Re: Upgrading freeradius
Hi, OK, so I see part of the problem. My old freeradius used /etc/raddb for it's conf files and /var/log/radiusd-freeradius for it's log files. This new one seems to want to use /usr/local/etc/raddb for it's conf files and /usr/local/var/log/radius for it's logfiles. I'ld like to have this work the old way. What should I do? Lisa Casey Original Message - From: "Lisa Casey" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, October 14, 2003 12:03 PM Subject: Upgrading freeradius > Hi, > > I just upgraded from freeradius 0.4 to freeradius 0.9.1. I thought I was > logging the output of configure, make and make install, but it did not log > so I lost that. The radius binary was installed in /usr/local/sbin, and my > old binary is in /usr/sbin so I cacked up the 0.4 binary and copied the > 0.9.1 binary there. The reported version is 0.9.1: > > [EMAIL PROTECTED]:/etc/raddb# radiusd -v > radiusd: FreeRADIUS Version 0.9.1, for host i686-pc-linux-gnu, built on Oct > 14 2003 at 11:00:34 > > Testing in debug mode seems OK: > > radtest lisakc xx localhost 0 > > rad_recv: Access-Request packet from host 127.0.0.1:33372, id=75, length=58 > User-Name = "lisakc" > User-Password = "xx" > NAS-IP-Address = 255.255.255.255 > NAS-Port = 0 > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > modcall[authorize]: module "chap" returns noop > rlm_eap: EAP-Message not found > modcall[authorize]: module "eap" returns noop > rlm_realm: No '@' in User-Name = "lisakc", looking up realm NULL > rlm_realm: No such realm "NULL" > modcall[authorize]: module "suffix" returns noop > users: Matched DEFAULT at 152 > modcall[authorize]: module "files" returns ok > modcall[authorize]: module "mschap" returns noop > modcall: group authorize returns ok > rad_check_password: Found Auth-Type System > auth: type "System" > modcall: entering group authenticate > modcall[authenticate]: module "unix" returns ok > modcall: group authenticate returns ok > Sending Access-Accept of id 75 to 127.0.0.1:33372 > Finished request 1 > Going to the next request > --- Walking the entire request list --- > Waking up in 6 seconds... > --- Walking the entire request list --- > Cleaning up request 1 ID 75 with timestamp 3f8c1d3e > Nothing to do. Sleeping until we see a request. > > But when I attempt to log in via one of my NAS'es it doesn't work: > > rad_recv: Access-Request packet from host 65.207.130.7:1028, id=5, length=58 > Ignoring request from unknown client 65.207.130.7:1028 > > client 65.207.130.7 is in /etc/raddb/clients.conf. I haven't changed any of > the configuration files (and I might point out that I haven't done anything > with the dictionary file yet either). I dunno what's wrong here. Any ideas?? > > Thanks , > > Lisa Casey > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Upgrading freeradius
Hi, I just upgraded from freeradius 0.4 to freeradius 0.9.1. I thought I was logging the output of configure, make and make install, but it did not log so I lost that. The radius binary was installed in /usr/local/sbin, and my old binary is in /usr/sbin so I cacked up the 0.4 binary and copied the 0.9.1 binary there. The reported version is 0.9.1: [EMAIL PROTECTED]:/etc/raddb# radiusd -v radiusd: FreeRADIUS Version 0.9.1, for host i686-pc-linux-gnu, built on Oct 14 2003 at 11:00:34 Testing in debug mode seems OK: radtest lisakc xx localhost 0 rad_recv: Access-Request packet from host 127.0.0.1:33372, id=75, length=58 User-Name = "lisakc" User-Password = "xx" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "chap" returns noop rlm_eap: EAP-Message not found modcall[authorize]: module "eap" returns noop rlm_realm: No '@' in User-Name = "lisakc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok modcall[authorize]: module "mschap" returns noop modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type "System" modcall: entering group authenticate modcall[authenticate]: module "unix" returns ok modcall: group authenticate returns ok Sending Access-Accept of id 75 to 127.0.0.1:33372 Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 75 with timestamp 3f8c1d3e Nothing to do. Sleeping until we see a request. But when I attempt to log in via one of my NAS'es it doesn't work: rad_recv: Access-Request packet from host 65.207.130.7:1028, id=5, length=58 Ignoring request from unknown client 65.207.130.7:1028 client 65.207.130.7 is in /etc/raddb/clients.conf. I haven't changed any of the configuration files (and I might point out that I haven't done anything with the dictionary file yet either). I dunno what's wrong here. Any ideas?? Thanks , Lisa Casey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Log file
Hi, That information should be in the detail log file for asgard. On my system, I would find that in /var/log/radiusd-freeradius/radacct/ Lisa Casey Netlink 2000, Inc. - Original Message - From: "Diego Andres Asenjo Gonzalez" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, August 11, 2003 10:44 AM Subject: Re: Log file > Thanks for your reply. > > It was a big error. I'm new to freeradius and I couldn't find help in google. > > I have another question .. Can I see more information in the log ?? > > I want to see disconnection causes, phone numbers, etc .. I'm just seeing something like that: > > Mon Aug 11 09:27:10 2003 : Auth: Login OK: [marmejia] (from client asgard port 20132 cli 28239904) > Mon Aug 11 09:27:11 2003 : Auth: Login OK: [marmejia] (from client asgard port 20132 cli 28239904) > Mon Aug 11 09:27:56 2003 : Auth: Login OK: [marmejia] (from client asgard port 20106 cli 28239904) > Mon Aug 11 09:27:56 2003 : Auth: Login OK: [marmejia] (from client asgard port 20106 cli 28239904) > Mon Aug 11 09:28:39 2003 : Auth: Login OK: [marmejia] (from client asgard port 20111 cli 28239904) > Mon Aug 11 09:29:50 2003 : Auth: Login OK: [davelasco] (from client asgard port 20126 cli 28230577) > > I mean, something like with the -x parameter but in the log file. > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Counter
Hi Alan, > See the CVS snapshots: src/modules/rlm_counter/rad_counter.pl Could you give me a url for finding more info about this? I've looked through the Free Radius web site and can't find it. Lisa Casey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Allowing POP3 (email only) access
Hi, We acquired an ISP who is using Freeradius. There are several accounts on this system which are meant to be email only accounts (i.e. customers dial in and are authenticated using their dial-up username/password, then once they get connected they can check e-mail on that account or on a e-mail only account). An e-mail only account should not, of course, be able to log in via radius. However this isn't how it has been working. Take the case of username sbmills who has a email only account of stan. Both sbmills and stan can dial in and get authenticated via radius. So in the users file I created as my first default entry: # DEFAULT Group == "mailusers", Auth-Type := Reject Reply-Message = "You are using a mailonly account." # In /etc/group, I have a group mailonly, with GID of 105. Next I edited the password filed (using vipw) and changed stan's group to 105. From the testing I have done though, it still appears that this user can dial in using the username stan and stan's password. Is there something I have neglected to do? Thanks, Lisa Casey Webmaster & SysAdmin Netlink 2000, Inc. [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html