Anyone has patch about sql.c or rlm_sql.c to support operator?
Hi,all, I saw someone posted a patch about sql.c or rlm_sql.c to support operator processing for sql module before, but now I searched all the maillist archive and cannot find it, I use SQL to authorize and authenticate , but the sql module in 0.4 does not support operator processing,so I need it. Anyone has it? Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dialup_admin - fatal error resolved ...
I have finally find the source of my problem, it was my fault. I added a link lib/sql/defaults.php3 -> lib/defaults.php3 so it looped ... Now I just put a void file in lib/sql/defaults.php3. I see that it is interesting but I have some questions or notes if possible : * in tre accounting report, isn't there navigations buttons ? (to see the next or previous records), * is not there something to manage radgroupcheck, radgroupreply and usergroup ? * i noticed that it does not support yet operator in radcheck and radreply tables ? is it planed or not ? Thanx @+ -- DouRiX Do-Risika RAFIEFERANTSIARONJY wrote: > > Kostas Kalevras wrote: > > > > On Mon, 21 Jan 2002, Do-Risika RAFIEFERANTSIARONJY wrote: > > > > > > > > Hi all, > > > > > > As it is referenced as a an interface php for freeradius > > > (http://sourceforge.net/projects/dialup-admin/), I think somebody here > > > use it. > > > > > > I have the fatal error below when I try to edit or create user, so I > > > want to ask if it is a bug or if there is something wrong in my config ? > > > (i'm using mysql in accounting) > > > > > > Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to > > > allocate 11520 bytes) in > > > /usr/local/dialup_admin/lib/defaults.php3 on line 10 > > > > > Are you runing anything else on the machine? From the error message it seems > > that defaults.php3 tried to allocate just 11KB which is quite reasonable. > > I am not sure if the php memory_limit directive applies to a single page or to > > the whole php process. > > I have just freeradius, mysql, apache on a debian box ... > > @+ > -- > DouRiX > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Do-Risika RAFIEFERANTSIARONJY mailto:[EMAIL PROTECTED] Simicro Internet, mailto:[EMAIL PROTECTED], http://internet.simicro.mg Tel : (+261) 20 22 648 83 (GMT +3), Fax : (+261) 20 22 661 83 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Could not find proper Chap-Password Lucent AP
rlm_chap: could not find proper Chap-Password attribute in request I use Lucent AP with EAP-MD5 to interact with FreeRadius But The FreeRadius show the above message to me I don't know how to handle it pls give me a advice . Thank U - < ¨C¤Ñ³£ Yahoo!©_¼¯ > www.yahoo.com.tw - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dialup_admin - fatal error ...
Nicola Orru' wrote: > > > > Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to > > > allocate 11520 bytes) in > > > /usr/local/dialup_admin/lib/defaults.php3 on line 10 > > There must be an infinite loop somewhere... Yes, may be because on line 10, it seems that the file defaults.php3 is including itself. So if that is the problem, I think it is a bug, or should I change something in my configuration files ? -- default.php3, line 10 -- if (is_file("../lib/$config[general_lib_type]/defaults.php3")) include("../lib/$config[general_lib_type]/defaults.php3"); (END) Does someone have any idea ? @+ -- ;-DouRiX - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dialup_admin - fatal error ...
Kostas Kalevras wrote: > > On Mon, 21 Jan 2002, Do-Risika RAFIEFERANTSIARONJY wrote: > > > > > Hi all, > > > > As it is referenced as a an interface php for freeradius > > (http://sourceforge.net/projects/dialup-admin/), I think somebody here > > use it. > > > > I have the fatal error below when I try to edit or create user, so I > > want to ask if it is a bug or if there is something wrong in my config ? > > (i'm using mysql in accounting) > > > > Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to > > allocate 11520 bytes) in > > /usr/local/dialup_admin/lib/defaults.php3 on line 10 > > > Are you runing anything else on the machine? From the error message it seems > that defaults.php3 tried to allocate just 11KB which is quite reasonable. > I am not sure if the php memory_limit directive applies to a single page or to > the whole php process. I have just freeradius, mysql, apache on a debian box ... @+ -- DouRiX - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Concept problem
Hi, I have an old working radius server that handles my accounting just fine with my PM2e Now trying to authenticate from a new server setwork. Problem is that the new network uses proxy-radius and apparently needs at least 180 characters though my old radius server only handles 128 characters. My thought is to use FreeRadius as a proxy between their proxy radius servers and mine and hopefully have FreeRadius modify the packets etc. Is this even possible or am I wasting my time even trying? I am not a programmer :-\ Willie. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
PAM RHS Attribute Pairing
This question may be a limitation of PAM methodology, but I figure it is worth asking the experts. Is there a way to pass RHS Attribute values [eg- Framed-IP-Address] to the free-radius environment when doing PAM authentication? I have found no public domain PAM modules which serve as an example for this. It appears the PAM structure allows for passing this type of data through environment variables [using the pam_putenv() call]. In looking at the rlm_pam module, I find no provision to accomplish this type of configuration. My bottom line goal is to authenticate using PAM and pull the corresponding RHS values from a MySQL table (using chained PAM modules?) of much simpler structure than what is currently implemented using MySQL authentication. Perhaps there is a better way? Any suggestions are appreciated! Tony - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Stop queries
On Mon, Jan 21, 2002 at 05:59:11PM +0200, Igor Chen wrote: > Hi! > Anyone uses cisco nas and freeradius? > I think that freeradius sometimes drops Stop queries and user record in > radacct is not updated then. (Is it really possible?). I happen's > not often, but happens, i can not even figure out why :-\ > I asked our cisco dealer, they say that nas always sends Stop queries, > and problem is in my radius. Our partners use patched > cistron and cisco nas, and they have not expirienced such problem. > I hope to get any advice... > > my configuration: > cisco 3620 (30 modems), freeradius 0.3, postgresql 7.1 So you have got hanging sessions, right? Possibly UDP packets get lost in noisy network and radius doesn't recieve them. Try to increase number of retransmission on NAS. Also you can look for bugreports on your IOS version (we use Cisco NASes and have no problems with them, although we don't use freeradius). -- With best regards, Oleg Gritsinevich. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Question reagarding Radius
Hi! I'm looking for radius that I can integrate with my billing/accounting software, so when I add customer to my b/a software, his login name and pass. would be included in the radius database at the same time. Is XTRadius will do the job or I have to look for something else? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Windows
"Tarquin Douglass \(Astronet Internet Access\)" <[EMAIL PROTECTED]> wrote: > has anyone managed to compile freeradius for windows, winnt, win2k yet ? No. > If so, please email me the binary. Uh... right. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Windows
Hi all, has anyone managed to compile freeradius for windows, winnt, win2k yet ? If so, please email me the binary. Regards Tarquin DouglassAstronet Internet AccessTel: (031) 2692954Cel: (083) 5557890_http://www.astronet.co.za
rlm_sql cisco accounting hack...
Hello- We are using freeradius-0.4, and noticed a couple log entries for 'zero session length'. I tracked it down to the block (below) in rlm_sql.c. Now, we only got a couple log entries, but in both cases we had "open" sessions in the database that were not closed due to a 0-length session time (so we are treating them as "valid".) My question is basically: The comment here notes that you only want to return RLM_MODULE_FAIL if the session length is 0 AND no previous session was found. Does this actually check for previous sessions? A cursory glance did not reveal where it was checking this. -Kevin #ifdef CISCO_ACCOUNTING_HACK /* * If stop but zero session length AND no previous * session found, drop it as in invalid packet * This is to fix CISCO's aaa from filling our * table with bogus crap */ if ((pair = pairfind(request->packet->vps, PW_ACCT_SESSION_TIME)) != NULL) acctsessiontime = pair->lvalue; if ((acctsessiontime <= 0) && (acctstatustype == PW_STATUS_STOP)) { radius_xlat(logstr, MAX_QUERY_LEN, "rlm_sql: Stop packet with zero session length. (user ' %{User-Name}', nas '%{NAS-IP-Address}')", request, NULL); radlog(L_ERR, logstr); sql_release_socket(inst, sqlsocket); return RLM_MODULE_FAIL; } #endif --- Kevin C. Miller <[EMAIL PROTECTED]> Network Group Carnegie Mellon University - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PAM and Huntgroups
Paul Khavkine <[EMAIL PROTECTED]> wrote: > I have the following design in mind: > > 1) All authentication is done through PAM -> Krb5 > 2) All user info such as uis/gid is kept in NIS database > > Now i cant seem to figure out how to do that (or even if it's possible) > with FreeRADIUS. NIS is a big nasty evil monster, so I haven't seen many applications using it directly. And PAM only does username/password authentication, so it can't return uid/etc information. > I need to have huntgroups for different type service so users would > belong to a different unix group. I'm not sure what you mean by that. Huntgroups are mostly NAS based, not Unix group name based. Do you want to ensure that people logging into NAS 1 are in Unix group A, and people logging into NAS 2 are in Unix group B? > But since PAM have no idea about unix groups so i cant use Group = > "dialup" in users file when using PAM. That's a common problem with PAM. > Is there any other way to implement huntgroups with PAM authentication ? Not really. PAM does authentication, and nothing more. It *may* be possible to write an 'rlm_nis' module, but I don't know what that would gain you over just using 'getgrnam'. If you have NIS, you can set /etc/nsswitch.conf to get the groups from NIS. So in that case, a NIS module for the server would only be saving you one function call... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dialup_admin - fatal error ...
On Mon, 21 Jan 2002 19:05:14 +0200 (EET) Kostas Kalevras <[EMAIL PROTECTED]> wrote: > On Mon, 21 Jan 2002, Do-Risika RAFIEFERANTSIARONJY wrote: > > > > > Hi all, > > > > As it is referenced as a an interface php for freeradius > > (http://sourceforge.net/projects/dialup-admin/), I think somebody here > > use it. > > > > I have the fatal error below when I try to edit or create user, so I > > want to ask if it is a bug or if there is something wrong in my config ? > > (i'm using mysql in accounting) > > > > Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to > > allocate 11520 bytes) in > > /usr/local/dialup_admin/lib/defaults.php3 on line 10 There must be an infinite loop somewhere... > > > > Here attached a copy of my admin.conf ... > > > > Thanx in advance, > > > > @+ > > -- > > DouRiX > > Are you runing anything else on the machine? From the error message it seems > that defaults.php3 tried to allocate just 11KB which is quite reasonable. > I am not sure if the php memory_limit directive applies to a single page or to > the whole php process. > > -- > Kostas Kalevras Network Operations Center > [EMAIL PROTECTED]National Technical University of Athens, Greece > Work Phone: +30 10 7721861 > 'Go back to the shadow' Gandalf > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Nicola Orru' ENERGIT Via Efisio Melis, 26 09134 Cagliari - Italia Tel. +39 070 7521 317 Fax +39 070 7521 51 www.energit.it Energia Telefonia Servizi Internet Sistemi di Gestione per le Aziende - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Stop queries
On Mon, 21 Jan 2002, Igor Chen wrote: > Hi! > Anyone uses cisco nas and freeradius? > I think that freeradius sometimes drops Stop queries and user record in > radacct is not updated then. (Is it really possible?). I happen's > not often, but happens, i can not even figure out why :-\ > I asked our cisco dealer, they say that nas always sends Stop queries, > and problem is in my radius. Our partners use patched > cistron and cisco nas, and they have not expirienced such problem. > I hope to get any advice... > > my configuration: > cisco 3620 (30 modems), freeradius 0.3, postgresql 7.1 > > -- > cron-ripe Check your radius.log file if you get any messages like the following: rlm_sql: All sockets are being used! Please increase the maximum number of sockets! If you do get this message try increasing the num_sql_socks directive in sql.conf. If you also do accounting in a detail file check if the stop packets for those stale entries have been recorded there. In any case the server will log whatever the nas sends it. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dialup_admin - fatal error ...
On Mon, 21 Jan 2002, Do-Risika RAFIEFERANTSIARONJY wrote: > > Hi all, > > As it is referenced as a an interface php for freeradius > (http://sourceforge.net/projects/dialup-admin/), I think somebody here > use it. > > I have the fatal error below when I try to edit or create user, so I > want to ask if it is a bug or if there is something wrong in my config ? > (i'm using mysql in accounting) > > Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to > allocate 11520 bytes) in > /usr/local/dialup_admin/lib/defaults.php3 on line 10 > > Here attached a copy of my admin.conf ... > > Thanx in advance, > > @+ > -- > DouRiX Are you runing anything else on the machine? From the error message it seems that defaults.php3 tried to allocate just 11KB which is quite reasonable. I am not sure if the php memory_limit directive applies to a single page or to the whole php process. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg. Fault 0.4
"Alex L. Demidov" <[EMAIL PROTECTED]> wrote: > Same problem here. Try this patch. Applied, thanks. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Stop queries
Hi! Anyone uses cisco nas and freeradius? I think that freeradius sometimes drops Stop queries and user record in radacct is not updated then. (Is it really possible?). I happen's not often, but happens, i can not even figure out why :-\ I asked our cisco dealer, they say that nas always sends Stop queries, and problem is in my radius. Our partners use patched cistron and cisco nas, and they have not expirienced such problem. I hope to get any advice... my configuration: cisco 3620 (30 modems), freeradius 0.3, postgresql 7.1 -- cron-ripe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: passwd
Lee W <[EMAIL PROTECTED]> wrote: > Thanks for the timely responces. I'm 100% up and running > now. However I would like to have a separate password file, be it > PAM or System. Do both methoeds only use the system passwd with no > other options? I don't know about PAM, but rlm_unix has a 'passwd' configuration directive, which tells it where to get the password file from. See 'radiusd.conf' Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
passwd
Hi all, Thanks for the timely responces. I'm 100% up and running now. However I would like to have a separate password file, be it PAM or System. Do both methoeds only use the system passwd with no other options? Lee -- Lee Wolf EMR Data Services [EMAIL PROTECTED] 623-764-0870 cell 623-581-0842 voice 623-582-9499 fax EMR Internet A Serious Internet Experience ** 56K Dial-up ** DSL ** Web-hosting ** ** Co-location ** T1s ** ISDN ** ** High-Speed Fiber Backbone ** Linux powered ** ** Custom Web Design ** Site Development ** ** Search Engine Placement & Web Consultation ** Visit us at http://www.emr.net! Ask about our reseller programs! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg. Fault 0.4
Thanks a lot! It's working whole day :) On Sat, Jan 19, 2002 at 09:09:43PM +0300, Alex L. Demidov wrote: > Same problem here. Try this patch. > > --- src/modules/rlm_sql/drivers/rlm_sql_postgresql/sql_postgresql.c.origSat >Jan 19 21:00:39 2002 > +++ src/modules/rlm_sql/drivers/rlm_sql_postgresql/sql_postgresql.c Sat Jan 19 >20:55:50 2002 > @@ -255,8 +255,8 @@ > pg_sock->num_fields = records; > > if ((PQntuples(pg_sock->result) > 0) && (records > 0)) { > - pg_sock->row = (char **)rad_malloc(records*sizeof(char *)+1); > - memset(pg_sock->row, '\0', records*sizeof(char *)+1); > + pg_sock->row = (char **)rad_malloc((records+1)*sizeof(char *)); > + memset(pg_sock->row, '\0', (records+1)*sizeof(char *)); > > for (i = 0; i < records; i++) { > len = PQgetlength(pg_sock->result, pg_sock->cur_row, i); > > -- Igor A. Karpovphone: +380(44)238-0624 Unix System Administrator Has Hell frozen over yet? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
dialup_admin - fatal error ...
Hi all, As it is referenced as a an interface php for freeradius (http://sourceforge.net/projects/dialup-admin/), I think somebody here use it. I have the fatal error below when I try to edit or create user, so I want to ask if it is a bug or if there is something wrong in my config ? (i'm using mysql in accounting) Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 11520 bytes) in /usr/local/dialup_admin/lib/defaults.php3 on line 10 Here attached a copy of my admin.conf ... Thanx in advance, @+ -- DouRiX # # it can be el (greek) or default # general_prefered_lang: el general_prefered_lang_name: Greek # general_base_dir: /usr/local/dialup_admin general_radiusd_base_dir: /usr general_domain: tana.simicro.net # general_ldap_attrmap: %{general_radiusd_base_dir}/etc/raddb/ldap.attrmap general_sql_attrmap: %{general_base_dir}/conf/sql.attrmap general_extra_ldap_attrmap: %{general_base_dir}/conf/extra.ldap-attrmap # # it can be either ldap or sql # general_lib_type: sql general_user_edit_attrs_file: %{general_base_dir}/conf/user_edit.attrs general_sql_attrs_file: %{general_base_dir}/conf/sql.attrs general_default_file: %{general_base_dir}/conf/default.vals general_snmpfinger_bin: %{general_base_dir}/bin/snmpfinger general_radclient_bin: %{general_radiusd_base_dir}/bin/radclient # # this information is used from the server check page # #general_test_account_login: test #general_test_account_password: testpass general_test_account_login: test general_test_account_password: xx # # These are used as default values for the user test page # general_radius_server: localhost general_radius_server_port: 1812 # # sorry, single valued for now. Should become something like # password[server-name]: x # general_radius_server_secret: testing123 general_auth_request_file: %{general_base_dir}/conf/auth.request # # can be one of crypt,md5,clear # general_encryption_method: crypt nas1_name: nas1.%{general_domain} nas1_model: Cisco 2511 access server nas1_ip: 147.122.122.121 nas1_port_num: 16 nas1_community: public nas2_name: nas2.%{general_domain} nas2_model: Cisco 2511 access server nas2_ip: 147.122.122.123 nas2_port_num: 16 nas2_community: public nas3_name: nas3.%{general_domain} nas3_model: Cisco 5300 access server nas3_ip: 147.122.122.124 nas3_port_num: 210 nas3_community: public ldap_server: ldap.%{general_domain} ldap_base: dc=company,dc=com ldap_binddn: cn=Directory Manager ldap_bindpw: XXX ldap_default_new_entry_suffix: ou=dialup,ou=guests,%{ldap_base} ldap_default_dn: uid=default-dialup,%{ldap_base} ldap_regular_profile_attr: dialupregularprofile # # can be one of mysql,pg where: # mysq: MySQL database (port 3306) # pg: PostgreSQL database (port 5432) # sql_type: mysql sql_server: localhost sql_port: 3306 sql_username: radiusadmin sql_password: xx sql_database: radius sql_accounting_table: radacct sql_badusers_table: badusers sql_check_table: radcheck sql_reply_table: radreply sql_user_info_table: userinfo # # true or false # sql_use_user_info_table: false sql_password_attribute: Crypt-Password sql_date_format: Y-m-d sql_full_date_format: Y-m-d H:i:s # # Used in the accounting report generator so that we # don't return too many results # sql_row_limit: 40 counter_default_daily: 14400 counter_default_weekly: 72000 counter_default_monthly: none
Simultaneous-Use don't work
Hi. We have got trouble with parameter Simultaneous-Use. It doesn't work when we try to autorize user. Although parameter Login-Time works correctly. I use FreeRadius 0.4 + PostgreSQL table radgroupcheck: +---+---+---+---+--+ |id |GroupName |Attribute |Value |op| +---+---+---+---+--+ |1 |DEFAULT |Simultaneous-Use |1 |:=| |2 |night |Login-Time |Any2100-0800 |:=| +---+---+---+---+--+ radiusd.conf BEGIN- authenticate { sql } authorize { sql files } preacct { files preprocess } accounting { detail unix radutmp sql } session { radutmp } END--- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html