RE: EAP-SIM HOWTO
I have the same problem although my RADIUS server is running for two years. I don't know how authenticate the SIM cards?? >From: "Giorgos Kostopoulos" <[EMAIL PROTECTED]> >Reply-To: freeradius-users@lists.freeradius.org >To: >Subject: EAP-SIM HOWTO >Date: Wed, 13 Apr 2005 15:42:28 +0300 > >Hi all, > >Does enybody knows if there is an EAP-SIM HOWTO available? > >Thank you > >Giorgos > > > >- List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html Descubre la descarga digital segura. Medio millón de canciones en MSN Music. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius & ntlm_auth
On 4/21/05, Luis Daniel Lucio Quiroz <[EMAIL PROTECTED]> wrote:
> I have just configured freeradius with ntlm, but I dont understand your
> problem, Can I help you?
I've just find the real problem I'm stupid, I don't think to read
the log of the server when it boots before but I find that the server
doesn't take care of what I put in the mschap section, for example :
my ms-chap module :
mschap {
authtype = MS-CHAP
use_mppe = yes
require_encryption = yes
require_strong = yes
with_ntdomain_hack = yes
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{Stripped-User-Name:-%{User-Name:-None}}
--domain=mslab
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
}
and when I read the server logs :
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
In fact, I can write everything in my mschap module, nothing is
applied whereas the other section works normally !!!
If you have an idea about the problem, please tell me because I don't
know what I can do to stop it.
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
about limit
Hello,
sorry for this fool question, perhaps this have been discuss before.
i user freeradius-1.0.2 and dialup admin, the problem is, the
clients still can connect through radius server even the daily limit
is over.
i've implement
http://www.lh.freeradius.org/radiusd/doc/rlm_sqlcounter howto, and
put field like this :
INSERT into radcheck VALUES ('','b','Max-All-Session','400',':=');
but user b still can login after 6 minutes ? so how can i limit the
max-daily-session ?
here is the log from dialup admin :
User is not online now
-
Last Connection Time 2005-04-22 11:03:03
Online Time 33 minutes, 10 seconds
Server 202.78.193.83 (202.78.193.83)
Server Port 0
Workstation 00:E0:4C:13:8B:1B
Upload 152.89 KBs
Download 7.41 KBs
Allowed Session user can login for 0 seconds (Out of daily quota)
<--- over quota ?
Usefull User Description -
--
Best regards,
./avd
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Exec-Program-Wait
Hi Guys, Is it possible for the output of Exec-Program-Wait become check item? let say user files == DEFAULT Realm == foo, Login-Time := "Any0900-1200" Exec-Program-Wait := `/tmp/testscript`, Fall-Through = Yes === testscript === #!/bin/sh echo "Reply = Max-All-Session := 54000"; exit 0; === am using freeradius-1.0.2 under SuSE 9.1 Professional Thanks, Emman ** This message was sent through GLOBALink Webmail Service. If you are a GLOBALink Internet subscriber or among its affiliates, go to http://webmail.globalink.net.ph to check emails. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Question concerning vp_prints
Wolfgang Hottgenroth <[EMAIL PROTECTED]> wrote: > The "~*", shouldn't that be "!*" to be in sync with token.h: Yes. Fixed, thanks. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can I have multiple "authcheck_table" in postgresql.conf
"Brian Gao" <[EMAIL PROTECTED]> wrote: > My question is in the configure file ---postgresql.conf, can I add another > "authcheck_table", which means can I have two (or multiple) > "authcheck_table" in that file? Of course I have to create two > tables(radcheck and radcheck_2) in DB first. No, but you can have two instances of the SQL module running, and configure two authcheck_tables that way. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: character encoding after upgrade
Juan Nin <[EMAIL PROTECTED]> wrote: > Should I add these characters to safe-characters in sql.conf?? Sure. > If this is the case, why did this beheaviour change between 1.0.1 and > current CVS? Because there were bugs fixed. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: No response from Radius server
Firewall maybe? This could be quite a few different things. You may want to run radiusd in debug mode and see if there is ANY communication with the the NT machine at all. I'm guessing there won't be. ... Miles Mawyer -=- Webmaster . Centralva.net ... ... [EMAIL PROTECTED] ... ... 434.385.5053 ... From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shawn Xu Sent: Thursday, April 21, 2005 3:02 PM To: freeradius-users@lists.freeradius.org Subject: No response from Radius server I installed Freeradius server on FreeBSD. The installation went well, but I tried to test it, I got no response from Radius server. After I ran radiusd, I got "The Apr 21 14:29:23 2005: Info: Starting-reading configuration files... ", then back to radius# If I ran ps, it seems Radius is not running, because it doesn't show Radiusd. If I ran ps -aux | grep radiusd, it shows root 798 0.0 0.7 4764 3368 ?? ss 2:29pm 0:00:00 radiusd If I tested on another Windows machine with NTRadPing Test Utility, I got no response from server. Any help will be appreciated. Shawn Post your free ad now! Yahoo! Canada Personals - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
character encoding after upgrade
Hi again.. First thanks to Alan, and sorry if my previous question had been already asked Now, I downloaded the 1.0.x branch from CVS, compiled it and configured it exactly like I had the 1.0.1 running with mysql for accounting. Killed the 1.0.1 and started the new one, and the braces characters on usernames started being encoded or something, instead of appearing "[" it appeared "=5B" and instead of "]" it appeared "=5D". The problem seems exactly the same as in: http://lists.cistron.nl/pipermail/freeradius-users/2005-January/039766.html The same, the problem is only at database level, logs appear ok. Now, it's not a database problem, since it's exactly the same mysql server I used with 1.0.1, using the same database. Moreover, after I saw this problem, I killed the new radiusd, and started the 1.0.1 again, and braces started being inserted ok. Should I add these characters to safe-characters in sql.conf?? If this is the case, why did this beheaviour change between 1.0.1 and current CVS? Thanks again, Juan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: No response from Radius server
Start radiusd like this radiusd –X and you should see it read the config files and it will run in the foreground. The –X is extended debug mode. Equivalent to -sfxx. This should let you see where the failure is occurring. David From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shawn Xu Sent: Thursday, April 21, 2005 2:02 PM To: freeradius-users@lists.freeradius.org Subject: No response from Radius server I installed Freeradius server on FreeBSD. The installation went well, but I tried to test it, I got no response from Radius server. After I ran radiusd, I got "The Apr 21 14:29:23 2005: Info: Starting-reading configuration files... ", then back to radius# If I ran ps, it seems Radius is not running, because it doesn't show Radiusd. If I ran ps -aux | grep radiusd, it shows root 798 0.0 0.7 4764 3368 ?? ss 2:29pm 0:00:00 radiusd If I tested on another Windows machine with NTRadPing Test Utility, I got no response from server. Any help will be appreciated. Shawn Post your free ad now! Yahoo! Canada Personals
Re: freeradius & ntlm_auth
I have just configured freeradius with ntlm, but I dont understand your problem, Can I help you? Le Jeudi 21 Avril 2005 12:22, Alan DeKok a écrit : > Sylvain Clerc <[EMAIL PROTECTED]> wrote: > > So, I read all of the debugging output and I find that mschap failed > > to find a nt/lm password and stop the real authentication at this > > moment. > > Yes, but it also failed to find a User-Password. > > If you don't tell the server what password to use for > authentication, it can't authenticate the user. > > For some reason, it's not running ntlm_auth. I don't know why. > > Alan DeKok. > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Can I have multiple "authcheck_table" in postgresql.conf
Title: Can I have multiple "authcheck_table" in postgresql.conf Hi all, I have a freeradius configured with postgresql , both are work well. Because we have two groups of users in two different authentication tables in the DB, and I want freeradius will check both table when it get access-request. My question is in the configure file ---postgresql.conf, can I add another "authcheck_table", which means can I have two (or multiple) "authcheck_table" in that file? Of course I have to create two tables(radcheck and radcheck_2) in DB first. Do you think it is possible?if so ,how? Thanks Brian
No response from Radius server
I installed Freeradius server on FreeBSD. The installation went well, but I tried to test it, I got no response from Radius server. After I ran radiusd, I got "The Apr 21 14:29:23 2005: Info: Starting-reading configuration files... ", then back to radius# If I ran ps, it seems Radius is not running, because it doesn't show Radiusd. If I ran ps -aux | grep radiusd, it shows root 798 0.0 0.7 4764 3368 ?? ss 2:29pm 0:00:00 radiusd If I tested on another Windows machine with NTRadPing Test Utility, I got no response from server. Any help will be appreciated. ShawnPost your free ad now! Yahoo! Canada Personals
RE: RV: radreply works even with access-reject
> > Hey, come on people ... just wanna know if this is normal > > or not > I want to get paid to answer questions here. Sadly, that > isn't happening. I have a theory: meanwhile rougher and sarcastic I put myself, more attention I receive > > The thing is that the user exists but there was a > > password failure > > ... and got the reply attributes I believe that if there is an > > access-reject with the authorize_check_query, authorize_reply_query > > should not be executed. > Then you don't understand how the server works. Hint: > those queries are run BEFORE authentication. Thanx for the hint, I got it now ... !!! > > Has anybody else got this error ? > > Search the list archives. I did ... thanx again ... > Alan DeKok. Best regards, Lucas -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.10.1 - Release Date: 20/04/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: attribute value matching in users file
Chris Carver <[EMAIL PROTECTED]> wrote: > redirectPort80 is an > attribute tied to an ldap attribute through the ldap_attrs file. Did you define it in the dictionaries? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius & ntlm_auth
Sylvain Clerc <[EMAIL PROTECTED]> wrote: > So, I read all of the debugging output and I find that mschap failed > to find a nt/lm password and stop the real authentication at this > moment. Yes, but it also failed to find a User-Password. If you don't tell the server what password to use for authentication, it can't authenticate the user. For some reason, it's not running ntlm_auth. I don't know why. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius version and rlm_exec
Juan Nin <[EMAIL PROTECTED]> wrote: > I downloaded the latest CVS snapshot (freeradius-snapshot-20050421). > Should I use this snapshot in production, or is it better to use 1.0.2 > patching it with the fix? Use the 1.0 branch from CVS. $ cvs -d :pserver:[EMAIL PROTECTED]:/source checkout -r release_1_0 radiusd You will get a version of 1.0.x with the fix. See the web page for further instructions on using CVS. And if you had been reading the list, you would already have seen this answer. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RV: radreply works even with access-reject
"Lucas Aimaretto" <[EMAIL PROTECTED]> wrote: > Hey, come on people ... just wanna know if this is normal or not I want to get paid to answer questions here. Sadly, that isn't happening. > But the thing is that the user exists but there was a password failure > ... and got the reply attributes I believe that if there is an > access-reject with the authorize_check_query, authorize_reply_query > should not be executed. Then you don't understand how the server works. Hint: those queries are run BEFORE authentication. > Has anybody else got this error ? Search the list archives. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: TLS Certificate Challenge
frad <[EMAIL PROTECTED]> wrote: > I'm using EAP/TLS successfully, however I'd like to have > the user challenged to enter a password prior to being > given access to the local network. EAP-TLS doesn't work that way. You want to use EAP-PEAP, or EAP-TTLS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius and LDAP-V2
Le Jeudi 21 Avril 2005 07:53, Frank Bonnet a écrit : > Hello > > I'm new to the list :-) > > I am setting up a chillispot server to manage our future WiFi network > and I wonder if the schemas given with the lastest freeradius > ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ? > > We actually use LDAP v2 ( openldap 2.0.27 ) as centralized > auth system and we do not plan to upgrade to v3 since several monthes. > > Any infos,tricks welcome, thanks a lot. Remember to still have support for LDAPv2 in OpenLDAP 2.1+, many apps does not support it - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius and LDAP-V2
Frank Bonnet wrote: I am setting up a chillispot server to manage our future WiFi network and I wonder if the schemas given with the lastest freeradius ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ? We actually use LDAP v2 ( openldap 2.0.27 ) as centralized auth system and we do not plan to upgrade to v3 since several monthes. Yes. OpenLDAP 2.x support LDAPv3 specification. Vladimir - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RV: radreply works even with access-reject
> > > I have the following situation. The user XXX exists in > > > the radcheck table. He has its password and > > > everytingh works ok. Upon an access-request, > > > if user/password provided are ok, I get an > > > access-accept response with a reply containing the attribute > > > assigned to the XXX user in the radreply table. > > > > > > The rare ( rare? ) thing is the following: > > > > > > If the password provided is wrong, I get the > > > access-reject response, > > > but all the attributes in the radreply table are sent to > > > the nas ... > > > is this correct Because, I do not really want this to happen > > > ... > > > > > > Thank you in advance > > > > I've also discovered that when using CHAP, I get the > > access-reject, but the reply-attributes are sent. Whereas, > > when using Plain-text password ... I also get the > > access-reject, but no reply-attributes are sent. Any hint ? > > > > Any help ? > Hey, come on people ... just wanna know if this is normal or not I do not want to have to reply attributes if I got an access-reject, because of a password failure ... Obviously, if the user does not exist, I get no reply-attributes, buecasue the query at the radreply table gets nothing. But the thing is that the user exists but there was a password failure ... and got the reply attributes I believe that if there is an access-reject with the authorize_check_query, authorize_reply_query should not be executed. Has anybody else got this error ? Best Regards, Lucas -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.10.1 - Release Date: 20/04/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius version and rlm_exec
Hi! On a previous thread, some weeks ago, I said I was having problems when using Exec-Program-Wait on my users file, that it apparently made my radius have timeouts when authenticating, and I was told there was a bug on it, and that it was fixed on CVS. I'm about to upgrade that radius server, so I want to know: I downloaded the latest CVS snapshot (freeradius-snapshot-20050421). Should I use this snapshot in production, or is it better to use 1.0.2 patching it with the fix? If I should use a patched 1.0.2, what would be the best way to patch it? Just replace the "src/modules/rlm_exec/rlm_exec.c" file from 1.0.2 with the one from the snapshot and compile?? Thanks in advance, Juan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RV: radreply works even with access-reject
> > I have the following situation. The user XXX exists in the > > radcheck table. He has its password and everytingh works ok. > > Upon an access-request, if user/password provided are ok, I > > get an access-accept response with a reply containing the > > attribute assigned to the XXX user in the radreply table. > > > > The rare ( rare? ) thing is the following: > > > > If the password provided is wrong, I get the access-reject > > response, but all the attributes in the radreply table are > > sent to the nas ... is this correct Because, I do not > > really want this to happen ... > > > > Thank you in advance > > I've also discovered that when using CHAP, I get the > access-reject, but the reply-attributes are sent. Whereas, > when using Plain-text password ... I also get the > access-reject, but no reply-attributes are sent. Any hint ? > > Regards, > > Lucas Any help ? Regards, Lucas -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.10.1 - Release Date: 20/04/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius and LDAP-V2
Hello I'm new to the list :-) I am setting up a chillispot server to manage our future WiFi network and I wonder if the schemas given with the lastest freeradius ditribution as it is marqued for LDAP-v3 are OK for LDAP-v2 ? We actually use LDAP v2 ( openldap 2.0.27 ) as centralized auth system and we do not plan to upgrade to v3 since several monthes. Any infos,tricks welcome, thanks a lot. -- Cordialement/Regards Frank Bonnet http://www.esiee.fr - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
TLS Certificate Challenge
FreeBSD V5.3 FreeRadius V1.0.2 Windows XP Home Dlink 2100 Access Point Dlink G132 USB Wireless Adapter self-signed server certificates using openssl v0.9.7e I'm using EAP/TLS successfully, however I'd like to have the user challenged to enter a password prior to being given access to the local network. Currently, the TLS certificates work without any user interaction. I thought this is what the "Challenge Password" was for when the certificate is created by openssl, but my laptop connects without requiring any challenge. When I imported the certificate I checked the box that required strict security and said that I'd be prompted every time the certificate was used. Does a challenge get initiated by XP, the certificate, or the wireless adapter? Looking for any help you can provide on this issue. Thanks, Jon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
LNS failover watchdog
Hi All, I'm using freeradius1.0.2 to provide L2TP sessions authentications between 2 Redbak BAS and 3 Cisco LNS I can negociated L2TP LNS Tunnel endpoint sessions on a user base (staticly), but I would like to negociate the tunnel end point in a dynamic way to integrate failover and load balancing mechanisms between my 3 LNS. So how can I permanently change the Freeradius Tunnel attributes based on the LNS activity or viability? Is some LNS "watchdog" provided to accurate LNS load activity in FreeRadius DB? Thanks for your help. With regards. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
attribute value matching in users file
Hello, I'm having a bit of trouble matching attribute values in the users config file. I'm running freeradius 1.0.2. I have several DEFAULT entries starting with a series of checks. The problem is, on the last DEFAULT entry the attribute gets added regardless of whether the match is true or not. Following is the users file. redirectPort80 is an attribute tied to an ldap attribute through the ldap_attrs file. # requests from the nas for tollfree users dialing up DEFAULT Autz-Type := Tollfree, Called-Station-ID == "99" Port-Limit = 1, Idle-Timeout = 900, Framed-Protocol = PPP, Service-Type = Framed-User, Fall-Through = yes # requests from the nas for regular (not tollfree) users dialing up DEFAULT Autz-Type := NoTollfree Port-Limit = 1, Idle-Timeout = 1800, Framed-Protocol = PPP, Service-Type = Framed-User, Fall-Through = yes DEFAULT redirectPort80 == true Framed-Route = "10.32.0.5" Then I use radclient to test the file. When I send a request with radclient that has no redirectPort80 attribute at all, Framed-Route is still added. The really weird thing is, when I change that line in the users file to "redirectPort80 == false" while issuing the same radclient command Framed-Route is STILL added proving that the check isn't being used at all. It seems to be simply adding the Framed-Route attribute every time. Does anyone have any ideas? This is really baffling to me. Thanks in advance, Chris Carver - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_perl and perl modules
Dnia 21-04-2005, czw o godzinie 10:57 +0300, Boian Jordanov napisał(a): > Ok you can see that your perl come with libperl.so.5.8.4 and i guess > that DBI.so is linked against this libperl.so.5.8.4 > # ldd /usr/lib/perl5/auto/DBI/DBI.so libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7e8f000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000) If I use right command to test if DBI is linked with libperl so it is not... I have install DBI 1.48 from src and # ldd /usr/local/lib/perl/5.8.4/auto/DBI/DBI.so libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7e8f000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000) Is the same. > from your next mail i see that rlm_perl is linked against > libperl.so.5.8 So infact you are using different libs and that's why you > have a rellocation problems. Maybe you have more that one perl on your > system ? Hmmm... I din't install perl from src... it is instaled only from package so it is only one. (I hope :) ) libperl.so.5.8.4 and libperl.so.5.8 are symlinks to libperl.so so is the same libperl for 5.8 and 5.8.4 Maybe there are problem with paths to libs? Freeradius use standard paths nut Debian use it's own diffrent paths...?? -- Emil Wilmanski <[EMAIL PROTECTED]> Galeria-M - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
AW: How to log rejected request
Hello again,
ok, ok,
Reading often helps ..
Here is an extract of radiusd.conf:
[...]
# Access-Reject packets are sent through the REJECT sub-section of
the
# post-auth section.
# Uncomment the following and set the module name to the ldap
instance
# name if you have set 'edir_account_policy_check = yes' in the
ldap
# module sub-section of the 'modules' section.
#
Post-Auth-Type REJECT {
# insert-module-name-here
sql
}
[...]
Sorry for this stupid question.
Christian
> -Ursprüngliche Nachricht-
> Von: Gillmann, Christian [mailto:[EMAIL PROTECTED]
> Gesendet: Donnerstag, 21. April 2005 09:27
> An: 'freeradius-users@lists.cistron.nl'
> Betreff: How to log rejected request
>
>
> Hello all,
>
> I asked myself how to log rejected requests. For example:
>
> - Certificates which were revoked (CRL)
> - Wrong Certificates
> - or something else
>
> I thought about something like the post-auth procedure.
> Sure there is the possibility to scan the whole radius log
> file, but that's
> not what I want..
>
> I hope this question isn't too crazy :)
>
>
> Thanks and bye
> Christian
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_perl and perl modules
On Thu, Apr 21, 2005 at 01:14:15AM +0200, Emil Wilmanski wrote: > > Check output of perl -V, see if it does include "useshrplib=true"? and > > "libperl=libperl.so". > > $perl -V | grep -i useshrplib > -Duseshrplib -Dlibperl=libperl.so.5.8.4 -Dd_dosuid -des' > libc=/lib/libc-2.3.2.so, so=so, useshrplib=true, > libperl=libperl.so.5.8.4 > Ok you can see that your perl come with libperl.so.5.8.4 and i guess that DBI.so is linked against this libperl.so.5.8.4 > All ok. > > > Check output of "perl -MExtUtils::Embed -e ccopts > > -e ldopts" > > $perl -MExtUtils::Embed -e ccopts -e ldopts > -Wl,-E -L/usr/local/lib /usr/lib/perl/5.8/auto/DynaLoader/DynaLoader.a > -L/usr/lib/perl/5.8/CORE -lperl -ldl -lm -lpthread -lc -lcrypt > -D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBIAN > -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE > -D_FILE_OFFSET_BITS=64 -I/usr/lib/perl/5.8/CORE > > > [EMAIL PROTECTED]:/usr/lib$ ls -l | grep libperl > -rw-r--r-- 1 root root 1400854 2005-03-08 11:15 libperl.a > lrwxrwxrwx 1 root root 14 2005-04-16 16:28 libperl.so -> > libperl.so.5.8 > lrwxrwxrwx 1 root root 16 2005-04-16 16:28 libperl.so.5.8 -> > libperl.so.5.8.4 > -rw-r--r-- 1 root root 1150824 2005-03-08 11:15 libperl.so.5.8.4 > > > Check against which libperl is linked rlm_perl > > from your next mail i see that rlm_perl is linked against libperl.so.5.8 So infact you are using different libs and that's why you have a rellocation problems. Maybe you have more that one perl on your system ? -- Best Regards, Boian Jordanov SNE Orbitel - Next Generation Telecom tel. +359 2 4004 723 tel. +359 2 4004 002 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to log rejected request
Hello all, I asked myself how to log rejected requests. For example: - Certificates which were revoked (CRL) - Wrong Certificates - or something else I thought about something like the post-auth procedure. Sure there is the possibility to scan the whole radius log file, but that's not what I want.. I hope this question isn't too crazy :) Thanks and bye Christian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
