Re: User in Multiple Groups
OK, Phil, you got me. I thought all I did was copy the to address, but must
have used a reply instead. Sorry.
Thanks for the code suggestions. I understand what you see as the issue.
Makes sense. I will experiment with what you suggest and see what I get.
Scott Reed
Owner
NewWays
Wireless Networking
Network Design, Installation and Administration
www.nwwnet.net
-- Original Message ---
From: Phil Mayers <[EMAIL PROTECTED]>
To: FreeRadius users mailing list
Sent: Fri, 07 Apr 2006 11:09:48 +0100
Subject: Re: User in Multiple Groups
> Scott Reed wrote:
> > I did not usurp a thread, I reposted my own.
>
> Really? How odd:
>
> Message-ID: <[EMAIL PROTECTED]>
> From: "debik" <[EMAIL PROTECTED]>
> Subject: Re: Couldn't stop freeradius server!!
>
> From: "Scott Reed" <[EMAIL PROTECTED]>
> Date: Wed, 5 Apr 2006 07:25:29 -0500
> Message-Id: <[EMAIL PROTECTED]>
> In-Reply-To: <[EMAIL PROTECTED]>
> Subject: User in Multiple Groups
>
> >
> > I changed radcheck to have := instead of ==. No change.
> >
> > First query returns:
> > ++--+--+-++
> > | id | GroupName| Attribute| Value | op |
> > ++--+--+-++
> > | 28 | MS1-AP1 | Service-Type | Framed-User | == |
> > | 31 | Router-Admin | Service-Type | Login-User | == |
> > ++--+--+-++
>
> Ah ok. Lightbulb moment.
>
> Disclaimer: I'm not an expert w.r.t. rlm_sql (or much else in the server
> in fact)
>
> BUT I've taken quite a detailed look at the code in the past, and as far
> as I can tell it does this:
>
> check_items = []
>
> radcheck_items = query("")
> check_items += radcheck_items
>
> groupcheck_items = query("")
> check_items += groupcheck_items
>
> ...that is, ALL the groupcheck items for a user are added to the check
> items (see src/modules/rlm_sql/rlm_sql.c line 782, at least in 1.1.0
> source).
>
> So, in your case the check items from both groups will be merged:
>
> username Service-Type == Framed-User, Service-Type == Login-User
>
> ...and obviously will never match. So you're correct, with the default
> queries >1 groupcheck where the groups have the same check item will
> seldom (if ever) work as expected.
>
> You could try changing the groupcheck query to something like:
>
> SELECT
> ${groupcheck_table}.id,
> ${groupcheck_table}.GroupName,
> ${groupcheck_table}.Attribute,
> ${groupcheck_table}.Value,
> ${groupcheck_table}.op
> FROM
> ${groupcheck_table},
> ${usergroup_table}
> WHERE
> ${usergroup_table}.Username = '%{SQL-User-Name}'
> AND
> ${usergroup_table}.GroupName = ${groupcheck_table}.GroupName
> -- this bit has been added
> AND
> (
> -- all groups without Service-Type checks
> NOT EXISTS (
> select 1 from ${groupcheck_table} as ot
> where ot.Attribute=='Service-Type'
> and ot.GroupName==${groupcheck_table}.GroupName
> )
> OR
> -- all groups with Service-Type checks matching our Service-Type
> EXISTS (
> select 1 from ${groupcheck_table} as ot
> where ot.Attribute=='Service-Type'
> -- WARNING: this assumes ot.Op is "=="
> and ot.Value=='%{Service-Type}'
> and ot.GroupName==${groupcheck_table}.GroupName
> )
> )
> -- the above bit has been added
> ORDER BY ${groupcheck_table}.id
>
> ...which is a bit complex (and untested / off the top of my head) but
> should work. Having said that I note you're using MySQL, which I can't
> remember if it support sub-selects.
>
> Really the module should be recoded IMHO to do this:
>
> usercheck = query("")
> if usercheck AND paircmp(usercheck, request):
> userreply = query("")
> pairxlatmove(request.reply, userreply)
> groups = query(" order by priority")
> for group in groups:
> groupcheck = query(" WHERE GroupName=$group")
> if groupcheck and paircmp(groupcheck, request):
> groupreply = query(" WHERE GroupName=$group")
> pairxlatmove(request.reply, groupreply)
>
> ...but I don't know if there's any interest in doing that.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
--- End of Original Message ---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User in Multiple Groups
OK, Phil, you got me. I thought all I did was copy the to address, but must have used a reply instead. Sorry.
Thanks for the code suggestions. I understand what you see as the issue. Makes sense. I will experiment with what you suggest and see what I get.
Scott Reed
Owner
NewWays
Wireless Networking
Network Design, Installation and Administration
www.nwwnet.net
-- Original Message
---
From: Phil Mayers <[EMAIL PROTECTED]>
To: FreeRadius users mailing list
Sent: Fri, 07 Apr 2006 11:09:48 +0100
Subject: Re: User in Multiple Groups
> Scott Reed wrote:
>
> I did not usurp a thread, I reposted my own.
>
>
Really? How odd:
>
>
Message-ID: <[EMAIL PROTECTED]>
>
From: "debik" <[EMAIL PROTECTED]>
>
Subject: Re: Couldn't stop freeradius server!!
>
>
From: "Scott Reed" <[EMAIL PROTECTED]>
>
Date: Wed, 5 Apr 2006 07:25:29 -0500
>
Message-Id: <[EMAIL PROTECTED]>
>
In-Reply-To: <[EMAIL PROTECTED]>
>
Subject: User in Multiple Groups
>
>
>
>
> I changed radcheck to have := instead of ==. No change.
>
>
>
> First query returns:
>
> ++--+--+-++
>
> | id | GroupName | Attribute | Value
| op |
>
> ++--+--+-++
>
> | 28 | MS1-AP1 | Service-Type | Framed-User | == |
>
> | 31 | Router-Admin | Service-Type | Login-User | == |
>
> ++--+--+-++
>
>
Ah ok. Lightbulb moment.
>
>
Disclaimer: I'm not an expert w.r.t. rlm_sql (or much else in the server
>
in fact)
>
>
BUT I've taken quite a detailed look at the code in the past, and as far
>
as I can tell it does this:
>
>
check_items = []
>
>
radcheck_items = query("")
>
check_items += radcheck_items
>
>
groupcheck_items = query("")
>
check_items += groupcheck_items
>
>
...that is, ALL the groupcheck items for a user are added to the check
>
items (see src/modules/rlm_sql/rlm_sql.c line 782, at least in 1.1.0
>
source).
>
>
So, in your case the check items from both groups will be merged:
>
>
username Service-Type == Framed-User, Service-Type == Login-User
>
>
...and obviously will never match. So you're correct, with the default
>
queries >1 groupcheck where the groups have the same check item will
>
seldom (if ever) work as expected.
>
>
You could try changing the groupcheck query to something like:
>
>
SELECT
>
${groupcheck_table}.id,
>
${groupcheck_table}.GroupName,
>
${groupcheck_table}.Attribute,
>
${groupcheck_table}.Value,
>
${groupcheck_table}.op
>
FROM
>
${groupcheck_table},
>
${usergroup_table}
>
WHERE
>
${usergroup_table}.Username = '%{SQL-User-Name}'
>
AND
>
${usergroup_table}.GroupName = ${groupcheck_table}.GroupName
>
-- this bit has been added
>
AND
>
(
>
-- all groups without Service-Type checks
>
NOT EXISTS (
>
select 1 from ${groupcheck_table} as ot
>
where ot.Attribute=='Service-Type'
>
and ot.GroupName==${groupcheck_table}.GroupName
>
)
>
OR
>
-- all groups with Service-Type checks matching our Service-Type
>
EXISTS (
>
select 1 from ${groupcheck_table} as ot
>
where ot.Attribute=='Service-Type'
>
-- WARNING: this assumes ot.Op is "=="
>
and ot.Value=='%{Service-Type}'
>
and ot.GroupName==${groupcheck_table}.GroupName
>
)
>
)
>
-- the above bit has been added
>
ORDER BY ${groupcheck_table}.id
>
>
...which is a bit complex (and untested / off the top of my head) but
>
should work. Having said that I note you're using MySQL, which I can't
>
remember if it support sub-selects.
>
>
Really the module should be recoded IMHO to do this:
>
>
usercheck = query("")
>
if usercheck AND paircmp(usercheck, request):
>
userreply = query("")
>
pairxlatmove(request.reply, userreply)
>
groups = query(" order by priority")
>
for group in groups:
>
groupcheck = query(" WHERE
GroupName=$group")
>
if groupcheck and paircmp(groupcheck, request):
>
groupreply = query(" WHERE
GroupName=$group")
>
pairxlatmove(request.reply, groupreply)
>
>
...but I don't know if there's any interest in doing that.
>
-
>
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--- End
of Original Message
---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User in Multiple Groups
Someone posted that many readers of this list don't have HTML mail readers, so I cleaned up the spacing on the tables and am reposting this in text so all can read it. Scott Reed Owner NewWays Wireless Networking Network Design, Installation and Administration www.nwwnet.net -- Original Message --- From: "Scott Reed" <[EMAIL PROTECTED]> To: FreeRadius users mailing list Sent: Thu, 6 Apr 2006 07:54:08 -0500 Subject: Re: User in Multiple Groups > I did not usurp a thread, I reposted my own. > > I changed radcheck to have := instead of ==. No change. > > First query returns: > ++--+--+-++ > | id | GroupName| Attribute| Value | op | > ++--+--+-++ > | 28 | MS1-AP1 | Service-Type | Framed-User | == | > | 31 | Router-Admin | Service-Type | Login-User | == | > ++--+--+-++ > Second query returns > ++--+---+---++ > | id | GroupName| Attribute | Value | op | > ++--+---+---++ > | 34 | Router-Admin | Mikrotik-Group| full | = | > | 39 | Router-Admin | Fall-Through | Yes | = | > | 37 | MS1-AP1 | Fall-Through | Yes | = | > | 33 | MS1-AP1 | Port-Limit| 128k | = | > ++--+---+---++ > > I have a document from the FreeRadius WIKI (rlm_sql) that says, "Processing continues to the next group IF: > There was not a match for the last group's check items OR > Fall-Through was set in the last group's reply items. > If the user logs into a router, the request is for Login-User and they should get the Router-Admin replies. If they log in to an AP, the request is Framed-User and they should get the AP replies. > > Scott Reed > Owner > NewWays > Wireless Networking > Network Design, Installation and Administration > www.nwwnet.net > > -- Original Message --- > From: Phil Mayers <[EMAIL PROTECTED]> > To: FreeRadius users mailing list > Sent: Thu, 06 Apr 2006 13:22:39 +0100 > Subject: Re: User in Multiple Groups > > > Scott Reed wrote: > > > I have searched the archive and came close to figuring this out, but I have not > > > > Don't start your query as part of another thread please. > > > > > > > > Configuration tables: > > > 1 USERGROUP > > > 2 80 sreed MS1-AP1 > > > 3 76 treed MS1-AP1 > > > 4 78 sreed Router-Admin > > > 5 79 treed Router-Admin > > > 6 81 dreed Router-Admin > > > 7 > > > 8 RADCHECK > > > 9 331 dreed User-Password == password > > > 10 269 treed User-Password == password > > > 11 267 sreed User-Password == password > > > > This should be ":=" for User-Password. If the match is failing, that may > > be the issue. > > > > > 12 > > > 13 RADGROUPCHECK > > > 14 31 Router-Admin Service-Type == Login-User > > > 15 28 MS1-AP1 Service-Type == Framed-User > > > 16 > > > 17 RADREPLY > > > 18 33 sreed Fall-Through = yes > > > 19 43 treed Fall-Through = yes > > > 20 > > > 21 RADGROUPREPLY > > > 22 33 MS1-AP1 Port-Limit = 128k 15 > > > 23 34 Router-Admin Mikrotik-Group = full 10 > > > 24 39 Router-Admin Fall-Through = Yes 10 > > > 25 37 MS1-AP1 Fall-Through = Yes 15 > > > > I don't think Fall-Through does anything in rlm_sql. What are you > > expecting it to do? > > > > > rad_recv: Access-Request packet from host 192.168.100.13:1201, id=166, length=83 > > > Service-Type = Login-User > > > User-Name = "treed" > > > User-Password = "password" > > > Calling-Station-Id = "192.168.100.240" > > > NAS-Identifier = "HotSpot" > > > NAS-IP-Address = 192.168.100.13 > > > Processing the authorize section of radiusd.conf > > > modcall: entering group authorize for request 1 > > > modcall[authorize]: module "preprocess" returns ok for request 1 > > > modcall[authorize]: module "chap" returns noop for request 1 > > > modcall[authorize]: module "mschap" returns noop for request 1 > > > rlm_realm: No '@' in User-Name = "treed", looking up realm NULL > > > rlm_realm: No such realm "NULL" > > > modcall[authorize]: module "suffix" returns noop for
Re: User in Multiple Groups
I did not usurp a thread, I reposted my own. I changed radcheck to have := instead of ==. No change. First query returns: ++--+--+-++ | id | GroupName | Attribute | Value | op | ++--+--+-++ | 28 | MS1-AP1 | Service-Type | Framed-User | == | | 31 | Router-Admin | Service-Type | Login-User | == | ++--+--+-++ Second query returns ++--++---++ | id | GroupName | Attribute | Value | op | ++--++---++ | 34 | Router-Admin | Mikrotik-Group | full | = | | 39 | Router-Admin | Fall-Through | Yes | = | | 37 | MS1-AP1 | Fall-Through | Yes | = | | 33 | MS1-AP1 | Port-Limit | 128k | = | ++--++---++ I have a document from the FreeRadius WIKI (rlm_sql) that says, "Processing continues to the next group IF: There was not a match for the last group's check items OR Fall-Through was set in the last group's reply items. If the user logs into a router, the request is for Login-User and they should get the Router-Admin replies. If they log in to an AP, the request is Framed-User and they should get the AP replies. Scott Reed Owner NewWays Wireless Networking Network Design, Installation and Administration www.nwwnet.net -- Original Message --- From: Phil Mayers <[EMAIL PROTECTED]> To: FreeRadius users mailing list Sent: Thu, 06 Apr 2006 13:22:39 +0100 Subject: Re: User in Multiple Groups > Scott Reed wrote: > > I have searched the archive and came close to figuring this out, but I have not > > Don't start your query as part of another thread please. > > > > > Configuration tables: > > 1 USERGROUP > > 2 80 sreed MS1-AP1 > > 3 76 treed MS1-AP1 > > 4 78 sreed Router-Admin > > 5 79 treed Router-Admin > > 6 81 dreed Router-Admin > > 7 > > 8 RADCHECK > > 9 331 dreed User-Password == password > > 10 269 treed User-Password == password > > 11 267 sreed User-Password == password > > This should be ":=" for User-Password. If the match is failing, that may > be the issue. > > > 12 > > 13 RADGROUPCHECK > > 14 31 Router-Admin Service-Type == Login-User > > 15 28 MS1-AP1 Service-Type == Framed-User > > 16 > > 17 RADREPLY > > 18 33 sreed Fall-Through = yes > > 19 43 treed Fall-Through = yes > > 20 > > 21 RADGROUPREPLY > > 22 33 MS1-AP1 Port-Limit = 128k 15 > > 23 34 Router-Admin Mikrotik-Group = full 10 > > 24 39 Router-Admin Fall-Through = Yes 10 > > 25 37 MS1-AP1 Fall-Through = Yes 15 > > I don't think Fall-Through does anything in rlm_sql. What are you > expecting it to do? > > > rad_recv: Access-Request packet from host 192.168.100.13:1201, id=166, length=83 > > Service-Type = Login-User > > User-Name = "treed" > > User-Password = "password" > > Calling-Station-Id = "192.168.100.240" > > NAS-Identifier = "HotSpot" > > NAS-IP-Address = 192.168.100.13 > > Processing the authorize section of radiusd.conf > > modcall: entering group authorize for request 1 > > modcall[authorize]: module "preprocess" returns ok for request 1 > > modcall[authorize]: module "chap" returns noop for request 1 > > modcall[authorize]: module "mschap" returns noop for request 1 > > rlm_realm: No '@' in User-Name = "treed", looking up realm NULL > > rlm_realm: No such realm "NULL" > > modcall[authorize]: module "suffix" returns noop for request 1 > > radius_xlat: 'treed' > > rlm_sql (sql): sql_set_user escaped user --> 'treed' > > rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE > > Username = 'treed' ORDER BY id > > rlm_sql_mysql: query: SELECT > > radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,
Re: User in Multiple Groups
Surely someone has users in mulitple groups and can tell me how to make that work.
Scott Reed
Owner
NewWays
Wireless Networking
Network Design, Installation and Administration
www.nwwnet.net
-- Original Message
---
From: "Scott Reed" <[EMAIL PROTECTED]>
To: FreeRadius users mailing list
Sent: Wed, 5 Apr 2006 07:25:29 -0500
Subject: User in Multiple Groups
>
I have searched the archive and came close to figuring this out,
but I have not been able to get a user to exist in 2 groups and have each
authenticate. I have one set of systems that need Login-User and then reply
with one set of responses and another set that need Framed-User and reply with a
different set of
responses.
> I have both groups working if I have the user in just one group. If
the user is in 2 groups, one group works and the other Rejects. What is wrong
with my
configuration?
>
> There is an accounting request packet in the trace below that
show that sreed is logged into one of the Framed-User devices. Then there is
the packet from treed trying to log into a Login-User
device.
>
> Configuration
tables:
> 1
USERGROUP
> 2 80 sreed
MS1-AP1
> 3 76 treed
MS1-AP1
> 4 78 sreed
Router-Admin
> 5 79 treed
Router-Admin
> 6 81 dreed
Router-Admin
>
7
> 8
RADCHECK
> 9 331 dreed User-Password ==
password
> 10 269 treed User-Password ==
password
> 11 267 sreed User-Password ==
password
>
12
> 13
RADGROUPCHECK
> 14 31 Router-AdminService-Type==
Login-User
> 15 28 MS1-AP1 Service-Type==
Framed-User
>
16
> 17
RADREPLY
> 18 33 sreed Fall-Through=
yes
> 19 43 treed Fall-Through=
yes
>
20
> 21
RADGROUPREPLY
> 22 33 MS1-AP1 Port-Limit= 128k
15
> 23 34 Router-AdminMikrotik-Group = full
10
> 24 39 Router-AdminFall-Through = Yes
10
> 25 37 MS1-AP1 Fall-Through = Yes
15
>
> Debug
trace:
> rlm_sql_mysql: Starting connect to MySQL server for
#1
> rlm_sql (sql): Connected new DB handle,
#1
> rlm_sql (sql): starting
2
> rlm_sql (sql): Attempting to connect rlm_sql_mysql
#2
> rlm_sql_mysql: Starting connect to MySQL server for
#2
> rlm_sql (sql): Connected new DB handle,
#2
> rlm_sql (sql): starting
3
> rlm_sql (sql): Attempting to connect rlm_sql_mysql
#3
> rlm_sql_mysql: Starting connect to MySQL server for
#3
> rlm_sql (sql): Connected new DB handle,
#3
> rlm_sql (sql): starting
4
> rlm_sql (sql): Attempting to connect rlm_sql_mysql
#4
> rlm_sql_mysql: Starting connect to MySQL server for
#4
> rlm_sql (sql): Connected new DB handle,
#4
> rlm_sql (sql): -
generate_sql_clients
> rlm_sql (sql): Query: SELECT * FROM
nas
> rlm_sql (sql): Reserving sql socket id:
4
> rlm_sql_mysql: query: SELECT * FROM
nas
> rlm_sql (sql): Read entry
nasname=nwnr0004.nwadmin.net,shortname=nwnr0004,secret=sbr28tsr
> rlm_sql (sql): Adding client 10.2.49.5 (nwnr0004) to clients
list
> rlm_sql (sql): Read entry
nasname=nwnr0003.nwadmin.net,shortname=nwnr0003,secret=sbr28tsr
> rlm_sql (sql): Adding client 10.2.49.4 (nwnr0003) to clients
list
> rlm_sql (sql): Read entry
nasname=nwnr0002.nwadmin.net,shortname=nwnr0002,secret=sbr28tsr
> rlm_sql (sql): Adding client 10.0.1.4 (nwnr0002) to clients
list
> rlm_sql (sql): Read entry
nasname=hotspot.nwwhome.net,shortname=hotspot,secret=testing123
> rlm_sql (sql): Adding client 192.168.100.13 (hotspot) to clients
list
> rlm_sql (sql): Read entry
nasname=nwnr0001.nwadmin.net,shortname=nwnr0001,secret=sbr28tsr
> rlm_sql (sql): Adding client 10.0.0.1 (nwnr0001) to clients
list
> rlm_sql (sql): Released sql socket id:
4
> Module: Instantiated sql
(sql)
> Module: Loaded
Acct-Unique-Session-Id
> acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address,
NAS-Port"
> Module: Instantiated acct_unique
(acct_unique)
> Module: Loaded
detail
> detail: detailfile =
"/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
> detail: detailperm =
384
> detail: dirperm =
493
> detail: locking =
no
> Module: Instantiated detail
(detail)
> Module: Loaded
System
> unix: cache =
no
> unix: passwd =
"(null)"
> unix: shadow =
"/etc/shadow"
> unix: group =
"(null)"
> unix: radwtmp =
"/var/log/radius/radwtmp"
> unix: usegroup =
User in Multiple Groups
groupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'treed' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'treed' ORDER BY id'
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'treed' ORDER BY id
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'treed' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.prio'
rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'treed' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.prio
rlm_sql (sql): No matching entry in the database for request from user [treed]
rlm_sql (sql): Released sql socket id: 2
modcall[authorize]: module "sql" returns notfound for request 1
modcall: group authorize returns ok for request 1
auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [treed/password] (from client hotspot port 0 cli 192.168.100.240)
Processing the post-auth section of radiusd.conf
modcall: entering group Post-Auth-Type for request 1
rlm_sql (sql): Processing sql_postauth
radius_xlat: 'treed'
rlm_sql (sql): sql_set_user escaped user --> 'treed'
radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values ('', 'treed', 'password', 'Access-Reject', NOW())'
radius_xlat: '/var/log/radius/sqltrace.sql'
rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, pass, reply, date) values ('', 'treed', 'password', 'Access-Reject', NOW())
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql_mysql: query: INSERT into radpostauth (id, user, pass, reply, date) values ('', 'treed', 'password', 'Access-Reject', NOW())
rlm_sql (sql): Released sql socket id: 1
modcall[post-auth]: module "sql" returns ok for request 1
modcall: group Post-Auth-Type returns ok for request 1
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 192.168.100.13:1201, id=166, length=83
Sending Access-Reject of id 166 to 192.168.100.13:1201
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 3 seconds...
Scott Reed
Owner
NewWays
Wireless Networking
Network Design, Installation and Administration
www.nwwnet.net
-- Original Message
---
From: "debik" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Wed, 5 Apr 2006 20:26:14 +0200
Subject: Re: Couldn't stop freeradius server!!
> Try "killall radiusd" or "killall
freeradius".
>
I have debian and that commands are allwright.
>
>
- Original Message -
>
From: "lmyho" <[EMAIL PROTECTED]>
>
To: "FreeRadius users mailing list"
>
Sent: Tuesday, April 04, 2006 6:19 PM
>
Subject: Re: Couldn't stop freeradius server!!
>
>
>
>
> --- monish ar <[EMAIL PROTECTED]> wrote:
>
>> Instead of using the command to stop the radius daemon, herez
another
>
>> simple way.
>
>> At the console type " ps -ax | grep radiusd" , this
will give u the list
>
>> of
>
>> radius servers currently
>
>> along with its process IDs. The next thing u do is type "
kill pid# " ,
>
>> PID# refers to the process
>
>> id number of ur currently running radius daemon. Hope it helps...
>
>> Dunno bout the NAS list though...
>
>
>
> Hi Monish,
>
>
>
> Thank you for the idea! I checked, and found the process. but
on this
>
> debian
>
> system, the process is actually named "freeradius", instead of
the
>
> traditional
>
> "radiusd".:( So there are indeed some changes on how the
freeradius is
>
> run on
>
> debian. Do you have more idea about it?
>
> Can anyone tell me more on how the debian is running the freeradius and
>
> how I can
>
> stop the server from command line in debian system? (pls see problem
>
> de
Re: radtest
radiusd not running? Scott Reed Owner NewWays www.nwwnet.net -- Original Message --- From: [EMAIL PROTECTED] To: freeradius-users@lists.freeradius.org Sent: Thu, 17 Mar 2005 16:52:31 +0100 Subject: radtest > Hi all, > > I'm trying to do a simple radtest but it doesn't go through. Here is what I get > : > > $ radtest bob bob localhost 0 testing123 > Sending Access-Request of id 227 to 127.0.0.1:1812 > User-Name = "bob" > User-Password = "bob" > NAS-IP-Address = localhost.localdomain > NAS-Port = 0 > radclient: no response from server for ID 227 > > I running on Fedora with very simple configurations. > Does anyone have any idea about what is going on? > > Cheers > > Vicky > > > This message was sent using IMP, the Internet Messaging Program. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --- End of Original Message --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
