Re: radzap
Oliver Zimmermann <[EMAIL PROTECTED]> wrote: > As far as I remember, someone patched this in the CVS. So I wait for the > next release. Yeah, the CVS head works. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap
On Tue, 01 Apr 2003 12:24:10 -0500 "Alan DeKok" <[EMAIL PROTECTED]> wrote: > I'm also not sure if radzap works perfectly in 0.8.1. You may want > to try grabbing it from the CVS snapshot. Hello, on my 0.8.1-servers I use now the 0.7-radzap-binary again, which will do the job. With the 0.8.1 radzap I alway get the following error in the radius.log: "Tue Apr 1 21:48:19 2003 : Error: No clients entry for localhost" This implies there is no matching entry in the clients.conf, but it looks like this - and is ok for the 0.7 radzap: client 127.0.0.1 { secret = somepassword shortname = localhost nastype = other } As far as I remember, someone patched this in the CVS. So I wait for the next release. - Oliver - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap
Ross Reed <[EMAIL PROTECTED]> wrote: > I am trying to use radzap to clear an entry from the radutmp file. But > radzap requires a NAS, this is national dialup and we have no access to the > actual termserver. radzap needs to know about the NAS, but it doesn't require access to the NAS. I'm also not sure if radzap works perfectly in 0.8.1. You may want to try grabbing it from the CVS snapshot. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radzap
Title: Message I am trying to use radzap to clear an entry from the radutmp file. But radzap requires a NAS, this is national dialup and we have no access to the actual termserver. Unless I am missing something, it seems you need this. Is there no other way to clear an entry, other than removing the entire radutmp file? This is freeradius-0.8.1 on a BSDi box. mysql for auth. Any help is appreciated. Ross Reed
how radzap works ?
Please explane me, how works the radzap script & how to make it to drop not connected users automaticaly? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: patch to solve a radzap bug.
"Ivan F. Martinez" <[EMAIL PROTECTED]> wrote: > The radzap program has support for specifying the server IP, but it > does not check the correct secret for the IP. > > Here is a patch to solve this : Applied, thanks. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radzap not working
Hello All. I do have a problem with 2 records in the radwtmp file: Login Name What TTY When From Location bgapdv1bgapdv1 PPP >999 Fri 15:04 301.302.3 bgapdv1bgapdv1 PPP >999 Fri 13:51 301.302.3 Well, I try to zap the 2 records and I get the next: /radzap 301.302.303.01 20100 bgapdv1 ./radzap: zapping termserver 301.302.303.01, port 20100, user bgapdv1 I know the port is right and also the nasip, I get the next from the SQL accounting... +--++---+ | username | nasipaddress | nasportid | +--++---+ | bgapdv1 | 301.302.303.01 | 20100 | | bgapdv1 | 301.302.303.01 | 20100 | +--++---+ So, what is wrong? ___ Gustavo A. Lozano Noldata CTO I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. Albert Einstein - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
patch to solve a radzap bug.
The radzap program has support for specifying the server IP, but it does not check the correct secret for the IP. Here is a patch to solve this : --- radzap.c.oriFri Feb 7 18:07:17 2003 +++ radzap.cFri Feb 7 18:17:19 2003 @@ -245,13 +245,14 @@ return ntohs(svp->s_port); } -static const char *getlocalhostsecret(void) +static const char *getsecret(uint32_t server) { RADCLIENT *cl; + char buf[32]; - cl = client_find(htonl(INADDR_LOOPBACK)); + cl = client_find(server); if (cl == NULL) { - radlog(L_ERR|L_CONS, "No clients entry for localhost"); + radlog(L_ERR|L_CONS, "No clients entry for %s",ip_ntoa(buf,server)); exit(1); } return (const char *)cl->secret; @@ -287,7 +288,7 @@ struct timeval tv; RADIUS_PACKET *req, *rep = NULL; VALUE_PAIR *vp; - const char *secret=getlocalhostsecret(); + const char *secret; if ((req = rad_alloc(1)) == NULL) { librad_perror("radzap"); @@ -308,6 +309,7 @@ } if(!req->dst_ipaddr) req->dst_ipaddr = 0x7f01; + secret = getsecret(req->dst_ipaddr); req->vps = NULL; if(allports != 0) { - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error in radzap
Martin Seine <[EMAIL PROTECTED]> wrote: > > There seems to be an error in radzap (in Rev. 0.8.1). I don't have the > time to analyze and fix it now, but maybe someone of you can. > > Symptom: > Properly configured and working radius with clients.conf in use. Radzap > does not find the secret for localhost (hardcoded to look for). Yeah, that's fixed in the CVS head (I think). If there are other issues, then the fix can be added to any 0.8.2 release. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Error in radzap
There seems to be an error in radzap (in Rev. 0.8.1). I don't have the time to analyze and fix it now, but maybe someone of you can. Symptom: Properly configured and working radius with clients.conf in use. Radzap does not find the secret for localhost (hardcoded to look for). Regards, Martin Seine - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius 0.8, radzap
Konstantin Kubatkin <[EMAIL PROTECTED]> wrote: > I'm use freeradius 0.8 ( from CVS ). radzap does not read the > configuration about clients from /etc/raddb/clients.conf Ah, OK. I'll take a look at it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius 0.8, radzap
I'm use freeradius 0.8 ( from CVS ). radzap does not read the configuration about clients from /etc/raddb/clients.conf > radzap -r test goblin s9 > cat /var/log/radiusd-freeradius/radiusd.log Fri Nov 29 14:52:32 2002 : Error: No clients entry for localhost > Though recording about localhost client is present -- Konstantin Kubatkin [KUB-RIPE] [KUB-UANIC] Kherson, TriLogiC Group Fido: 2:468/0@FidoNet - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap don't clear entry
Alan, I put server in debugging mode, zapped an entry and nothing happened... Any other ideas? Tico > > Run the server in debugging mode while you zap an entry. See what > it says. > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap don't clear entry
"Tico Kamide" <[EMAIL PROTECTED]> wrote: > [root@server2 tico]# radzap maripa 2 annelore > maripa: host not found. > (in naslist: 200.203.239.214 maripa portslave, but it can't > resolve nasname?) Nope. The name must be in DNS. > [root@server2 tico]# radzap 200.203.239.214 2 annelore > /usr/bin/radzap: zapping termserver 200.203.239.214, port 2, user annelore > (it seems ok!) > > [root@server2 tico]# radlast |grep annelore > annelore 002:maripa 200.203.239.195 Mon Nov 11 23:48 still logged in > (oh, no, it's still there!!??!!) > > Any ideas? Run the server in debugging mode while you zap an entry. See what it says. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radzap don't clear entry
I'm using FR v.0.7.1 and I can't clear any entry from radwtmp using radzap. FR v.0.8 also [root@server2 tico]# radlast |grep annelore annelore 002:maripa 200.203.239.195 Mon Nov 11 23:48 still logged in (it's an old session) [root@server2 tico]# radzap maripa 2 annelore maripa: host not found. (in naslist: 200.203.239.214 maripa portslave, but it can't resolve nasname?) [root@server2 tico]# radzap 200.203.239.214 2 annelore /usr/bin/radzap: zapping termserver 200.203.239.214, port 2, user annelore (it seems ok!) [root@server2 tico]# radlast |grep annelore annelore 002:maripa 200.203.239.195 Mon Nov 11 23:48 still logged in (oh, no, it's still there!!??!!) Any ideas? Thanks in advance. Tico - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radzap don't clear entry
I'm using FR v.0.7.1 and I can't clear any entry from radwtmp using radzap. [root@server2 tico]# radlast |grep annelore annelore 002:maripa 200.203.239.195 Mon Nov 11 23:48 still logged in (it's an old session) [root@server2 tico]# radzap maripa 2 annelore maripa: host not found. (in naslist: 200.203.239.214 maripa portslave, but it can't resolve nasname?) [root@server2 tico]# radzap 200.203.239.214 2 annelore /usr/bin/radzap: zapping termserver 200.203.239.214, port 2, user annelore (it seems ok!) [root@server2 tico]# radlast |grep annelore annelore 002:maripa 200.203.239.195 Mon Nov 11 23:48 still logged in (oh, no, it's still there!!??!!) Any ideas? Thanks in advance. Tico - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap...old issue
"Anteva Support" <[EMAIL PROTECTED]> wrote: > The fact is that radzap won't do jack unless it can talk to the termserver > from whence the connection was made. No, the error messages are confusing you. > > > radzap: zapping termserver ip.addr.of.termserver, port 14, user > user@realm > > > radzap: no response from server This message does NOT mean that it's trying to contact the terminal server, it means that radzap is trying to contact the RADIUS server. > 1: The termserver parameter is required. Yes... you have to say which NAS the user was logged in on. > 2: It has been my experience that it doesn't matter what the value is, it > still won't work > 3: I've tried the following and always get either 'no entry found' or 'no > response from server': OK... the 'entry not found' means that it's looking up an entry in the 'radutmp' file, and not finding it. 'strace radzap ...' will show you what's happening. The problem is really that 'radzap' is old, and meant to work only with the 'radutmp' file. That's wrong, and should be fixed. Instead, it should send a fake accounting packet to the server, and never look at the radutmp file. That will require source code patches. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap...old issue
> "Vector" <[EMAIL PROTECTED]> wrote: > > I am unable to use radzap to get an entry out of radutmp. I had to reboot > > the router today and there are some stale entries in there that I must > > remove. radzap yields the following: > > > > # radzap name-of-termserver 14 "user@realm" > > radzap: zapping termserver ip.addr.of.termserver, port 14, user user@realm > > radzap: no response from server > > OK, it's apparently undocumented, but I've just fixed that in the > 'man' page for radzap. In any case, looking at the command-line > options for 'radzap' will tell you how to solve the problem. > > > > [aland@akula radiusd]$ ./src/main/radzap > Usage: ./src/main/radzap [-p acct_port] [-r servername|serverip] > termserver [port] [user] > Options: > > -p acct_portAccounting port on radius server > -r radserverRadius server name or IP address > termserver Terminal Server (NAS) name or IP address to match, > can be '' for any > [port] Terminal Server port to match > [user] Login account to match > > > Alan DeKok. Uh, huhand just how is that? 1: The termserver parameter is required. 2: It has been my experience that it doesn't matter what the value is, it still won't work 3: I've tried the following and always get either 'no entry found' or 'no response from server': radzap '' 14 user@realm radzap name-of-termserver 14 user@realm radzap ip.of.term.server 14 user@realm radzap '' user@realm radzap name-of-termserver user@realm radzap ip.of.term.server user@realm radzap -p 1812 -r ip.of.radius.server '' 14 user@realm bla bla, on and on you get the ideaall and many many many many many other possible combinations, none of which seem to get the job done. The fact is that radzap won't do jack unless it can talk to the termserver from whence the connection was made. What the man page should say is: "If radzap is unable to communicate with the terminal server specified, then it will exit with an error while performing *no* action whatsoever on radutmp" vec - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap...old issue
"Vector" <[EMAIL PROTECTED]> wrote: > I am unable to use radzap to get an entry out of radutmp. I had to reboot > the router today and there are some stale entries in there that I must > remove. radzap yields the following: > > # radzap name-of-termserver 14 "user@realm" > radzap: zapping termserver ip.addr.of.termserver, port 14, user user@realm > radzap: no response from server OK, it's apparently undocumented, but I've just fixed that in the 'man' page for radzap. In any case, looking at the command-line options for 'radzap' will tell you how to solve the problem. [aland@akula radiusd]$ ./src/main/radzap Usage: ./src/main/radzap [-p acct_port] [-r servername|serverip] termserver [port] [user] Options: -p acct_portAccounting port on radius server -r radserverRadius server name or IP address termserver Terminal Server (NAS) name or IP address to match, can be '' for any [port] Terminal Server port to match [user] Login account to match Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radzap...old issue
I am unable to use radzap to get an entry out of radutmp. I had to reboot the router today and there are some stale entries in there that I must remove. radzap yields the following: # radzap name-of-termserver 14 "user@realm" radzap: zapping termserver ip.addr.of.termserver, port 14, user user@realm radzap: no response from server I then do a radwho and sure enough, the entry is still there. I need it to go away even if it can't talk to the termserver. Alan commented on this last time I posted about this problem claiming that radzap didn't work this way, but it is again giving me grief and I'd rather not have to wipe out the entire radutmp file like I did before...any suggestions? Thanks, vec - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap
Thanks for the reply. However, the following is what happens: [root@somehost]# radzap ip.of.nas.server 7 tee radzap: zapping termserver ip.of.nas.server, port 7, user radzap: no response from server [root@somehost]# I've tried using -p 1646, -p 1813, -p and nothing seems to work. I've tried specifying the radius server's ip with -r ip.of.radius.erver and that doesn't help either. I just want the ghost entry out of radutmp. For what I need I don't much care if radzap can talk to the nas or not. So far I've needed to do this twice and each time I must resort to wiping out the whole file just to get rid of the entry because I can't seem to get radzap to do it. Thnx, vec - Original Message - From: "Alan DeKok" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, April 19, 2002 9:24 AM Subject: Re: radzap > "Vector" <[EMAIL PROTECTED]> wrote: > > I'm trying to remove an entry from radutmp with radzap. Apparently it > > *must* connect to the termserver in order to do this. Why is that the > > case? > > I don't think it's the case. It shouldn't be doing that. > > > > I would like to remove the entry from radutmp even if the > > termserver is, say for examle...offline. Is this possible? Thnx, > > Yes. > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap
"Vector" <[EMAIL PROTECTED]> wrote: > I'm trying to remove an entry from radutmp with radzap. Apparently it > *must* connect to the termserver in order to do this. Why is that the > case? I don't think it's the case. It shouldn't be doing that. > I would like to remove the entry from radutmp even if the > termserver is, say for examle...offline. Is this possible? Thnx, Yes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radzap
I'm trying to remove an entry from radutmp with radzap. Apparently it *must* connect to the termserver in order to do this. Why is that the case? I would like to remove the entry from radutmp even if the termserver is, say for examle...offline. Is this possible? Thnx, vec - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap
On Thu, 2002-03-07 at 16:01, Alan DeKok wrote: > Eduardo Roldan <[EMAIL PROTECTED]> wrote: > > I dowloaded the CVS snapshot freeradius-snapshot-20020307.tar.gz > > radzap has changed from the 0.4 version, correct? > > Slightly. > > > And the new version request a radius server.. I don't understand. Why an > > app to clean the utmp request a radius server? > > It now does more than that. Multiple databases may have utmp-style > data. The only way to update ALL of them is to send a packet to the > server. . Now I understand. > > > radzap: zapping termserver 200.40.77.19, port 117440712, user > > [EMAIL PROTECTED] > > radzap: no response from server > > You should be able to use "server:port" to send the packet to the > port that the server is listening on. Ok, the sintax server:port doesn't work for me, but I use -p PORT, it's the same. But, something strange happens to me. Start the server with -X parameter. OK, for me the latest 2 lines says: Listening on IP address *, ports 1812/udp and 1813/udp. Ready to process requests. Ok, now zap that bad user! radzap -r data -p 1812 rac 117440712 [EMAIL PROTECTED] Ooops, the log says: rad_recv: Accounting-Request packet from host 127.0.0.1:32850, id=97, length=127 Accounting-Request packet sent to a non-accounting port from client localhost:32850 - ID 97 : IGNORED --- Walking the entire request list --- Nothing to do. Sleeping until we see a request. Hehe, 1812 isn't the accounting port, it's 1813. Ok , this will work now: [root@data sbin]# radzap -r data -p 1813 rac 117440712 [EMAIL PROTECTED] radzap: zapping termserver 200.40.77.19, port 117440712, user [EMAIL PROTECTED] radzap: no response from server Arr!!!, now nothing new in the logs, nothing. What happens now? This is driving me mad. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radzap
Eduardo Roldan <[EMAIL PROTECTED]> wrote: > I dowloaded the CVS snapshot freeradius-snapshot-20020307.tar.gz > radzap has changed from the 0.4 version, correct? Slightly. > And the new version request a radius server.. I don't understand. Why an > app to clean the utmp request a radius server? It now does more than that. Multiple databases may have utmp-style data. The only way to update ALL of them is to send a packet to the server. > radzap: zapping termserver 200.40.77.19, port 117440712, user > [EMAIL PROTECTED] > radzap: no response from server You should be able to use "server:port" to send the packet to the port that the server is listening on. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radzap
I dowloaded the CVS snapshot freeradius-snapshot-20020307.tar.gz radzap has changed from the 0.4 version, correct? I never used radzap from 0.4, so, this version don't interest me. But, the help says: Usage: radzap termserver [port] [user] radzap is only an admin tool to clean the radutmp file! And the new version request a radius server.. I don't understand. Why an app to clean the utmp request a radius server? Anyway, I can't zap a utmp entry with freeradius-snapshot-20020307 See: [root@data root]# radwho -r Login Name What TTY When From Location [EMAIL PROTECTED],[EMAIL PROTECTED],PPP,S117440712,Thu 14:28,rac, [root@data root]# radzap -r data rac S117440712 [EMAIL PROTECTED] radzap: zapping termserver 200.40.77.19, port 117440712, user [EMAIL PROTECTED] radzap: no response from server rac is my NAS, data is the radius server and where I'm logged. My radius server is running: Thu Mar 7 14:53:46 2002 : Info: Listening on IP address *, ports 1812/udp and 1813/udp. Some hint? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to use radzap to terminate the user session
Hello! Does any body knows how to use radzap to terminate the user session? I have try to do so, but I got the following error message [root raddb]# radzap 210.123.123.123 3 [EMAIL PROTECTED] radzap: zapping termserver 210.123.123.123, port 3, user [EMAIL PROTECTED] radzap:Error receiving packet from host 0.0.0.0: Connection refused Please help, thank you very much! .+-wèþ˱Êâmïî˱Êâmäzm§ÿðÃëyêÚv+¬¢¸?+-þë®Èm