Re: error in rlm_accnt_unique

2003-02-27 Thread Vitaliy Karlov 
On Thu, Feb 27, 2003 at 09:04:59PM +0800, Charles Nierva wrote:
 what could be the cause of this error?
 
 rlm_acct_unique: WARNING: Attribute 8 was not found in request, unique ID
 MAY be inconsistent
 rlm_acct_unique: WARNING: Attribute 87 was not found in request, unique ID
 MAY be inconsistent
 
 #
 radiusd.conf
 
 acct_unique {
  key = User-Name, Acct-Session-Id, NAS-IP-Address,
 Client-IP-Address, NAS-Port-Id, Framed-IP-Address
 }
 
 

raddb/dictionary:
ATTRIBUTE   NAS-Port-Id 87  string

Delete NAS-Port-Id from key, and no warning will be present.

-- 
WBR, Vitaliy Karlov [KV1670-RIPE]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: f-cking kissing sisters

2003-02-08 Thread Vitaliy Karlov 
On Fri, Feb 07, 2003 at 09:11:51PM +0100, kayla wrote:
HELLO GUYS...MY SISTER AND I JUST GOT THROUGH FILMING SOME VERY DIRTY
SISTER ACTION

[...]

The question of making this mailist closed was asked not once.
Maybe we should permit posting to list only for subscribe users???

-- 
WBR, Vitaliy Karlov [KV1670-RIPE]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Exec-Program problem

2003-02-01 Thread Vitaliy Karlov 
Peter V. Saveliev wrote:

...

I didn't found anything about this (bug? /dev/hands?) in the faq,
maillist archive etc.

One need to start a script, when a user logs on using radius.

/etc/raddb/users:
8---
DEFAULT Acct-Status-Type == Start
Exec-Program = /etc/raddb/scripts/test.sh
8---


May be you must write some like this?
DEFAULT Auth-Type := Accept
	Exec-Program = /path/to/program.sh

Or, In your case, that lines you must put in /etc/raddb/acct_user 
instead /etc/raddb/users




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Run external script after disconnect.

2003-01-29 Thread Vitaliy Karlov 
Andrew E. Guly wrote:

I use FreeRadius-0.8.1 with Postgres on Linux RH 8.0 for authenticate and 
accounting dial-in users.

My radiusd execute the external script with Exec-Program-Wait = /some/script 
when user is autenticated.
No problems, it's worked fine...

Q: How I can execute the external script *after* user disconnecting?

May be you look at file acct_users ?
When your radius server recieve Acct-Stop...

some like this:
acct_user:
== acct_users ==
DEFAULT Acct-Status-Type == Stop
Exec-Program = /path/to/some/script.pl
==


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: User authentication logs

2003-01-28 Thread Vitaliy Karlov 
rakesh jha wrote:

Hello,
I have two questions:
1. Does freeradius server makes a log file for users authenticated or
rejected? The radius.log file just tells about the radius processes only and


In radiusd.conf:

#  Log authentication requests to the log file.
#
#  allowed values: {no, yes}
#
log_auth = yes

#  Log passwords with the authentication requests.
#  log_auth_badpass  - logs password if it's rejected
#  log_auth_goodpass - logs password if it's correct
#
#  allowed values: {no, yes}
#
log_auth_badpass = yes
log_auth_goodpass = no



2. How can I know as how many users have already been authenticate
(currently). I do not want history.


radwho ?




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: installing radius

2002-12-26 Thread Vitaliy Karlov 
On Fri, Dec 27, 2002 at 04:18:16PM -0800, Matt Peterson wrote:
 Since you're using FreeBSD, its easier to use the ports collection..
 
 cd /usr/ports/net/freeradius
 make install

Now in ports still Version of FreeRadius is 7.0...
Mainteiner:
MAINTAINER= [EMAIL PROTECTED]

May be anybody know why?

-- 
WBR, Vitaliy Karlov [KV1670-RIPE]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: installing radius

2002-12-26 Thread Vitaliy Karlov 
On Thu, Dec 26, 2002 at 11:17:03PM -0800, John A. Hengstler wrote:
 I emailed him a couple weeks ago (the maintainer), and haven't received a
 response yet.

I emailed him too, and I did not received anything too :(

May be anybody else will be mainteiner? What is the proccess to be
mainteiner? (sorry for off-topic)

-- 
WBR, Vitaliy Karlov [KV1670-RIPE]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Allocating dynamic IP addresses from FreeRadius

2002-11-28 Thread Vitaliy Karlov 
On Thu, Nov 28, 2002 at 10:54:51AM +0200, Kostas Kalevras wrote:
  May I release similar assignment with radius+rlm_ippol ???
 
 Just put the corresponding values in range-start and range-stop.
 The netmask is only used to find the network and broadcast addresses of the
 range given.

Thanks you. Your explain very help me.
But I have some trouble with routing...
NAS - Lucent MAX6000
If I write user-profile like this:
===users===
user_name .. Pool-Name := main_pool
===
IP address is assign, but in routing table it does not present...

At with configuration:
===users===
user_name .. Pool-Name := main_pool
Framed-IP-Netmask = 255.255.255.255
===

In routing table IP-address present like ip.add.res.s/32 i.e everuthing
is ok...

Thank you

 No you don't need to. The only requirment is that if you change the range-start
 and/or range-stop parameters you should then delete the db files.

And this moment also very important.
My changes does not have power, if I did not remove db*-files before
restarting radius.

  I have bad english :(
  I may example of config files put here, if I can release _not_ CLASSLESS IP 
address pool...
 
 Just explaining what is missing in the documentation will also do the job just
 fine.

Some moment I decribe above.
1. rm db*
2. Framed-IP-Netmask on reply-attribute (May be only MAX?)
3. May be in future release of rlm_ippool add parameter like 
   debug = yes/no or like logging_debug = yes/no ??

-- 
WBR, Vitaliy Karlov [KV1670-RIPE]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Allocating dynamic IP addresses from FreeRadius

2002-11-27 Thread Vitaliy Karlov 
On Tue, Nov 26, 2002 at 11:54:59AM -0500, Mike Varley wrote:
 There is a module that does dynamic IP assignment: look in
 ${freeradius_source_dir}/src/modules/rlm_ippool
 
 It is not built by default, so you need to add it to the top level
 Makefile. There is a description on how to configure it in the docs
 direcotry.
 
 Once you've compiled and installed it, change your radiusd.conf file to
 have a section:
 
 post-auth {
   ippool
 }
 
 and then after every successful authentication, this module will add an
 IP address chosen dynamically BASED ON the NAS/port combination. The
 ippool module uses dbm databases. I'm not sure if this is what you are
 looking for, but it may help point you in the right direction.
 
 HTH!
 
 MV

Hi All!
In radiusd.conf I put this:

=== radiusd.conf =
ippool main_pool {
range-start = 10.1.1.1
range-stop = 10.1.1.255
netmask = 255.255.255.255
cache-size = 800
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
}

post-auth {
  #  Get an address from the IP Pool.
  main_pool
}
==

In user I write this:
== users 
zzz zyxel   Auth-Type := Local, User-Password == some_pass, Pool-Name := main_pool


But IP-address anywhere does not assign from space 10.1.1.0/24

Thanks for any suggestion.

PS. Where is I find documentation about rlm_ipppol ?


-- 
WBR, Vitaliy Karlov [KV1670-RIPE]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Allocating dynamic IP addresses from FreeRadius

2002-11-27 Thread Vitaliy Karlov 
On Wed, Nov 27, 2002 at 04:12:12PM +0200, Kostas Kalevras wrote:
  Hi All!
  In radiusd.conf I put this:
 
  === radiusd.conf =
  ippool main_pool {
  range-start = 10.1.1.1
  range-stop = 10.1.1.255
  netmask = 255.255.255.255
 
 You should put a netmask of 255.255.255.0
 Delete the db* files and run the server in debug mode (radiusd -X)

I delete all entries with db* and get this (I does not run radiusd in debug mode)
== radius.log ==
Wed Nov 27 16:20:17 2002 : Error: rlm_ippool: 'session-db' must be set.
Wed Nov 27 16:20:17 2002 : Error: radiusd.conf[489]: main_pool: Module instantiation 
failed.
===

???

What is goal of the db* files?

  PS. Where is I find documentation about rlm_ipppol ?
 
 Read raddb/experimental.conf

Thanks, I read yet... no more?

-- 
WBR, Vitaliy Karlov [KV1670-RIPE]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: use freeradius to clear line

2002-11-27 Thread Vitaliy Karlov 
On Wed, Nov 27, 2002 at 10:10:33AM -0500, Alan DeKok wrote:
 Chhai  Thach [EMAIL PROTECTED] wrote:
  Is there a way to manually disconnect the user using freeradius instead
  of NAS?
 
   Did you bother reading the FAQ?

May be I wrong, but in FR-0.8 radzap is broken!

I yourself want delete user from line, but nothing more, then log-entry:
in radius.log Error: No clients entry for localhost, did not recieve :(
In client and  clients.conf I have records for localhost!

Any suggestion?

PS. Now I use radzap from FR-0.7...

-- 
WBR, Vitaliy Karlov [KV1670-RIPE]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html