UserName, Attribute, Value, Op \ FROM ${authreply_table} \ WHERE Username = '%{SQL-User-Name}' \ ORDER BY id" authorize_group_check_query = "SELECT id, GroupName, Attribute, Value, op \ FROM ${groupcheck_table} \ WHERE GroupName = '%{Sql-Group}' \ ORDER BY id" authorize_group_reply_query = "SELECT id, GroupName, Attribute, Value, op \ FROM ${groupreply_table} \ WHERE GroupName = '%{Sql-Group}' \ ORDER BY id" accounting_onoff_query = "UPDATE ${acct_table1} \ SET AcctStopTime = ('%S'::timestamp - '%{%{Acct-Delay-Time}:-0}'::interval), \ AcctSessionTime = (EXTRACT(EPOCH FROM ('%S'::timestamp with time zone - AcctStartTime::timestamp with time zone \ - '%{%{Acct-Delay-Time}:-0}'::interval)))::BIGINT, \ AcctTerminateCause = '%{Acct-Terminate-Cause}', \ AcctStopDelay = 0 \ WHERE AcctStopTime IS NULL \ AND NASIPAddress= '%{NAS-IP-Address}' \ AND AcctStartTime <= '%S'::timestamp" accounting_update_query = "UPDATE ${acct_table1} \ SET FramedIPAddress = NULLIF('%{Framed-IP-Address}', '')::inet, \ AcctSessionTime = '%{Acct-Session-Time}', \ AcctInputOctets = (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + '%{%{Acct-Input-Octets}:-0}'::bigint), \ AcctOutputOctets = (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + '%{%{Acct-Output-Octets}:-0}'::bigint) \ WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' \ AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStopTime IS NULL" accounting_update_query_alt = "INSERT INTO ${acct_table1} \ (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, \ NASPortId, NASPortType, AcctStartTime, \ AcctSessionTime, AcctAuthentic, AcctInputOctets, \ AcctOutputOctets, CalledStationId, CallingStationId, \ ServiceType, FramedProtocol, FramedIPAddress, XAscendSessionSvrKey) \ VALUES('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', \ '%{SQL-User-Name}', NULLIF('%{Realm}', ''), '%{NAS-IP-Address}', \ %{%{NAS-Port}:-NULL}::integer, '%{NAS-Port-Type}', \ ('%S'::timestamp - '%{%{Acct-Delay-Time}:-0}'::interval - '%{%{Acct-Session-Time}:-0}'::interval), \ '%{Acct-Session-Time}', '%{Acct-Authentic}', \ (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + '%{%{Acct-Input-Octets}:-0}'::bigint), \ (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + '%{%{Acct-Output-Octets}:-0}'::bigint), \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', '%{Service-Type}', '%{Framed-Protocol}', \ NULLIF('%{Framed-IP-Address}', '')::inet, '%{X-Ascend-Session-Svr-Key}')" accounting_start_query = "INSERT INTO ${acct_table1} \ (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, \ NASPortId, NASPortType, AcctStartTime, AcctAuthentic, \ ConnectInfo_start, CalledStationId, CallingStationId, ServiceType, \ FramedProtocol, FramedIPAddress, AcctStartDelay, XAscendSessionSvrKey) \ VALUES('%{Acct-Session-Id}', \ '%{Acct-Unique-Session-Id}', \ '%{SQL-User-Name}', \ NULLIF('%{Realm}', ''), \ '%{NAS-IP-Address}', \ %{%{NAS-Port}:-NULL}::integer, \ '%{NAS-Port-Type}', \ ('%S'::timestamp - '%{%{Acct-Delay-Time}:-0}'::interval), \ '%{Acct-Authentic}', \ '%{Connect-Info}', \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Service-Type}', \ '%{Framed-Protocol}', \ NULLIF('%{Framed-IP-Address}', '')::inet, \ 0, \ '%{X-Ascend-Session-Svr-Key}')" accounting_start_query_alt = "UPDATE ${acct_table1} \ SET AcctStartTime = ('%S'::timestamp - '%{%{Acct-Delay-Time}:-0}'::interval), \ AcctStartDelay = 0, \ ConnectInfo_start = '%{Connect-Info}' \ WHERE AcctSessionId = '%{Acct-Session-Id}' \ AND UserName = '%{SQL-User-Name}' \ AND NASIPAddress = '%{NAS-IP-Address}' \ AND AcctStopTime IS NULL" accounting_stop_query = "UPDATE ${acct_table2} \ SET AcctStopTime = ('%S'::timestamp - '%{%{Acct-Delay-Time}:-0}'::interval), \ AcctSessionTime = CASE WHEN '%{Acct-Session-Time}' = '' THEN \ (EXTRACT(EPOCH FROM ('%S'::TIMESTAMP WITH TIME ZONE - AcctStartTime::TIMESTAMP WITH TIME ZONE \ - '%{%{Acct-Delay-Time}:-0}'::INTERVAL)))::BIGINT ELSE '%{Acct-Session-Time}' END, \ AcctInputOctets = (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + '%{%{Acct-Input-Octets}:-0}'::bigint), \ AcctOutputOctets = (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + '%{%{Acct-Output-Octets}:-0}'::bigint), \ AcctTerminateCause = '%{Acct-Terminate-Cause}', \ AcctStopDelay = 0, \ FramedIPAddress = NULLIF('%{Framed-IP-Address}', '')::inet, \ ConnectInfo_stop = '%{Connect-Info}' \ WHERE AcctSessionId = '%{Acct-Session-Id}' \ AND UserName = '%{SQL-User-Name}' \ AND NASIPAddress = '%{NAS-IP-Address}' \ AND AcctStopTime IS NULL" accounting_stop_query_alt = "INSERT INTO ${acct_table2} \ (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, \ AcctSessionTime, AcctAuthentic, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, \ CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStopDelay) \ values('%{Acct-Session-Id}', \ '%{Acct-Unique-Session-Id}', \ '%{SQL-User-Name}', \ NULLIF('%{Realm}', ''), \ '%{NAS-IP-Address}', \ %{%{NAS-Port}:-NULL}::integer, \ '%{NAS-Port-Type}', \ ('%S'::timestamp - '%{%{Acct-Delay-Time}:-0}'::interval - '%{%{Acct-Session-Time}:-0}'::interval), \ ('%S'::timestamp - '%{%{Acct-Delay-Time}:-0}'::interval), \ NULLIF('%{Acct-Session-Time}', '')::bigint, '%{Acct-Authentic}', \ '%{Connect-Info}', \ (('%{%{Acct-Input-Gigawords}:-0}'::bigint << 32) + '%{%{Acct-Input-Octets}:-0}'::bigint), \ (('%{%{Acct-Output-Gigawords}:-0}'::bigint << 32) + '%{%{Acct-Output-Octets}:-0}'::bigint), \ '%{Called-Station-Id}', \ '%{Calling-Station-Id}', \ '%{Acct-Terminate-Cause}', \ '%{Service-Type}', \ '%{Framed-Protocol}', \ NULLIF('%{Framed-IP-Address}', '')::inet, 0)" group_membership_query = "SELECT GroupName FROM ${usergroup_table} WHERE UserName='%{SQL-User-Name}' ORDER BY priority" postauth_query = "INSERT INTO ${postauth_table} (username, pass, reply, authdate) \ VALUES ('%{User-Name}', '%{%{User-Password}:-Chap-Password}', '%{reply:Packet-Type}', NOW())"
[b]eap.conf[/b]
eap { default_eap_type = md5 timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no md5 { } leap { } gtc { #challenge = "Password: " auth_type = PAP } tls { certdir = ${confdir}/certs cadir = ${confdir}/certs private_key_password = whatever private_key_file = ${certdir}/server.pem certificate_file = ${certdir}/server.pem CA_file = ${cadir}/ca.pem dh_file = ${certdir}/dh random_file = ${certdir}/random cipher_list = "DEFAULT" make_cert_command = "${certdir}/bootstrap" } ttls { default_eap_type = md5 copy_request_to_tunnel = no # virtual_server = "inner-tunnel" } peap { default_eap_type = mschapv2 copy_request_to_tunnel = no use_tunneled_reply = no # proxy_tunneled_request_as_eap = yes } mschapv2 { } }
LOGI
Radius
rad_recv: Access-Request packet from host 172.16.19.230 port 34276, id=21, length=178 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 25 NAS-Port-Type = Ethernet User-Name = "test" Calling-Station-Id = "00:22:43:79:1A:72" Called-Station-Id = "mt" NAS-Port-Id = "wlan1" MS-CHAP-Challenge = 0x6a792711f59326e82335e680656d8b8c MS-CHAP2-Response = 0x0100fcf42c73e334d69a72367b6cc52b69d1000000000000000039678e0efb0441ac0d8852a66334edee25024bbf531f32a7 NAS-Identifier = "MikroTik" NAS-IP-Address = 172.16.19.230 +- entering group authorize ++[preprocess] returns ok rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap' ++[mschap] returns ok rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop ++[unix] returns notfound expand: %{User-Name} -> test rlm_sql (sql): sql_set_user escaped user --> 'test' rlm_sql (sql): Reserving sql socket id: 3 expand: SELECT id, UserName, Attribute, Value, Op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, UserName, Attribute, Value, Op FROM radcheck WHERE Username = 'test' ORDER BY id rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: query affected rows = 2 , fields = 5 expand: SELECT GroupName FROM radusergroup WHERE UserName='%{SQL-User-Name}' ORDER BY priority -> SELECT GroupName FROM radusergroup WHERE UserName='test' ORDER BY priority rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: query affected rows = 1 , fields = 1 expand: SELECT id, GroupName, Attribute, Value, op FROM radgroupcheck WHERE GroupName = '%{Sql-Group}' ORDER BY id -> SELECT id, GroupName, Attribute, Value, op FROM radgroupcheck WHERE GroupName = 'static' ORDER BY id rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: query affected rows = 0 , fields = 5 rlm_sql (sql): User found in group static expand: SELECT id, GroupName, Attribute, Value, op FROM radgroupreply WHERE GroupName = '%{Sql-Group}' ORDER BY id -> SELECT id, GroupName, Attribute, Value, op FROM radgroupreply WHERE GroupName = 'static' ORDER BY id rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: query affected rows = 5 , fields = 5 rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok rad_check_password: Found Auth-Type mschap auth: type "MSCHAP" +- entering group MS-CHAP rlm_mschap: No Cleartext-Password configured. Cannot create LM-Password. rlm_mschap: No Cleartext-Password configured. Cannot create NT-Password. rlm_mschap: Told to do MS-CHAPv2 for test with NT-Password rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication. rlm_mschap: FAILED: MS-CHAP2-Response is incorrect ++[mschap] returns reject auth: Failed to validate the user. Sending Access-Reject of id 21 to 172.16.19.230 port 34276 Service-Type := Login-User Framed-Compression == Van-Jacobson-TCP-IP Framed-Protocol == PPP Framed-MTU == 1500 Service-Type == Framed-User MS-CHAP-Error = "\001E=691 R=1" Finished request 0. Going to the next request Waking up in 4.9 seconds. Cleaning up request 0 ID 21 with timestamp +38 Ready to process requests.
MT
06:04:13 pppoe,info PPPoE connection established from 00:22:43:79:1A:72 06:04:13 pppoe,ppp,info <pppoe-0>: waiting for call... 06:04:13 radius,debug new request 1b:1e code=Access-Request service=ppp called-id=mt 06:04:13 radius,debug sending 1b:1e to 217.96.37.4:1812 06:04:13 radius,debug,packet sending Access-Request with id 21 to 217.96.37.4:1812 06:04:13 radius,debug,packet Signature = 0x74793838aa1ce306825623385525ecf2 06:04:13 radius,debug,packet Service-Type = 2 06:04:13 radius,debug,packet Framed-Protocol = 1 06:04:13 radius,debug,packet NAS-Port = 25 06:04:13 radius,debug,packet NAS-Port-Type = 15 06:04:13 radius,debug,packet User-Name = "test" 06:04:13 radius,debug,packet Calling-Station-Id = "00:22:43:79:1A:72" 06:04:13 radius,debug,packet Called-Station-Id = "mt" 06:04:13 radius,debug,packet NAS-Port-Id = "wlan1" 06:04:13 radius,debug,packet MS-CHAP-Challenge = 0x6a792711f59326e82335e680656d8b8c 06:04:13 radius,debug,packet MS-CHAP2-Response = 0x0100fcf42c73e334d69a72367b6cc52b 06:04:13 radius,debug,packet 69d1000000000000000039678e0efb04 06:04:13 radius,debug,packet 41ac0d8852a66334edee25024bbf531f 06:04:13 radius,debug,packet 32a7 06:04:13 radius,debug,packet NAS-Identifier = "MikroTik" 06:04:13 radius,debug,packet NAS-IP-Address = 172.16.19.230 06:04:13 radius,debug,packet received Access-Reject with id 21 from 217.96.37.4:1812 06:04:13 radius,debug,packet Signature = 0x640f055e1b2c927eec5e02a207520bc5 06:04:13 radius,debug,packet Service-Type = 1 06:04:13 radius,debug,packet Framed-Compression = 1 06:04:13 radius,debug,packet Framed-Protocol = 1 06:04:13 radius,debug,packet Framed-MTU = 1500 06:04:13 radius,debug,packet Service-Type = 2 06:04:13 radius,debug,packet MS-CHAP-Error = 0x01453d36393120523d31 06:04:13 radius,debug received reply for 1b:1e 06:04:13 pppoe,ppp,info <pppoe-0>: terminating... - user test authentication failed 06:04:13 pppoe,ppp,info <pppoe-0>: disconnected
Windows zglasza blad nr 691
Offline
Cześć! Wiem jaki FreeRADIUS może być miły gdy chce się go uruchomić. Mogę się mylić, ale za to coś podpowiem. Zatem zdecyduj się na konkretną formę uwierzytelniania - masz md5, skonfigurowane mschapv2 i inne. Wywalić, znaczy się zakomentować to co niepotrzebne i używać tego co się chce. Druga sprawa to proxy - serwer pracuje jako główny serwer czy jako proxy? Teraz wg czego się uwierzytelniasz - sql, unix itd. Po co tyle dodatkowych nie potrzebnych pierdołków? Odpowiedzi tylko Ty znasz, co jest potrzebne a co nie. Spokojnie rozpracujesz go później czy prędzej.
Offline
W MT? Nie wiem, widze tylko, że chodzi o RADIUSa, Widze konfigurację jego, więc opierać się będe tylko na FreeRADIUS.
Podpowiedź do tego: w pliku eap.conf masz default_eap_type = md5. Tak więc zanim zacznie się wszystko konfigurować należy dokładnie przemyśleć co chce się zrobić, jakimi metodami, jacy użytkownicy (systemy, używany suplikant). Materiałów o FreeRADIUS jest wiele, większość z tego to tylko przykłady konfiguracji, lecz na podstawie tych szczątkowych informacji można złożyć rozwiązanie, które będzie pasować akurat nam.
Offline
Nie znam MT ale jeśli mowa o freeradius2 to
do windows najlepiej oprzeć się nie na MD5 a na MSCHAPV2. Windows lubi EAP-TLS, EAP-PEAP-mchapv2. Resztę ja bym wyłączył i tyle. Jako domyślne default_eap_type = peap.
Zamiast Cleartext-Password ja bym użył np.
DEFAULT User-Password := "haslo_do_logowania"
Offline
Problem rozwiazalam wczeniej juz wiec 2 sprawy trzeba bylo zmienic
Cleartext-Password :=
oraz w konfiguracji MT dodac pule adresowa do koncentratora i tyle :]
co do User-Password to stosuje sie w radiusie1 a w 2 uzywa sie Cleartext-Password
Offline
[quote=zlyZwierz]Przecież to działa od strzała - na domyślnej konfiguracji.[/quote]
pytanie tylko pod ktora dystrybujcja LINUXa ?
Offline
[quote=BiExi]bolos_11 dziala na defaulcie obojetnie gdzie (nim troszeczke trza poustawiac ale niewiele)[/quote]
TYLE to wiem, jak sie w plikach TXT wsio poustawia TO jest OK ... gorzej jak w SQL sa dane ... sypie bledami ... i skonczyly mi sie pomysly co dalej
Ostatnio edytowany przez bolos_11 (2010-01-16 22:33:49)
Offline
Podłączę się trochę do tematu oraz go odświeżę.
Skonfigurowałem freeradiusa na dystrybucji Centos oraz switch any wymagał uwierzytelniania 802.1x.
Klienta mam na WinXP.
Jeśli na kliencie wybiorę MD5_Challenge - to klient uwierzytelnia się poprawnie i wszystko działa.
Niestety nie mogę poradzić sobie z MSCHAPv2 <-- chciałbym aby klienci uwierzytelniani się właśnie tą metodą (za pomocą hasła). Nie wiem gdzie mam błąd.
Jeśli Ktoś z Was może podesłać mi jakiegoś dokładnego manuala, albo spakowaną przykładową działającą konfigurację całego Freeradiusa będę wdzięczny.
Mój mail to domin90@wp.pl
Z góry wielkie dzięki
Offline
Time (s) | Query |
---|---|
0.00009 | SET CHARSET latin2 |
0.00003 | SET NAMES latin2 |
0.00094 | SELECT u.*, g.*, o.logged FROM punbb_users AS u INNER JOIN punbb_groups AS g ON u.group_id=g.g_id LEFT JOIN punbb_online AS o ON o.ident='3.147.65.47' WHERE u.id=1 |
0.00066 | REPLACE INTO punbb_online (user_id, ident, logged) VALUES(1, '3.147.65.47', 1732321696) |
0.00041 | SELECT * FROM punbb_online WHERE logged<1732321396 |
0.00080 | DELETE FROM punbb_online WHERE ident='18.217.140.224' |
0.00073 | DELETE FROM punbb_online WHERE ident='3.144.40.216' |
0.00078 | SELECT topic_id FROM punbb_posts WHERE id=137101 |
0.00006 | SELECT id FROM punbb_posts WHERE topic_id=15779 ORDER BY posted |
0.00067 | SELECT t.subject, t.closed, t.num_replies, t.sticky, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 FROM punbb_topics AS t INNER JOIN punbb_forums AS f ON f.id=t.forum_id LEFT JOIN punbb_forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=3) WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=15779 AND t.moved_to IS NULL |
0.00005 | SELECT search_for, replace_with FROM punbb_censoring |
0.00299 | SELECT u.email, u.title, u.url, u.location, u.use_avatar, u.signature, u.email_setting, u.num_posts, u.registered, u.admin_note, p.id, p.poster AS username, p.poster_id, p.poster_ip, p.poster_email, p.message, p.hide_smilies, p.posted, p.edited, p.edited_by, g.g_id, g.g_user_title, o.user_id AS is_online FROM punbb_posts AS p INNER JOIN punbb_users AS u ON u.id=p.poster_id INNER JOIN punbb_groups AS g ON g.g_id=u.group_id LEFT JOIN punbb_online AS o ON (o.user_id=u.id AND o.user_id!=1 AND o.idle=0) WHERE p.topic_id=15779 ORDER BY p.id LIMIT 0,25 |
0.00075 | UPDATE punbb_topics SET num_views=num_views+1 WHERE id=15779 |
Total query time: 0.00896 s |