HOW TO START EXEC-WAIT SCRIPT....
May be for someone of you it is easy to run such thing, so listen my problem, and try to answer it. I have 9 groups (roles) of users, for the corresponding roles i have to run accounting script, which will logon them. That script will count time of dropping user. And if user loggedout earlier then he was droppped, then another script must get user_worked_secs... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Question about rlm_sql
hi I installed freeradius-snapshot-2002-0916 in Redhat7.2. I want to configure it to use mysql. According to http://www.swx.nl/freeradius/freeradiussql.html, it does work. But one more question: it said that 'sql' can not included in the 'authentication' part of the radiusd.conf, which I also saw in aaa.txt. But in radius.conf, 'sql' is commented in the 'authentication'. Why is that?Should I use the 'pap' module instead?But I want to use 'Auth-Type=EAP'. How can I solve it ?Hope you can help me. wanglu [EMAIL PROTECTED] 2002-12-31 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Accounting problem with MaxTnT
"Dimitrios E. Digas" <[EMAIL PROTECTED]> wrote: > I have a problem with radius accounting. More specifically I am using > freeradius v0.8 with oracle 8i backend. The problem arises with some > accounting records, all from a MaxTnT NAS. As can be seen from the log > entries below, the problem is that NAS does not send a username with some > accounting records. As a result the SQL query fails and the record > cannot be written into the database. Read 'raddb/sql.conf', and look for sql_user_name. The configuration file tells you how to deal with this problem. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radius Accounting problem with MaxTnT
Dear all,
I have a problem with radius accounting. More specifically I am using
freeradius v0.8 with oracle 8i backend. The problem arises with some
accounting records, all from a MaxTnT NAS. As can be seen from the log
entries below, the problem is that NAS does not send a username with some
accounting records. As a result the SQL query fails and the record
cannot be written into the database. Does anyone know how I can block such
accounting requests from the MaxTnT NAS or does anybody know if this is a
known MaxTnT bug ???
As a temporary solution I've modified the SQL query and used Oracle's NVL
function as follows to prevent a NULL username in the SQL statement:
accounting_start_query = "INSERT into ${acct_table1} (RadAcctId, AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime,
AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop,
AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId,
AcctTerminateCause,
ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay)
values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
NVL(%{SQL-User-Name},
'dummyraduser'), '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port-Id}', '%{NAS-Port-Type}',
TO_DATE('%S','-mm-dd hh24:mi:ss'), NULL, '0', '%{Acct-Authentic}',
'%{Connect-Info}',
'', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}',
'%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0')"
This might do the trick but has a performance drawback. If anyone notices
any other problems this may cause please let me know.
RADIUS LOG
--
rad_recv: Accounting-Request packet from host 217.19.74.12:7020, id=34, length=116
NAS-IP-Address = 217.19.74.12
NAS-Port = 2113
NAS-Port-Type = Async
Acct-Status-Type = Start
Acct-Delay-Time = 229
Acct-Session-Id = "369446656"
Acct-Authentic = Local
Idle-Timeout = 0
X-Ascend-Modem-PortNo = 62
X-Ascend-Modem-SlotNo = 1
X-Ascend-Modem-ShelfNo = 1
Calling-Station-Id = "2108150497"
Called-Station-Id = "8962408080"
modcall: entering group preacct
modcall[preacct]: module "preprocess" returns noop
rlm_realm: Proxy reply, or no user name. Ignoring.
modcall[preacct]: module "suffix" returns noop
modcall[preacct]: module "files" returns noop
modcall: group preacct returns noop
modcall: entering group accounting
rlm_acct_unique: WARNING: Attribute NAS-Port-Id was not found in request, unique ID
MAY be inconsistent
rlm_acct_unique: WARNING: Attribute User-Name was not found in request, unique ID MAY
be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 217.19.74.12,NAS-IP-Address =
217.19.74.12,Acct-Session-Id = "369446656",'
rlm_acct_unique: Acct-Unique-Session-ID = "e8b5c0d1af61a38f".
modcall[accounting]: module "acct_unique" returns ok
radius_xlat: '/usr/local/var/log/radius/radacct/217.19.74.12/detail-20021212'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/217.19.74.12/detail-20021212
modcall[accounting]: module "detail" returns ok
modcall[accounting]: module "counter" returns noop
modcall[accounting]: module "unix" returns noop
radius_xlat: '/usr/local/var/log/radius/radutmp'
radius_xlat: ''
modcall[accounting]: module "radutmp" returns ok
radius_xlat: ''
radius_xlat: 'INSERT into radacct (RadAcctId, AcctSessionId, AcctUniqueId, UserName,
Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime,
AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets,
AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('',
'369446656', 'e8b5c0d1af61a38f', '', '', '217.19.74.12', '', 'Async',
TO_DATE('2002-12-12 21:54:56','-mm-dd hh24:mi:ss'), NULL, '0', 'Local', '', '',
'0', '0', '8962408080', '2108150497', '', '', '', '', '229', '0')'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_oracle: execute query failed in sql_query: ORA-01400: cannot insert NULL into
("URNET"."RADACCT"."USERNAME")
rlm_sql (sql): Attempting to connect rlm_sql_oracle #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql_oracle: execute query failed in sql_query: ORA-01400: cannot insert NULL into
("URNET"."RADACCT"."USERNAME")
rlm_sql (sql): failed after re-connect
rlm_sql (sql): Couldn't update SQL accounting for START packet - ORA-01400: cannot
insert NULL into ("URNET"."RADACCT"."USERNAME")
radius_xlat: 'UPDATE radacct SET AcctStartTime = TO_DATE('2002-12-12
21:54:56','-mm-dd hh24:mi:ss'), AcctStartDelay = '229', ConnectInfo_start = ''
WHERE AcctSessionId = '369446656' AND UserName = '' AND NASIPAddress = '217.19.74.12'
AND AcctStopTime = IS NULL'
rlm_sql_oracle: execute query failed in sql_query: ORA-00936: missing expressio
Error in radzap
There seems to be an error in radzap (in Rev. 0.8.1). I don't have the time to analyze and fix it now, but maybe someone of you can. Symptom: Properly configured and working radius with clients.conf in use. Radzap does not find the secret for localhost (hardcoded to look for). Regards, Martin Seine - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Compaq and MPPE
> Hi at all, > >someone know if compaq AP 410 support dynamic key derivation? > >Thanks > >Daniele Brevi I believe so. The understanding I have is that the unit is basically a Proxim/Orinoco AP branded by Compaq that is similar to the AP-1000. You will need to make sure you have the latest flash code running though Raymond McKay IT Manager / Network Administrator Funnybone Interactive Vivendi Universal Games - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
mysql failover on freeradius8.1 solved
Last week I posted about a problem with mysql configurable failover with freeradius 8.1 I think I solved my problem, but the solution may point to a bug on how database connections are handled. Initially I had failover set in the authorize section, but not the accounting section. Since mysql replication only work one direction, I didn't want accounting data going to the slave. The problem with this though is at first I could authenticate, but accounting data was contiually being sent to radius. Since I didn't have a failover for that, all the database handles soon seemed to fill up, and radius would no longer respond even to authorization requests. I started getting this in debug: rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): Ignoring unconnected handle rlm_sql (sql1): There are no DB handles to use! modcall[accounting]: module "sql1" returns fail modcall: group accounting returns fail Finished request 30 Going to the next request My solution was to create another radacct table on my secondary sql server so I could setup failover for accounting. Now things seem to be working nicely. I just need to come up with a way of migrating any accounting data going to the slave back to the master. But should radius act this way? Should lack of database handles for accounting, prevent authorization from being able to fail over to the next sql server? As a matter of fact, radius no longer seems to respond at all to authorization requests, it seems to lock up once all the database handles are gone. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: X-Ascend Atributes?
Chris, thanks. I relooked at that after I sent the email.
All is well
Thanks for the help..
John Hengstler
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Chris
Parker
Sent: Monday, December 30, 2002 9:54 AM
To: [EMAIL PROTECTED]
Subject: RE: X-Ascend Atributes?
At 09:48 AM 12/30/2002 -0800, John A. Hengstler wrote:
>Woops, I did miss that subtle "X-" in the dictionary Fixed that.
>
>Now to the variable...
>If I use the %{Ascend-Disconnect-Cause:-X-Ascend-Disconnect-Cause}
>method to insert the variable, it inserts "X-Ascend-Disconnect-Cause" as a
>string into the table, not the actual contents of the variable, but if I
>change it to %{X-Ascend-Disconnect-Cause} it inserts properly.
Yup, my bad. See 'doc/variables.txt' for a better explanation of how
to do conditional syntax translation for your SQL inserts.
You would need to actually do:
%{Ascend-Disconnect-Cause:-%{X-Ascend-Disconnect-Cause}}
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\--
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: X-Ascend Atributes?
At 09:48 AM 12/30/2002 -0800, John A. Hengstler wrote:
Woops, I did miss that subtle "X-" in the dictionary Fixed that.
Now to the variable...
If I use the %{Ascend-Disconnect-Cause:-X-Ascend-Disconnect-Cause}
method to insert the variable, it inserts "X-Ascend-Disconnect-Cause" as a
string into the table, not the actual contents of the variable, but if I
change it to %{X-Ascend-Disconnect-Cause} it inserts properly.
Yup, my bad. See 'doc/variables.txt' for a better explanation of how
to do conditional syntax translation for your SQL inserts.
You would need to actually do:
%{Ascend-Disconnect-Cause:-%{X-Ascend-Disconnect-Cause}}
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\--
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: X-Ascend Atributes?
Woops, I did miss that subtle "X-" in the dictionary Fixed that.
Now to the variable...
If I use the %{Ascend-Disconnect-Cause:-X-Ascend-Disconnect-Cause}
method to insert the variable, it inserts "X-Ascend-Disconnect-Cause" as a
string into the table, not the actual contents of the variable, but if I
change it to %{X-Ascend-Disconnect-Cause} it inserts properly.
My only question here is, if there is a mixture of NASes (ie portmasters and
ciscos), the above statement would loose the good "AcctTerminateCause"
variables. Is that correct???
Thanks for the simple assistance
John Hengstler
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Chris
Parker
Sent: Monday, December 30, 2002 9:21 AM
To: [EMAIL PROTECTED]
Subject: RE: X-Ascend Atributes?
At 09:10 AM 12/30/2002 -0800, John A. Hengstler wrote:
>I can live with that for the connect start/stop information, but what about
>the acctterminatecause line.
>
>Isn't radius supposed to translate the codes from the dictionary files to
>the actual string?
>
>Example,
>X-Ascend-Disconnect-Cause = 45
> should be translated to :
>VALUE Ascend-Disconnect-Cause PPP-Rcv-Terminate-Req 45
No. Note the suble difference in the entries. One is Ascend-*, the other
is X-Ascend-*.
If you want it to "translate" the numerical value into a string, you'll
need to duplicate the 'Ascend-*' 'VALUE' entries for 'X-Ascend-*'.
>So what variable would I change in sql.conf to have this inserted to
>acctterminatecause?
The current query looks something like:
AcctStopQuery = "Insert into foo ( bar, baz )
values ( %{User-Name}, %{Ascend-Disconnect-Cause} )"
If you want to have it log other values you may need to add them like this:
AcctStopQuery = "Insert into foo ( bar, baz )
values ( %{User-Name},
%{Ascend-Disconnect-Cause:-X-Ascend-Disconnect-Cause} )"
to get it to use 'Ascend-Disconnect-Cause' value to insert, or if it doesn't
exist, to try to use the 'X-Ascend-Disconnect-Cause' value to insert.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\--
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: X-Ascend Atributes?
At 09:10 AM 12/30/2002 -0800, John A. Hengstler wrote:
I can live with that for the connect start/stop information, but what about
the acctterminatecause line.
Isn't radius supposed to translate the codes from the dictionary files to
the actual string?
Example,
X-Ascend-Disconnect-Cause = 45
should be translated to :
VALUE Ascend-Disconnect-Cause PPP-Rcv-Terminate-Req 45
No. Note the suble difference in the entries. One is Ascend-*, the other
is X-Ascend-*.
If you want it to "translate" the numerical value into a string, you'll
need to duplicate the 'Ascend-*' 'VALUE' entries for 'X-Ascend-*'.
So what variable would I change in sql.conf to have this inserted to
acctterminatecause?
The current query looks something like:
AcctStopQuery = "Insert into foo ( bar, baz )
values ( %{User-Name}, %{Ascend-Disconnect-Cause} )"
If you want to have it log other values you may need to add them like this:
AcctStopQuery = "Insert into foo ( bar, baz )
values ( %{User-Name},
%{Ascend-Disconnect-Cause:-X-Ascend-Disconnect-Cause} )"
to get it to use 'Ascend-Disconnect-Cause' value to insert, or if it doesn't
exist, to try to use the 'X-Ascend-Disconnect-Cause' value to insert.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\--
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: X-Ascend Atributes?
I can live with that for the connect start/stop information, but what about the acctterminatecause line. Isn't radius supposed to translate the codes from the dictionary files to the actual string? Example, X-Ascend-Disconnect-Cause = 45 should be translated to : VALUE Ascend-Disconnect-Cause PPP-Rcv-Terminate-Req 45 So what variable would I change in sql.conf to have this inserted to acctterminatecause? John Hengstler -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Parker Sent: Monday, December 30, 2002 7:39 AM To: [EMAIL PROTECTED] Subject: Re: X-Ascend Atributes? At 08:37 PM 12/29/2002 -0800, John A. Hengstler wrote: >Hello, > >We use 2 different wholesale Dial ISP's that do pass-thru >authentication/accounting with our radius server. > >Both companies are using cisco equipment. > >Everything seems to work well, except the following: > >The connection attributes are not getting put inserted into our mysql >tables with the rest of the info. ie, the >"connectinfo_start", "connectinfo_stop" , "acctterminatecause" What are the queries you are using in your 'sql.conf'? You may need to alter them from the default configs to ensure that the attributes you want are being recorded. By default they don't include any 'X-Ascend-*' attributes, so if you want to log those values, you'll need to edit the query strings in your 'sql.conf'. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: AcctInputOctets > 2GB bug
30-Dec-02 at 17:36, Klaus Heck ([EMAIL PROTECTED]) wrote : > There's a error whenever the AcctInputOctets or AcctOutputOctets exceed > 2GB. Note that the NAS internal counter does not wrap around for values > lower than 4GB. > The problem was that the database script > modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql defines these > attributes to be of type int(12) which reaches its limit at exactly > 2*1024*1024*1024 (2GB). Just change the script to use bigint(12) instead > and this problem is fixed :-) http://lists.cistron.nl/archives/freeradius-users/2002/12/frm00021.html This was discussed earlier this month. -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: user authentication(depending on attributes)
Hi, yes this is possible. At least if your NAS can do it. with our bintec routers we configure them to use Caller Line Identification and this results in the Bintecs asking the radius server for a user with the userid = Calling-Station-ID and no password. So we set the Database to contain the ISDN Numbers for all users as username and it works without a problem. Happy New Year Klaus __ I hate Windows Survey: Enter 1 for its easy to hate Windows, 5 neither here nor there, 10 for Windows is excellent dudes, built in Windows Fatal Error feature is more impressive than a system panic any day and 99 Bill Gates should rule planet, warning entering 99 will result in a flame war. - Original Message - From: "Ossama Suleiman" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 30, 2002 3:11 PM Subject: user authentication(depending on attributes) > Hi All, > > i am trying to authenticate users to my system depending on > Calling-Station-Id, when i add the following to my users file it works > fine without a problems: > > ossama password=='test', Calling-Station-ID='123456789' > > that works just fine, i would like to do exactly the same depending only > on the calling station and not the username/password pairs (i want them > to be blank) > > is it possible to authenticate all users depending on attributes(any > attributes) without using username/password?? > > is that somehow possible?? > > thanks for your help, > Happy NewYear, > > Ossama Suleiman > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: X-Ascend Atributes?
At 08:37 PM 12/29/2002 -0800, John A. Hengstler wrote: Hello, We use 2 different wholesale Dial ISP's that do pass-thru authentication/accounting with our radius server. Both companies are using cisco equipment. Everything seems to work well, except the following: The connection attributes are not getting put inserted into our mysql tables with the rest of the info. ie, the "connectinfo_start", "connectinfo_stop" , "acctterminatecause" What are the queries you are using in your 'sql.conf'? You may need to alter them from the default configs to ensure that the attributes you want are being recorded. By default they don't include any 'X-Ascend-*' attributes, so if you want to log those values, you'll need to edit the query strings in your 'sql.conf'. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
AcctInputOctets > 2GB bug
There's a error whenever the AcctInputOctets or AcctOutputOctets exceed 2GB. Note that the NAS internal counter does not wrap around for values lower than 4GB. The problem was that the database script modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql defines these attributes to be of type int(12) which reaches its limit at exactly 2*1024*1024*1024 (2GB). Just change the script to use bigint(12) instead and this problem is fixed :-) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
user authentication(depending on attributes)
Hi All, i am trying to authenticate users to my system depending on Calling-Station-Id, when i add the following to my users file it works fine without a problems: ossama password=='test', Calling-Station-ID='123456789' that works just fine, i would like to do exactly the same depending only on the calling station and not the username/password pairs (i want them to be blank) is it possible to authenticate all users depending on attributes(any attributes) without using username/password?? is that somehow possible?? thanks for your help, Happy NewYear, Ossama Suleiman - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: X-Ascend Atributes?
See sql.conf in etc/raddb/ May be your querys are not including the needed attributes On Sun, 2002-12-29 at 23:37, John A. Hengstler wrote: > Hello, > > We use 2 different wholesale Dial ISP's that do pass-thru > authentication/accounting with our radius server. > > Both companies are using cisco equipment. > > Everything seems to work well, except the following: > > The connection attributes are not getting put inserted into our mysql > tables with the rest of the info. ie, the "connectinfo_start", > "connectinfo_stop" , "acctterminatecause" > > The following is a STOP detail from the detail log: > >NAS-Port = 1458 > NAS-Port-Type = Async > Called-Station-Id = "3608382437" > Calling-Station-Id = "3608353229" > Acct-Status-Type = Stop > Acct-Authentic = RADIUS > Service-Type = Framed-User > Acct-Session-Id = "0002BDAF" > Framed-Protocol = PPP > Framed-IP-Address = 209.63.4.246 > X-Ascend-PreSession-Time = 21 > X-Ascend-Pre-Input-Octets = 125 > X-Ascend-Pre-Output-Octets = 111 > X-Ascend-Pre-Input-Packets = 5 > X-Ascend-Pre-Output-Packets = 5 > Acct-Input-Octets = 183894 > Acct-Output-Octets = 10389406 > Acct-Input-Packets = 1 > Acct-Output-Packets = 19176 > Acct-Session-Time = 3723 > X-Ascend-Disconnect-Cause = 45 > X-Ascend-Data-Rate = 28800 > X-Ascend-Xmit-Rate = 33600 > Acct-Delay-Time = 0 > > > > I see the "X-Ascend" codes, but they aren't getting translated > properly? What can I do to have this inserted properly? All of the > dictionary files are current including the cisco and ascend files. > All other columns in the tables are being translated properly... > > Regards, > > John Hengstler -- _ __ Gustavo A. Lozano Noldata Corporation [EMAIL PROTECTED] Calle 46 No. 40-19 CTO Bogota D.C. Colombia Noldata Corporation http://noldata.com I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. Albert Einstein This Message has been scanned for Virus Content using RAV Antivirus. Get your copy of RAV Antivirus at Noldata, send mail to [EMAIL PROTECTED] http://noldata.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can Run on Multi IP and Port?
Hi.. Yes It may be possible.- You need to copy the path /raddb with other name.. for example raddb1645.- In this path change radiusd.conf (if you need it) and then start radius daemond as radiusd -p -c /raddbxxx... -p is for port number of authentication and -c is the path where you find radiusd.conf You can start all sessions that you need ussing this method.- I started 2 deamond in 2 different ports ussing this method.- - Original Message - From: whc To: [EMAIL PROTECTED] Sent: Monday, December 30, 2002 7:40 AM Subject: Can Run on Multi IP and Port? Can FreeRadius run on a server for listenning two different IP and Port? How would I configure it?
Re: Disconnecting a user
Well I think there is no way to logout the user without logging in if there is no SNMP command in the other router which provides this. So you can disconnect users with SNMP without logging in, which means you should have write access to SNMP variables in the other router, the router owner should give you this access. You should check the router MIBs perhaps. Otherwise it would be little stupid if you could log out users so easily without any authentication I guess =) Evren On Wed, 30 Oct 2002, Troy Davis wrote: > Has mentioned in my email, the nas is not mine, so I can not log into it. > Else it would be an easy fix > I will do a search for radkill > Thanks > > - Original Message - > From: "Evren Yurtesen" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, December 30, 2002 10:01 PM > Subject: Re: Disconnecting a user > > > > Well you can write a small script which logs in to your NAS and sends the > > command to disconnect your user. Or there was this program called radkill > > you should check from google perhaps. > > > > Also maybe there are better ways to do this, maybe somebody in the list > > can suggest a better way. > > > > Evren > > > > On Wed, 30 Oct 2002, Troy Davis wrote: > > > > > Ok here a funny request, which I already say is not possible. > > > But, if I know the nas ip address and port number my user is one can I > sent > > > a command to the nas to disconnect the user? > > > I don't have direct access to the nas, as I am a virtual ISP > > > If so what would this command be, I would like to set-up a bot to dump > users > > > when my lines start to full up.. > > > > > > Thanks Troy > > > > > > > > > - > > > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > > > > > > > - > > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Disconnecting a user
Has mentioned in my email, the nas is not mine, so I can not log into it. Else it would be an easy fix I will do a search for radkill Thanks - Original Message - From: "Evren Yurtesen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 30, 2002 10:01 PM Subject: Re: Disconnecting a user > Well you can write a small script which logs in to your NAS and sends the > command to disconnect your user. Or there was this program called radkill > you should check from google perhaps. > > Also maybe there are better ways to do this, maybe somebody in the list > can suggest a better way. > > Evren > > On Wed, 30 Oct 2002, Troy Davis wrote: > > > Ok here a funny request, which I already say is not possible. > > But, if I know the nas ip address and port number my user is one can I sent > > a command to the nas to disconnect the user? > > I don't have direct access to the nas, as I am a virtual ISP > > If so what would this command be, I would like to set-up a bot to dump users > > when my lines start to full up.. > > > > Thanks Troy > > > > > > - > > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Disconnecting a user
Well you can write a small script which logs in to your NAS and sends the command to disconnect your user. Or there was this program called radkill you should check from google perhaps. Also maybe there are better ways to do this, maybe somebody in the list can suggest a better way. Evren On Wed, 30 Oct 2002, Troy Davis wrote: > Ok here a funny request, which I already say is not possible. > But, if I know the nas ip address and port number my user is one can I sent > a command to the nas to disconnect the user? > I don't have direct access to the nas, as I am a virtual ISP > If so what would this command be, I would like to set-up a bot to dump users > when my lines start to full up.. > > Thanks Troy > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Disconnecting a user
Ok here a funny request, which I already say is not possible. But, if I know the nas ip address and port number my user is one can I sent a command to the nas to disconnect the user? I don't have direct access to the nas, as I am a virtual ISP If so what would this command be, I would like to set-up a bot to dump users when my lines start to full up.. Thanks Troy - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How to use radcleint to test accounting and authentication withradclient ?
On Mon, 30 Dec 2002, Daniel Yeung wrote: > Dear all > > Is there a better way to test the capacity for my freeradius server? Better than what? > I use ldap to store my user database. > > I used to test using command radtest. How to use radcleint to test > accounting and authentication with radclient ? radtest is a frontend script for radclient, you can modify it to send accounting requests instead of authentication. Just replace the bottom line: ) | $radclient $DICTIONARY -x $3 auth $5 with: ) | $radclient $DICTIONARY -x $3 acct $5 / Thomas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can Run on Multi IP and Port?
I think it listens to all IPs so that shouldnt be a problem, you should perhaps run 2 radiusd processes with different ports only. You can set this in conf file if I remember right? On Mon, 30 Dec 2002, whc wrote: > Can FreeRadius run on a server for listenning two different IP and Port? > How would I configure it? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Can Run on Multi IP and Port?
Can FreeRadius run on a server for listenning two different IP and Port? How would I configure it?
Re: Cistron vs IC Radius
On Mon, Dec 30, 2002 at 08:59:27AM +0100, Sjaak Nabuurs wrote: > Hello > > My provider give me the settings, they use Cistron radius. > Can sombody translate this into a ICRadius SQL file. > Or explane this a little. > As this is neither the Cistron Radius mailing list, nor the IC Radius mailing list, I don't believe we can help you. You might want to try http://www.radius.cistron.nl/list/ or, more specifically http://radius.innercite.com/ and check the mailing list information found at the bottom. Matt. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to use radcleint to test accounting and authentication with radclient ?
Dear all Is there a better way to test the capacity for my freeradius server? I use ldap to store my user database. I used to test using command radtest. How to use radcleint to test accounting and authentication with radclient ? Happy New Year & Many Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Another type of counter
30-Dec-02 at 09:17, m&m's ([EMAIL PROTECTED]) wrote : > Hi > In my country there are two types of payment periods in telephony. In the > first of them (it is between 8:00am and 10:00pm)we pay for each 3 minutes > (for example 0,08$). In second period (it is between 10:00pm and 8:00am) we > pay for each 6 minutes also 0,08$. Is any possibility to summarize time of > session for each period separately? > Any ideas? You need a Radius accounting log analyzer, not a Radius server. You can allow authentication only between certain times under FreeRadius, using the correct attributes. Regards, -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
quick cistron to freeradius migration question
Hi. i'm currently in the process of migrating a cistron radiusd which is inappropriately configured to a freeradius server using mysql. I've run into a slight issue i haven't been able to find documentation on in cistron or freeradius's documentation. we have a number of existing users in the /etc/raddb/users file, who have entries like usernamePassword = "password" attributes = stuff, my question is about the use of '=' for the Password entry. is that a special entry which is used as a "check" attribute, or is the '=' signifying (as in freeradius) that that is a "reply" attribute? If it's a check, i need to crypt() those password from the users file (no problems for me there). however, if it's being used as a reply, i'm guessing the lack of Auth-Type = System would make the login fail. Am i correct in my assumptions? Thanks Andrew Pilley - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Another type of counter
Hi In my country there are two types of payment periods in telephony. In the first of them (it is between 8:00am and 10:00pm)we pay for each 3 minutes (for example 0,08$). In second period (it is between 10:00pm and 8:00am) we pay for each 6 minutes also 0,08$. Is any possibility to summarize time of session for each period separately? Any ideas? regards Mariusz Bozewicz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cistron vs IC Radius
Hello My provider give me the settings, they use Cistron radius. Can sombody translate this into a ICRadius SQL file. Or explane this a little. > Realm: mydomain.nl > Secret: abcd > Radiushost212.xxx.xxx.xxx > > > The most simpel user file: > > DEFAULT Auth-Type = System > Fall-Through = 1 > > DEFAULT Service-Type = Framed-User > Framed-IP-Address = 255.255.255.254, > Framed-MTU = 1500, > Service-Type = Framed-User, > Fall-Through = Yes > - > > The most simpel realms file: > - > DEFAULTLOCAL > - > > The most simpel clients file: > - > 213.xxx.xxx.xxx abcd > 213.xxx.xxx.xxx abcd > 213.xxx.xxx.xxx abcd > - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
