reply item using ldap

2002-09-05 Thread wheatly 



hi£¬everyone  ,how can i config the reply item 
when using ldap authorization and authentication,thanks
wheatly shiICQ#: 10499351More ways to contact 
me

Re: dialup_admin question

2002-09-05 Thread Kostas Kalevras 

On Fri, 6 Sep 2002, John Morgan wrote:

> Hi everyone,
> I have a question in the module "New User" of dialup_admin:
> When I finished the items in the "New User" web page and clicked the button
> "Create" to submit, It doesn't work and have no error message. I don't know
> why. Someone could help me?
> My system is configured with:
> RedHat Linux 7.2
> Mysql 3.23.45
> Freeradius 0.7
> Apache 1.3.24
> Php 4.2.1
> The connection to database mysql radius is ok and radiusd operate
> correctly. My admin.conf file is:

If you enable logging in the mysql server do you get anything in the logs? Also
try out the dialup_admin in the latest cvs snapshots. It contains a lot of bug
fixes and new features and hopefully more error messages.

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]  National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Cisco Ip Pool from LDAP

2002-09-05 Thread Kostas Kalevras 

On 5 Sep 2002, Gustavo Lozano wrote:

> Hello
>
> I want to know if something has managed to obtain the CiscoAssignIpPool
> from LDAP
>
> Dont know why I cant get it working, but seems something with the AV
> Pairs stuff.
>
> Regards
>
> Gustavo

You really don't provide enough information. What is CiscoAssignIpPool?
Have you added it in the ldap schema and in ldap.attrmap or do you add it
as a generic item? Can you post an entry that contains it? What output do you
get when you run the server in debug mode (radiusd -X)?

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]  National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Pool-Name attribute

2002-09-05 Thread Kostas Kalevras 

On Fri, 6 Sep 2002, Ador Dauz wrote:

>
> >
> > It contains the name of the ippool module instance which should handle the
> > request. That way you can assign different pools to different classes of
> > users. The Pool-Name should always be set for the ipppool module to work.
>
> Is Pool-Name thesame with the Framed-Pool attribute? because my RAS equipment
> "Total Control 1000" is capable for multiple ippool assignment.. if this is
> thesame with Framed-Pool, where do i put the Pool-Name attribute, is it in the
> checklist or in replylist?
>
> Thank's
> --ador

No, Pool-Name is an internal freeradius attribute. If your NAS supports the
Framed-Pool attribute then put it in the replylist with an appropriate value.

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]  National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: mysql modules

2002-09-05 Thread ho k 

Hi 
I have the same problem, and  here is the output of
configure error:

#configuring in ./drivers/rlm_sql_mysql
running /bin/sh ./configure 
--with-mysql-include-dir=/usr/local/mysql/include
--with-mysql
-lib-dir=/usr/local/mysql/lib
--cache-file=../.././config.cache --srcdir=.
loading cache ../.././config.cache
checking for gcc... (cached) gcc
checking whether the C compiler (gcc  ) works... yes
checking whether the C compiler (gcc  ) is a
cross-compiler... no
checking whether we are using GNU C... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking how to run the C preprocessor... (cached) gcc
-E
checking for compress in -lz... no
checking for mysql/mysql.h... yes
checking for mysql_init in -lmysqlclient... no
configure: warning: mysql libraries not found.  Use
--with-mysql-lib-dir=.
configure: warning: sql submodule 'mysql' disabled
updating cache ../.././config.cache
creating ./config.status
creating Makefile

I creat the file named SQL.c, here is the content:

int main() {
 mysql_init();
 return 0;
 }

and the compiling command is:
# gcc SQL.c -L/usr/local/mysql/lib -lmysqlclient

However, I can't be success.

#Undefined  first referenced
 symbol  in file
socket/usr/local/mysql/lib/libmysqlclient.a   
  (libmysql.o)
getpeername  /usr/local/mysql/lib/libmysqlclient.a
 (violite.o)
gethostbyname_r  
/usr/local/mysql/lib/libmysqlclient.a 
(libmysql.o)
setsockopt/usr/local/mysql/lib/libmysqlclient.a   
  (violite.o)
getservbyname   /usr/local/mysql/lib/libmysqlclient.a 
(libmysql.o)
floor /usr/local/mysql/lib/libmysqlclient.a   
  (password.o)
getsockopt   /usr/local/mysql/lib/libmysqlclient.a
 (libmysql.o)
inet_addr/usr/local/mysql/lib/libmysqlclient.a
 (libmysql.o)
inet_ntoa
/usr/local/mysql/lib/libmysqlclient.a 
(my_net.o)
shutdown 
/usr/local/mysql/lib/libmysqlclient.a 
(violite.o)
connect  /usr/local/mysql/lib/libmysqlclient.a
 (libmysql.o)
ld: fatal: Symbol referencing errors. No output
written to a.out
collect2: ld returned 1 exit status

I am not familiar with C programming and linker.
Would you mind to explain clearly the step of your
success.

Regards
K
   
 --- Artur Hecker <[EMAIL PROTECTED]> wrote: > 
> hi
> 
> thanks, i resolved this problem. the part with the
> headers was my own
> error. i had some very restrictive rights set on the
> directory. so, now
> configure finds everything by its own.
> 
> the second part of the problem were the libraries.
> here again, the
> configure script was doing ok ;-) in fact, my system
> didn't have the
> "libz.a", so the initialisation of mysql
> (mysql_init() from
> libmysqlclient.a didn't work).
> 
> if you have problems with your mysql libs although
> all the pathes seem
> correct, you should try to compile a file containing
> 
> 
> // put this in "yourfile"
> int main() {
> mysql_init();
> return 0;
> }
> 
> by using "gcc yourfile -L
> -lmysqlclient"...
> 
> it will give you the precise error.
> 
> 
> hope it helps somebody, it took me about an hour :)
> 
> thanks for the help, it is appreciated.
> 
> 
> artur
> 
> 
> 
> -- 
> Artur Hecker   Groupe Accès et Mobilité
> hecker[at]enst[dot]fr   Département Informatique et
> Réseaux
> +33 1 45 81 7507  46, rue Barrault 75634 Paris cedex
> 13
> http://www.infres.enst.frENST Paris
> 
> - 
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html 

___
Do You Yahoo!?
Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Freeradius-Users digest, Vol 1 #1025 - 13 msgs

2002-09-05 Thread Aleksey Trubin 




[EMAIL PROTECTED] wrote:

  
  
Message: 3
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Problems with detail file
[EMAIL PROTECTED]"><[EMAIL PROTECTED]>
Date: Wed, 04 Sep 2002 10:22:08 -0400
Reply-To: [EMAIL PROTECTED]

Aleksey Trubin <[EMAIL PROTECTED]> wrote:
  
  
First, radius can't get detail file from NAS... radiusd.conf seems allright.
This very impotant for me to get detail from NAS!

  
  
  This is a question in the FAQ.

  
  
Second. Somehow first character in username is disappire (if username 
starts from uppercase letter)

  
  
  See the 'hints' file.

  Alan DeKok.


  

There is nothing in FAQ about my problem with detail file :(

dialup_admin question

2002-09-05 Thread John Morgan 

Hi everyone,
I have a question in the module "New User" of dialup_admin:
When I finished the items in the "New User" web page and clicked the button
"Create" to submit, It doesn't work and have no error message. I don't know
why. Someone could help me?
My system is configured with:
RedHat Linux 7.2
Mysql 3.23.45
Freeradius 0.7
Apache 1.3.24
Php 4.2.1
The connection to database mysql radius is ok and radiusd operate
correctly. My admin.conf file is:

[root@bill conf]# more admin.conf
#
# it can be el (greek) or default
#
general_prefered_lang: el
general_prefered_lang_name: Greek
#
general_base_dir: /usr/local/dialup_admin
general_radiusd_base_dir: /usr/local/radiusd
general_domain: bill
#
general_ldap_attrmap: %{general_radiusd_base_dir}/etc/raddb/ldap.attrmap
general_sql_attrmap: %{general_base_dir}/conf/sql.attrmap
general_extra_ldap_attrmap: %{general_base_dir}/conf/extra.ldap-attrmap
#
# it can be either ldap or sql
#
general_lib_type: sql
general_user_edit_attrs_file: %{general_base_dir}/conf/user_edit.attrs
general_sql_attrs_file: %{general_base_dir}/conf/sql.attrs
general_default_file: %{general_base_dir}/conf/default.vals
#general_ld_library_path: /usr/local/snmpd/lib
#
# can be 'snmp' (for snmpfinger) or empty to query the radacct table without 
first
# querying the nas
#
general_finger_type: snmp
general_snmpfinger_bin: %{general_base_dir}/bin/snmpfinger
general_radclient_bin: %{general_radiusd_base_dir}/bin/radclient
#
# this information is used from the server check page
#
general_test_account_login: test
general_test_account_password: testpass
#
# These are used as default values for the user test page
#
general_radius_server: localhost
general_radius_server_port: 1812
#
# sorry, single valued for now. Should become something like
# password[server-name]: x
#
general_radius_server_secret: testing123
general_auth_request_file: %{general_base_dir}/conf/auth.request
#
# can be one of crypt,md5,clear
#
general_encryption_method: crypt
#
# can be either asc (older dates first) or desc (recent dates first)
#
general_accounting_info_order: desc

nas1_name: nas1.%{general_domain}
nas1_model: Cisco 2511 access server
nas1_ip: 147.122.122.121
nas1_port_num: 16
nas1_community: public
nas2_name: nas2.%{general_domain}
nas2_model: Cisco 2511 access server
nas2_ip: 147.122.122.123
nas2_port_num: 16
nas2_community: public
nas3_name: nas3.%{general_domain}
nas3_model: Cisco 5300 access server
nas3_ip: 147.122.122.124
nas3_port_num: 210
nas3_community: public

ldap_server: ldap.%{general_domain}
ldap_base: dc=company,dc=com
ldap_binddn: cn=Directory Manager
ldap_bindpw: XXX
ldap_default_new_entry_suffix: ou=dialup,ou=guests,%{ldap_base}
ldap_default_dn: uid=default-dialup,%{ldap_base}
ldap_regular_profile_attr: dialupregularprofile

#
# can be one of mysql,pg where:
# mysq: MySQL database (port 3306)
# pg: PostgreSQL database (port 5432)
#
sql_type: mysql
sql_server: localhost
sql_port: 3306
sql_username: radius
sql_password: radius
sql_database: radius
sql_accounting_table: radacct
sql_badusers_table: badusers
sql_check_table: radcheck
sql_reply_table: radreply
sql_user_info_table: userinfo
#
# true or false
#
sql_use_user_info_table: true
sql_use_operators: true
#
#
sql_password_attribute: Crypt-Password
sql_date_format: Y-m-d
sql_full_date_format: Y-m-d H:i:s
#
# Used in the accounting report generator so that we
# don't return too many results
#
sql_row_limit: 40

counter_default_daily: 14400
counter_default_weekly: 72000
counter_default_monthly: none
... ...

Best Regards,
Ford




_
MSN Photos is the easiest way to share and print your photos: 
http://photos.msn.com/support/worldwide.aspx


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: mysql modules

2002-09-05 Thread ho k 

Hi
The same warning was shown after including 
--with-mysql-lib-dir=/usr/local/mysql/lib in command
line

May any symbolic link be creat just like as for
include "ln -s ../include mysql".

I use solaris2.7, gcc3.2 and mysql binary packet
installed in /usr/local/mysql

Any suggestion?

Thanks
K

 --- Ador Dauz <[EMAIL PROTECTED]> wrote: > The way
I read your error is you did not include the
> library option 
> please include it...
> --with-mysql-lib-dir=/usr/local/mysql/lib
> 
> > #./configure
> > --with-mysql-include-dir=/usr/local/mysql/include
> >
> > I got the warning as:
> 
> > checking for compress in -lz... no
> > checking for mysql/mysql.h... yes
> > checking for mysql_init in -lmysqlclient... no
> > configure: warning: mysql libraries not found. 
> Use
> > --with-mysql-lib-dir=.
> it says here libraries not found ^^^
> 
> Thanks
> -- ador
> 
> - 
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html 

___
Do You Yahoo!?
Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Severe Issues with Radius Authentication/MySQL

2002-09-05 Thread John Gruber 

I can testify that it's not something deeper...or nothing we've seen.

Freeradius 0.7 (built from source) and MySQL 3.23.49 (stock Red Hat RPM)
under RedHat 7.3 (2.4.18-10 kernel). Running fine for multiple days. Last
rehup for clients file config change was a week ago.

John Gruber

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Joshua
Corbin
Sent: Thursday, September 05, 2002 7:04 PM
To: FreeRadius List
Subject: Severe Issues with Radius Authentication/MySQL


Greetings,

I am having severe problems with FreeRadius.  Am running Debian 3.0 w/
MySQL as the backend.  The problem is this:

Everything will be going along just fine, and then all of a sudden, the
Radius server starts telling everyone incorrect login, regardless.

The problems occurs sporadically; sometimes there won't be a hitch for 3
days, sometimes it won't last 8 hours.  We've been experiencing this
problem since we started out using FreeRadius and have tried varius
things to fix it but to no avail.  I even turned on delayed
insert/update for SQL accounting, but that made no difference.  I have
looked back through the syslogs and mysql logs on both the radius server
and the mysql server, but see nothing out of the ordinary.  The only
symptom is that radius will no long authenticate anyone, even though the
server itself keeps chugging along, not even a child exiting.

I strongly loath having to cron a radius restart daily or a kill -HUP;
especially since I thought freeradius would not have the same annoyances
of say livingston radius.  Am I just missing something, or is there a
deeper problem here?

Regards,
Joshua Corbin
JDWEB Network Administrator



-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: How do I add a user's information into the MySQL database?

2002-09-05 Thread Joshua Corbin 

Joe,

It's really not that hard.  All you need to do is:
  For each password entry:
   INSERT INTO radcheck (UserName, Attribute, Value) VALUES("USERNAME",
"Crypt-Password", "PASSWORD);

   INSERT INTO usergroup (UserName, GroupName) VALUES("USERNAME",
"GROUPNAME");

Of course you need to setup usergroups, such as:

INSERT INTO radgroupreply (GroupName, Attribute, Value, prio)
VALUES("GROUPNAME", "ATTRIBUTE", "VALUE", 0);

You can also add attributes for each username:
INSERT INTO radreply (UserName, Attribute, Value) VALUES ("USERNAME",
"ATTRIBUTE", "VALUE");

Although, I do have problems with my setup, anyone know if any of this
might be my problem?

Regards,
Josh

> I have a simple question:
> 
> How do I insert a radius user into MySQL's radius tables?  I don't see 
> much documentation out there for this process.  What we're trying to do 
> is create some automated account migration from the flat file to the 
> database, and also automated account setup.  Can anyone help me out?
> 
> Joe



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Severe Issues with Radius Authentication/MySQL

2002-09-05 Thread Joshua Corbin 

Greetings,

I am having severe problems with FreeRadius.  Am running Debian 3.0 w/
MySQL as the backend.  The problem is this:

Everything will be going along just fine, and then all of a sudden, the
Radius server starts telling everyone incorrect login, regardless.

The problems occurs sporadically; sometimes there won't be a hitch for 3
days, sometimes it won't last 8 hours.  We've been experiencing this
problem since we started out using FreeRadius and have tried varius
things to fix it but to no avail.  I even turned on delayed
insert/update for SQL accounting, but that made no difference.  I have
looked back through the syslogs and mysql logs on both the radius server
and the mysql server, but see nothing out of the ordinary.  The only
symptom is that radius will no long authenticate anyone, even though the
server itself keeps chugging along, not even a child exiting.

I strongly loath having to cron a radius restart daily or a kill -HUP;
especially since I thought freeradius would not have the same annoyances
of say livingston radius.  Am I just missing something, or is there a
deeper problem here?

Regards,
Joshua Corbin
JDWEB Network Administrator



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: mysql modules

2002-09-05 Thread Ador Dauz 

The way I read your error is you did not include the library option 
please include it... --with-mysql-lib-dir=/usr/local/mysql/lib

> #./configure
> --with-mysql-include-dir=/usr/local/mysql/include
>
> I got the warning as:

> checking for compress in -lz... no
> checking for mysql/mysql.h... yes
> checking for mysql_init in -lmysqlclient... no
> configure: warning: mysql libraries not found.  Use
> --with-mysql-lib-dir=.
it says here libraries not found ^^^

Thanks
-- ador

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Pool-Name attribute

2002-09-05 Thread Ador Dauz 


>
> It contains the name of the ippool module instance which should handle the
> request. That way you can assign different pools to different classes of
> users. The Pool-Name should always be set for the ipppool module to work.

Is Pool-Name thesame with the Framed-Pool attribute? because my RAS equipment
"Total Control 1000" is capable for multiple ippool assignment.. if this is 
thesame with Framed-Pool, where do i put the Pool-Name attribute, is it in the
checklist or in replylist?

Thank's
--ador


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Cisco Ip Pool from LDAP

2002-09-05 Thread Gustavo Lozano 

Hello

I want to know if something has managed to obtain the CiscoAssignIpPool
from LDAP

Dont know why I cant get it working, but seems something with the AV
Pairs stuff.

Regards

Gustavo 



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

documentation

2002-09-05 Thread Javier Santos 

where i can read over radius autentication in a LAN 
microsoft Network.
and radius as a proxy


regards
Navega con el internet gratis de Amnet! Visitar http://www.amnetsal.com!
para cualquier consulta llamar al 247-8000

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Daily usage counter

2002-09-05 Thread Kostas Kalevras 

On Thu, 5 Sep 2002, Adi Linden wrote:

> > > Hi,
> > >
> > > Question when a daily usage counter is setup using this:
> > >
> > > #
> > > counter daily {
> > > filename = ${logdir}/db.counter
> > > key = User-Name
> > > count-attribute = Acct-Session-Time
> > > reset = daily
> > > counter-name = Daily-Session-Time
> > > check-name = Max-Daily-Session
> > > allowed-servicetype = Framed-User
> > > cache-size = 5000
> > > }
> > >
> > >
> > > How can I manually reset someones time without increasing the maximum
> > > daily time for the user?
> >
> > You can't unless you write some c/perl program to play with the gdbm file
>
> That's what I figures, fair enough.
>
> > > It seems like the radius server doesn't reset the maximum daily time if
> > > the user stays connected for more than a day (we have schools with dialup
> > > that use the phone similar to a leased line).
> >
> > That's quite impossible. The gdbm counter file gets wiped out every time the
> > counters are reset.
>
> So is the gdbm file updated every second for every user or is the session
> time written to the file when a stop occured?
>
> > > How can I fix that? Here's
> > > the log from an account that exceeded their time:
> > >
> > > UserName Start_Date_and_Time Stop_Date_and_Time_ Secnds TotSecnd IP-Address_ 
>Pt___ Sess-ID__ KB_In_ KB_Out PktIn_ PktOut CallerID__
> > > kihslac  2002/09/01 16:13:44 2002/09/01 16:59:17   2734 2734 216.26.102.78   
>   11 3D7278A934D2406   2290   4228   3570
> > > kihslac  2002/09/01 22:11:40 2002/09/01 22:54:31   2572 5306 216.26.102.78   
>   11 3D72D6C5411B702   3710   6242   6496
> > > kihslac  2002/09/02 11:08:50 2002/09/02 11:13:49300 5606 216.26.102.78   
>   11 3D738CD00264 26209367294
> > > kihslac  2002/09/03 11:44:44 2002/09/03 11:45:18 34 5640 216.26.102.71   
>4 3D74DD9F1A8E  0  0  7  4
> > > kihslac  2002/09/03 12:19:25 2002/09/03 12:20:07 43 5683 216.26.102.71   
>4 3D74E71E1B00  0  0 11  4
> > > kihslac  2002/09/03 12:22:13 2002/09/03 12:41:30   1158 6841 216.26.102.71   
>4 3D74EFA11E2F 32  0391  3
> > > kihslac  2002/09/03 12:59:36 2002/09/03 13:42:51   2595 9436 216.26.102.71   
>4 3D74F44A2007440  0   4307  3
> > > kihslac  2002/09/03 13:48:48 2002/09/03 16:06:54   828717723 216.26.102.71   
>4 3D7502AC2163470  0   3375  8
> > > kihslac  2002/09/03 16:16:40 2002/09/03 18:19:42   738225105 216.26.102.71   
>4 3D75246E2540648  1   3400 34
> > > kihslac  2002/09/03 18:35:15 2002/09/03 21:17:23   972934834 216.26.102.71   
>4 3D75438E2856  4  0 63 16
> > > kihslac  2002/09/03 23:03:48 2002/09/05 06:55:52 114725   149559 216.26.102.71   
>4 3D757B492C64   6183  7  37710162
> > >
> > > As the last line indicates, the remote user logged in 2002/09/03 and
> > > didn't disconnect until 2002/09/05 (today). Radius now refuses login on
> > > the grounds of exceeded daily limit, even though the daily limit hasn't
> > > technically been exceeded...
> >
> > If your Max-Daily-Session for this user is smaller than 06:55:52 then he *has*
> > technicaly exceeded his daily limit. He has used your resources today for more
> > time than he is allowed.
> > >
> > > This could be a glitch where the session wasn't properly terminated. The
> > > RAS box (Linux with portslave) improperly shutdown around that time.
> > >
> > > Any suggestions?
> >
> > What is the Max-Daily-Session for this user?
>
> The Max-Daily-Session for this user is 86400. I set it to 20 and now
> he is able to log back in.
>
> Adi

OK, someone inserted a stupid bug in rlm_counter. Instead of checking for the
Acct-Session-Time it was checking if the attribute type was date. Now all should
work just fine. Just do a cvs update on the rlm_counter module.

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]  National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Mail Delivery Status Notification

2002-09-05 Thread Miquel van Smoorenburg 

In article <1031245160.13895.5.camel@blubber>,
Chad Miller  <[EMAIL PROTECTED]> wrote:
>[cc listmaster]
>
>This would be droll if it weren't so pathetic. 

I have larted them thusly:

 Hello, I am the list administrator of the [EMAIL PROTECTED]
 mailinglist. One of your users, [EMAIL PROTECTED] is subscribed
 to this list.
 
 Your mail gateway is completely broken. Somehow it manages
 to send bounces back to the list itself. It's spamming the
 list quite badly right now.
 
 It appears it sends the bounces to the address in the To:
 header of the body. *Any* automatic mail software using
 addresses in the body for anything should be taken out and shot.
 Email has envelope-addresses seperate from addresses in
 the body for a reason.
 
 I have unsubscribed [EMAIL PROTECTED] from the list. Please
 do not resubscribe until your mail system has been fixed.
 
 Sample mail as received from your system (exploded through the
 list to hundreds of subscribers) is below.

>Hmmm.  I wonder what happens if I forge a message from itself, to itself
>containing $badwords. 

Why not try it and see ;)

Mike.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Apologies for the .vcf card

2002-09-05 Thread Tim D. McCracken 

My apologies for the VCF card...I thought I had removed it!

Tim

<>

Re: Hand out a gateway with IP address

2002-09-05 Thread John Adams 

Sorry I meant transparent cache using squid as gateway

John Adams wrote:

> Hi
>
> I have bought a load of kit from the UK to an Mid afcian country which 
> has a 2 existing ISPs each with 128k and I am helping someone set up a 
> third with there own 128k.
>
> We have made the radius work to authenticate a single 60 Modem 
> Cyclades PR4000 NAS however I chose the option of an X21 card on this 
> box and it makes it difficult to make the authenticated users get a 
> gateway other than the IP assigned. I want to assign a transperent 
> proxy as the gateway.
>
> My reading of the FAQ suggests that it is possible to assign IP 
> address using the framed-IP-address and framed-route.
>
> Do I undersand this right if I put a default framed-route this will 
> provide the gateway for the authenticated users.
>
> Please excuse if I am not asking a sensible question her.
>
> However I was due to fly out today (missed that one) The people are 
> nice but the insects are big so I want to go home one day .
>
> John
>



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

FreeRadius on Solaris Binaries and Questions

2002-09-05 Thread Tim D. McCracken 

All,

Per the web site instructions - I am asking if anybody has Solaris binaries
that they would be willing to share.  I need the entire package including
the daemon, radclient and other utils.  (I need 32 Bit Solaris on Sparc).  I
do plan to set up the source later, but at this time I would ***really***
like to just get a set of binaries to work with.  Not that I am a choosy
beggar, but I guess the .7 release would be preferable!  :)

Has anyone tested FreeRadius on Solaris 9 yet?  Has anyone tested the
operation of binaries compiled and linked on Solaris 8, but run on Solaris 9
and vice-versa. (My production system is presently on Solaris 8, my
development/test system is on Solaris 9).

Does the server support an Expiration-Date attribute or something similar,
causing an Auth-Reject if the current date is => than the expiration date?
My intent is to use this in conjunction with my billing system - when the
customer pays their bill, I will update their expiration date.

I am currently running the SUN/ISP planet version of Cistron on LDAP and
experiencing some problems with it.  I would ***really*** like to move to
FreeRadius on MySQL ASAP - mostly because it looks like this group provides
good support - something not available on the other one!

Feel free to e-mail me off list if you prefer:
[EMAIL PROTECTED]

THANKS!  - Tim

<>

Re: Daily usage counter

2002-09-05 Thread Adi Linden 

> > Hi,
> >
> > Question when a daily usage counter is setup using this:
> >
> > #
> > counter daily {
> > filename = ${logdir}/db.counter
> > key = User-Name
> > count-attribute = Acct-Session-Time
> > reset = daily
> > counter-name = Daily-Session-Time
> > check-name = Max-Daily-Session
> > allowed-servicetype = Framed-User
> > cache-size = 5000
> > }
> >
> >
> > How can I manually reset someones time without increasing the maximum
> > daily time for the user?
> 
> You can't unless you write some c/perl program to play with the gdbm file

That's what I figures, fair enough.

> > It seems like the radius server doesn't reset the maximum daily time if
> > the user stays connected for more than a day (we have schools with dialup
> > that use the phone similar to a leased line).
> 
> That's quite impossible. The gdbm counter file gets wiped out every time the
> counters are reset.

So is the gdbm file updated every second for every user or is the session 
time written to the file when a stop occured?

> > How can I fix that? Here's
> > the log from an account that exceeded their time:
> >
> > UserName Start_Date_and_Time Stop_Date_and_Time_ Secnds TotSecnd IP-Address_ 
>Pt___ Sess-ID__ KB_In_ KB_Out PktIn_ PktOut CallerID__
> > kihslac  2002/09/01 16:13:44 2002/09/01 16:59:17   2734 2734 216.26.102.78 
> 11 3D7278A934D2406   2290   4228   3570
> > kihslac  2002/09/01 22:11:40 2002/09/01 22:54:31   2572 5306 216.26.102.78 
> 11 3D72D6C5411B702   3710   6242   6496
> > kihslac  2002/09/02 11:08:50 2002/09/02 11:13:49300 5606 216.26.102.78 
> 11 3D738CD00264 26209367294
> > kihslac  2002/09/03 11:44:44 2002/09/03 11:45:18 34 5640 216.26.102.71 
>  4 3D74DD9F1A8E  0  0  7  4
> > kihslac  2002/09/03 12:19:25 2002/09/03 12:20:07 43 5683 216.26.102.71 
>  4 3D74E71E1B00  0  0 11  4
> > kihslac  2002/09/03 12:22:13 2002/09/03 12:41:30   1158 6841 216.26.102.71 
>  4 3D74EFA11E2F 32  0391  3
> > kihslac  2002/09/03 12:59:36 2002/09/03 13:42:51   2595 9436 216.26.102.71 
>  4 3D74F44A2007440  0   4307  3
> > kihslac  2002/09/03 13:48:48 2002/09/03 16:06:54   828717723 216.26.102.71 
>  4 3D7502AC2163470  0   3375  8
> > kihslac  2002/09/03 16:16:40 2002/09/03 18:19:42   738225105 216.26.102.71 
>  4 3D75246E2540648  1   3400 34
> > kihslac  2002/09/03 18:35:15 2002/09/03 21:17:23   972934834 216.26.102.71 
>  4 3D75438E2856  4  0 63 16
> > kihslac  2002/09/03 23:03:48 2002/09/05 06:55:52 114725   149559 216.26.102.71 
>  4 3D757B492C64   6183  7  37710162
> >
> > As the last line indicates, the remote user logged in 2002/09/03 and
> > didn't disconnect until 2002/09/05 (today). Radius now refuses login on
> > the grounds of exceeded daily limit, even though the daily limit hasn't
> > technically been exceeded...
> 
> If your Max-Daily-Session for this user is smaller than 06:55:52 then he *has*
> technicaly exceeded his daily limit. He has used your resources today for more
> time than he is allowed.
> >
> > This could be a glitch where the session wasn't properly terminated. The
> > RAS box (Linux with portslave) improperly shutdown around that time.
> >
> > Any suggestions?
> 
> What is the Max-Daily-Session for this user?

The Max-Daily-Session for this user is 86400. I set it to 20 and now 
he is able to log back in. 

Adi


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Hand out a gateway with IP address

2002-09-05 Thread John Adams 

Hi

I have bought a load of kit from the UK to an Mid afcian country which 
has a 2 existing ISPs each with 128k and I am helping someone set up a 
third with there own 128k.

We have made the radius work to authenticate a single 60 Modem Cyclades 
PR4000 NAS however I chose the option of an X21 card on this box and it 
makes it  difficult to make the authenticated users get a gateway other 
than the IP assigned. I want to assign a transperent proxy as the gateway.

My reading of the FAQ suggests that it is possible to assign IP address 
using the framed-IP-address and framed-route.

Do I undersand this right if I put a default framed-route this will 
provide the gateway for the authenticated users.

Please excuse if I am not asking a sensible question her.

However I was due to fly out today  (missed that one) The people are 
nice but the insects are big so I want to go home one day .

John


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Daily usage counter

2002-09-05 Thread Kostas Kalevras 

On Thu, 5 Sep 2002, Adi Linden wrote:

> Hi,
>
> Question when a daily usage counter is setup using this:
>
> #
> counter daily {
> filename = ${logdir}/db.counter
> key = User-Name
> count-attribute = Acct-Session-Time
> reset = daily
> counter-name = Daily-Session-Time
> check-name = Max-Daily-Session
> allowed-servicetype = Framed-User
> cache-size = 5000
> }
>
>
> How can I manually reset someones time without increasing the maximum
> daily time for the user?

You can't unless you write some c/perl program to play with the gdbm file

>
> It seems like the radius server doesn't reset the maximum daily time if
> the user stays connected for more than a day (we have schools with dialup
> that use the phone similar to a leased line).

That's quite impossible. The gdbm counter file gets wiped out every time the
counters are reset.

> How can I fix that? Here's
> the log from an account that exceeded their time:
>
> UserName Start_Date_and_Time Stop_Date_and_Time_ Secnds TotSecnd IP-Address_ 
>Pt___ Sess-ID__ KB_In_ KB_Out PktIn_ PktOut CallerID__
> kihslac  2002/09/01 16:13:44 2002/09/01 16:59:17   2734 2734 216.26.102.78  
>11 3D7278A934D2406   2290   4228   3570
> kihslac  2002/09/01 22:11:40 2002/09/01 22:54:31   2572 5306 216.26.102.78  
>11 3D72D6C5411B702   3710   6242   6496
> kihslac  2002/09/02 11:08:50 2002/09/02 11:13:49300 5606 216.26.102.78  
>11 3D738CD00264 26209367294
> kihslac  2002/09/03 11:44:44 2002/09/03 11:45:18 34 5640 216.26.102.71   
>4 3D74DD9F1A8E  0  0  7  4
> kihslac  2002/09/03 12:19:25 2002/09/03 12:20:07 43 5683 216.26.102.71   
>4 3D74E71E1B00  0  0 11  4
> kihslac  2002/09/03 12:22:13 2002/09/03 12:41:30   1158 6841 216.26.102.71   
>4 3D74EFA11E2F 32  0391  3
> kihslac  2002/09/03 12:59:36 2002/09/03 13:42:51   2595 9436 216.26.102.71   
>4 3D74F44A2007440  0   4307  3
> kihslac  2002/09/03 13:48:48 2002/09/03 16:06:54   828717723 216.26.102.71   
>4 3D7502AC2163470  0   3375  8
> kihslac  2002/09/03 16:16:40 2002/09/03 18:19:42   738225105 216.26.102.71   
>4 3D75246E2540648  1   3400 34
> kihslac  2002/09/03 18:35:15 2002/09/03 21:17:23   972934834 216.26.102.71   
>4 3D75438E2856  4  0 63 16
> kihslac  2002/09/03 23:03:48 2002/09/05 06:55:52 114725   149559 216.26.102.71   
>4 3D757B492C64   6183  7  37710162
>
> As the last line indicates, the remote user logged in 2002/09/03 and
> didn't disconnect until 2002/09/05 (today). Radius now refuses login on
> the grounds of exceeded daily limit, even though the daily limit hasn't
> technically been exceeded...

If your Max-Daily-Session for this user is smaller than 06:55:52 then he *has*
technicaly exceeded his daily limit. He has used your resources today for more
time than he is allowed.

>
> When does the count get reset, at midnight?

Exactly.

>
> This could be a glitch where the session wasn't properly terminated. The
> RAS box (Linux with portslave) improperly shutdown around that time.
>
> Any suggestions?

What is the Max-Daily-Session for this user?

>
> Adi
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]  National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Daily usage counter

2002-09-05 Thread Adi Linden 

Hi,

Question when a daily usage counter is setup using this:

#
counter daily {
filename = ${logdir}/db.counter
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
allowed-servicetype = Framed-User
cache-size = 5000
}


How can I manually reset someones time without increasing the maximum 
daily time for the user?

It seems like the radius server doesn't reset the maximum daily time if 
the user stays connected for more than a day (we have schools with dialup 
that use the phone similar to a leased line). How can I fix that? Here's 
the log from an account that exceeded their time:

UserName Start_Date_and_Time Stop_Date_and_Time_ Secnds TotSecnd IP-Address_ Pt___ 
Sess-ID__ KB_In_ KB_Out PktIn_ PktOut CallerID__
kihslac  2002/09/01 16:13:44 2002/09/01 16:59:17   2734 2734 216.26.102.78  11 
3D7278A934D2406   2290   4228   3570 
kihslac  2002/09/01 22:11:40 2002/09/01 22:54:31   2572 5306 216.26.102.78  11 
3D72D6C5411B702   3710   6242   6496 
kihslac  2002/09/02 11:08:50 2002/09/02 11:13:49300 5606 216.26.102.78  11 
3D738CD00264 26209367294 
kihslac  2002/09/03 11:44:44 2002/09/03 11:45:18 34 5640 216.26.102.71   4 
3D74DD9F1A8E  0  0  7  4 
kihslac  2002/09/03 12:19:25 2002/09/03 12:20:07 43 5683 216.26.102.71   4 
3D74E71E1B00  0  0 11  4 
kihslac  2002/09/03 12:22:13 2002/09/03 12:41:30   1158 6841 216.26.102.71   4 
3D74EFA11E2F 32  0391  3 
kihslac  2002/09/03 12:59:36 2002/09/03 13:42:51   2595 9436 216.26.102.71   4 
3D74F44A2007440  0   4307  3 
kihslac  2002/09/03 13:48:48 2002/09/03 16:06:54   828717723 216.26.102.71   4 
3D7502AC2163470  0   3375  8 
kihslac  2002/09/03 16:16:40 2002/09/03 18:19:42   738225105 216.26.102.71   4 
3D75246E2540648  1   3400 34 
kihslac  2002/09/03 18:35:15 2002/09/03 21:17:23   972934834 216.26.102.71   4 
3D75438E2856  4  0 63 16 
kihslac  2002/09/03 23:03:48 2002/09/05 06:55:52 114725   149559 216.26.102.71   4 
3D757B492C64   6183  7  37710162 

As the last line indicates, the remote user logged in 2002/09/03 and 
didn't disconnect until 2002/09/05 (today). Radius now refuses login on 
the grounds of exceeded daily limit, even though the daily limit hasn't 
technically been exceeded...

When does the count get reset, at midnight?

This could be a glitch where the session wasn't properly terminated. The 
RAS box (Linux with portslave) improperly shutdown around that time.

Any suggestions?

Adi 


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: mysql modules

2002-09-05 Thread Artur Hecker 



ho k wrote:
> I got the warning as:
> 
> configuring in ./drivers/rlm_sql_mysql
> running /bin/sh ./configure
> --with-mysql-include-dir=/usr/local/mysql/include -
> -cache-file=../.././config.cache --srcdir=.
> loading cache ../.././config.cache
> checking for gcc... (cached) gcc
> checking whether the C compiler (gcc  ) works... yes
> checking whether the C compiler (gcc  ) is a
> cross-compiler... no
> checking whether we are using GNU C... (cached) yes
> checking whether gcc accepts -g... (cached) yes
> checking how to run the C preprocessor... (cached) gcc
> -E
> checking for compress in -lz... no

your system doesn't have the libz.a file, it can be found in some packet
called zlib-dev or similiar. at least, configure can't find it.


> checking for mysql/mysql.h... yes
> checking for mysql_init in -lmysqlclient... no
> configure: warning: mysql libraries not found.  Use
> --with-mysql-lib-dir=.

it finds the lib, but the lib has unresolved references, notably to the
lib libz.a




ciao

artur


-- 
Artur Hecker Groupe Accès et Mobilité
hecker[at]enst[dot]fr Département Informatique et Réseaux
+33 1 45 81 750746, rue Barrault 75634 Paris cedex 13
http://www.infres.enst.fr  ENST Paris

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: mysql modules

2002-09-05 Thread Artur Hecker 


hi

thanks, i resolved this problem. the part with the headers was my own
error. i had some very restrictive rights set on the directory. so, now
configure finds everything by its own.

the second part of the problem were the libraries. here again, the
configure script was doing ok ;-) in fact, my system didn't have the
"libz.a", so the initialisation of mysql (mysql_init() from
libmysqlclient.a didn't work).

if you have problems with your mysql libs although all the pathes seem
correct, you should try to compile a file containing 

// put this in "yourfile"
int main() {
mysql_init();
return 0;
}

by using "gcc yourfile -L -lmysqlclient"...

it will give you the precise error.


hope it helps somebody, it took me about an hour :)

thanks for the help, it is appreciated.


artur



-- 
Artur Hecker Groupe Accès et Mobilité
hecker[at]enst[dot]fr Département Informatique et Réseaux
+33 1 45 81 750746, rue Barrault 75634 Paris cedex 13
http://www.infres.enst.fr  ENST Paris

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Mail Delivery Status Notification

2002-09-05 Thread Chad Miller 

[cc listmaster]

On Thu, 2002-09-05 at 11:53, [EMAIL PROTECTED]
wrote:
> From: Postmaster <[EMAIL PROTECTED]>
> To:  <[EMAIL PROTECTED]>
> Subject: Mail Delivery Status Notification
> boundary="_=_NextPart_1"
> Date: 5 Sep 2002 08:48:54 -0700
> Reply-To: [EMAIL PROTECTED]
> 
> 

> MAIL ESSENTIALS SENDER NOTIFICATION
> 
> The following message:
> 
> TO:  [EMAIL PROTECTED]
> FROM:[EMAIL PROTECTED]
> DATE: Thu, 05 Sep 2002 17:48:04 +0200
> Subject: Freeradius-Users digest, Vol 1 #1032 - 1 msg
> 
> 
> has been held for later review by the administrator by Mail Essentials for the 
>following reason(s):
> 
> Body contains word(s)/phrase(s) 'XX X'
> 
> 
> Mail essentials
> 
[...]
> From: Postmaster <[EMAIL PROTECTED]>
> To:  <[EMAIL PROTECTED]>
> Subject: Mail Delivery Status Notification
> boundary="_=_NextPart_1"
> Date: 5 Sep 2002 08:46:48 -0700
> Reply-To: [EMAIL PROTECTED]
> 
> 

> MAIL ESSENTIALS SENDER NOTIFICATION
> 
> The following message:
> 
> TO:  [EMAIL PROTECTED]
> FROM:[EMAIL PROTECTED]
> DATE: Thu, 05 Sep 2002 17:46:03 +0200
> Subject: Freeradius-Users digest, Vol 1 #1031 - 1 msg
> 
> 
> has been held for later review by the administrator by Mail Essentials for the 
>following reason(s):
> 
> Body contains word(s)/phrase(s) 'XX X'
> 
> 
> Mail essentials
> 
> 

This would be droll if it weren't so pathetic. 

Hmmm.  I wonder what happens if I forge a message from itself, to itself
containing $badwords. 

- chad

-- 
Chad Miller <[EMAIL PROTECTED]>
http://www.advogato.org/person/cmiller/>
  ``Having a smoking section in a restaurant is 
  like having a peeing section in a pool.''


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:58:04 +0200
Subject: Freeradius-Users digest, Vol 1 #1036 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--__--__--

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:56:15 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:55:04 +0200
Subject: Freeradius-Users digest, Vol 1 #1035 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

-- __--__-- 

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:53:48 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:53:04 +0200
Subject: Freeradius-Users digest, Vol 1 #1034 - 2 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Cannot find a Domain attribute ?? (Deramus, Chris)
  2. Mail Delivery Status Notification (Postmaster)

--  __--__--  

Message: 1
From: "Deramus, Chris" <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>
Subject: Cannot find a Domain attribute ??
Date: Thu, 5 Sep 2002 11:50:26 -0400
boundary="_=_NextPart_001_01C254F3.F3AEF1F0"
Reply-To: [EMAIL PROTECTED]

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C254F3.F3AEF1F0
Content-Type: text/plain; 
 charset=us-ascii
Content-Transfer-Encoding: 7bit

I'm definately getting somewhere with this, I appreciate your input. I
thoroughly read the documentation and am close. I set my Mysql table up like
this for user chris.deramus

22 chris.deramus  Vendor-Specific Microsoft  == 
23 chris.deramus  MS-CHAP-Domain  test.my.gov   == 

Then when running FreeRADIUS in debugging mode, I get this with an incoming
request. As you can see in bold, it's passing the MS-CHAP-Domain in the
Access Accept, however it doesn't seem to be passing to my client laptop.
Maybe it's a problem with my MySQL table, maybe its a problem with how I
have MS-CHAP loaded in radiusd.conf

rlm_sql: Released sql socket id: 8
  modcall[authorize]: module "sql" returns ok
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
  modcall[authorize]: module "counter" returns noop
users: Matched DEFAULT at 141
  modcall[authorize]: module "files" returns ok
  modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns ok
  rad_check_password:  Found Auth-Type PAP
auth: type "PAP"
modcall:

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:55:04 +0200
Subject: Freeradius-Users digest, Vol 1 #1035 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--__--__--

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:53:48 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:53:04 +0200
Subject: Freeradius-Users digest, Vol 1 #1034 - 2 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Cannot find a Domain attribute ?? (Deramus, Chris)
  2. Mail Delivery Status Notification (Postmaster)

-- __--__-- 

Message: 1
From: "Deramus, Chris" <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>
Subject: Cannot find a Domain attribute ??
Date: Thu, 5 Sep 2002 11:50:26 -0400
boundary="_=_NextPart_001_01C254F3.F3AEF1F0"
Reply-To: [EMAIL PROTECTED]

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C254F3.F3AEF1F0
Content-Type: text/plain; 
 charset=us-ascii
Content-Transfer-Encoding: 7bit

I'm definately getting somewhere with this, I appreciate your input. I
thoroughly read the documentation and am close. I set my Mysql table up like
this for user chris.deramus

22 chris.deramus  Vendor-Specific Microsoft  == 
23 chris.deramus  MS-CHAP-Domain  test.my.gov   == 

Then when running FreeRADIUS in debugging mode, I get this with an incoming
request. As you can see in bold, it's passing the MS-CHAP-Domain in the
Access Accept, however it doesn't seem to be passing to my client laptop.
Maybe it's a problem with my MySQL table, maybe its a problem with how I
have MS-CHAP loaded in radiusd.conf

rlm_sql: Released sql socket id: 8
  modcall[authorize]: module "sql" returns ok
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
  modcall[authorize]: module "counter" returns noop
users: Matched DEFAULT at 141
  modcall[authorize]: module "files" returns ok
  modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns ok
  rad_check_password:  Found Auth-Type PAP
auth: type "PAP"
modcall: entering group authtype
rlm_pap: login attempt by "chris.deramus" with password yy
 rlm_pap: Using password 690d96285de94b9e7138e3d9d687ce3e for user
chris.deramus authentication.
rlm_pap: Using MD5 encryption.
rlm_pap: User authenticated succesfully
  modcall[authenticate]: module "pap" returns ok
modcall: group authtype returns ok
Login OK: [chris.deramus/ ] (from client 192.168.0.2 port 1008)
Sending Access-Accept of id 2 to 192.168.0.2:1026
Framed-IP-Address = 192.168.1.20
Vendor-Specific = 0x4d6963726f736f6674
MS-CHAP-Domain = "test.my.gov"
 
I bolded the sections that I found to be of interest, I'm assuming the
returned noop means that the module isn't loaded, or isn't doing anything? I
have the MS-CHAP module loaded in the authorization section, should it be
loaded in a different section of radiusd.conf ?
 
Thanks for the help and patience.
 
Chris



-Original Message-
From: Alan DeKok [   mailto:[EMAIL PROTECTED]]
Sent: Monday, July 22, 2002 9:58 AM
To: [EMAIL PROTECTED]
Subject: Re: Cannot find a Domain attribute ??


"Deramus, Chris" <[EMAIL PROTECTED]> wrote:
> Sorry for the confusion,

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:53:04 +0200
Subject: Freeradius-Users digest, Vol 1 #1034 - 2 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Cannot find a Domain attribute ?? (Deramus, Chris)
  2. Mail Delivery Status Notification (Postmaster)

--__--__--

Message: 1
From: "Deramus, Chris" <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'"
<[EMAIL PROTECTED]>
Subject: Cannot find a Domain attribute ??
Date: Thu, 5 Sep 2002 11:50:26 -0400
boundary="_=_NextPart_001_01C254F3.F3AEF1F0"
Reply-To: [EMAIL PROTECTED]

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C254F3.F3AEF1F0
Content-Type: text/plain; 
 charset=us-ascii
Content-Transfer-Encoding: 7bit

I'm definately getting somewhere with this, I appreciate your input. I
thoroughly read the documentation and am close. I set my Mysql table up like
this for user chris.deramus

22 chris.deramus  Vendor-Specific Microsoft  == 
23 chris.deramus  MS-CHAP-Domain  test.my.gov   == 

Then when running FreeRADIUS in debugging mode, I get this with an incoming
request. As you can see in bold, it's passing the MS-CHAP-Domain in the
Access Accept, however it doesn't seem to be passing to my client laptop.
Maybe it's a problem with my MySQL table, maybe its a problem with how I
have MS-CHAP loaded in radiusd.conf

rlm_sql: Released sql socket id: 8
  modcall[authorize]: module "sql" returns ok
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
  modcall[authorize]: module "counter" returns noop
users: Matched DEFAULT at 141
  modcall[authorize]: module "files" returns ok
  modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns ok
  rad_check_password:  Found Auth-Type PAP
auth: type "PAP"
modcall: entering group authtype
rlm_pap: login attempt by "chris.deramus" with password yy
 rlm_pap: Using password 690d96285de94b9e7138e3d9d687ce3e for user
chris.deramus authentication.
rlm_pap: Using MD5 encryption.
rlm_pap: User authenticated succesfully
  modcall[authenticate]: module "pap" returns ok
modcall: group authtype returns ok
Login OK: [chris.deramus/ ] (from client 192.168.0.2 port 1008)
Sending Access-Accept of id 2 to 192.168.0.2:1026
Framed-IP-Address = 192.168.1.20
Vendor-Specific = 0x4d6963726f736f6674
MS-CHAP-Domain = "test.my.gov"
 
I bolded the sections that I found to be of interest, I'm assuming the
returned noop means that the module isn't loaded, or isn't doing anything? I
have the MS-CHAP module loaded in the authorization section, should it be
loaded in a different section of radiusd.conf ?
 
Thanks for the help and patience.
 
Chris



-Original Message-
From: Alan DeKok [   mailto:[EMAIL PROTECTED]]
Sent: Monday, July 22, 2002 9:58 AM
To: [EMAIL PROTECTED]
Subject: Re: Cannot find a Domain attribute ??


"Deramus, Chris" <[EMAIL PROTECTED]> wrote:
> Sorry for the confusion, I meant I have to return that Domain attribute to
> the NAS, we have different program offices with resources on different
> domains.

  You can return the MS-CHAP-Domain domain attribute in the
Access-Accept.

 Alan DeKok.


-
List info/subscribe/unsubscribe? See

http://www.freeradius.org/list/users.html



--_=_NextPart_001_01C254F3.F3AEF1F0
Content-Type: text/html; 
 charset=us-ascii
Content-Transfer-Encoding: 7bit








I'm definately getting somewhere with this, I 
appreciate your input. I thoroughly read the documentation and am close. I set 
my Mysql table up like this for user chris.deramus22 chris.deramus  
Vendor-Specific 
Microsoft  == 23 chris.deramus  
MS-CHAP-Domain  test.my.gov   
== Then when running FreeRADIUS in debugging mode, I get this with 
an incoming request. As you can see in bold, it's passing the MS-CHAP-Domain in 
the Access Accept, however it doesn't seem to be passing to my client laptop. 
Maybe it's a problem with my MySQL table, maybe its a problem with how I have 
MS-CHAP loaded in radiusd.confrlm_sql: Released sql socket id: 
8  modcall[authorize]: module "sql" returns ok

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:50:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1033 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--__--__--

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:48:54 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:48:04 +0200
Subject: Freeradius-Users digest, Vol 1 #1032 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

-- __--__-- 

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:46:48 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:46:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1031 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--  __--__--  

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:44:42 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:44:02 +0200
Subject: Freeradius-Users digest, Vol 1 #1030 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--   __--__--   

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:42:51 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:42:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1029 - 2 msgs


has been held for later revi

Cannot find a Domain attribute ??

2002-09-05 Thread Deramus, Chris 



I'm definately getting somewhere with this, I 
appreciate your input. I thoroughly read the documentation and am close. I set 
my Mysql table up like this for user chris.deramus22 chris.deramus  
Vendor-Specific 
Microsoft  == 23 chris.deramus  
MS-CHAP-Domain  test.my.gov   
== Then when running FreeRADIUS in debugging mode, I get this with 
an incoming request. As you can see in bold, it's passing the MS-CHAP-Domain in 
the Access Accept, however it doesn't seem to be passing to my client laptop. 
Maybe it's a problem with my MySQL table, maybe its a problem with how I have 
MS-CHAP loaded in radiusd.confrlm_sql: Released sql socket id: 
8  modcall[authorize]: module "sql" returns okrlm_counter: Entering 
module authorize coderlm_counter: Could not find Check item value 
pair  modcall[authorize]: module "counter" returns 
noop    users: Matched DEFAULT at 141  
modcall[authorize]: module "files" returns ok  modcall[authorize]: module "mschap" returns 
noopmodcall: group authorize returns ok  
rad_check_password:  Found Auth-Type PAPauth: type "PAP"modcall: 
entering group authtyperlm_pap: login attempt by "chris.deramus" with 
password yy
 rlm_pap: Using password 
690d96285de94b9e7138e3d9d687ce3e for user chris.deramus 
authentication.rlm_pap: Using MD5 encryption.rlm_pap: User authenticated 
succesfully  modcall[authenticate]: module "pap" returns okmodcall: 
group authtype returns okLogin OK: [chris.deramus/ ] (from 
client 192.168.0.2 port 1008)Sending Access-Accept of id 2 to 
192.168.0.2:1026    Framed-IP-Address 
= 192.168.1.20    Vendor-Specific = 
0x4d6963726f736f6674    MS-CHAP-Domain = 
"test.my.gov" 
I bolded the sections that I found 
to be of interest, I'm assuming the returned noop means that the module isn't 
loaded, or isn't doing anything? I have the MS-CHAP module loaded in the 
authorization section, should it be loaded in a different section of 
radiusd.conf ?
 
Thanks for the help and 
patience.
 
Chris
-Original Message-From: Alan 
DeKok [mailto:[EMAIL PROTECTED]]Sent: Monday, July 22, 
2002 9:58 AMTo: [EMAIL PROTECTED]Subject: Re: Cannot 
find a Domain attribute ??"Deramus, Chris" 
<[EMAIL PROTECTED]> wrote:> Sorry for the confusion, I meant 
I have to return that Domain attribute to> the NAS, we have different 
program offices with resources on different> domains.  You 
can return the MS-CHAP-Domain domain attribute in 
theAccess-Accept. Alan DeKok.-List 
info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:48:04 +0200
Subject: Freeradius-Users digest, Vol 1 #1032 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--__--__--

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:46:48 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:46:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1031 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

-- __--__-- 

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:44:42 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:44:02 +0200
Subject: Freeradius-Users digest, Vol 1 #1030 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--  __--__--  

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:42:51 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:42:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1029 - 2 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)
  2. Re: suggestions about attributes (Kostas Kalevras)

--   __--__--   

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:12:51 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:12:03 +0200
Subject: Freeradius-Users di

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:46:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1031 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--__--__--

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:44:42 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:44:02 +0200
Subject: Freeradius-Users digest, Vol 1 #1030 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

-- __--__-- 

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:42:51 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:42:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1029 - 2 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)
  2. Re: suggestions about attributes (Kostas Kalevras)

--  __--__--  

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:12:51 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:12:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1028 - 17 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Re: sqlcounter question (Do-Risika RAFIEFERANTSIARONJY)
  2. Pool-Name attribute (Ador Dauz)
  3. Re: Pool-Name attribute (Kostas Kalevras)
  4. RH 6.2 & Freeradius-0.7 (Joeffrey Betita)
  5. Prepaid calling card script (Raymond Chen)
  6. Re: Prepaid calling card script (Mattt)
  7. Re: RH 6.2 & Freeradius-0.7 ([EMAIL PROTECTED])
  8. mysql - list of NAS (Dolfini Danilo)
  9. Re: mysql modules (=?iso-8859-1?q?ho=20k?=)
  10. Mysql auth query (Mozzi)
  11. Problems to use

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:44:02 +0200
Subject: Freeradius-Users digest, Vol 1 #1030 - 1 msg


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)

--__--__--

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:42:51 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:42:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1029 - 2 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)
  2. Re: suggestions about attributes (Kostas Kalevras)

-- __--__-- 

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:12:51 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:12:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1028 - 17 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Re: sqlcounter question (Do-Risika RAFIEFERANTSIARONJY)
  2. Pool-Name attribute (Ador Dauz)
  3. Re: Pool-Name attribute (Kostas Kalevras)
  4. RH 6.2 & Freeradius-0.7 (Joeffrey Betita)
  5. Prepaid calling card script (Raymond Chen)
  6. Re: Prepaid calling card script (Mattt)
  7. Re: RH 6.2 & Freeradius-0.7 ([EMAIL PROTECTED])
  8. mysql - list of NAS (Dolfini Danilo)
  9. Re: mysql modules (=?iso-8859-1?q?ho=20k?=)
  10. Mysql auth query (Mozzi)
  11. Problems to use as proxy (Wolfgang Bremer)
  12. Radius Packet Construction (Sheldon Fougere)
  13. RE: Cannot find a Domain attribute ?? (Deramus, Chris)
  14. Re: Exec-Program-Wait Abnormal exit - 0.7/Snapshot (Alan DeKok)
  15. Re: Problems to use as proxy (Alan DeKok)
  16. Re: Radius Packet Construction (Alan DeKok)
  17. Re: RedHat 7.3 as Radius Client (Alan DeKok)

--  __--__--  

Message: 1
Date: Thu, 05 Sep 2002 08:53:53 +0300
From: Do-Risika RAFIEFERANTSIARONJY <[EMAIL PROTECTED]>
Organization: Simicro Internet
To: [EMAIL PROTECTED]
Subject: Re: sqlcounter question
Reply-To: [EMAIL PROTECTED]

alienoid wrote:
> Hello freeradius-users,

hi,


> RH7.2 + freeradius-0.6 + Oracle
> 
> I've compiled freeradius with --with-experimantal-modules and set up
> it with sql auth/acct.
> 
> In radiusd.conf wrote:
> 
> sqlcounter hourlycounter {
>counter-name = SQL_Max_Hour_Session_Timeout
>check-name = SQL_Max_Hour
>sqlmod_inst = sql
>key = User-Name
>query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE
>   username='%{%k}'"
>reset = none
> }

may be 'reset = never',

if not, didn't you forget to put

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:42:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1029 - 2 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Mail Delivery Status Notification (Postmaster)
  2. Re: suggestions about attributes (Kostas Kalevras)

--__--__--

Message: 1
From: Postmaster <[EMAIL PROTECTED]>
To:  <[EMAIL PROTECTED]>
Subject: Mail Delivery Status Notification
boundary="_=_NextPart_1"
Date: 5 Sep 2002 08:12:51 -0700
Reply-To: [EMAIL PROTECTED]

--- End Message ---

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:12:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1028 - 17 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Re: sqlcounter question (Do-Risika RAFIEFERANTSIARONJY)
  2. Pool-Name attribute (Ador Dauz)
  3. Re: Pool-Name attribute (Kostas Kalevras)
  4. RH 6.2 & Freeradius-0.7 (Joeffrey Betita)
  5. Prepaid calling card script (Raymond Chen)
  6. Re: Prepaid calling card script (Mattt)
  7. Re: RH 6.2 & Freeradius-0.7 ([EMAIL PROTECTED])
  8. mysql - list of NAS (Dolfini Danilo)
  9. Re: mysql modules (=?iso-8859-1?q?ho=20k?=)
  10. Mysql auth query (Mozzi)
  11. Problems to use as proxy (Wolfgang Bremer)
  12. Radius Packet Construction (Sheldon Fougere)
  13. RE: Cannot find a Domain attribute ?? (Deramus, Chris)
  14. Re: Exec-Program-Wait Abnormal exit - 0.7/Snapshot (Alan DeKok)
  15. Re: Problems to use as proxy (Alan DeKok)
  16. Re: Radius Packet Construction (Alan DeKok)
  17. Re: RedHat 7.3 as Radius Client (Alan DeKok)

-- __--__-- 

Message: 1
Date: Thu, 05 Sep 2002 08:53:53 +0300
From: Do-Risika RAFIEFERANTSIARONJY <[EMAIL PROTECTED]>
Organization: Simicro Internet
To: [EMAIL PROTECTED]
Subject: Re: sqlcounter question
Reply-To: [EMAIL PROTECTED]

alienoid wrote:
> Hello freeradius-users,

hi,


> RH7.2 + freeradius-0.6 + Oracle
> 
> I've compiled freeradius with --with-experimantal-modules and set up
> it with sql auth/acct.
> 
> In radiusd.conf wrote:
> 
> sqlcounter hourlycounter {
>counter-name = SQL_Max_Hour_Session_Timeout
>check-name = SQL_Max_Hour
>sqlmod_inst = sql
>key = User-Name
>query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE
>   username='%{%k}'"
>reset = none
> }

may be 'reset = never',

if not, didn't you forget to put hourlycounter in the authorization 
section ?


> I did so (tried to convert) with table radcheck:
> test User-Password    :=
> test SQL_Max_Hour  36000  >
> test Auth-Type Reject :=

i think the operator should be ':=' instead of '>' ...

cheers,

@+
-- 
DouRiX  \\\|///
  ___   \\ - - //     ___  __
|  _ oOOo_@ @_oOOo|  _ \(_) \/ /
| | | |/ _(_) | | | |_| ) |\  /
| |_| | (_) | |_| |  _ <| |/  \
|/ \___/ \_O| \_\_/_/\_\
f u cn rd ths u r usng unx
   O ) /
   (   )(_/
\ (
 \_)
 [Never be afraid to try something new. Remember, amateurs built the 
ark,
  and professionals built the Titanic.]



-- __--__-- 

Message: 2
charset="iso-8859-1"
From: Ador Dauz <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Pool-Name attribute
Date: Thu, 5 Sep 2002 15:14:41 +0800
Reply-To: [EMAIL PROTECTED]

hello all,

I'm look a documentation about Pool-Name attribute.
is any one can give me a site or document where
i can read..

Thanks
--ador



-- __--__-- 

Message: 3
Date: Thu, 5 Sep 2002 10:21:18 +0300 (EEST)
From: Kostas Kalevras <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Pool-Name attribute
Rep

Re: suggestions about attributes

2002-09-05 Thread Kostas Kalevras 

On Wed, 4 Sep 2002, Josh Kleensang wrote:

>
> Howdy,
>
>   I guess I dont know if these have been changed
> in CVS - or if they are the way they are for a reason.
>
> raddb/ldap.attrmap - the ldap checkItem attribute for
> Simultaneous-Use is set to npSessionsAllowed, but in
> the RADIUS-LDAPv3.schema radiusSimultaneousUse seems
> to be the correct attribute.
>
> raddb/radius.conf - in the ldap section access_attr is
> set to dialupAccess, but there is no dialupAccess attribute
> in RADIUS-LDAPv3.schema.  Could we get one? :)
>
> Thanks
>
> 
> Josh Kleensang
> Vice President, Engineering
> Lunar Gravity Networks
> 402-898-GRAV x 101
> http://www.lunargravity.com
>

Fixed, thanks for the suggestions.

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]  National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Mail Delivery Status Notification

2002-09-05 Thread Postmaster 

MAIL ESSENTIALS SENDER NOTIFICATION

The following message:

TO:  [EMAIL PROTECTED]
FROM:[EMAIL PROTECTED]
DATE: Thu, 05 Sep 2002 17:12:03 +0200
Subject: Freeradius-Users digest, Vol 1 #1028 - 17 msgs


has been held for later review by the administrator by Mail Essentials for the 
following reason(s):

Body contains word(s)/phrase(s) 'XXX'


Mail essentials

--- Begin Message ---

Send Freeradius-Users mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.cistron.nl/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

  1. Re: sqlcounter question (Do-Risika RAFIEFERANTSIARONJY)
  2. Pool-Name attribute (Ador Dauz)
  3. Re: Pool-Name attribute (Kostas Kalevras)
  4. RH 6.2 & Freeradius-0.7 (Joeffrey Betita)
  5. Prepaid calling card script (Raymond Chen)
  6. Re: Prepaid calling card script (Mattt)
  7. Re: RH 6.2 & Freeradius-0.7 ([EMAIL PROTECTED])
  8. mysql - list of NAS (Dolfini Danilo)
  9. Re: mysql modules (=?iso-8859-1?q?ho=20k?=)
  10. Mysql auth query (Mozzi)
  11. Problems to use as proxy (Wolfgang Bremer)
  12. Radius Packet Construction (Sheldon Fougere)
  13. RE: Cannot find a Domain attribute ?? (Deramus, Chris)
  14. Re: Exec-Program-Wait Abnormal exit - 0.7/Snapshot (Alan DeKok)
  15. Re: Problems to use as proxy (Alan DeKok)
  16. Re: Radius Packet Construction (Alan DeKok)
  17. Re: RedHat 7.3 as Radius Client (Alan DeKok)

--__--__--

Message: 1
Date: Thu, 05 Sep 2002 08:53:53 +0300
From: Do-Risika RAFIEFERANTSIARONJY <[EMAIL PROTECTED]>
Organization: Simicro Internet
To: [EMAIL PROTECTED]
Subject: Re: sqlcounter question
Reply-To: [EMAIL PROTECTED]

alienoid wrote:
> Hello freeradius-users,

hi,


> RH7.2 + freeradius-0.6 + Oracle
> 
> I've compiled freeradius with --with-experimantal-modules and set up
> it with sql auth/acct.
> 
> In radiusd.conf wrote:
> 
> sqlcounter hourlycounter {
>counter-name = SQL_Max_Hour_Session_Timeout
>check-name = SQL_Max_Hour
>sqlmod_inst = sql
>key = User-Name
>query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE
>   username='%{%k}'"
>reset = none
> }

may be 'reset = never',

if not, didn't you forget to put hourlycounter in the authorization 
section ?


> I did so (tried to convert) with table radcheck:
> test User-Password    :=
> test SQL_Max_Hour  36000  >
> test Auth-Type Reject :=

i think the operator should be ':=' instead of '>' ...

cheers,

@+
-- 
DouRiX  \\\|///
  ___   \\ - - //     ___  __
|  _ oOOo_@ @_oOOo|  _ \(_) \/ /
| | | |/ _(_) | | | |_| ) |\  /
| |_| | (_) | |_| |  _ <| |/  \
|/ \___/ \_O| \_\_/_/\_\
f u cn rd ths u r usng unx
   O ) /
   (   )(_/
\ (
 \_)
 [Never be afraid to try something new. Remember, amateurs built the 
ark,
  and professionals built the Titanic.]



--__--__--

Message: 2
charset="iso-8859-1"
From: Ador Dauz <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Pool-Name attribute
Date: Thu, 5 Sep 2002 15:14:41 +0800
Reply-To: [EMAIL PROTECTED]

hello all,

I'm look a documentation about Pool-Name attribute.
is any one can give me a site or document where
i can read..

Thanks
--ador



--__--__--

Message: 3
Date: Thu, 5 Sep 2002 10:21:18 +0300 (EEST)
From: Kostas Kalevras <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Pool-Name attribute
Reply-To: [EMAIL PROTECTED]

On Thu, 5 Sep 2002, Ador Dauz wrote:

> hello all,
>
> I'm look a documentation about Pool-Name attribute.
> is any one can give me a site or document where
> i can read..
>
> Thanks
> --ador

It contains the name of the ippool module instance which should handle the
request. That way you can assign different pools to different classes of users.
The Pool-Name should always be set for the ipppool module to work.

--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED]  National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf



--__--__--

Message: 4
From: "Joeffrey Betita" <[EMAIL PROTECTED]>
To: "Freeradius-Users" <[EMAIL PROTECTED]>
Subject: RH 6.2 & Freeradius-0.7
Date: Thu, 5 Sep 2002 16:52:49 +0800
charset="iso-8859-1"
Reply-To: [EMAIL PROTECTED]


   Freeradius is now running on my RH6.2 but when i try to dialup my login
name did not appear on the radius.log
pls. help me. thank you very much
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.384 / Virus Database: 216 - Release Date: 8/21/2002



--__--__--

Message: 5
From: "Raymond Chen" <[EMAIL PROTECTED

Re: RedHat 7.3 as Radius Client

2002-09-05 Thread Alan DeKok 

[EMAIL PROTECTED] wrote:
> However, it still respects my /etc/passwd password as well. When I
> tried to change the sufficient to required like the rest of the
> entries, no login worked for me.

  That's because PAM needs the authorization credentials, which are
usually found in /etc/passwd.

  The latest CVS snapshot of the pam module includes a dummy setcred
function, which allows things like PPPd to do PAM authentication.
That's because PPPd often doesn't need login credentials, it just
wants to give people net access.

> Can someone shed a little more light on the best way to make RADIUS my only
> login *IF* the radius server is available, then it could fall back to the
> local account for CONSOLE access if needed.

  Any program which needs the console MUST get the uid/gid/etc
credentials.  The PAM radius module CANNOT supply those, so what you
want is impossible.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Radius Packet Construction

2002-09-05 Thread Alan DeKok 

"Sheldon Fougere" <[EMAIL PROTECTED]> wrote:
> When creating Radius packets, does it matter what order the attribute value
> pairs are in?  Does Freeradius care what order the attributes are in?

  No, and no.

  The main time order is important is when proxying packets.  The
Proxy-State attributes can't be modified en-route, and their order
can't change.

> My example is I'm creating an Authentication Packet, is it ok to put
> NAS-Port-Type before the NAS-IP-Address?

  Yes.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Problems to use as proxy

2002-09-05 Thread Alan DeKok 

Wolfgang Bremer <[EMAIL PROTECTED]> wrote:
> I'm trying to configure the freeradius (Version 0.5)  to proxy requests
> to a remote server.

  Please don't post problems or bug reports with old versions of the
server.  There are MANY bugs fixed in newer releases, see:

http://www.freeradius.org/radiusd/doc/ChangeLog

  If you can reproduce the problem with 0.7, then you might want to
try the latest CVS snapshot.

  If you can't reproduce the problem with 0.7, then the problem was
found and solved months ago.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Exec-Program-Wait Abnormal exit - 0.7/Snapshot

2002-09-05 Thread Alan DeKok 

"Dave" <[EMAIL PROTECTED]> wrote:
> Is Exec-Program-Wait still broken?

  In 0.7 it didn't work in debugging mode.  That was fixed a while
ago, and I did exhaustive testing to make sure it worked.
 
> I have tried 0.7 as well as Snapshot dated 09-04-2002 and while 0.7
> continues to run after an Abnormal exit, the Snapshot build dies
> immediately...but when entering "group authorize" and apparently not getting
> to Exec-Program-Wait.

  Then the problem with the snapshot is not Exec-Program-Wait.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Cannot find a Domain attribute ??

2002-09-05 Thread Deramus, Chris 



To all,I'm definately getting 
somewhere with this, I appreciate your input. I thoroughly read the 
documentation and am close. I set my Mysql table up like this for user 
chris.deramus22 chris.deramus  
Vendor-Specific 
Microsoft  == 23 chris.deramus  
MS-CHAP-Domain  test.my.gov   
== Then when running FreeRADIUS in debugging mode, I get this with 
an incoming request. As you can see in bold, it's passing the MS-CHAP-Domain in 
the Access Accept, however it doesn't seem to be passing to my client laptop. 
Maybe it's a problem with my MySQL table, maybe its a problem with how I have 
MS-CHAP loaded in radiusd.confrlm_sql: Released sql socket id: 
8  modcall[authorize]: module "sql" returns okrlm_counter: Entering 
module authorize coderlm_counter: Could not find Check item value 
pair  modcall[authorize]: module "counter" returns 
noop    users: Matched DEFAULT at 141  
modcall[authorize]: module "files" returns ok  modcall[authorize]: module "mschap" returns 
noopmodcall: group authorize returns ok  
rad_check_password:  Found Auth-Type PAPauth: type "PAP"modcall: 
entering group authtyperlm_pap: login attempt by "chris.deramus" with 
password xxxrlm_pap: Using password 690d96285de94b9e7138e3d9d687ce3e for 
user chris.deramus authentication.rlm_pap: Using MD5 encryption.rlm_pap: 
User authenticated succesfully  modcall[authenticate]: module "pap" 
returns okmodcall: group authtype returns okLogin OK: 
[chris.deramus/] (from client 192.168.0.2 port 1008)Sending 
Access-Accept of id 2 to 
192.168.0.2:1026    Framed-IP-Address 
= 192.168.1.20    Vendor-Specific = 
0x4d6963726f736f6674    
MS-CHAP-Domain = "test.my.gov"
I bolded the sections that I found 
to be of interest, I'm assuming the returned noop means that the module isn't 
loaded, or isn't doing anything? I have the MS-CHAP module loaded in the 
authorization section, should it be loaded in a different section of 
radiusd.conf ?
 
Thanks for the help and 
patience.
 
Chris
-Original Message-From: Alan DeKok 
[mailto:[EMAIL PROTECTED]]Sent: Monday, July 22, 
2002 9:58 AMTo: [EMAIL PROTECTED]Subject: Re: Cannot 
find a Domain attribute ??"Deramus, Chris" 
<[EMAIL PROTECTED]> wrote:> Sorry for the confusion, I meant 
I have to return that Domain attribute to> the NAS, we have different 
program offices with resources on different> domains.  You 
can return the MS-CHAP-Domain domain attribute in 
theAccess-Accept. Alan DeKok.-List 
info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Radius Packet Construction

2002-09-05 Thread Sheldon Fougere 

Hi,

When creating Radius packets, does it matter what order the attribute value
pairs are in?  Does Freeradius care what order the attributes are in?

My example is I'm creating an Authentication Packet, is it ok to put
NAS-Port-Type before the NAS-IP-Address?

Thanks,
Sheldon


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Problems to use as proxy

2002-09-05 Thread Wolfgang Bremer 

Hi,

I'm trying to configure the freeradius (Version 0.5)  to proxy requests
to a remote server.

I'm getting a message 'No request found for proxy reply from server XXX'

Has anybody got the same problem?

Here is some debug output:


Server#/usr/local/sbin/radiusd -x
Starting - reading configuration files ...
Module: Loaded System
Module: Instantiated unix (unix)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded preprocess
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
Module: Instantiated realm (suffix)
Module: Loaded files
Module: Instantiated files (files)
Module: Loaded detail
Module: Instantiated detail (detail)
Module: Loaded radutmp
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on
1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:4079, id=163,
length=71
User-Name = "[EMAIL PROTECTED]"
User-Password = "o\264FU\260\n\317\346l\2134?\037F\272\214"
NAS-IP-Address = 255.255.255.255
NAS-Port-Id = "1"
rlm_chap: Could not find proper Chap-Password attribute in request
Sending Access-Request of id 1 to 192.1.1.1:1812
User-Name = "radiustest"
User-Password =
"\215\022\360`\241t\227\203\344\3067\r\260\250z;"
NAS-IP-Address = 255.255.255.255
NAS-Port-Id = "1"
Proxy-State = "163"
rad_recv: Access-Accept packet from host 192.1.1.1:1812, id=1, length=37

No request found for proxy reply from server Radius2 - ID 1

The Server Radius2 just loggs a successfull login

regards

Wolfgang Bremer





begin:vcard 
n:Bremer;Wolfgang
tel;work:+49 21 02 90 58 56
x-mozilla-html:TRUE
adr:;;
version:2.1
email;internet:[EMAIL PROTECTED]
fn:Wolfgang Bremer
end:vcard

Mysql auth query

2002-09-05 Thread Mozzi 

Hallo all
Need to ask a Mysql auth question
I added another field to my radcheck table 'status'
mysql> desc radcheck
 -> ;
+---+-+--+-+--++
| Field | Type| Null | Key | Default  | Extra  |
+---+-+--+-+--++
| id| int(10) |  | PRI | NULL | auto_increment |
| UserName  | varchar(30) |  | MUL |  ||
| Attribute | varchar(30) |  | | Password ||
| Value | varchar(40) | YES  | | NULL ||
| status| varchar(16) |  | | active   ||
| op| char(2) |  | | :=   ||
+---+-+--+-+--++
6 rows in set (0.00 sec)

Now I modified the query to look like below

authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM 
${authcheck_table} WHERE Username = '%{SQL-User-Name}' AND status =
^
  'active' ORDER BY id"
   ^^^

But it isn't working.
Anybody have any ideas ?

Tnx

Mozzi


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: mysql modules

2002-09-05 Thread ho k 

Hi

After creating the link inside the directory of 
/usr/local/mysql/include

#ln -s ../include mysql, 

then

#./configure
--with-mysql-include-dir=/usr/local/mysql/include

I got the warning as:

configuring in ./drivers/rlm_sql_mysql
running /bin/sh ./configure 
--with-mysql-include-dir=/usr/local/mysql/include -
-cache-file=../.././config.cache --srcdir=.
loading cache ../.././config.cache
checking for gcc... (cached) gcc
checking whether the C compiler (gcc  ) works... yes
checking whether the C compiler (gcc  ) is a
cross-compiler... no
checking whether we are using GNU C... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking how to run the C preprocessor... (cached) gcc
-E
checking for compress in -lz... no
checking for mysql/mysql.h... yes
checking for mysql_init in -lmysqlclient... no
configure: warning: mysql libraries not found.  Use
--with-mysql-lib-dir=.
configure: warning: sql submodule 'mysql' disabled
updating cache ../.././config.cache
creating ./config.status
creating Makefile

Anyoue can give me the solution, if MySql binary
package is installed in default path /usr/local/mysql
and my OS is solaris2.7 with gcc 3.2

Regards
K

 
 --- Ador Dauz <[EMAIL PROTECTED]> wrote: > On
Thursday 05 September 2002 06:52, you wrote:
> > :-)
> > :
> > >   It *is* using the path you give it.  That's
> not the problem.
> >
> > well, it does add "mysql" to it.
> >
> > >   The problem is that the MySQL header files are
> *normally* in
> > > , as evidenced by the fact that
> this issue hasn't been
> > > a problem for at least the past year.  So if
> you're running into a
> > > problem, it's because the  mysql header files on
> your system are in a
> > > different place than 90% of other peoples
> systems.
> 
> I started using the freeradius last July and I have
> same problem with you.
> It found the lib but not the include directory so
> the headers not found. To 
> work arround with these... I created a link named
> mysql inside in the 
> directory of include. I'm inside the directory of
> /usr/local/mysql/include  
> then I do this command, ln -s ../include mysql 
> these only work with this 
> option
> --with-mysql-include-dir=/usr/local/mysql/include 
> or create a link 
> inside 
> the directory of your mysql name mysql link to
> include directory but your 
> option look like these...
> --with-mysql-include-dir=/usr/local/mysql
> 
> To test if work do it first inside the mysql module
> directory the configure 
> command.
> I'm not a programmer so please dont ask me about the
> that module, Im still
> a student learning system administration.. I really
> admire all the programmer
> who build the freeradius program.
> 
> Thanks
> ador
> 
> - 
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html 

___
Do You Yahoo!?
Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

mysql - list of NAS

2002-09-05 Thread Dolfini Danilo 

Hello,
I'm using freeradius-0.6 with mysql and I have a big problem.

I can define users ('radcheck' table) and group ('usergroup' table). I can also define 
a single NAS with the attribute 'NAS-IP-Address' in the 'radgroupcheck' table but I 
can't define a list of NAS associated with a group of users.

Another question: how can I configure clients in mysql without using the 
'clients.conf' file?

Can someone help me to resolve these problems?
Thanks in advance.

Ragards,
-
Danilo Dolfini
Telecom Italia Lab - (RI/NS/C)
Via G. Reiss Romoli, 274
10148 Torino - ITALY
Phone #:  +39 11 2287076
IP phone #:  +39 11 2282674
http://www.telecomitalialab.com
e-mail: [EMAIL PROTECTED]



CONFIDENTIALITY NOTICE
This message and its attachments are addressed solely to the persons
above and may contain confidential information. If you have received
the message in error, be informed that any use of the content hereof
is prohibited. Please return it immediately to the sender and delete
the message. Should you have any questions, please contact us by
replying to [EMAIL PROTECTED] Thank you


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: RH 6.2 & Freeradius-0.7

2002-09-05 Thread arise 


hello,

>
>Freeradius is now running on my RH6.2 but when i try to dialup my login
> name did not appear on the radius.log

you need to turn on logging for authentication requests on radiusd.conf

don't forget to restart radiusd after editing the conf file.

regards,

Ron

> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.384 / Virus Database: 216 - Release Date: 8/21/2002
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Prepaid calling card script

2002-09-05 Thread Mattt 

On Thu, 2002-09-05 at 19:28, Raymond Chen wrote:
> Dear All,
> 
> Does anyone have the Prepaid calling card script run as
> exec-program-wait?  Please one copy to us.  
> 

I have this weird desire to laugh uncontrollably about now... yeah, I'm
a little crazy... and probably a nerd too...

(I think it's Australian for geek...)
 
-- 
Cheers,
 Mattticq   : 117539757
 Network and Tech Doodwww   : http://www.pulse.nq4u.net
 [EMAIL PROTECTED]  jabber: [EMAIL PROTECTED]
 
 What's got four legs and an arm?  A happy Pit Bull...


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Prepaid calling card script

2002-09-05 Thread Raymond Chen 

Dear All,

Does anyone have the Prepaid calling card script run as
exec-program-wait?  Please one copy to us.  

Your help is greatly appreciated.

Raymond



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RH 6.2 & Freeradius-0.7

2002-09-05 Thread Joeffrey Betita 


   Freeradius is now running on my RH6.2 but when i try to dialup my login
name did not appear on the radius.log
pls. help me. thank you very much
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.384 / Virus Database: 216 - Release Date: 8/21/2002


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html