Thanks for your response, I want to upload new dictionary for wichrous system, because wichorus has their own standard dictionary and wimax dictionary doesn't work with wichorus ASN-GW
Regards, -----Original Message----- From: freeradius-users-bounces+mmohammad=thebluezone....@lists.freeradius.org [mailto:freeradius-users-bounces+mmohammad=thebluezone....@lists.freeradius. org] On Behalf Of freeradius-users-requ...@lists.freeradius.org Sent: Monday, June 21, 2010 3:42 PM To: freeradius-users@lists.freeradius.org Subject: Freeradius-Users Digest, Vol 62, Issue 87 Send Freeradius-Users mailing list submissions to freeradius-users@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-users or, via email, send a message with subject or body 'help' to freeradius-users-requ...@lists.freeradius.org You can reach the person managing the list at freeradius-users-ow...@lists.freeradius.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Freeradius-Users digest..." Today's Topics: 1. Invalid Attributes (Moayad Mohammad) 2. Re: Invalid Attributes (Alan DeKok) 3. Re: checkval and != op (Alan DeKok) 4. Re: checkval and != op (Christian Zoffoli) ---------------------------------------------------------------------- Message: 1 Date: Mon, 21 Jun 2010 14:35:13 +0300 From: "Moayad Mohammad" <mmoham...@thebluezone.com> Subject: Invalid Attributes To: <freeradius-users@lists.freeradius.org> Message-ID: <006b01cb1135$d228f6f0$767ae4...@com> Content-Type: text/plain; charset="us-ascii" Hi to all, I have to add wichorus dictionary for WiMAX, but in this dictionary some attributes are invalid to freeradius. for example: parent_attr and subtype values. In the below sample of the dictionary: VENDOR Wimax 24757 BEGIN-VENDOR Wimax ATTRIBUTE Wimax-Capability 1 octets ATTRIBUTE Wimax-Capability-Release 1 string parent_attr=Wimax-Capability subtype=1 ATTRIBUTE Wimax-Capability-Accounting 1 octets parent_attr=Wimax-Capability subtype=2 ATTRIBUTE Wimax-Capability-Hotlining 1 octets parent_attr=Wimax-Capability subtype=3 ATTRIBUTE Wimax-Capability-Idle-Mode-Notification 1 octets parent_attr=Wimax-Capability subtype=4 What I should to do? Regards, -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/2010062 1/22722f74/attachment.html> ------------------------------ Message: 2 Date: Mon, 21 Jun 2010 13:46:05 +0200 From: Alan DeKok <al...@deployingradius.com> Subject: Re: Invalid Attributes To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <4c1f50fd.4000...@deployingradius.com> Content-Type: text/plain; charset=ISO-8859-1 Moayad Mohammad wrote: > I have to add wichorus dictionary for WiMAX, but in this > dictionary some attributes are invalid to freeradius. > > for example: parent_attr and subtype values. Yes... those are not part of FreeRADIUS. > What I should to do? Read the documentation for how dictionaries are formatted, and create the dictionary using the correct format. Or, *read the dictionary that is included with FreeRADIUS*. The server ships with a WiMAX dictionary. It's beyond me why you're trying to replace it with one from another vendor. Alan DeKok. ------------------------------ Message: 3 Date: Mon, 21 Jun 2010 13:50:08 +0200 From: Alan DeKok <al...@deployingradius.com> Subject: Re: checkval and != op To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <4c1f51f0.6020...@deployingradius.com> Content-Type: text/plain; charset=ISO-8859-1 Christian Zoffoli wrote: > mysql> SELECT * FROM radcheck WHERE username='bumlwdgx'; ... > mysql> SELECT * FROM radusergroup WHERE username='bumlwdgx'; <sigh> You asked about radgroupcheck. Why post this? > SELECT * FROM radgroupcheck WHERE groupname='wireless'; > +----+-----------+--------------------+----+-------------------+ > | id | groupname | attribute | op | value | > +----+-----------+--------------------+----+-------------------+ > | 18 | wireless | Calling-Station-Id | != | 00-22-15-16-35-B0 | Which is OK, and should work. > rad_recv: Access-Request packet from host 127.0.0.1 port 34220, id=1, > length=298 > ChilliSpot-Version = "1.2.2" > User-Name = "bumlwdgx" > CHAP-Challenge = 0x777d7fc0c28a480f750e1f5506c3ccd7 > CHAP-Password = 0x008617e203333f1fc66b2cacc4cbbe2255 > NAS-IP-Address = 192.168.182.1 > Service-Type = Login-User > Framed-IP-Address = 192.168.182.2 > Calling-Station-Id = "00-22-15-16-35-B0" Which shouldn't match the entry in radgroupcheck. > expand: SELECT id, groupname, attribute, Value, op > FROM radgroupcheck WHERE groupname = '%{Sql-Group}' > ORDER BY id -> SELECT id, groupname, attribute, Value, op > FROM radgroupcheck WHERE groupname = 'wireless' > ORDER BY id > rlm_sql (sql): Released sql socket id: 0 Which doesn't match, as expected. > ++[sql] returns ok > rlm_checkval: Item Name: Calling-Station-Id, Value: 00-22-15-16-35-B0 > rlm_checkval: Could not find attribute named Calling-Station-Id in check > pairs Of *course* this doesn't work. You didn't add a Calling-Station-Id to the check pairs. I told you that the behavior of rlm_sql was documented. Go read that documentation. *Nothing* in it suggests that using "!=" as a check operator will result in the Calling-Station-Id attribute being added to the check pairs. > in radiusd.conf I have: > > checkval { > item-name = Calling-Station-Id > check-name = Calling-Station-Id > data-type = string > } Why? What possible use is this? What do you expect it to do? Alan DeKok. ------------------------------ Message: 4 Date: Mon, 21 Jun 2010 14:41:58 +0200 From: Christian Zoffoli <czoff...@xmerlin.org> Subject: Re: checkval and != op To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <4c1f5e16.6080...@xmerlin.org> Content-Type: text/plain; charset=ISO-8859-1 Il 21/06/2010 13:50, Alan DeKok ha scritto: [cut] > Why? What possible use is this? What do you expect it to do? there is something strange IMHO if I try a different user in the wired group and this radgroupcheck: mysql> SELECT * FROM radgroupcheck WHERE groupname='wired'; +----+-----------+--------------------+----+-------------------+ | id | groupname | attribute | op | value | +----+-----------+--------------------+----+-------------------+ | 6 | wired | Calling-Station-Id | := | 00-22-15-16-35-B0 | | 7 | wired | Simultaneous-Use | := | 1 | | 10 | wired | Max-All-Session | := | 3600 | | 12 | wired | Access-Period | := | 604800 | +----+-----------+--------------------+----+-------------------+ 4 rows in set (0.00 sec) All works as expected. The software is the same, the machine is the same but now rlm_checkval works --- rad_recv: Access-Request packet from host 127.0.0.1 port 51146, id=1, length=298 ChilliSpot-Version = "1.2.2" User-Name = "m7dby5cc" CHAP-Challenge = 0x0c8e9cdfd1f76caa475d8120e0af8660 CHAP-Password = 0x00d4c0245b2a9b2a0429c5c3401da5439e NAS-IP-Address = 192.168.182.1 Service-Type = Login-User Framed-IP-Address = 192.168.182.2 Calling-Station-Id = "00-22-15-16-35-B0" Called-Station-Id = "00-0D-B9-15-F4-C9" NAS-Identifier = "localhost" Acct-Session-Id = "4c1f311000000001" NAS-Port-Type = Wireless-802.11 NAS-Port = 1 WISPr-Location-ID = "isocc=,cc=,ac=,network=XTekLABS," WISPr-Location-Name = "HotSpot_Service" WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff" Message-Authenticator = 0x7d095fb7ce6c28a7459e053a4074bf17 +- entering group authorize ++[preprocess] returns ok rlm_realm: No '@' in User-Name = "m7dby5cc", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop expand: %{Stripped-User-Name} -> expand: %{User-Name} -> m7dby5cc expand: %{%{User-Name}:-DEFAULT} -> m7dby5cc expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> m7dby5cc rlm_sql (sql): sql_set_user escaped user --> 'm7dby5cc' rlm_sql (sql): Reserving sql socket id: 0 expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'm7dby5cc' ORDER BY id rlm_sql (sql): User found in radcheck table expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'm7dby5cc' ORDER BY id expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'm7dby5cc' ORDER BY priority expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'wired' ORDER BY id rlm_sql (sql): User found in group wired expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'wired' ORDER BY id rlm_sql (sql): Released sql socket id: 0 ++[sql] returns ok rlm_checkval: Item Name: Calling-Station-Id, Value: 00-22-15-16-35-B0 rlm_checkval: Value Name: Calling-Station-Id, Value: 00-22-15-16-35-B0 ++[checkval] returns ok rlm_expiration: Checking Expiration time: '18 Dec 2010 11:06:25' ++[expiration] returns ok rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}'' expand: SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='m7dby5cc' sqlcounter_expand: '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='m7dby5cc'}' rlm_sql (sql): - sql_xlat expand: %{Stripped-User-Name} -> expand: %{User-Name} -> m7dby5cc expand: %{%{User-Name}:-DEFAULT} -> m7dby5cc expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> m7dby5cc rlm_sql (sql): sql_set_user escaped user --> 'm7dby5cc' expand: SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='m7dby5cc' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='m7dby5cc' rlm_sql (sql): Reserving sql socket id: 4 rlm_sql (sql): row[0] returned NULL rlm_sql (sql): Released sql socket id: 4 expand: %{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='m7dby5cc'} -> rlm_sqlcounter: No integer found in string "" ++[noresetcounter] returns noop rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime) FROM radacct WHERE UserName = '%{User-Name}' ORDER BY AcctStartTime LIMIT 1' expand: SELECT UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime) FROM radacct WHERE UserName = '%{User-Name}' ORDER BY AcctStartTime LIMIT 1 -> SELECT UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime) FROM radacct WHERE UserName = 'm7dby5cc' ORDER BY AcctStartTime LIMIT 1 sqlcounter_expand: '%{sql:SELECT UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime) FROM radacct WHERE UserName = 'm7dby5cc' ORDER BY AcctStartTime LIMIT 1}' rlm_sql (sql): - sql_xlat expand: %{Stripped-User-Name} -> expand: %{User-Name} -> m7dby5cc expand: %{%{User-Name}:-DEFAULT} -> m7dby5cc expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> m7dby5cc rlm_sql (sql): sql_set_user escaped user --> 'm7dby5cc' expand: SELECT UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime) FROM radacct WHERE UserName = 'm7dby5cc' ORDER BY AcctStartTime LIMIT 1 -> SELECT UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime) FROM radacct WHERE UserName = 'm7dby5cc' ORDER BY AcctStartTime LIMIT 1 rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): SQL query did not return any results rlm_sql (sql): Released sql socket id: 3 expand: %{sql:SELECT UNIX_TIMESTAMP() - UNIX_TIMESTAMP(AcctStartTime) FROM radacct WHERE UserName = 'm7dby5cc' ORDER BY AcctStartTime LIMIT 1} -> rlm_sqlcounter: No integer found in string "" ++[accessperiod] returns noop auth: type Local auth: user supplied CHAP-Password matches local User-Password +- entering group session expand: %{Stripped-User-Name} -> expand: %{User-Name} -> m7dby5cc expand: %{%{User-Name}:-DEFAULT} -> m7dby5cc expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> m7dby5cc rlm_sql (sql): sql_set_user escaped user --> 'm7dby5cc' expand: SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime is NULL -> SELECT COUNT(*) FROM radacct WHERE username = 'm7dby5cc' AND acctstoptime is NULL rlm_sql (sql): Reserving sql socket id: 2 rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok Login OK: [m7dby5cc/<CHAP-Password>] (from client localhost port 1 cli 00-22-15-16-35-B0) +- entering group post-auth rlm_sql (sql): Processing sql_postauth expand: %{Stripped-User-Name} -> expand: %{User-Name} -> m7dby5cc expand: %{%{User-Name}:-DEFAULT} -> m7dby5cc expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> m7dby5cc rlm_sql (sql): sql_set_user escaped user --> 'm7dby5cc' expand: %{User-Password} -> expand: %{Chap-Password} -> 0x00d4c0245b2a9b2a0429c5c3401da5439e expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'm7dby5cc', '0x00d4c0245b2a9b2a0429c5c3401da5439e', 'Access-Accept', '2010-06-21 14:36:34') rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'm7dby5cc', '0x00d4c0245b2a9b2a0429c5c3401da5439e', 'Access-Accept', '2010-06-21 14:36:34') rlm_sql (sql): Reserving sql socket id: 1 rlm_sql (sql): Released sql socket id: 1 ++[sql] returns ok ++[exec] returns noop Sending Access-Accept of id 1 to 127.0.0.1 port 51146 Acct-Interim-Interval := 600 Session-Timeout = 15542991 Finished request 14. Going to the next request Waking up in 4.9 seconds. rad_recv: Accounting-Request packet from host 127.0.0.1 port 60147, id=11, length=225 ChilliSpot-Version = "1.2.2" ChilliSpot-Attr-10 = 0x00000002 Acct-Status-Type = Start User-Name = "m7dby5cc" Calling-Station-Id = "00-22-15-16-35-B0" NAS-Port-Type = Wireless-802.11 NAS-Port = 1 NAS-Port-Id = "00000001" Framed-IP-Address = 192.168.182.2 Acct-Session-Id = "4c1f311000000001" NAS-IP-Address = 192.168.182.1 Called-Station-Id = "00-0D-B9-15-F4-C9" NAS-Identifier = "localhost" WISPr-Location-ID = "isocc=,cc=,ac=,network=XTekLABS," WISPr-Location-Name = "HotSpot_Service" +- entering group preacct ++[preprocess] returns ok rlm_acct_unique: Hashing 'NAS-Port = 1,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 192.168.182.1,Acct-Session-Id = "4c1f311000000001",User-Name = "m7dby5cc"' rlm_acct_unique: Acct-Unique-Session-ID = "ddca1f9d2efffb89". ++[acct_unique] returns ok rlm_realm: No '@' in User-Name = "m7dby5cc", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop ++[files] returns noop +- entering group accounting expand: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d -> /var/log/freeradius/radacct/127.0.0.1/detail-20100621 rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/freeradius/radacct/127.0.0.1/detail-20100621 expand: %t -> Mon Jun 21 14:36:35 2010 ++[detail] returns ok expand: %{Stripped-User-Name} -> expand: %{User-Name} -> m7dby5cc expand: %{%{User-Name}:-DEFAULT} -> m7dby5cc expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> m7dby5cc rlm_sql (sql): sql_set_user escaped user --> 'm7dby5cc' expand: %{Acct-Delay-Time} -> expand: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}') -> INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('4c1f311000000001', 'ddca1f9d2efffb89', 'm7dby5cc', '', '192.168.182.1', '1', 'Wireless-802.11', '2010-06-21 14:36:35', NULL, '0', '', '', '', '0', '0', '00-0D-B9-15-F4-C9', '00-22-15-16-35-B0', '', '', '', '192.168.182.2', '0', '0', '') rlm_sql (sql): Reserving sql socket id: 0 rlm_sql (sql): Released sql socket id: 0 ++[sql] returns ok expand: %{User-Name} -> m7dby5cc attr_filter: Matched entry DEFAULT at line 12 ++[attr_filter.accounting_response] returns updated Sending Accounting-Response of id 11 to 127.0.0.1 port 60147 Finished request 15. Cleaning up request 15 ID 11 with timestamp +12417 Going to the next request Waking up in 4.9 seconds. --- Best regards, Christian ------------------------------ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html End of Freeradius-Users Digest, Vol 62, Issue 87 ************************************************ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html