Re: about accounting_stop_query ...
Chris Parker wrote:
At 05:04 PM 10/17/2002 +0400, Do-Risika RAFIEFERANTSIARONJY wrote:
Hi everybody,
It is just an optimization question, for those who use rlm_sql.
I has the query below in my sql.conf :
accounting_stop_query = UPDATE ${acct_table1} SET AcctStopTime =
'%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets =
'%{Acct-Input-Octets}', AcctOutputOctets = '%{Acct-Output-Octets}',
AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay =
'%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}',
AcctMultiSessionId = '%{Acct-Multi-Session-Id}', AscendDataRate =
'%{X-Ascend-Data-Rate}', AscendXmitRate = '%{X-Ascend-Xmit-Rate}'
WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName =
'%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}'
With our nas (patton boxes), the SessionId values are reinitialized
when the box reboot, so I think there is a risk of having the same
SessionId, Username and NASIPAddress after each reboot, which would
alter the accounting data.
This is done by most NAS. This is why the 'acct_unique' module exists.
Please read 'radiusd/doc/rlm_acct_unique'.
Ok, thanks,
So I think it would be better for me to add AND AcctUniquId =
'%{Acct-Unique-Id}' in the accounting_stop_query sql where clause ?
+
--
DouRiX \\\|///
___ \\ - - // ___ __
| _ oOOo_ _oOOo| _ \(_) \/ /
| | | |/ _(_) | | | |_| ) |\ /
| |_| | (_) | |_| | _ | |/ \
|/ \___/ \_O| \_\_/_/\_\
f u cn rd ths u r usng unx
O ) /
( )(_/
\ (
\_)
[A day without sun shine is like,
you know, night.]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Músicas
Title: CD UDIA - [ [EMAIL PROTECTED] ] MONTE SEU CD MUSICAL COM A SUA SELEÇÃO. FACILIDADE DE ENVIO PARA TODO BRASIL FAÇA SEU PEDIDO CLICANDO AQUI OU PELO EMAIL: [EMAIL PROTECTED] LISTA MÚSICAS FILMES DIVX CLIPES JOGOS PEDIDOS INÍCIO A CD-Udia possui um acervo com mais de 4.000 músicas www.cdudia.kit.net Total de Músicas: 4005_Download da lista de músicas N O V I D A D E S Bruce Springsteen (2002) Som Livre: R$ 29,10 CD Udia : R$ 9,99 com direito a completar o CD com 80 min. Gleydson Rodrigues (2002) CD Udia : R$ 7,99 com direito a completar o CD com 80 min. Queen - Greatest Hits II Som Livre: R$ 30,20 CD Udia : R$ 9,99 com direito a completar o CD com 80 min. . Eminem - The Eminem Show 2002 Som Livre: R$ 27,40 CD Udia : R$ 9,99 com direito a completar o CD com 80 min. Elton John - One Night Only Som Livre: R$ 27,40 CD Udia : R$ 9,99 com direito a completar o CD com 80 min. Demônios da Garoa Som Livre: R$ 17,60 CD Udia : R$ 7,99 com direito a completar o CD com 80 min. Faça sua seleção agora mesmo. CD's de música personalizados com a sua seleção musical !!! Para CD's de áudio, cada CD suporta entre 15 e 20 faixas, num total de 80 minutos de música. Para CD's de dados, cada CD suporta 700 Mb de dados, algo em torno de 190 a 215 músicas por CD. CD's
Re: UNKNOWN-NAS problem in FR.7.1.
On Fri, 18 Oct 2002, Tim Fraser wrote:
I have been having problems with getting my radius server to run the
checkrad prog on simul logins .. but until now have not managed to get it
working ...
Looking through the code in src/main/session.c .. I see there is old
references to a log entry for UNKNOWN-NAS .. (which appears to have been
commented out since fr .6),
I have taken out their comment marks to see if that helps locate the
problem and even though I am using fr .7.1 .. it seems I am still getting
an UNKNOWN-NAS in my log .. I have all my NAS's listed in clients.conf
(example below, and they do auth users they just wont run checkrad ...)
client 192.168.1.2 {
secret = x
shortname = test
nastype = max40xx
}
What else could be creating this problem ?? or is there something wrong
with the above clients.conf format?
thanks
Use the naslist and naspasswd files. I am not sure that nastype in clients.conf
works at this point.
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Can FreeRadius run a script after an user authentication
Hi, Im wondering if I can get FreeRadius to run a script after a successful user authentication. I want to do some manipulation to my iptables when the user logs in. Hreidar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Newbie: Three freeradius questions
i would have answered you the same but i thought that somebody around here perhaps knows the reason you seemed to want to know... it has to be openssl-0.9.7 or later but i don't know exactly which function is new. ciao artur Damjan wrote: 1. EAP/TLS support, what do I need to get this support in freeradius. I've read [*] that it needs openssl-0.9.7, isn't openssl-0.9.6g enough? [OT] Is there a way to check if openssl supports EAP/TLS Answering to myself :), well according to http://www.freeradius.org/radiusd/doc/rlm_eap everything better that openssl-0.9.6b will work, good. -- Artur Hecker Groupe Accès et Mobilité hecker[at]enst[dot]fr Département Informatique et Réseaux +33 1 45 81 7507 46, rue Barrault 75634 Paris cedex 13 http://www.infres.enst.fr ENST Paris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
debug (radiusd -X)
Hi i m new in linux and red hat, using since 2002 Jan. now i m try to configure radius server . I found freeradius on google search .. after installing as discribe in Readme and INSTALL file in freeraadius pack ... when i run radiusd -X for debug i found error like this rlm_unix: U must specify a sadow password file! HASH: unable to create user hash table . disable caching and run debugs radiusd.conff [462] module instantiation failed. i m using RHL 7.3 i tried to use radiusd -p 1645 and lot of things :( plz guide me in this regard and can ne any one tell me where i can found easy help "manual " regards s.m ali kazmiDo you Yahoo!? Faith Hill - Exclusive Performances, Videos, & more faith.yahoo.com
RE: configure errors while compiling
-Original Message- From: [EMAIL PROTECTED] [mailto:freeradius-users-admin;lists.cistron.nl]On Behalf Of Tim McCracken Sent: Thursday, October 17, 2002 8:08 PM To: [EMAIL PROTECTED] Subject: RE: configure errors while compiling -Original Message- From: [EMAIL PROTECTED] [mailto:freeradius-users-admin;lists.cistron.nl]On Behalf Of KP Rao Sent: Thursday, October 17, 2002 7:49 PM To: [EMAIL PROTECTED] Subject: configure errors while compiling Hi All, I am trying to compile freeradius and getting this error message. Run out of ideas what may be causing the error. Any help would be appreciate. Using version # ./configure loading cache ./config.cache checking for gcc... gcc checking whether the C compiler (gcc ) works... no configure: error: installation or configuration problem: C compiler cannot creat e executables. # ls -l /usr/local/bin/gcc -rwxr-xr-x 2 bin bin 345052 Aug 28 05:18 /usr/local/bin/gcc # uname -a SunOS CPMgmtStn 5.8 Generic_108528-01 sun4u sparc SUNW,Ultra-60 Any good soul have a binary package for Solaris 2.8 Thanks in advance. --kp I can recreate your problem by running configure under the SU, but mine works OK running configure under a normal user. Obviously this is some sort of problem with the default configuration of the Solaris distribution that we need to change so it will configure under SU. I am going to be working on this all weekend if necessary to get it running. I am down to crunch time. MAKE does have to run under SU though. Feel free to e-mail me off list if you want to. Tim - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: debug (radiusd -X)
s.m. ali kazmi wrote: Hi i m new in linux and red hat, using since 2002 Jan. now i m try to configure radius server . I found freeradius on google search .. after installing as discribe in Readme and INSTALL file in freeraadius pack ... when i run radiusd -X for debug i found error like this rlm_unix: U must specify a sadow password file! HASH: unable to create user hash table . disable caching and run debugs radiusd.conff [462] module instantiation failed. i m using RHL 7.3 i tried to use radiusd -p 1645 and lot of things :( plz guide me in this regard and can ne any one tell me where i can found easy help manual regards s.m ali kazmi Do you Yahoo!? Faith Hill http://faith.yahoo.com - Exclusive Performances, Videos, more faith.yahoo.com http://faith.yahoo.com edit radiusd.conf and uncomment under the unix module configuration that says shadow = /etc/shadow - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: debug (radiusd -X)
still not working :( same erroe i also change cache =yes to no but no use :( Aleksandar Zhelyazkov [EMAIL PROTECTED] wrote: edit radiusd.conf and uncomment under the unix module configurationthat saysshadow = /etc/shadow- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.htmlDo you Yahoo!? Faith Hill - Exclusive Performances, Videos, & more faith.yahoo.com
Re: about accounting_stop_query ...
At 09:40 AM 10/18/2002 +0300, Do-Risika RAFIEFERANTSIARONJY wrote:
Chris Parker wrote:
At 05:04 PM 10/17/2002 +0400, Do-Risika RAFIEFERANTSIARONJY wrote:
With our nas (patton boxes), the SessionId values are reinitialized when
the box reboot, so I think there is a risk of having the same SessionId,
Username and NASIPAddress after each reboot, which would alter the
accounting data.
This is done by most NAS. This is why the 'acct_unique' module exists.
Please read 'radiusd/doc/rlm_acct_unique'.
Ok, thanks,
So I think it would be better for me to add AND AcctUniquId =
'%{Acct-Unique-Id}' in the accounting_stop_query sql where clause ?
Precisely. :)
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| |\ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\--
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Call-Check
At 03:56 PM 10/17/2002 +, Pat Calhoun wrote: All, I'm trying to get the server to successfully authorize a call, to no avail. I know I had this working at one point, but I guess I just got lucky and the latest version no longer works with my users file. Here is what I have in my users file. 000a8afa7d53Auth-Type := Accept, Service-Type == Call-Check Service-Type = Call-Check, Session-Timeout = 100, Idle-Timeout = 100 You will notice the lack of a password, which is intentional since this is simply a request to accept the call. Here is the packet: --- Walking the entire request list --- Cleaning up request 6 ID 34 with timestamp 3daf3b91 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 172.16.1.69:35258, id=35, length=84 User-Name = 000a8afa7d53 Calling-Station-Id = 000a8afa7d53 NAS-Port = 1 NAS-IP-Address = 69.1.16.172 Service-Type = Call-Check modcall: entering group authorize modcall[authorize]: module preprocess returns ok rlm_eap: EAP-Message not found modcall[authorize]: module eap returns noop modcall[authorize]: module suffix returns ok modcall[authorize]: module mschap returns notfound modcall: group authorize returns ok auth: No Auth-Type configuration for the request, rejecting the user auth: Failed to validate the user. You probably need to add 'files' to your authorize stanza. Putting entries in the 'users' file does no good unless you also tell the server to read the 'users' file. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Call-Check
Thanks... I figured that one out this morning. While trying everything to get EAP-TLS to work, I mistakenly removed files from radiusd.conf. duh! PatC On Fri, 2002-10-18 at 15:01, Chris Parker wrote: At 03:56 PM 10/17/2002 +, Pat Calhoun wrote: All, I'm trying to get the server to successfully authorize a call, to no avail. I know I had this working at one point, but I guess I just got lucky and the latest version no longer works with my users file. Here is what I have in my users file. 000a8afa7d53Auth-Type := Accept, Service-Type == Call-Check Service-Type = Call-Check, Session-Timeout = 100, Idle-Timeout = 100 You will notice the lack of a password, which is intentional since this is simply a request to accept the call. Here is the packet: --- Walking the entire request list --- Cleaning up request 6 ID 34 with timestamp 3daf3b91 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 172.16.1.69:35258, id=35, length=84 User-Name = 000a8afa7d53 Calling-Station-Id = 000a8afa7d53 NAS-Port = 1 NAS-IP-Address = 69.1.16.172 Service-Type = Call-Check modcall: entering group authorize modcall[authorize]: module preprocess returns ok rlm_eap: EAP-Message not found modcall[authorize]: module eap returns noop modcall[authorize]: module suffix returns ok modcall[authorize]: module mschap returns notfound modcall: group authorize returns ok auth: No Auth-Type configuration for the request, rejecting the user auth: Failed to validate the user. You probably need to add 'files' to your authorize stanza. Putting entries in the 'users' file does no good unless you also tell the server to read the 'users' file. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: UNKNOWN-NAS problem in FR.7.1.
Kostas Kalevras [EMAIL PROTECTED] wrote: Use the naslist and naspasswd files. I am not sure that nastype in clients.conf works at this point. I don't think it does. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Call-Check
Pat Calhoun [EMAIL PROTECTED] wrote: I'm trying to get the server to successfully authorize a call, to no avail. I know I had this working at one point, but I guess I just got lucky and the latest version no longer works with my users file. Here is what I have in my users file. 000a8afa7d53Auth-Type := Accept, Service-Type == Call-Check Service-Type = Call-Check, Session-Timeout = 100, Idle-Timeout = 100 You will notice the lack of a password, which is intentional since this is simply a request to accept the call. That should work. I've copied that sample to my 'users' file, and it works. modcall: entering group authorize modcall[authorize]: module preprocess returns ok rlm_eap: EAP-Message not found modcall[authorize]: module eap returns noop modcall[authorize]: module suffix returns ok modcall[authorize]: module mschap returns notfound I expect also to see: users: Matched 000a8afa7d53 at 1 modcall[authorize]: module files returns ok modcall: group authorize returns ok auth: No Auth-Type configuration for the request, rejecting the user auth: Failed to validate the user. Login incorrect: [000a8afa7d53/no User-Password attribute] (from nas pat_little_box port 1 cli 000a8afa7d53) Yup. No Auth-Type is configured, so it complains. Again, it's complaining I don't have a password, and that's exactly what I want. Authorize only please. Does anyone have any thoughts? List 'files' in 'authorize'? The 'users' file entry won't match if the 'users' file is never checked... :) Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What is 'ar' in 'MAKE INSTALL'
When running 'make install', it appears that right after the 'libtool mode=link' command runs, it tries to run something called 'ar' with arguments of 'cru' and a bunch of the object modules - except that libtool thinks it is an argument to libtool. I am sure that this is just ignorance on my part, but what is 'ar'. I have done lots of development on non-unix platforms, but am kinda new in this area. THANKS! Tim ERROR TEXT: Making install in lib... make[4]: Entering directory `/export/home/dev/radius/freeradius-0.7.1/src/lib' /export/home/dev/radius/freeradius-0.7.1/libtool --mode=link ld \ -module -static -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU _SOURCE -g -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wnested-ex terns -D_LIBRADIUS -I../include dict.o print.o radius.o valuepair.o token.o misc.o log.o filters.o missing.o md4.o md5.o sha1.o hmac.o snprintf.o -o libradius.a ar cru libradius.a dict.o print.o radius.o valuepair.o token.o misc.o log.o filters.o missing.o md4.o md5.o sha1.o hmac.o snprintf.o /export/home/dev/radius/freeradius-0.7.1/libtool: ar: not found make[4]: *** [libradius.a] Error 1 make[4]: Leaving directory `/export/home/dev/radius/freeradius-0.7.1/src/lib' make[3]: *** [common] Error 1 make[3]: Leaving directory `/export/home/dev/radius/freeradius-0.7.1/src' make[2]: *** [install] Error 2 make[2]: Leaving directory `/export/home/dev/radius/freeradius-0.7.1/src' make[1]: *** [common] Error 1 make[1]: Leaving directory `/export/home/dev/radius/freeradius-0.7.1' make: *** [install] Error 2 # - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: What is 'ar' in 'MAKE INSTALL'
hi ar produces an archive file out of some other files. it is usally used today to make static libraries, so a usual libsomething.a is nothing but a collection of object files, something1.o, something2.o in an ar-archive. cru: c - create, r - insert with replacement, u - only newer. man ar would help. ciao artur I am sure that this is just ignorance on my part, but what is 'ar'. I have done lots of development on non-unix platforms, but am kinda new in this area. -- Artur Hecker Groupe Accès et Mobilité hecker[at]enst[dot]fr Département Informatique et Réseaux +33 1 45 81 7507 46, rue Barrault 75634 Paris cedex 13 http://www.infres.enst.fr ENST Paris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: What is 'ar' in 'MAKE INSTALL'
Probably your 'ar' is not in the PATH environment variable 'ar' could be (at least in Solaris) in /usr/ccs/bin directory You can check it by command: 'find / -name ar' Check what is in PATH: 'echo $PATH' If you don't find the ar_directory then: PATH=$PATH:/ar_directory export PATH MM -Original Message- From: Artur Hecker [mailto:hecker;enst.fr] Sent: Friday, October 18, 2002 6:40 PM To: [EMAIL PROTECTED] Subject: Re: What is 'ar' in 'MAKE INSTALL' hi ar produces an archive file out of some other files. it is usally used today to make static libraries, so a usual libsomething.a is nothing but a collection of object files, something1.o, something2.o in an ar-archive. cru: c - create, r - insert with replacement, u - only newer. man ar would help. ciao artur I am sure that this is just ignorance on my part, but what is 'ar'. I have done lots of development on non-unix platforms, but am kinda new in this area. -- Artur Hecker Groupe Accès et Mobilité hecker[at]enst[dot]fr Département Informatique et Réseaux +33 1 45 81 750746, rue Barrault 75634 Paris cedex 13 http://www.infres.enst.fr ENST Paris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: What is 'ar' in 'MAKE INSTALL'
At 11:31 AM 10/18/2002 -0500, Tim D. McCracken wrote: When running 'make install', it appears that right after the 'libtool mode=link' command runs, it tries to run something called 'ar' with arguments of 'cru' and a bunch of the object modules - except that libtool thinks it is an argument to libtool. I am sure that this is just ignorance on my part, but what is 'ar'. I have done lots of development on non-unix platforms, but am kinda new in this area. 'ar' is an 'archiver'. It takes multiple .o files and creates a single .a file suitable for latter linking as a static library. You will need it to compile nearly anything. Check your paths to ensure the path to 'ar' is included properly. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: UNKNOWN-NAS problem in FR.7.1.
Tim Fraser [EMAIL PROTECTED] wrote:
I have been having problems with getting my radius server to run the
checkrad prog on simul logins .. but until now have not managed to get it
working ...
Looking through the code in src/main/session.c .. I see there is old
references to a log entry for UNKNOWN-NAS .. (which appears to have been
commented out since fr .6),
Yeah, that code hasn't been touched in a while...
I have taken out their comment marks to see if that helps locate the
problem and even though I am using fr .7.1 .. it seems I am still getting
an UNKNOWN-NAS in my log .. I have all my NAS's listed in clients.conf
(example below, and they do auth users they just wont run checkrad ...)
client 192.168.1.2 {
secret = x
shortname = test
nastype = max40xx
}
What else could be creating this problem ?? or is there something wrong
with the above clients.conf format?
Nope. It just isn't used, sorry.
For 0.7.1, you've got to add entries into the 'naslist' file. (Yes,
it's dumb).
If you grab the CVS snapshot from tonight, then the need for the
old-style 'naslist' is gone, and the 'clients.conf' entries you have
should work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Access_attr not working??
I can't seem to get access rejected when I have dialupAccess = false (and access_attr = dialupAccess and access_attr_used_for_allow = yes). I have tried the latest CVS snapshot... and this was working with versions prior to 0.7. (well at least .5) Thanks. Josh Kleensang Vice President, Engineering Lunar Gravity Networks 402-898-GRAV x 101 http://www.lunargravity.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Fwd: Re: Simultaneous Use
Chris,
thank for your answer,
I put radius on debug mode, then called nas (Total Control
w/HiperArc) as a user that where connected, but I don't see any error
and the request have not been rejected.
Below is the result of debug mode.
After that you have again radiusd.conf.
Thank for your help !
Jorge.
Hi all !,
I am having some trouble about simultaneous connnection.
I can not see where would be the error on configuration, if any, and did
not get nothing browsing docs, faqs, etc, that were applicable to my config.
Can some one give some idea about this ?.
What error messages did you receive, and what is the output from running
'radiusd -X' ( debug mode ) telling you?
-Chris
- Results from radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = /usr
main: localstatedir = /usr/var
main: logdir = /var/log/radius
main: libdir = /usr/lib
main: radacctdir = /var/log/radius/radacct
main: hostname_lookups = no
read_config_files: reading dictionary
read_config_files: reading clients
read_config_files: reading realms
read_config_files: reading naslist
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = yes
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = no
main: pidfile = /var/run/radius/radiusd.pid
main: user = radius
main: group = radius
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
security: max_attributes = 200
security: reject_delay = 1
main: debug_level = 0
read_config_files: entering modules setup
Module: Library search path is /usr/lib
Module: Loaded preprocess
preprocess: huntgroups = /etc/raddb/huntgroups
preprocess: hints = /etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = suffix
realm: delimiter =
Module: Instantiated realm (suffix)
Module: Loaded SQL
sql: driver = rlm_sql_mysql
sql: server = localhost
sql: port =
sql: login = digitalcoop
sql: password = digitalcoop
sql: radius_db = digitalcoop
sql: acct_table = radacct
sql: acct_table2 = radacct
sql: authcheck_table = radcheck
sql: authreply_table = radreply
sql: groupcheck_table = radgroupcheck
sql: groupreply_table = radgroupreply
sql: usergroup_table = usergroup
sql: nas_table = nas
sql: dict_table = dictionary
sql: sqltrace = no
sql: sqltracefile = /var/log/radius/sqltrace.sql
sql: deletestalesessions = yes
sql: num_sql_socks = 5
sql: sql_user_name = %{User-Name}
sql: authorize_check_query = SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username =
'%{SQL-User-Name}' ORDER BY id
sql: authorize_reply_query = SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username =
'%{SQL-User-Name}' ORDER BY id
sql: authorize_group_check_query = SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.A
ttribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username
= '%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id
sql: authorize_group_reply_query = SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.A
ttribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
usergroup.Username
= '%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id
sql: authenticate_query = SELECT Value,Attribute FROM radcheck WHERE UserName =
'%{User-Name}' AND
( Attribute = 'User-Password' OR Attribute = 'Password' OR Attribute =
'Crypt-Password' ) ORDER BY
Attribute DESC
sql: accounting_onoff_query = UPDATE radacct SET AcctStopTime='%S',
AcctSessionTime=unix_timestamp
('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}',
AcctStopDelay
= %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress=
'%{NAS-IP-Address}
' AND AcctStartTime = '%S'
sql: accounting_update_query = UPDATE radacct SET FramedIPAddress =
'%{Framed-IP-Address}' WHERE A
cctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND
NASIPAddress= '%{NAS-IP-Ad
dress}' AND AcctStopTime = 0
sql: accounting_start_query = INSERT into radacct (RadAcctId, AcctSessionId,
AcctUniqueId, UserNam
e, Realm,
