Re: '#' replaced with =23 in Called-Station-Id mysql field

2003-10-31 Thread George Chelidze 
Thank you very much for your quick and proffecional help. Reallt 
appreciate it.

Best Regards,

João Filipe Frade wrote:
I asked the same question some time ago and i was told to hack the mysql module (i did).

Edit freeradius-0.9.2/src/modules/rlm_sql/rlm_sql.c and change the strchr to include # 
---
if ((in[0]  32) ||
strchr(@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: =/, *in) == NULL) {
snprintf(out, outlen, =%02X, (unsigned char) in[0]);
---

So the answer to your other question should be =09 i think...

Joao Frade


-Original Message-
From: George Chelidze [mailto:[EMAIL PROTECTED] 
Sent: quinta-feira, 30 de Outubro de 2003 14:28
To: [EMAIL PROTECTED]
Subject: '#' replaced with =23 in Called-Station-Id mysql field

I have checked the details file and there is no replacement 
there, seems 
  its done in %{Called-Station-Id} variable parsing. Is there any 
workaround to permit '#' as is or disable such parsing at all? If not 
one more question? Say Called-Station-Id contains tab, how 
it would be 
parsed =09 or =9 ? Thanks in advance.

Best Regards,
--
George Chelidze


- 
List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





--
George Chelidze


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

'#' replaced with =23 in Called-Station-Id mysql field

2003-10-30 Thread George Chelidze 
I have checked the details file and there is no replacement there, seems 
  its done in %{Called-Station-Id} variable parsing. Is there any 
workaround to permit '#' as is or disable such parsing at all? If not 
one more question? Say Called-Station-Id contains tab, how it would be 
parsed =09 or =9 ? Thanks in advance.

Best Regards,
--
George Chelidze


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: iptables rules to permit RADIUS

2003-10-25 Thread George Chelidze 
Javier Santos wrote:
Hello,
Hello,

I am running freeradius on my linux server. And i am authenticating 
users of my cisco router on RADIUS.

i have firewall to my lunux server whit iptables.

When iptables is started the radius authentication i have problem with 
autentication (i can not telnet into a router, access denied).

i have permited tcp and udp 1812/1813 in iptables rules.
Can we look at your iptables rules?

the question is

are there more pots to permit?

thanks.









!Navega con el Internet Gratis de Amnet!
Descarga el Programa de Instalación: 
http://www.amnetsal.com/files/amnet.exe
ó Visitanos en http://www.amnetsal.com
Para cualquier consulta llamar al 247-8000

- List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html




--
George Chelidze


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

attr_rewrite + h323-setup-time

2003-10-23 Thread George Chelidze 
Hello,

I'd like to store h323-setup-time in datetime format instead of 
varchar(32) in MYSQL db. The format of h323-setup-time by definition is:

hh:mm:ss.mmm ZON DDD MMM ## 

How would you solve this problem? I have decided to use attr_rewrite with

^([0-9]{2}:([0-9]{2}:[0-9]{2})\.[0-9]{3}\ [A-Z]{3}\ [A-Z][a-z]{2}\ 
[0-9]{1,2}\ [0-9]{4}

in serachfor field, but I dont know what should be placed in 
replacewith. Is it possible to use substitutions like $1 or static 
string is permitable only? Any help would be appreciated. Thanks in advance.

Best Regards,
--
George Chelidze


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Cisco-AVPair

2003-10-10 Thread George Chelidze 
Hello,

I have recently installed freeradius 0.9.1 on my box and trying to use 
it as accounting server for a cisco nas. in my detail file I can see 
several Cisco-AVPair attributes per packet. Is it possible to insert 
them in MySQL database or maybe concatenate all of them and and insert 
in one additional field? Any configuration examples would be helpful. 
Thanks in advance.

Best Regards,
--
George Chelidze


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

eap-ttls pap can't work with aegis client

2003-09-26 Thread george 


I have tested eap-ttls with freeradius and client is aegis, the ms-chap, ms-chap-v2 
and eap-md5 is work, but it seems the pap and chap isn't work, here is the message 
from radiusd(using eap-ttls-pap), thanks !

rad_recv: Access-Request packet from host 192.168.102.1:1200, id=187, length=281
EAP-Message = 
0x027b006c1580006217030100183a14f67f8fde6b4b1d02e5224ceccd80d3ab2425d32b17030100400fffe387d3edb5fc712b6e29492e410bbd8fb4457bf19a7bde6f4d8ebe40439da8871e1abaabf15e3783cb4ba34a97faf7fe2a8e69734e09ac105340d4a8bea6
User-Name = test
NAS-Identifier = IPONE_AG2000_KT
NAS-IP-Address = 192.168.102.1
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
Service-Type = Framed-User
Framed-MTU = 1400
Connect-Info = CONNECT 11Mbps 802.11b
Calling-Station-Id = 00-60-b3-6a-38-7f
Called-Station-Id = 00-07-13-40-00-7c
State = 0x8675b25f15e3b78950a070be27e214c8
Message-Authenticator = 0xfe666e934d24293a78b6577a5bde650d
modcall: entering group authorize
  modcall[authorize]: module preprocess returns ok
  modcall[authorize]: module chap returns noop
  rlm_eap: EAP packet type response id 123 length 108
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module eap returns updated
rlm_realm: No '@' in User-Name = test, looking up realm NULL
rlm_realm: No such realm NULL
  modcall[authorize]: module suffix returns noop
users: Matched test at 114
  modcall[authorize]: module files returns ok
  modcall[authorize]: module mschap returns noop
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type EAP
modcall: entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP_TYPE - ttls
  rlm_eap: processing type ttls
  rlm_eap_ttls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11 
  eaptls_process returned 7 
  rlm_eap_ttls: Session established.  Proceeding to decode tunneled attributes.

  TTLS: Got tunneled request
User-Name = test
User-Password = test
Freeradius-Proxied-To = 127.0.0.1
  TTLS: Sending tunneled request
User-Name = test
User-Password = test
Freeradius-Proxied-To = 127.0.0.1
modcall: entering group authorize
  modcall[authorize]: module preprocess returns ok
  modcall[authorize]: module chap returns noop
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module eap returns noop
rlm_realm: No '@' in User-Name = test, looking up realm NULL
rlm_realm: No such realm NULL
  modcall[authorize]: module suffix returns noop
users: Matched test at 114
  modcall[authorize]: module files returns ok
  modcall[authorize]: module mschap returns noop
modcall: group authorize returns ok
  rad_check_password:  Found Auth-Type EAP
auth: type EAP
modcall: entering group authenticate
rlm_eap: EAP-Message not found
rlm_eap: Malformed EAP Message
  modcall[authenticate]: module eap returns fail
modcall: group authenticate returns fail
auth: Failed to validate the user.
  TTLS: Got tunneled reply RADIUS code 3
Service-Type = Framed-User
Idle-Timeout = 2000
Session-Timeout = 2
  TTLS: Rejecting tunneled user
 rlm_eap: Handler failed in EAP type 21
  rlm_eap: Failed in EAP select
  modcall[authenticate]: module eap returns invalid
modcall: group authenticate returns invalid
auth: Failed to validate the user.
Delaying request 35 for 1 seconds
Finished request 35
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 187 to 192.168.102.1:1200
EAP-Message = 0x047b0004
Message-Authenticator = 0x
--


Best Regard

george
~?????0~??b+?b?¥

Rejecting authentication with SQL

2003-07-13 Thread Birzan George Cristian 
Hello

I'm having a very frustrating problem with the latest CVS version of
FreeRADIUS (though, that's barely relevant). My porblem is that I don't
know how I can design the database/configure FreeRADIUS so that I can
reject the authentication of certain users, based on the reult of a
random query.
My problem is that I have to use an accounting system based on points,
more points get used per minute during peak hours, than off peak hours.

The way I'm currently doing this is by telling the NAS to send
accounting updates every minute, and substracting the appropriate number
of points, via accounting_update_query. The problem I'm facing is that I
don't know how I can make FreeRADIUS deny authentication for a user that
has less than the minimum of points. This is, probably, happening
because of my poor understanding of how RADIUS and FreeRADIUS actually
work, but from the available documentation (which is sparse, to say the
least), I cannot figure any possible way of doing it, without using
triggers in PostgreSQL, which is, imo, the ugly way of doing it.
I would appreciate any input on this, including UTSL, as long as it's
not a dead end.

Thanks, in advance.

-- 
Regards
Birzan George Cristian


pgp0.pgp
Description: PGP signature

Re: Rejecting authentication with SQL

2003-07-13 Thread Birzan George Cristian 
On Sun, Jul 13, 2003 at 08:46:10AM -0400, Alan DeKok wrote:
   rlm_counter?  It adds, not subtracts, but that's easy enough to work
 with.

That works perfectly, actually. I'm probably doing it wrong, though. I
thought, why use an increasing counter, when I can just decrease the
counter and check if All-Session-Time is bigger than 0. (which, btw, in
the docs is named Max-All-Session-Time) The thing is, I'm thinking there
are other ways of doing this, without having to use rlm_slqcounter. But,
if there's nothing fundamentally wrong with it, I guess I'm going stick
with it...

Thanks for the suggestion.

-- 
Regards
Birzan George Cristian


pgp0.pgp
Description: PGP signature

RE: Subnets in clients file

2003-04-04 Thread Robert R. George 
I would recommend just writing a shell script to generate the clients
file.

  --Robert R. George 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian
Pavane
Sent: Friday, April 04, 2003 10:50 AM
To: [EMAIL PROTECTED]
Subject: Subnets in clients file


I am currently looking into using Free Radius for my user authentication

on my networking equipment that can not support TACACS.  As such, I am 
going to have 100's of devices that will be authenticating off of the 
Radius server.  Will I need to list each device's IP individually in my 
'clients' file, or will I simply be able to put a network block, and the

key for that entire block?  Of course it's a lot easier to list 5 or 6 
netblocks than to list a few hundred IP's, if everything has the same
key.

Thanks.

-Brian

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

REPOST: rlm_sqlcounter not working...

2003-03-31 Thread Robert R. George 
I am trying to get the rlm_sqlcounter module working in freeradius-0.8.1
and am have a bit of trouble.  It appears that the module is not
querying the sql database...

When running radius -X, I get the following:

rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
  modcall[authorize]: module allcounter returns noop
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
  modcall[authorize]: module dailycounter returns noop
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
  modcall[authorize]: module monthlycounter returns noop

The configuration directive for the modules are as follows:

sqlcounter allcounter {
counter-name = Max-All-Session-Time
check-name = Max-All-Session
sqlmod-inst = sql
key = User-Name
reset = never
query = SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{%k}'
}

sqlcounter dailycounter {
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
sqlmod-inst = sql
key = User-Name
reset = daily
query = SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}'
AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime  '%b'
}

sqlcounter monthlycounter {
counter-name = Monthly-Session-Time
check-name = Max-Monthly-Session
sqlmod-inst = sql
key = User-Name
reset = monthly
query = SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}'
AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime  '%b'
}


  --Robert R. George



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: REPOST: rlm_sqlcounter not working...

2003-03-31 Thread Robert R. George 
Thanks.  That took care of it.

  --Robert R. George 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ed H
Sent: Monday, March 31, 2003 3:53 PM
To: [EMAIL PROTECTED]
Subject: Re: REPOST: rlm_sqlcounter not working...


Hello Robert,

Make sure you have a Max-Monthly-Session := 3600, for example (where
3600 is 
the time in seconds allowed per month) in your radgroupcheck or radcheck

table. The same applies to the Max-All-Session and the Max-Daily-Session

variables.  Give it a shot and see if it works.

Ed


From: Robert R. George [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: REPOST: rlm_sqlcounter not working...
Date: Mon, 31 Mar 2003 00:05:06 -0800

I am trying to get the rlm_sqlcounter module working in 
freeradius-0.8.1 and am have a bit of trouble.  It appears that the 
module is not querying the sql database...

When running radius -X, I get the following:

rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
   modcall[authorize]: module allcounter returns noop
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
   modcall[authorize]: module dailycounter returns noop
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
   modcall[authorize]: module monthlycounter returns noop

The configuration directive for the modules are as follows:

sqlcounter allcounter {
 counter-name = Max-All-Session-Time
 check-name = Max-All-Session
 sqlmod-inst = sql
 key = User-Name
 reset = never
 query = SELECT SUM(AcctSessionTime) FROM radacct WHERE 
UserName='%{%k}'
 }

sqlcounter dailycounter {
 counter-name = Daily-Session-Time
 check-name = Max-Daily-Session
 sqlmod-inst = sql
 key = User-Name
 reset = daily
 query = SELECT SUM(AcctSessionTime - GREATEST((%b - 
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}'

AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime  '%b'
 }

sqlcounter monthlycounter {
 counter-name = Monthly-Session-Time
 check-name = Max-Monthly-Session
 sqlmod-inst = sql
 key = User-Name
 reset = monthly
 query = SELECT SUM(AcctSessionTime - GREATEST((%b - 
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}'

AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime  '%b'
 }


   --Robert R. George



-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


_



- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

EAP-TLS FreeBSD Segmentation Fault

2003-03-28 Thread George R. Ellis 
FreeRADIUS Version 0.8.1 (FreeBSD 5.0)
openssl-SNAP-20030325
Enterasys R2 AP
WindowsXP Supplicant

Hi,

I ran into a problem with sending out the eaptls_success on FreeBSD.
I got a core dump during a eaptls_compose in the file
${freeradius-0.8.1}/src/modules/rlm_eap/types/rlm_eap_tls/eap_tls.c
called from eaptls_success according to the radius debug and a stack 
trace:

rad_recv: Access-Request packet from host xxx.xxx.xxx.x:1343, id=187, 
length=142
Message-Authenticator = 0xef6ef7f16f408a525c8334d5bba244d1
User-Name = Administrator
State = 
 0x033dca3d049c26e699531ec3153cdbf90fb7833ebd6278e07924ae84f0a0fec3eb42bf56
NAS-IP-Address = xxx.xxx.xxx.x
NAS-Port = 2
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = 00-02-2d-6a-f0-05
Framed-MTU = 1000
EAP-Message = \002\007\000\006\r
modcall: entering group authorize
  modcall[authorize]: module preprocess returns ok
  modcall[authorize]: module eap returns updated
rlm_realm: No '@' in User-Name = Administrator, looking up realm NULL
rlm_realm: No such realm NULL
  modcall[authorize]: module suffix returns noop
users: Matched Administrator at 55
  modcall[authorize]: module files returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type EAP
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
^^

Breakpoint 5, eaptls_compose (eap_ds=0x80e0920, reply=0xbfbfdaf0) at 
eap_tls.c:
511
511 *ptr++ = (uint8_t)(reply-flags  0xFF);
(gdb) continue
Continuing.

Program received signal SIGSEGV, Segmentation fault.

0x282c5c8f in eaptls_compose (eap_ds=0x80e0920, reply=0xbfbfdaf0) at 
eap_tls.c:
511
511 *ptr++ = (uint8_t)(reply-flags  0xFF);
(gdb)

(gdb) bt
#0  eaptls_compose (eap_ds=0x80e0870, reply=0xbfbfdaf0) at eap_tls.c:511
#1  0x282c56d4 in eaptls_success (eap_ds=0x80e0870) at eap_tls.c:108
#2  0x282c58ea in eaptls_ack_handler (handler=0x80e2100) at eap_tls.c:232
#3  0x282c54f1 in eaptls_authenticate (arg=0x80e0390, handler=0x80e2100) at rlm
_eap_tls.c:192
#4  0x282bfd38 in eaptype_call (eap_type=13, action=INITIATE, type_list=0x80712c0,
handler=0x80e2100) at eap.c:205
#5  0x282bfe73 in eaptype_select (type_list=0x80712c0, handler=0x80e2100, conft
ype=0x8077420 tls)
at eap.c:280
#6  0x282bf7f8 in eap_authenticate (instance=0x80e03b0, 
request=0x80e8500)
at rlm_eap.c:200
#7  0x08054718 in module_post_auth ()
#8  0x080547cb in modcall ()
#9  0x08054751 in module_post_auth ()
#10 0x0805482c in modcall ()
#11 0x080543df in module_authenticate ()
#12 0x080516ec in rad_check_password ()
#13 0x08051aaa in rad_authenticate ()
#14 0x0804ce6f in rad_respond ()
#15 0x0804ca19 in rad_process ()
#16 0x0804c5b9 in main ()
#17 0x0804b885 in _start ()

The malloc() in eap_tls.c:501 behaves differently on FreeBSD 5.0 than on
Linux (RH 8.0) when (reply-length - TLS_HEADER_LEN) is zero. Under
FreeBSD I end up with a bad address, thus a segmentation fault.

(gdb) print eap_ds-request-type.data
$4 = (unsigned char *) 0x800 Error reading address 0x800: Bad address
(gdb)

radius1# uname -a
FreeBSD radius1.cldc.howard.edu 5.0-RELEASE FreeBSD 5.0-RELEASE #0: Thu
Jan 16 22:16:53 GMT 2003
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC  i386
radius1#

radius1# gcc -v
Using built-in specs.
Configured with: FreeBSD/i386 system compiler
Thread model: posix
gcc version 3.2.1 [FreeBSD] 20021119 (release)
radius1#

This seems to be the problem so far. Does there exist a patch or an
update to this particular problem with malloc() with FreeBSD?

rgrds
George






- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Radius Session table and mysql

2003-03-28 Thread Robert R. George 

I use sql for my radius accounting, and they way i tell if users are online is look 
for a stop time of -00-00 00:00:00.

Also is your code using the autoincrement fields in the database for
anything? 
What do you mean?



---Original message recieved on: 12:27, 28-Mar---
From: David Rodgers [EMAIL PROTECTED]
To:  [EMAIL PROTECTED]
Subject: Radius Session table and mysql


I chose sql instead of radutemp for radius sessions

how do I see current users? or do I just assume that any user with a 
null stop time is currently logged in?

Also is your code using the autoincrement fields in the database for 
anything?



On Friday, March 28, 2003, at 01:10 PM, Jason Lixfeld wrote:

 Is there any built-in support for calling cards yet or do the modules 
 still need to be home grown by whoever is interested in trying to make 
 it work?

 I guess the two major issues are 1) calculating the appropriate time 
 remaining based on variable toll rates depending on called-station-id 
 2) packet-of-death if your card runs dry.  Is this easily accomplished 
 out of the box?




 - List info/subscribe/unsubscribe? See 
 http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Trouble getting rlm_sqlcounter module working...

2003-03-27 Thread Robert R. George 
I am trying to get the rlm_sqlcounter module working in freeradius-0.8.1
and am have a bit of trouble.  It appears that the module is not
querying the sql database...

When running radius -X, I get the following:

rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
  modcall[authorize]: module allcounter returns noop
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
  modcall[authorize]: module dailycounter returns noop
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
  modcall[authorize]: module monthlycounter returns noop

The configuration directive for the modules are as follows:

sqlcounter allcounter {
counter-name = Max-All-Session-Time
check-name = Max-All-Session
sqlmod-inst = sql
key = User-Name
reset = never
query = SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{%k}'
}

sqlcounter dailycounter {
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
sqlmod-inst = sql
key = User-Name
reset = daily
query = SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}'
AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime  '%b'
}

sqlcounter monthlycounter {
counter-name = Monthly-Session-Time
check-name = Max-Monthly-Session
sqlmod-inst = sql
key = User-Name
reset = monthly
query = SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}'
AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime  '%b'
}


  --Robert R. George 



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Ascend Attribute in mysql

2002-09-02 Thread George Carden 

Hi,

I am wondering if anyone has a patch to freeradius using mysql for
radacct table in mysql to accommodate these ascend Attributes.



ATTRIBUTE   X-Ascend-Data-Rate  197 integer

ATTRIBUTE   X-Ascend-Xmit-Rate  255 integer


Here is my configuration

Freeradius-0.7
Mysql
Sun ultra 10
Solaris 9




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: freeradius+mysql questions please

2002-09-02 Thread George Carden 

I had the same problem... I cured it by recompiling freeradius. the
Make.inc file I added -lpthread to LIBS  and recompiled ... it worked



George L. Carden III
Office 706-823-2115
Fax 706-823-2019
Home 706-798-2245

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Yu Zhang
Sent: Monday, September 02, 2002 10:40 PM
To: [EMAIL PROTECTED]
Subject: Re: freeradius+mysql questions please

Thanks for your answers anyway.I dont know whether you
have succeeded with ur methods,but I failed.Now I will
explain my modifications and results.
Above all,i declare,that in /etc/my.cnf,I have set
socket=/tmp/mysql.sock in both client and mysqld
modules.

First,I deleted the sql in authenticate.Then I
uncomment sth like this,u can c:
 pap {
 encryption_scheme = crypt
 }
authenticate{
authtype PAP {
   pap
  }
}
the others are the same.
This time,I can run radiusd -X,
but it still comes:Can't connect to local MYSQL
server through socket
'/var/lib/mysql/mysql.sock' in instantiation.and
another error,Can't connect to SNMP agent with SMUX:
connection refused.

I want to ask,you did succeed by your way?And did you
meet such problems?I really want you to help me
because my boss ordered me to finish this in this
week:(
regards.




__
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: starting freeradius

2002-08-31 Thread George Carden 

Thanks this suggestion worked


George L. Carden III
Office 706-823-2115
Fax 706-823-2019
Home 706-798-2245


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Tripolszky
Zsolt
Sent: Saturday, August 31, 2002 5:25 AM
To: [EMAIL PROTECTED]
Subject: Re: starting freeradius

see message:
 http://lists.cistron.nl/archives/freeradius-devel/2002/07/msg00281.html

if you havent done that, recompile your server

On Sat, Aug 31, 2002 at 12:23:55PM +1000, Mattt wrote:
 On Sat, 2002-08-31 at 12:17, George Carden wrote:
  I must me dumb.
 
 erm, no comment ;-)
   
  Here is my configuration
   
  Sun ultra10 runing solaris 9
  Mysql 
  Freeradiusd complied ok
   
  The command radiusd -x works
   
  However I can't get radiusd  to stay running as a daemon... any body
  have any ideas?
 
 did you try 'radiusd' ?
 
 or 'man radiusd'?  -- your best bet, it would seem.
 
   
   
  George Carden
 -- 
 Cheers,
  Mattt.   icq   : 117539757
  Network and Tech Guy,www1  : http://www.pulse.nq4u.net
  Expressnet.  www2  : http://www.expressnet.net.au
  [EMAIL PROTECTED]  jabber:
[EMAIL PROTECTED]
  
I always wanted to be someone. I should have been more specific...
 
 
 - 
 List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
 

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

starting freeradius

2002-08-30 Thread George Carden 








I must me dumb.



Here is my configuration



Sun ultra10 runing solaris 9

Mysql 

Freeradiusd complied ok



The command radiusd x works



However I cant get radiusd to stay running as a daemon.. any body have any ideas?





George Carden

Reply in Acct-Response

2002-08-26 Thread George 

Hi all.
Is it possible to send any attribute in an Acct-Response? If yes, how?
I have my server configured with MySql, and need to send some accounting 
values back to the NAS... how can I do so?

Any idea is welcome.
Thanx.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Reply in Acct-Response

2002-08-26 Thread George 

At 10:01 26/08/2002 -0400, Alan DeKok wrote:
 George [EMAIL PROTECTED] wrote:
  Is it possible to send any attribute in an Acct-Response?
 
   Read the RFC's.  The answer is No.

I've read that in the RFC, but as it says should or may... then I thought 
it was possible to do so.

  I have my server configured with MySql, and need to send some accounting
  values back to the NAS...
 
   Why?

What I want to send back is an acct-session-id, which at the moment I sent 
in an auth response, and don't know if it's the best for do so. I generate 
this value in the server.

An another thing for doing so, is that when the acct record is not done 
properly, the Freeradius sent back an Acct-Response, and I dont want that 
to be done, as it hasn't worked properly.

Thanx very much.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Attribute checking and adding in database

2002-08-21 Thread George 

Hi all.
I want to identify a user not only by the username and password but also by 
an machine identifier which I send as the Calling-Station-Id.
When I do so, entering the machine identifier manually or telling that 
identifier to the network administrator before doing the first login it 
works properly.
+-+---+++--+
| id  | UserName  | Attribute  | Value  | op   |
+-+---+++--+
| 106 | jorge | User-Password  | aa | ==   |
| 116 | jorge | Calling-Station-Id | 12345678   | ==   |
+-+---+++--+

However what I want is to insert this value automatically the first time a 
user authenticate, so he can only connect from this machine.
In this case I have put the database something like that:
+-+---+++--+
| id  | UserName  | Attribute  | Value  | op   |
+-+---+++--+
| 106 | jorge | User-Password  | aa | ==   |
| 116 | jorge | Calling-Station-Id || +=   |
+-+---+++--+
But it doesn't work.
Is it very difficult to insert the value into the database automatically by 
the radius server.
Which file '.c' do I have to modify the code for do such a thing?

TA.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Accounting help

2002-08-20 Thread George 

Hi all.
I have some doubts referring some of the attributes in accounting.
The main one is the acct-status-type. What's the difference between setting 
it to start or on acct?
I dont understand it.
Can anyone explain the meanings of those values?
I've read the RFC but dont understand,as there's not a lot of information.

Thanx in advance.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

dialup_admin

2002-06-26 Thread George Costell 

Hello list,

Looks great FreeRadius, I installed the last version
on a FreeBSD test it and working at least in test
/text mode.
The only problem is to make the Dialup_admin working.

When I try to access whatever Accounting, Statistics,
.. etc from the home page I get the message:

¨Fatal error: Call to unsupported or undefined
function foreach() in ../conf/config.php3 on line 3¨

Yet, I have mod_PHP3, PHP4 on Apache and ofcourse
MySQL.

Otherwise, my main interest is to use FreeRadius for
VoIP AAA in a Cisco environment.
Anyone have such experience?

Thanks in advance for your help,

George


__
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

importing

2002-04-09 Thread George 

is there any scipts to inport from legacy data ??
ie: detail and password files?




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

user interface

2002-03-02 Thread George 

Has anyone developed a user interface for freeradius so that subscribers

 could check their own online times?



- 
List info/subscribe/unsubscribe? See http://wwwfreeradiusorg/list/usershtml

Off Subject

2002-02-01 Thread George 

Can anyone help me with a cranky max 6000?

Thx
George



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Off Subject

2002-02-01 Thread George 

getting users connecting at 26.4
frame errors and controlled slips

Mike Cathey wrote:

 cranky?

 George wrote:

  Can anyone help me with a cranky max 6000?
 
  Thx
  George
 
 
 
  -
  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
 
 
 

 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Log analyzer for freeradius

2002-01-16 Thread George 

just usage data total hours
username total hours this month

Nathan Miller wrote:

 if you'd provide a little detail as to what your looking for I'd be happy
 to help you out.

 monthly reports is kinda vague.  What exact information are you looking for?

 usage?  data transfer?  what kinda format you want it in?

 At 07:42 PM 1/15/2002 -0500, you wrote:
 monthly reports for our dial up accts
 
 Nathan Miller wrote:
 
   mine does monthly reports.. at least how i need them to.
  
   what exactly are you looking for?
  
   At 03:12 PM 1/15/2002 -0500, you wrote:
   Tried that one it does what we want but doesn't do a monthly report..
   and I am not a scripter
   - Original Message -
   From: Nathan Miller [EMAIL PROTECTED]
   To: [EMAIL PROTECTED]
   Sent: Tuesday, January 15, 2002 2:40 PM
   Subject: Re: Log analyzer for freeradius 0.4
   
   
 http://freshmeat.net/projects/radiusreport/

 it's OLD.. but it still works..  doesn't make html output, but the
  output
 it does create can easily be converted to html if ya got someone
  with some
 perl scripting knowledge.  Or the text files it creates can also be
 displayed in web browser just fine as well with pre/pre tags.

 At 02:09 PM 1/15/2002 -0500, you wrote:
 Hey did anyone reply to this I am interested as well...using the
  flatfile
 detail format here
 - Original Message -
 From: MiikaT [EMAIL PROTECTED]
 To: freeradius-users [EMAIL PROTECTED]
 Sent: Monday, January 07, 2002 5:38 AM
 Subject: Log analyzer for freeradius 0.4
 
 
   Are there any log analyzers, which are found working with
  freeradius
   0.4
 and
   they produce html output?
  
   Miika
  
  
   -
   List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html
  
  
 
 
 
 -
 List info/subscribe/unsubscribe? See
   http://www.freeradius.org/list/users.html

 --
 Nathan Miller - [EMAIL PROTECTED]
 VISP Technologies - Building Better ISPs


 -
 List info/subscribe/unsubscribe? See
   http://www.freeradius.org/list/users.html


   
   
   
   -
   List info/subscribe/unsubscribe? See
  http://www.freeradius.org/list/users.html
  
   --
   Nathan Miller - [EMAIL PROTECTED]
   VISP Technologies - Building Better ISPs
  
   -
   List info/subscribe/unsubscribe? See
  http://www.freeradius.org/list/users.html
 
 
 
 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

 --
 Nathan Miller - [EMAIL PROTECTED]
 VISP Technologies - Building Better ISPs

 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Log analyzer for freeradius 0.4

2002-01-15 Thread George 

Radius logs
- Original Message -
From: Aleksandr Kuzminsky [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, January 15, 2002 2:22 PM
Subject: Re: Log analyzer for freeradius 0.4


 On Tue, 15 Jan 2002, George wrote:

  Hey did anyone reply to this I am interested as well...using the
flatfile
  detail format here
 Some time ago I wrote parser for radius's detail files.
 It can be easy used for such log analyzer.
 And what are you going to analyze?


  Subject: Log analyzer for freeradius 0.4
 
 
   Are there any log analyzers, which are found working with freeradius
0.4
  and
   they produce html output?
  
   Miika
  
  
   -
   List info/subscribe/unsubscribe? See
  http://www.freeradius.org/list/users.html
  
  
 
 
 
  -
  List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
 

 ---
 Aleksandr Kuzminsky, AK476-RIPE
 System Administrator, AK16-UANIC
 ISP NBI.


 -
 List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html





- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Log analyzer for freeradius

2002-01-15 Thread George 

monthly reports for our dial up accts

Nathan Miller wrote:

 mine does monthly reports.. at least how i need them to.

 what exactly are you looking for?

 At 03:12 PM 1/15/2002 -0500, you wrote:
 Tried that one it does what we want but doesn't do a monthly report..
 and I am not a scripter
 - Original Message -
 From: Nathan Miller [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Tuesday, January 15, 2002 2:40 PM
 Subject: Re: Log analyzer for freeradius 0.4
 
 
   http://freshmeat.net/projects/radiusreport/
  
   it's OLD.. but it still works..  doesn't make html output, but the output
   it does create can easily be converted to html if ya got someone with some
   perl scripting knowledge.  Or the text files it creates can also be
   displayed in web browser just fine as well with pre/pre tags.
  
   At 02:09 PM 1/15/2002 -0500, you wrote:
   Hey did anyone reply to this I am interested as well...using the flatfile
   detail format here
   - Original Message -
   From: MiikaT [EMAIL PROTECTED]
   To: freeradius-users [EMAIL PROTECTED]
   Sent: Monday, January 07, 2002 5:38 AM
   Subject: Log analyzer for freeradius 0.4
   
   
 Are there any log analyzers, which are found working with freeradius
 0.4
   and
 they produce html output?

 Miika


 -
 List info/subscribe/unsubscribe? See
   http://www.freeradius.org/list/users.html


   
   
   
   -
   List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html
  
   --
   Nathan Miller - [EMAIL PROTECTED]
   VISP Technologies - Building Better ISPs
  
  
   -
   List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html
  
  
 
 
 
 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

 --
 Nathan Miller - [EMAIL PROTECTED]
 VISP Technologies - Building Better ISPs

 -
 List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Unix Radius NT groups

2001-11-21 Thread George Genovezos 

Hi all,

I'm just wondering if there is a way to get all the NT groups that a user
belongs to through the cistron radius?
I know many radius servers allow you to query the PDC to get Does user x
belong to group y but is there a way to get the complete list?

Thx all

George

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Newbie question - apache radius - redundancy

2001-11-20 Thread George Genovezos 

Hi all

I just installed the mod_auth_radius-1.5.2. Beautiful piece of software.
Everything works great. 

My question is how do I add another radius authentication server to apache's
mod_auth_radius module?

This way when the NT radius server fails my boxes will still continue
running.

TIA

George Genovezos
Unix System Administrator



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Problem with ascend max 6k1

2001-09-20 Thread george 

works fine for me ... everythin xcept logrotate
- Original Message -
From: Jorge Minassian [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, September 19, 2001 10:39 PM
Subject: Problem with ascend max 6k1


 Hi all !

 I am using freeradius 0.2 on RedHat 7.1.

 I am triying to get some Ascend Max 6K1 to use this radius server, but
with
 no success at all.  :-(
 When I radtest the server everything apears to be OK, also when I ratest
it
 from a remote linux.
 But when the MAX try to access radius I get this messages in radius.log:
 Error: Received accounting packet from MAX with invalid
signature

 Can any one help me, please ?.

 Thank you,
 Jorge.




 -
 List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html