Hi,
As you are undoubtedly aware, the ubuntu/debian package of freeradius
comes without the wimax module (despite having the wimax module)
installed. My own attempts to compile/install/build deb package for
ubuntu always die with the infamous "undefined reference to
`lt_preloaded_symbols'" that apparently has even Alan opting to forsake
libtool.
Because many people would still like to implement mac authentication on
a wimax network, I was wondering whether the c subroutine that does this
in the module:
/*
* Fix Calling-Station-Id. Damn you, WiMAX!
*/
vp = pairfind(request->packet->vps, PW_CALLING_STATION_ID);
if (vp && (vp->length == 6)) {
int i;
uint8_t buffer[6];
memcpy(buffer, vp->vp_octets, 6);
/*
* RFC 3580 Section 3.20 says this is the preferred
* format. Everyone *SANE* is using this format,
* so we fix it here.
*/
for (i = 0; i < 6; i++) {
fr_bin2hex(&buffer[i], &vp->vp_strvalue[i * 3], 1);
vp->vp_strvalue[(i * 3) + 2] = '-';
}
vp->vp_strvalue[(5*3)+2] = '\0';
vp->length = (5*3)+2;
DEBUG2("rlm_wimax: Fixing WiMAX binary Calling-Station-Id to %s",
buffer);
}
can be easily translated to perl to rewrite the calling-station-id (only
when it does not meet the standard), as that module works fine and is
correctly compiled?
If so, would anyone here be able to mash up a few lines of perl code to
this end? Please? I, unfortunately am not familiar enough with c to
translate the logic behind the code above flawlessly.
Hopefully,
JamesTM
Irrationally held truths may be more harmful than reasoned errors.
- Thomas H. Huxley
On 10/05/2011 02:10 PM, freeradius-users-requ...@lists.freeradius.org
wrote:
Send Freeradius-Users mailing list submissions to
freeradius-users@lists.freeradius.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freeradius.org/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
freeradius-users-requ...@lists.freeradius.org
You can reach the person managing the list at
freeradius-users-ow...@lists.freeradius.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."
Today's Topics:
1. Re: FreeRadius with Eduroam - Accounting (Alan DeKok)
2. Re: MySQL and FreeRADIUS environment (tonimanel)
3. Re: FreeRadius with Eduroam - Accounting (Phil Mayers)
4. Mac access mixed ldap access same NAS (Alejandro Gandara)
5. Re: MySQL and FreeRADIUS environment (Fajar A. Nugraha)
6. Re: MySQL and FreeRADIUS environment (tonimanel)
7. MySQL and FreeRADIUS environment (tonimanel)
8. Re: MySQL and FreeRADIUS environment (Alan DeKok)
9. Re: MySQL and FreeRADIUS environment (tonimanel)
----------------------------------------------------------------------
Message: 1
Date: Wed, 05 Oct 2011 12:09:39 +0200
From: Alan DeKok<al...@deployingradius.com>
Subject: Re: FreeRadius with Eduroam - Accounting
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID:<4e8c2ce3.7000...@deployingradius.com>
Content-Type: text/plain; charset=ISO-8859-1
Arran Cudbard-Bell wrote:
It's a bad way of doing it. At least with replicate every accounting packet has
a chance... Using Acct-Delay-Time you'll end up dumping anywhere between 1-15
seconds accounting data for all realms if one realm is unreachable.
<shrug>
if (Packet-Transmit-Counter> 5) {
ok
} else {
... proxy ...
}
If the home server doesn't get it after 5 tries, throw it away.
In 2.1.10& later, IIRC.
Alan DeKok.
------------------------------
Message: 2
Date: Wed, 5 Oct 2011 03:49:16 -0700 (PDT)
From: tonimanel<antoniofernan...@fabergames.com>
Subject: Re: MySQL and FreeRADIUS environment
To: freeradius-users@lists.freeradius.org
Message-ID:<1317811756198-4872269.p...@n5.nabble.com>
Content-Type: text/plain; charset=us-ascii
My FreeRADIU version is 2.1.10 on Debian. Suggest me update? Or is a valid
verstion to work and implement freeradius replication with radrelay?
Thanks,
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/MySQL-and-FreeRADIUS-environment-tp4845985p4872269.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
------------------------------
Message: 3
Date: Wed, 05 Oct 2011 11:50:12 +0100
From: Phil Mayers<p.may...@imperial.ac.uk>
Subject: Re: FreeRadius with Eduroam - Accounting
To: freeradius-users@lists.freeradius.org
Message-ID:<4e8c3664.5070...@imperial.ac.uk>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
On 05/10/11 09:56, Arran Cudbard-Bell wrote:
On 5 Oct 2011, at 10:40, Phil Mayers wrote:
On 10/05/2011 09:26 AM, Alan DeKok wrote:
Phil Mayers wrote:
I guess that's ok, in that it stops an unresponsive realm
blocking other realms, but wouldn't another solution be to add
a config item to the detail reader to drop packets which are>X
seconds old?
if (Acct-Delay-Time> 3600) { ok } else { ... do proxy .... }
Ah ha! Clever. I had forgotten the detail reader created/updated
that attribute. Yay FreeRADIUS!
It's a bad way of doing it. At least with replicate every accounting
packet has a chance... Using Acct-Delay-Time you'll end up dumping
anywhere between 1-15 seconds accounting data for all realms if one
realm is unreachable.
Whereas with rlm_replicate, you risk dropping arbitrary accounting
packets because there is no retry. There is no ideal solution, because
radius accounting was never designed for the kind of loosely-coupled
federation that is Eduroam.
For me, since most Eduroam sites don't care about receiving federated
accounting, my primary concern is for my server to carry on functioning,
and that means the detail file should not grow without bound. I don't
really care how that happens - as long as it does.
------------------------------
Message: 4
Date: Wed, 5 Oct 2011 13:06:33 +0200
From: Alejandro Gandara<agand...@optaresolutions.com>
Subject: Mac access mixed ldap access same NAS
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID:
<CAF40+uwJa0dZ-3YNcr=qkru1nurl6lhy77w2rhepdunwjtb...@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi list,
does someone know if Its possible mix MAC auth with ldap AUTH in the same
NAS.
I mean, I have multiple connection to one NAS but a few users will access
through mac address, and others will access trhough auth ldap + passwords.
Nowadays Ive configured ldap access but I dont know how to configure
freeradius to allow connect a few users(16-20) trhough mac auth.
As always thanks you very much for your time and peacence.
Regards,
Alejandro G?ndara
Junior System Administrator
-------------- next part --------------
An HTML attachment was scrubbed...
URL:<https://lists.freeradius.org/pipermail/freeradius-users/attachments/20111005/89d60099/attachment.html>
------------------------------
Message: 5
Date: Wed, 5 Oct 2011 18:12:15 +0700
From: "Fajar A. Nugraha"<l...@fajar.net>
Subject: Re: MySQL and FreeRADIUS environment
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID:
<CAG1y0scaQb6etjqx9n2KAk1mxKrqGKgU3=bdsbz5ntaxuum...@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
On Wed, Oct 5, 2011 at 4:57 PM, tonimanel
<antoniofernan...@fabergames.com> wrote:
Hi again,
How can I do freeradius replication with radrelay? Do you know any tutorial
or howto?
Have you READ the suggested documentation? For example, Alan said
"Also, raddb/sites-available/copy-acct-to-home-server"
I also wrote earlier rerarding FR-managed replication: "In this setup
the user data needs to be synced manually though."
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
