RE: Radius attributes in SQL INSERT
Hi For some purposes it is better to have numeric values in database. We have GUI which then presents data in user friendly fashion. OK. If I comment out attributes in dictionary, then everything will work for me. Is there any other way to do it without changing dictionary? MM -Original Message- From: Alan DeKok [mailto:aland@;ox.org] Sent: Monday, November 04, 2002 5:35 PM To: [EMAIL PROTECTED] Subject: Re: Radius attributes in SQL INSERT "Mieczyslaw Maciejewski (EPO)" wrote: > One of values of attribute Acct-Status-Type is value (in mnemonic) Start. > For me it looks that instead of inserting into database numeric > value of attribute Acct-Status-Type, FreeRadius tries to insert > mnemonic of that attribute (i.e. text 'Start'). Yes. What's wrong with that? The default schema does NOT include a row for Acct-Status-Type. So if you're using it, then you've changed the schema and the SQL queries. The Acct-Status-Type attribute is an 'integer' type, but it's easier for people to use names, so the integers have names. See the dictionary files for details. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: solaris/sparc & Forte
I had a similar problem when I ran make on my Solaris 8 box but I decided to take another route. I installed SUSE 7.3 for SPARC and everything is working great now. Gene Parks VIP Direct - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy (preprocess?)
Thanks! It looks like that should work. I'm going to write some scripts up and see how it goes. I'll let everyone know the results. - Mike - Original Message - From: "Kevin Bonner" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 04, 2002 3:26 PM Subject: Re: proxy (preprocess?) > Has anyone attempted this before? I'm using MySQL & Freeradius. After > looking at lots of config files, etc. I think that a preprocess addition > might work. Does anyone know if the Realms/NAS tables work now? I could > also write a script to check account balances and remove the Realms entry > if the account balance is negative (if the Realms table works now). Read about Exec-Program-Wait in doc/README. That would probably be your easiest solution, just write a script to check the acct balance and exit with the proper return status. Kevin Bonner - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Front End for Free radius
Title: Front End for Free radius Hi Does anyone know of any front-end tools for FreeRadius? Thanks, Sachin S. Mody Thomson Multimedia, Corporate Research 2 Independence Way, Princeton, NJ 08543 Ph# 609-987-7321 Fax# 609-987-7299 Please Note New Email Address:[EMAIL PROTECTED]
Re: oracle AND mysql module simultaniously
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 04 November 2002 20:14, Alan DeKok wrote: > That should be fine. So how does one SQL instance use another? Can > you post a sample of the debug messages, which shows the problem? Sure: [ bla bla bla ] Module: Loaded SQL sql: driver = "rlm_sql_oracle" [ bla bla bla ] rlm_sql: Driver rlm_sql_oracle loaded and linked rlm_sql: Attempting to connect to [EMAIL PROTECTED]:/instance rlm_sql: Connected new DB handle, #0 rlm_sql: Connected new DB handle, #1 rlm_sql: Connected new DB handle, #2 rlm_sql: Connected new DB handle, #3 rlm_sql: Connected new DB handle, #4 Module: Instantiated sql (oracle) Module: Loaded preprocess [ bla bla bla ] Module: Instantiated detail (detail) sql: driver = "rlm_sql_mysql" rlm_sql: Driver rlm_sql_mysql loaded and linked rlm_sql: Attempting to connect to [EMAIL PROTECTED]:/dbname Init: Oracle logon failed: 'Error while trying to retrieve text for error ORA-12154 ' rlm_sql: Failed to connect DB handle #0 Module: Instantiated sql (mysql) Module: Loaded radutmp [ bla bla bla ] (names and addresses changed, of course) - -- Have a nice day! -- Robin Elfrink <[EMAIL PROTECTED]> A3 Enschede B.V. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE9xuvvPgqgTHwUiEARAmbpAKCogwa6OumPbORwFCDWjADwqXggbwCfX7BH dMQpxOi6BCtaf4tyFsWGj2g= =vC4I -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: proxy (preprocess?)
> Has anyone attempted this before? I'm using MySQL & Freeradius. After > looking at lots of config files, etc. I think that a preprocess addition > might work. Does anyone know if the Realms/NAS tables work now? I could > also write a script to check account balances and remove the Realms entry > if the account balance is negative (if the Realms table works now). Read about Exec-Program-Wait in doc/README. That would probably be your easiest solution, just write a script to check the acct balance and exit with the proper return status. Kevin Bonner - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
On Mon, 4 Nov 2002, Alan DeKok wrote: > "Gregory G. V." <[EMAIL PROTECTED]> wrote: > > > No, CPPFLAGS are for C++ compilation. Use CFLAGS for C > > I have tried to run the configure with CFLAGS=-fast without any luck. I > > could not find any -fast option in the Makefiles, and compiler works > > without it > > Have you tried looking for CFLAGS in the Makefiles? This is a basic > Unix tool set question, and has nothing to do with your platform or > FreeRADIUS > > > Yes, I have seen. But I do not see how to add -fast... With CPPFLAGS -fast > > it works... but can not compile libltdl. > > So don't use it there Yes, it seems to work now. I have been confused by line 111 in the libltdl/Makefile - it is CPPFLAGS, and I have defined it after first fault. Now I have exported CFLAGS and LDFLAGS and compilation is going well... Should finish well too. Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
proxy (preprocess?)
I'm trying to setup my server to only allow proxying if a resellers account balance is good. Example: User connects to NAS NAS sends user/pass to my radius server My radius server checks the account balance of reseller if reseller account balance > 0 send request to reseller radius server & continue as normal... else deny request It could also work like: User connects to NAS NAS sends user/pass to my radius server My radius server sends request to reseller radius server if reseller radius server says OK if reseller account balance > 0 send authok else send deny Has anyone attempted this before? I'm using MySQL & Freeradius. After looking at lots of config files, etc. I think that a preprocess addition might work. Does anyone know if the Realms/NAS tables work now? I could also write a script to check account balances and remove the Realms entry if the account balance is negative (if the Realms table works now). Any ideas/help would be greatly appreciate. Thanks, Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: What are the proper ./configure arguments to compile to use MS SQL?
Thank you. I will try that. I have found where to change it in the mssql.conf file. My new question is what are the proper ./configure arguments to compile to use MS SQL using just unixODBC? unixODBC support was not compiled when I did the plain ./configure;make;make install. Thank you again. GT -Original Message- From: [EMAIL PROTECTED] [mailto:freeradius-users-admin@;lists.cistron.nl]On Behalf Of Alan DeKok Sent: Monday, November 04, 2002 2:15 PM To: [EMAIL PROTECTED] Subject: Re: What are the proper ./configure arguments to compile to use MS SQL? "Glynn Taylor" <[EMAIL PROTECTED]> wrote: > If I modify radiusd.conf to use mssql and modify mssql.conf to use > rlm_sql_freetds, radiusd -sfxxy -l stdout fails with: Don't use freetds. The libraries needed by the module are broken. > 1. What are the proper ./configure arguments to properly compile for use > with MS SQL? > 2. Does it depend on unixODBC being loaded first? That would be a better option to try INSTEAD of freetds. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
"Gregory G. V." <[EMAIL PROTECTED]> wrote: > > No, CPPFLAGS are for C++ compilation. Use CFLAGS for C > I have tried to run the configure with CFLAGS=-fast without any luck. I > could not find any -fast option in the Makefiles, and compiler works > without it. Have you tried looking for CFLAGS in the Makefiles? This is a basic Unix tool set question, and has nothing to do with your platform or FreeRADIUS. > Yes, I have seen. But I do not see how to add -fast... With CPPFLAGS -fast > it works... but can not compile libltdl.. So don't use it there. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
On Mon, 4 Nov 2002, Alan DeKok wrote: > "Gregory G. V." <[EMAIL PROTECTED]> wrote: > > it seems libltdl has a problem _only_ if the configure has been run with > > CPPFLAGS defined... so something seems to be wrong.. > > and I do not see another way to define -fast option... > > I thought CPPFLAGS must be in each Makefile... as well as LDFLAGS > > No, CPPFLAGS are for C++ compilation. Use CFLAGS for C I have tried to run the configure with CFLAGS=-fast without any luck. I could not find any -fast option in the Makefiles, and compiler works without it. > > There is no C++ code in FreeRADIUS Yes, I have seen. But I do not see how to add -fast... With CPPFLAGS -fast it works... but can not compile libltdl.. Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
"Gregory G. V." <[EMAIL PROTECTED]> wrote: > it seems libltdl has a problem _only_ if the configure has been run with > CPPFLAGS defined... so something seems to be wrong... > and I do not see another way to define -fast option > I thought CPPFLAGS must be in each Makefile... as well as LDFLAGS. No, CPPFLAGS are for C++ compilation. Use CFLAGS for C. There is no C++ code in FreeRADIUS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
> On Mon, 4 Nov 2002, Chris Parker wrote: > > > Post the errors you are seeing please. If you don't it's hard for us > > to fix the problem > > > > If the makefiles are built wrong, the post what the makefiles should look > > like to enable compilation to complete it seems libltdl has a problem _only_ if the configure has been run with CPPFLAGS defined... so something seems to be wrong... and I do not see another way to define -fast option I thought CPPFLAGS must be in each Makefile... as well as LDFLAGS. Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
On Mon, 4 Nov 2002, Chris Parker wrote:
> At 08:53 PM 11/4/2002 +0200, Gregory G. V. wrote:
>
> >< CFLAGS = -g -DNDEBUG
> >---
> > > CFLAGS = -g -mt -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG
>
> Please try the latest CVS. I believe it has the problem fixed already
Ok, I have tried, here how I run configure
ggv@mars@pts/5 21:17 Mon 04 Nov [/opt/src/freeradius-snapshot-20021104] >
cat run
CPPFLAGS=-fast
LDFLAGS=-fast
export CPPFLAGS
export LDFLAGS
./configure --prefix=/usr/local/freeradius
and here the outout from make
ggv@mars@pts/5 21:10 Mon 04 Nov [/opt/src/freeradius-snapshot-20021104] >
make
gmake[1]: Entering directory `/opt/src/freeradius-snapshot-20021104'
Making all in libltdl...
gmake[2]: Entering directory
`/opt/src/freeradius-snapshot-20021104/libltdl'
/bin/sh ./libtool --mode=compile cc -DHAVE_CONFIG_H -I. -I. -I. -fast
-g -DNDEBUG -c ltdl.c
mkdir .libs
cc -DHAVE_CONFIG_H -I. -I. -I. -fast -g -DNDEBUG -c ltdl.c -KPIC -DPIC
cc: Warning: -xarch=native has been explicitly specified, or implicitly
specified by a macro option, -xarch=native on this architecture implies
-xarch=v8plusa which generates code that does not run on pre UltraSPARC
processors
"ltdl.c", line 161: undefined symbol: malloc
"ltdl.c", line 161: non-constant initializer: op "NAME"
"ltdl.c", line 165: undefined symbol: free
"ltdl.c", line 165: non-constant initializer: op "NAME"
"ltdl.c", line 433: undefined symbol: ENOMEM
---skipped-
attachment is a Makefile used.
It seems to be exactly the same. It is late here, so about half hour late
I am going to finish to work (it means go off-line).
Gregory G. V.
---
Any opinions in this posting are my own and not those of my present
or previous employers.
# Generated automatically from Makefile.in by configure.
# Makefile.in generated automatically by automake 1.4-p5a from Makefile.am
# Copyright (C) 1994, 1995-8, 1999, 2001 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
SHELL = /bin/sh
srcdir = .
top_srcdir = .
prefix = /usr/local/freeradius
exec_prefix = ${prefix}
bindir = ${exec_prefix}/bin
sbindir = ${exec_prefix}/sbin
libexecdir = ${exec_prefix}/libexec
datadir = ${prefix}/share
sysconfdir = ${prefix}/etc
sharedstatedir = ${prefix}/com
localstatedir = ${prefix}/var
libdir = ${exec_prefix}/lib
infodir = ${prefix}/info
mandir = ${prefix}/man
includedir = ${prefix}/include
oldincludedir = /usr/include
DESTDIR = $(R)
pkgdatadir = $(datadir)/libltdl
pkglibdir = $(libdir)/libltdl
pkgincludedir = $(includedir)/libltdl
top_builddir = .
ACLOCAL = aclocal
AUTOCONF = autoconf
AUTOMAKE = automake
AUTOHEADER = autoheader
INSTALL = /opt/sfw/bin/ginstall -c
INSTALL_PROGRAM = ${INSTALL} $(AM_INSTALL_PROGRAM_FLAGS)
INSTALL_DATA = ${INSTALL} -m 644
INSTALL_SCRIPT = ${INSTALL_PROGRAM}
transform = s,x,x,
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
host_alias = sparc-sun-solaris2.8
host_triplet = sparc-sun-solaris2.8
AMTAR = tar
AS = as
AWK = nawk
CC = cc
DEPDIR = .deps
DLLTOOL = dlltool
ECHO = /usr/ucb/echo
EXEEXT =
INSTALL_STRIP_PROGRAM = ${SHELL} $(install_sh) -c -s
LIBADD_DL = -ldl
LIBTOOL = $(SHELL) $(top_builddir)/libtool
LIBTOOL_DEPS = ./../ltmain.sh
LN_S = ln -s
MAINT = #
MAKEINFO = makeinfo
OBJDUMP = objdump
OBJEXT = o
PACKAGE = libltdl
RANLIB = ranlib
STRIP = strip
VERSION = 1.2
am__include = include
am__quote =
install_sh = /opt/src/freeradius-snapshot-20021104/install-sh
AUTOMAKE_OPTIONS = no-dependencies foreign
include_HEADERS = ltdl.h
lib_LTLIBRARIES = libltdl.la
#noinst_HEADERS = ltdl.h
#noinst_LTLIBRARIES = libltdlc.la
CLEANFILES = libltdl.la libltdlc.la
libltdl_la_SOURCES = ltdl.c
libltdl_la_LDFLAGS = -no-undefined -version-info 4:0:1
libltdl_la_LIBADD = $(LIBADD_DL)
libltdlc_la_SOURCES = ltdl.c
libltdlc_la_LIBADD = $(LIBADD_DL)
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
mkinstalldirs = $(SHELL) $(top_srcdir)/../src/mkinstalldirs
CONFIG_HEADER = config.h
CONFIG_CLEAN_FILES =
LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES)
DEFS = -DHAVE_CONFIG_H -I. -I$(srcdir) -I.
CPPFLAGS = -fast
LDFLAGS = -fast
LIBS = -lnsl -lresolv -lsocket -lpthread
libltdl_la_DEPENDENCIES =
libltdl_la_OBJECTS = ltdl.lo
libltdlc_la_LDFLAGS =
libltdlc_la_DEPENDENCIES =
libltdlc_la_OBJECTS = ltdl.lo
CFLAGS = -g -DNDEBUG
COMPILE = $(CC)
Re: What are the proper ./configure arguments to compile to use MS SQL?
"Glynn Taylor" <[EMAIL PROTECTED]> wrote: > If I modify radiusd.conf to use mssql and modify mssql.conf to use > rlm_sql_freetds, radiusd -sfxxy -l stdout fails with: Don't use freetds. The libraries needed by the module are broken. > 1. What are the proper ./configure arguments to properly compile for use > with MS SQL? > 2. Does it depend on unixODBC being loaded first? That would be a better option to try INSTEAD of freetds. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: oracle AND mysql module simultaniously
Robin Elfrink <[EMAIL PROTECTED]> wrote:
> sql.conf has:
>
> sql mysql {
> driver =3D "rlm_sql_mysql"
> other configuration data
> }
>
> sql oracle {
> driver =3D "rlm_sql_oracle"
> other configuration data
> }
That should be fine. So how does one SQL instance use another? Can
you post a sample of the debug messages, which shows the problem?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What are the proper ./configure arguments to compile to use MS SQL?
I've got 0.71 running on RH7.3 and need to authenticate against a MS SQL2000 database. If I modify radiusd.conf to use mssql and modify mssql.conf to use rlm_sql_freetds, radiusd -sfxxy -l stdout fails with: rlm_sql: Could not link driver rlm_sql_freetds: file not foundrlm_sql: Make sure it (and all its dependent libraries!) are in the search path of your system's ld.radiusd.conf[8]: sql: Module instantiation failed. Which means that it did not get compiled. I've scoured the docs and can not find explicit instructions for this. I tried the experimental modules string, but that compiled things I don't think I need and failed before it got to the SQL section (in a perl section I think). 1. What are the proper ./configure arguments to properly compile for use with MS SQL? 2. Does it depend on unixODBC being loaded first? Thanks in advance all. GT
Re: no radutmp since upgrade
On Mon, 04 Nov 2002 11:57:01 -0500 "Alan DeKok" <[EMAIL PROTECTED]> wrote: > Oliver Zimmermann <[EMAIL PROTECTED]> wrote: > > after upgrading from freeradius 0.5 to 0.7 the sessionfile radutmp is > > not written anymore. In consequence radwho shows no users and the > > detail-file is empty. > > Huh? The detail file is completely independent of the radutmp file. > > It sounds to me like the server isn't receiving accounting packets. > Run it in debugging mode UNTIL it sees accounting packets, and then > look at radutmp and detail. > > Alan DeKok. First of all, the machine is running now! Thanks Alan. I followed your advice and ran the radius-server in debug-mode for a while. The system "woke up" when the primary radius went down for a short period so the upgraded had to overtake. Obviously it is not enough to send radclient-testpackets or process auth-packets to make a secondary radius start working. It seems to need some real NAS events. Good evening! - Oliver - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
At 08:53 PM 11/4/2002 +0200, Gregory G. V. wrote: < CFLAGS = -g -DNDEBUG --- > CFLAGS = -g -mt -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG Please try the latest CVS. I believe it has the problem fixed already. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
On Mon, 4 Nov 2002, Chris Parker wrote: > >Ok. error.tar.gz has the run script for run configure, the Makefile from > >libltdl and the output of stderr & stdout from gmake. It is with -fast > >option > >normal.tar.gz contain the same but without -fast options, so it compiled > >normal > >fixed.tar.gz contains fixed Makefile (-fast added) and output from make > > Can you send a 'diff' of the two Makefiles ( the one that was configured, > vs. the one that you manually fixed )? Ok. Here is Make file which has been configured _with_ CPPFLAGS=-fast LDFLAGS=-fast vs which has been compiled _without_ and manualy added -fast to CPPFLAGS and LDFLAGS ggv@mars@pts/5 20:44 Mon 04 Nov [/opt/src/freeradius-0.7.1/libltdl] > diff Makefile Makefile.fixed 19c19 < prefix = /usr/local/freeradius --- > prefix = /usr/local 113c113 < LIBS = -lnsl -lresolv -lsocket -lpthread --- > LIBS = -lnsl -lresolv -lsocket -lposix4 -lpthread 119c119 < CFLAGS = -g -DNDEBUG --- > CFLAGS = -g -mt -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG And here is Makefile configurewd _without_ -fast vs. configured _with_. ggv@mars@pts/5 20:50 Mon 04 Nov [/opt/src/freeradius-0.7.1/libltdl] > diff Makefile Makefile.old 111,113c111,113 < CPPFLAGS = < LDFLAGS = < LIBS = -lnsl -lresolv -lsocket -lposix4 -lpthread --- > CPPFLAGS = -fast > LDFLAGS = -fast > LIBS = -lnsl -lresolv -lsocket -lpthread 119c119 < CFLAGS = -g -mt -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG --- > CFLAGS = -g -DNDEBUG if it will be easy I may give you an account to the host... Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
At 08:15 PM 11/4/2002 +0200, Gregory G. V. wrote: On Mon, 4 Nov 2002, Chris Parker wrote: > Post the errors you are seeing please. If you don't it's hard for us > to fix the problem > > If the makefiles are built wrong, the post what the makefiles should look > like to enable compilation to complete Ok. error.tar.gz has the run script for run configure, the Makefile from libltdl and the output of stderr & stdout from gmake. It is with -fast option. normal.tar.gz contain the same but without -fast options, so it compiled normal. fixed.tar.gz contains fixed Makefile (-fast added) and output from make. Can you send a 'diff' of the two Makefiles ( the one that was configured, vs. the one that you manually fixed )? Thanks, -Chris Thats it. Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
On Mon, 4 Nov 2002, Chris Parker wrote: > Post the errors you are seeing please. If you don't it's hard for us > to fix the problem > > If the makefiles are built wrong, the post what the makefiles should look > like to enable compilation to complete Ok. error.tar.gz has the run script for run configure, the Makefile from libltdl and the output of stderr & stdout from gmake. It is with -fast option. normal.tar.gz contain the same but without -fast options, so it compiled normal. fixed.tar.gz contains fixed Makefile (-fast added) and output from make. Thats it. Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. error.tar.gz Description: Binary data normal.tar.gz Description: Binary data fixed.tar.gz Description: Binary data
Re: oracle AND mysql module simultaniously
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Monday 04 November 2002 18:03, Alan DeKok wrote:
> Do you have TWO instances of the SQL module set up? What does your
> configuration look like?
radiusd.conf has:
authenticate {
unix
oracle
}
accounting {
detail
unix
mysql
radutmp
}
sql.conf has:
sql mysql {
driver = "rlm_sql_mysql"
other configuration data
}
sql oracle {
driver = "rlm_sql_oracle"
other configuration data
}
- -- Have a nice day! --
Robin Elfrink <[EMAIL PROTECTED]>
A3 Enschede B.V.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE9xrYsPgqgTHwUiEARAlDOAKCHC19/76XkbaCjK4lIJ+DII6XujQCgkJgf
QUvdvy0QUo66W6FWh7DKv7M=
=oS1E
-END PGP SIGNATURE-
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Browsable CVS Tree
At 09:50 AM 11/4/2002 -0600, Chris Parker wrote: At 08:21 AM 11/3/2002 -0500, Alan DeKok wrote: I'm not *opposed* to setting it up, but it's one more thing to maintain, and I don't see much in the way of volunteers to do additional work. Well, since I'm running the server hosting the website and CVS server, I guess that would fall under my job. :) It was something that used to exist, but didn't make the transfer from the old system to the current one. I'll take a poke at setting something up. If I'm successful, then I'll post something back here. Well, it wasn't too hard, as it looks like CVSWEB is once again being supported and developed. You can browse the FreeRADIUS CVS tree here: http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/ I'll add links on the website later today if no-one reports any problems. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Segregating different classes of users
On Sun, 3 Nov 2002 23:46:58 +1100 "Tarun Bhushan" <[EMAIL PROTECTED]> wrote: > Hello > > I am setting up a FreeRadius server (currently installed snapshot from > October 30, 2002). I would be grateful if someone could assist with a > means to do the following (sorry for the long-ish post): > > The Radius server would be used to authenticate administrators (of the > Radius server itself and two firewalls), as well as users of the > firewalls. The administrators would be authenticated via the Linux system > on which the Radius server runs (Auth-Type = System). Authentication for > the firewall users will be proxied to another external Radius server > (administered by others). IP addresses cannot be used as a means of > differentiating between administrators and users as they access resources > from the same subnets(dial-up, VPN or LAN) and the addresses are dynamic. > > The question is - how do I prevent a successful "user" login from being > misused to make attempts to access the firewall administration interface? > As IP address cannot be used to distinguish between the types of users, > how do I prevent a user from successfully authenticating via the > (proxied, other) Radius server and then attempting to do firewall > administration, as opposed to an administrator successfully > authenticating via the local (system) Radius server? In both cases, the > Radius "client" is the firewall itself. > > In case the problem is not clear, I will describe it via examples: > > 1. Administrator "A" wants to administer firewall 192.168.12.5 and > connects to it (SSH). The firewall asks "A" for usercode/password which > is supplied. As the firewall is configured to authenticate via the Radius > server on the Linux box at 192.168.12.10, it sends off the Radius request > to it. Successful authentication occurs via the Radius server accessing > the local"A" account on the Linux /etc/passwd. > 2. User "B" decides to attempt to access the firewall SSH and attempts a > connection to 192.168.12.5. The firewall asks "B" for usercode/password > which is supplied. As the firewall is configured to authenticate via the > Radius server on the Linux box at 192.168.12.10, it sends off the Radius > request to it. "B" is not in the Linux /etc/passwd file, but is proxied > to the external Radius server due to a "DEFAULT" in the 'users' file. > Successful authentication occurs and "B" thus gets access to the > firewall. > > The answer may well be a trivial one - however, I do not have enough > experience with FreeRadius and cannot think of a way of preventing "B". > > Thanks > > Tarun You should be able to do what you want by configuring pam to only accept certain groups of users to local login. This is not something you need to configure in radius, but rather on your local system. Your current configuration seems quite dodgey.. You could also configure ssh to only accept a cetain group in sshd_config. Either way you need to setup your "firewall" correctly.. Mail me back if you need more help with this. -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc msg10687/pgp0.pgp Description: PGP signature
Re: Counter question
On Mon, 4 Nov 2002, Michael O. Boev wrote: > Hello, everybody! > > Can I be applying a time restriction (Session-Timeout) differently, based on > the current time? > > I mean,... If the user dials in ONLY during the daytime (i.e. Wk09-18), > I want to be sending a Session-Timeout reply (e.g. :=10800). > > But, I've no idea what check-items should I use in the 'users' file. > > I would be thankful to anyone for an idea, or for pointing at a place with > relevant docs. > > I'm using FreeRadius 0.7. > > Michael Boev. DEFAULT Current-Time == "Wk09-18" Session-Timeout := 10800 i think -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: duplicate request
"Victor Sanchez" <[EMAIL PROTECTED]> wrote: > i used freeradius 0.4. this bug is that resolve in 0.6 and say in changelog ?? > > * Fix race conditions when duplicate packets resulted in a request >being processed by two threads, at the same time. Yes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
remove
can you please advise how to stop goldfish
duplicate request
this is the detail file: Sun Oct 27 17:54:45 2002 NAS-IP-Address = AAA.BBB.CCC.DDD NAS-Port = 105 NAS-Port-Type = Async User-Name = "paco@nowhere" Called-Station-Id = "XXX" Calling-Station-Id = "XXX" Acct-Status-Type = Start Acct-Authentic = RADIUS Service-Type = Framed-User Acct-Session-Id = "028B" Framed-Protocol = PPP Framed-IP-Address = 192.168.1.172 Acct-Delay-Time = 0 Client-IP-Address = AAA.BBB.CCC.DDD Timestamp = 1035737685 Sun Oct 27 17:54:45 2002 NAS-IP-Address = AAA.BBB.CCC.DDD NAS-Port = 105 NAS-Port-Type = Async User-Name = "paco@nowhere" Called-Station-Id = "XXX" Calling-Station-Id = "XXX" Acct-Status-Type = Start Acct-Authentic = RADIUS Service-Type = Framed-User Acct-Session-Id = "028B" Framed-Protocol = PPP Framed-IP-Address = 192.168.1.172 Acct-Delay-Time = 0 Client-IP-Address = AAA.BBB.CCC.DDD Timestamp = 1035737685 i used freeradius 0.4. this bug is that resolve in 0.6 and say in changelog ?? * Fix race conditions when duplicate packets resulted in a request being processed by two threads, at the same time. thanks for the help. and sorry for my poor english :( - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: oracle AND mysql module simultaniously
Robin Elfrink <[EMAIL PROTECTED]> wrote: > When I have the oracle module loaded first, freeradius connects > correctly to the oracle server and then tries to connect to the > mysql server using the oracle module. Do you have TWO instances of the SQL module set up? What does your configuration look like? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
oracle AND mysql module simultaniously
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I'm trying to get the oracle and mysql module to work together simultaniously. Oracle for authentication, and mysql for accounting (do not ask me WHY, I cannot explain stupid upper-management decisions). When I have the oracle module loaded first, freeradius connects correctly to the oracle server and then tries to connect to the mysql server using the oracle module. When I have the mysql module loaded first, freeradius connects correctly to the mysql server and then tries to connect to the oracle server using the mysql module. Is this normal behaviour, or a bug, or a fault in my setup? - -- Have a nice day! -- Robin Elfrink <[EMAIL PROTECTED]> A3 Enschede B.V. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE9xqdjPgqgTHwUiEARAlO0AJwLd/RGAMtGZy0ewUzMDdNlp2jefwCgjjms w8dI54SOJNtcW9pYDp/vyyg= =Pfh+ -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: no radutmp since upgrade
Oliver Zimmermann <[EMAIL PROTECTED]> wrote: > after upgrading from freeradius 0.5 to 0.7 the sessionfile radutmp is > not written anymore. In consequence radwho shows no users and the > detail-file is empty. Huh? The detail file is completely independent of the radutmp file. It sounds to me like the server isn't receiving accounting packets. Run it in debugging mode UNTIL it sees accounting packets, and then look at radutmp and detail. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
no radutmp since upgrade
Hi folks,
after upgrading from freeradius 0.5 to 0.7 the sessionfile radutmp is
not written anymore. In consequence radwho shows no users and the
detail-file is empty. When I start the daemon with radiusd -X all looks
allright to me, because the radutmp module is loaded.
...
Module: Instantiated files (files)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and 1813/udp.
Ready to process requests.
...
Compilation with "make" shows me no errors. Some text blocks from my
radiusd.conf:
radutmp {
filename = ${logdir}/radutmp
perm = 0600
callerid = "yes"
}
accounting {
# acct_unique
detail
# counter
unix
radutmp
# sradutmp
}
session {
radutmp
}
I hope you have any ideas - I don't like downgrades ;-)
- Oliver
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problems with rlm_unix on version 0.7.1
Luis Vitorio Cargnini <[EMAIL PROTECTED]> wrote: > i have the following problem: The problem you have is posting the same message multiple times to both the -devel and the -users list. Stop it. > Module: Library search path is /usr/local/lib > radiusd.conf[462] Failed to link to module 'rlm_unix': file not found=20 > > how could i solve this ?? Read the FAQ? Read the documentation? Read the configuration files? No, I don't think you'll do any of that... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius attributes in SQL INSERT
"Mieczyslaw Maciejewski (EPO)" wrote: > One of values of attribute Acct-Status-Type is value (in mnemonic) Start. > For me it looks that instead of inserting into database numeric > value of attribute Acct-Status-Type, FreeRadius tries to insert > mnemonic of that attribute (i.e. text 'Start'). Yes. What's wrong with that? The default schema does NOT include a row for Acct-Status-Type. So if you're using it, then you've changed the schema and the SQL queries. The Acct-Status-Type attribute is an 'integer' type, but it's easier for people to use names, so the integers have names. See the dictionary files for details. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
test
test - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re[4]: Simultaneous-Use
[EMAIL PROTECTED] wrote:
> > What kind of response did you expect?
>
> Simple: the solution or "no, there is no solutions at this time". But
> I've gotyou know what I've got. ;)
You've got the documentation and source code sitting in front of
you. The documentation DOES say "there is no solution at this time".
> A bit about docs. I think that minor comment is needed in
> Simultaneous-Use at line 32: "You need to set the correct type in the
> file /etc/raddb/naslist" must become "You need to set the correct type in the
> file /etc/raddb/naslist (${sysconfdir}/raddb/clients.conf for newest
> versions)..."
I'll fix that, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication
"Miles Wilton" <[EMAIL PROTECTED]> wrote: > Is there any way to make authentication occur first from PAM an dthen if > this fails, off a username/password in MySQL db? Yes. See 'doc/configurable_failover' Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
At 05:58 PM 11/4/2002 +0200, Gregory G. V. wrote: On Mon, 4 Nov 2002, Chris Parker wrote: > At 02:54 PM 11/4/2002 +0200, Gregory G. V. wrote: > >On Mon, 4 Nov 2002, Haan, de, Jan wrote: > > > > > > > > Have fun! Was compiling it as I saw your e-mail > > > on the list > >It is very kind, thank you! > >Would be nice to know how it was compiled? > >I have compiled by gcc sucsessfuly, and could not by Forte... What I did > >wrong I do not know. May be you have used some options.. > > I've compiled it under GCC on Solaris without any problems. Could you > post a snip of what Forte is puking on? IE, the output of make where > it is failing? > As I have written approximately one hour agou, the problem is only when -fast has been defined for CPPFLAGS and LDFLAGS for configure... and the problem is in libltdl - it seems Makefile has been created wrong. Post the errors you are seeing please. If you don't it's hard for us to fix the problem. If the makefiles are built wrong, the post what the makefiles should look like to enable compilation to complete. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
On Mon, 4 Nov 2002, Chris Parker wrote: > At 02:54 PM 11/4/2002 +0200, Gregory G. V. wrote: > >On Mon, 4 Nov 2002, Haan, de, Jan wrote: > > > > > > > > Have fun! Was compiling it as I saw your e-mail > > > on the list > >It is very kind, thank you! > >Would be nice to know how it was compiled? > >I have compiled by gcc sucsessfuly, and could not by Forte... What I did > >wrong I do not know. May be you have used some options.. > > I've compiled it under GCC on Solaris without any problems. Could you > post a snip of what Forte is puking on? IE, the output of make where > it is failing? > As I have written approximately one hour agou, the problem is only when -fast has been defined for CPPFLAGS and LDFLAGS for configure... and the problem is in libltdl - it seems Makefile has been created wrong. I have compared a compilation comand line in both cases and they are different. Without -fast Forte compiles normal. I have worked around in this way - ./configure without CPPFLAGS & LDFLAGS and than manualy inserted -fast in CFLAGS and LDFLAGS in each Makefile. Just now compilation has finished. I'll check about linking, and compile one more time. After that I will prepare pkg fo me, and may give pkg/binary for who wants. Of course if I'll finish everything successfuly. > Thanks, > -Chris > -- > \\\|||/// \ StarNet Inc. \ Chris Parker > \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering > | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 > oOo---(_)---oOo--\-- >\ Wholesale Internet Services - http://www.megapop.net > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: solaris/sparc & Forte
On Mon, 4 Nov 2002, Haan, de, Jan wrote: > ../configure > gmake > gmake install did you try to do the same with CPPFLAGS=-fast and LDFLAGS=-fast? Here is a problem... libltdl does not compile... it seems Makefile prepared wrong, I have compared the comand line for compilation with -fast and without, in case with -fast the line does not have "-mt", "-o o ltdl.o".. it looks strange... But the code produced with -fast is MUCH faster than without... > > -Oorspronkelijk bericht- > Van: Gregory G. V. > Verzonden: maandag 4 november 2002 13:54 > Aan: Haan, de, Jan > CC: [EMAIL PROTECTED] > Onderwerp: Re: solaris/sparc & Forte > > On Mon, 4 Nov 2002, Haan, de, Jan wrote: > > > > > Have fun! Was compiling it as I saw your e-mail > > on the list > It is very kind, thank you! > Would be nice to know how it was compiled? > I have compiled by gcc sucsessfuly, and could not by Forte... What I did > wrong I do not know. May be you have used some options.. > > > > > > > > > <> > > Gregory G. V > --- > Any opinions in this posting are my own and not those of my present > or previous employers > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > > Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Browsable CVS Tree
At 08:21 AM 11/3/2002 -0500, Alan DeKok wrote: [EMAIL PROTECTED] wrote: > > Why? What would it gain us? > it would help people keeping track of the development without having the hassle > of doing a cvs co everytime. I'm not *opposed* to setting it up, but it's one more thing to maintain, and I don't see much in the way of volunteers to do additional work. Well, since I'm running the server hosting the website and CVS server, I guess that would fall under my job. :) It was something that used to exist, but didn't make the transfer from the old system to the current one. I'll take a poke at setting something up. If I'm successful, then I'll post something back here. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
At 02:54 PM 11/4/2002 +0200, Gregory G. V. wrote: On Mon, 4 Nov 2002, Haan, de, Jan wrote: > > Have fun! Was compiling it as I saw your e-mail > on the list. It is very kind, thank you! Would be nice to know how it was compiled? I have compiled by gcc sucsessfuly, and could not by Forte... What I did wrong I do not know. May be you have used some options... I've compiled it under GCC on Solaris without any problems. Could you post a snip of what Forte is puking on? IE, the output of make where it is failing? Thanks, -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problems with rlm_unix on version 0.7.1
i have the following problem: read_config_files: entering modules setup Module: Library search path is /usr/local/lib radiusd.conf[462] Failed to link to module 'rlm_unix': file not found how could i solve this ?? -- Thanks && Regards Luís Vitório Cargnini TRDC - Telenova Communications Corp. signature.asc Description: This is a digitally signed message part
Radius attributes in SQL INSERT
Hi
I use FreeRadius 0.71(snapshoot 20021104) on Solaris 8. Oracle 8.1.7
For accounting I use query as below (the query form is limited to important columns
only):
accounting_start_query="INSERT into TMP_TABLE( ...SESSION_START )
VALUES (.'%{Acct-Status-Type}'..."
Below you can find appropriate output from radiusd -X:
radius_xlat: 'INSERT into TMP_TABLE( ... SESSION_START )VALUES (
.. 'Start')'
rlm_sql: Reserving sql socket id: 3
rlm_sql: Attempting to connect #3
rlm_sql: Connected new DB handle, #3
rlm_sql: failed after re-connect
rlm_sql: Couldn't update SQL accounting for START packet - ORA-01722: invalid number
One of values of attribute Acct-Status-Type is value (in mnemonic) Start.
For me it looks that instead of inserting into database numeric value of attribute
Acct-Status-Type, FreeRadius tries to insert mnemonic of that attribute (i.e. text
'Start').
Could someone help
Thanks
MM
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: solaris/sparc & Forte
On Mon, 4 Nov 2002, Haan, de, Jan wrote: > > Have fun! Was compiling it as I saw your e-mail > on the list. It is very kind, thank you! Would be nice to know how it was compiled? I have compiled by gcc sucsessfuly, and could not by Forte... What I did wrong I do not know. May be you have used some options... > > > > <> Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Counter question
Hello, everybody! Can I be applying a time restriction (Session-Timeout) differently, based on the current time? I mean,... If the user dials in ONLY during the daytime (i.e. Wk09-18), I want to be sending a Session-Timeout reply (e.g. :=10800). But, I've no idea what check-items should I use in the 'users' file. I would be thankful to anyone for an idea, or for pointing at a place with relevant docs. I'm using FreeRadius 0.7. Michael Boev. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
solaris/sparc & Forte
Hello. Is it possible to compile freeradius on the solaris 8 (sparc) with Forte? I've got an error, it seems the source are written for gcc.. Does somebody has a binary for solaris/sparc? Gregory G. V. --- Any opinions in this posting are my own and not those of my present or previous employers. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[4]: Simultaneous-Use
> For one, development questions should be discussed on the
> freeradius-devel list. The -users list is more for general Q&A about
> configuring and running the server.
This was the reason of my posting. There was numerous postings about
'simultaneous works ok and it is simple to configure...' So I described
my real problem hoping that maybe somebody already has a solution (for
this concrete situation -- callback).
> What kind of response did you expect?
Simple: the solution or "no, there is no solutions at this time". But
I've gotyou know what I've got. ;)
I agree that maybe I've chosen wrong form for my question. And at this point
I thing that we can stop our non-productive flg.
At now I'm trying to find the solution. On success I'll post it to
-devel list.
A bit about docs. I think that minor comment is needed in
Simultaneous-Use at line 32: "You need to set the correct type in the
file /etc/raddb/naslist" must become "You need to set the correct type in the
file /etc/raddb/naslist (${sysconfdir}/raddb/clients.conf for newest
versions)..."
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
'Cool-off' period between logins...
Greetings, list :-) I'm trying to think up some ways to impose a 'cool-off' period between logins for some ISP customers. For example, a user gets (and uses) a four hour session, after which he is disconnected from the NAS. At this point, we want to say that that the user must now wait, say, 10 minutes before he is able to get access again. I'm mostly deploying mySQL back-ended FR servers, in case it matters. Is there a RADIUS feature like this? My limited intimacy with the relevant RFC's has me of the opinion that there is not. I'd like to find several ways of doing this (if they exist), as I have some creative ideas I'd like to work into such a feature ;-) -- Cheers, Mattt. icq : 117539757 aboveNetworkstel : 0438 749 962 [EMAIL PROTECTED] (mail/jabber) www : www.above.nq4u.net There are only 10 kinds of people. Those who understand binary, and those who don't. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication
Is there any way to make authentication occur first from PAM an dthen if this fails, off a username/password in MySQL db? Any help much appreciated. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MySQL Accounting patch
At 09:45 AM 11/1/2002 -0600, Chris Parker wrote: >Let me guess, it's a cisco NAS? >Read the 'doc/cisco' notes, where it suggests that you enable the command: >'aaa accounting delay-start' >Otherwise the cisco sends the start packet before it has fully allocated >the IP for the session. Adding the above command delays the start packet >until after the IP has been assigned. >If you get the IP address in the 'start' then there is no need to record >it from the 'stop' packet. > >-Chris You're right of course... oh well, at least I get an E for effort ;-) Thanks, Ingvar Ingvar Bjarnason Network Engineer Iceland Telecom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi
Hi, I compile the freeradius-0.7 on SCO openserver 5.0.5, but not successful,the output like below: please help me. #pwd /free/freeradius-0.7/src/main # make /free/freeradius-0.7/libtool --mode=link cc -export-dynamic -dlopen self \ -g -belf -DNDEBUG -I../include -L../lib -o radiusd \ radiusd.o files.o util.o acct.o nas.o log.o valuepair.o version.o proxy. o exec.o auth.o timestr.o conffile.o modules.o modcall.o session.o xlat.o thread s.o smux.o radius_snmp.o client.o request_list.o -lnsl -lsocket -lradius -lcry pt_i \ /free/freeradius-0.7/libltdl/libltdl.la rm -f .libs/radiusd.nm .libs/radiusd.nmS .libs/radiusd.nmT creating .libs/radiusdS.c (cd .libs && cc -c "radiusdS.c") rm -f .libs/radiusdS.c .libs/radiusd.nm .libs/radiusd.nmS .libs/radiusd.nmT LD_RUN_PATH="/usr/local/lib:$LD_RUN_PATH" cc .libs/radiusdS.o -g -belf -DNDEBUG -I../include -o .libs/radiusd radiusd.o files.o util.o acct.o nas.o log.o valuep air.o version.o proxy.o exec.o auth.o timestr.o conffile.o modules.o modcall.o s ession.o xlat.o threads.o smux.o radius_snmp.o client.o request_list.o -Bexport -L/free/freeradius-0.7/src/lib /free/freeradius-0.7/src/lib/.libs/libradius.so -lcrypt_i /free/freeradius-0.7/libltdl/.libs/libltdl.so -ldl -lnsl -lsocket Undefined first referenced symbol in file set_auth_parameters radiusd.o .libs/radiusd: fatal error: Symbol referencing errors. No output written to .lib s/radiusd make: *** [radiusd] Error 1 __ === Ãâ·ÑÊÔÓÃÐÂÀË15MÊÕ·ÑÓÊÏä ¸Ï½ôÐж¯£¡ (http://vip.sina.com/sol_mail/promotion/pro_men.html) ÐÂÀ˶þÊÖÊг¡£ºÒ»ÔªÍ¶È룬ʮ·Ö¾ªÏ²£¬°Ù·ÖÂúÒâ (http://classad.sina.com.cn/2shou/) ÊýÍòÕÅÊÖ»úͼƬÊýÍòÊ׶ÌÐÅÁåÉùÈÎÄãÌôÑ¡£¬Ã¿Ì춼ÓиüР(http://sms.sina.com.cn/cgi-bin/sms/smspic.cgi) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
