Re: radzap

2003-04-01 Thread Alan DeKok 
Oliver Zimmermann <[EMAIL PROTECTED]> wrote:
> As far as I remember, someone patched this in the CVS. So I wait for the
> next release.

  Yeah, the CVS head works.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap

2003-04-01 Thread Oliver Zimmermann 
On Tue, 01 Apr 2003 12:24:10 -0500
"Alan DeKok" <[EMAIL PROTECTED]> wrote:

>   I'm also not sure if radzap works perfectly in 0.8.1.  You may want
> to try grabbing it from the CVS snapshot.

Hello,

on my 0.8.1-servers I use now the 0.7-radzap-binary again, which will do
the job.

With the 0.8.1 radzap I alway get the following error in the radius.log:

"Tue Apr  1 21:48:19 2003 : Error: No clients entry for localhost"

This implies there is no matching entry in the clients.conf, but it
looks like this - and is ok for the 0.7 radzap:

client 127.0.0.1 {
secret  = somepassword
shortname   = localhost
nastype = other
}

As far as I remember, someone patched this in the CVS. So I wait for the
next release.

- Oliver




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap

2003-04-01 Thread Alan DeKok 
Ross Reed <[EMAIL PROTECTED]> wrote:
> I am trying to use radzap to clear an entry from the radutmp file. But
> radzap requires a NAS, this is national dialup and we have no access to the
> actual termserver.

  radzap needs to know about the NAS, but it doesn't require access to
the NAS.

  I'm also not sure if radzap works perfectly in 0.8.1.  You may want
to try grabbing it from the CVS snapshot.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radzap

2003-04-01 Thread Ross Reed 
Title: Message



I am trying to use 
radzap to clear an entry from the radutmp file. But radzap requires a NAS, 
this is national dialup and we have no access to the actual termserver. 
Unless I am missing something, it seems you need this. Is there no other way to 
clear an entry, other than removing the entire radutmp file? This is 
freeradius-0.8.1 on a BSDi box. mysql for auth. Any help is 
appreciated.
 
Ross 
Reed

how radzap works ?

2003-02-18 Thread Eric 
Please explane me, how works the radzap script & how to make it to drop not 
connected users automaticaly?

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: patch to solve a radzap bug.

2003-02-17 Thread Alan DeKok 
"Ivan F. Martinez" <[EMAIL PROTECTED]> wrote:
> The radzap program has support for specifying the server IP, but it
> does not check the correct secret for the IP.
> 
> Here is a patch to solve this :

  Applied, thanks.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radzap not working

2003-02-07 Thread glozano 
Hello All.

I do have a problem with 2 records in the radwtmp file:

Login  Name  What  TTY  When  From  Location
bgapdv1bgapdv1   PPP   >999 Fri 15:04 301.302.3
bgapdv1bgapdv1   PPP   >999 Fri 13:51 301.302.3

Well, I try to zap the 2 records and I get the next:
/radzap 301.302.303.01 20100 bgapdv1
./radzap: zapping termserver 301.302.303.01, port 20100, user bgapdv1


I know the port is right and also the nasip, I get the next from the SQL
accounting...

+--++---+
| username | nasipaddress   | nasportid |
+--++---+
| bgapdv1  | 301.302.303.01 | 20100 |
| bgapdv1  | 301.302.303.01 | 20100 |
+--++---+

So, what is wrong?


___
Gustavo A. Lozano
Noldata
CTO

I know not with what weapons World War III will be fought,
but World War IV will be fought with sticks and stones. 
Albert Einstein



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

patch to solve a radzap bug.

2003-02-07 Thread Ivan F. Martinez 
The radzap program has support for specifying the server IP, but it does not check the 
correct secret for the IP.

Here is a patch to solve this :


--- radzap.c.oriFri Feb  7 18:07:17 2003
+++ radzap.cFri Feb  7 18:17:19 2003
@@ -245,13 +245,14 @@
return ntohs(svp->s_port);
 }
 
-static const char *getlocalhostsecret(void)
+static const char *getsecret(uint32_t server)
 {
RADCLIENT *cl;
+   char buf[32];
 
-   cl = client_find(htonl(INADDR_LOOPBACK));
+   cl = client_find(server);
if (cl == NULL) {
-   radlog(L_ERR|L_CONS, "No clients entry for localhost");
+   radlog(L_ERR|L_CONS, "No clients entry for %s",ip_ntoa(buf,server));
exit(1);
}
return (const char *)cl->secret;
@@ -287,7 +288,7 @@
struct timeval tv;
RADIUS_PACKET *req, *rep = NULL;
VALUE_PAIR *vp;
-   const char *secret=getlocalhostsecret();
+   const char *secret;
 
if ((req = rad_alloc(1)) == NULL) {
    librad_perror("radzap");
@@ -308,6 +309,7 @@
}
if(!req->dst_ipaddr) 
req->dst_ipaddr = 0x7f01;
+   secret = getsecret(req->dst_ipaddr);
req->vps = NULL;
 
if(allports != 0) {

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Error in radzap

2003-01-02 Thread Alan DeKok 
Martin Seine <[EMAIL PROTECTED]> wrote:
> 
> There seems to be an error in radzap (in Rev. 0.8.1). I don't have the 
> time to analyze and fix it now, but maybe someone of you can.
> 
> Symptom:
> Properly configured and working radius with clients.conf in use. Radzap 
> does not find the secret for localhost (hardcoded to look for).

  Yeah, that's fixed in the CVS head (I think).  If there are other
issues, then the fix can be added to any 0.8.2 release.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Error in radzap

2002-12-30 Thread Martin Seine 
There seems to be an error in radzap (in Rev. 0.8.1). I don't have the 
time to analyze and fix it now, but maybe someone of you can.

Symptom:
Properly configured and working radius with clients.conf in use. Radzap 
does not find the secret for localhost (hardcoded to look for).


Regards,
Martin Seine


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeradius 0.8, radzap

2002-11-29 Thread Alan DeKok 
Konstantin Kubatkin <[EMAIL PROTECTED]> wrote:
>   I'm use freeradius 0.8 ( from CVS ). radzap does not read the
> configuration about clients from /etc/raddb/clients.conf

  Ah, OK.  I'll take a look at it.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

freeradius 0.8, radzap

2002-11-29 Thread Konstantin Kubatkin 

 I'm use freeradius 0.8 ( from CVS ). radzap does not read the configuration about clients from /etc/raddb/clients.conf

> radzap -r test goblin s9
> cat /var/log/radiusd-freeradius/radiusd.log
Fri Nov 29 14:52:32 2002 : Error: No clients entry for localhost
>

Though recording about localhost client is present

--
Konstantin Kubatkin 			[KUB-RIPE] [KUB-UANIC]
Kherson, TriLogiC Group
Fido: 2:468/0@FidoNet


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap don't clear entry

2002-11-21 Thread Tico Kamide 
Alan,
I put server in debugging mode, zapped an entry and nothing happened...
Any other ideas?
Tico

>
>   Run the server in debugging mode while you zap an entry.  See what
> it says.
>
>   Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap don't clear entry

2002-11-21 Thread Alan DeKok 
"Tico Kamide" <[EMAIL PROTECTED]> wrote:
> [root@server2 tico]# radzap maripa 2 annelore
> maripa: host not found.
> (in naslist: 200.203.239.214 maripa  portslave, but it can't
> resolve nasname?)

  Nope.  The name must be in DNS.

> [root@server2 tico]# radzap 200.203.239.214 2 annelore
> /usr/bin/radzap: zapping termserver 200.203.239.214, port 2, user annelore
> (it seems ok!)
> 
> [root@server2 tico]# radlast |grep annelore
> annelore 002:maripa   200.203.239.195  Mon Nov 11 23:48   still logged in
> (oh, no, it's still there!!??!!)
> 
> Any ideas?

  Run the server in debugging mode while you zap an entry.  See what
it says.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radzap don't clear entry

2002-11-21 Thread Tico Kamide 
I'm using FR v.0.7.1 and I can't clear any entry from radwtmp using radzap.
FR v.0.8 also

[root@server2 tico]# radlast |grep annelore
annelore 002:maripa   200.203.239.195  Mon Nov 11 23:48   still logged in
(it's an old session)

[root@server2 tico]# radzap maripa 2 annelore
maripa: host not found.
(in naslist: 200.203.239.214 maripa  portslave, but it can't
resolve nasname?)

[root@server2 tico]# radzap 200.203.239.214 2 annelore
/usr/bin/radzap: zapping termserver 200.203.239.214, port 2, user annelore
(it seems ok!)

[root@server2 tico]# radlast |grep annelore
annelore 002:maripa   200.203.239.195  Mon Nov 11 23:48   still logged in
(oh, no, it's still there!!??!!)

Any ideas?
Thanks in advance.

Tico



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radzap don't clear entry

2002-11-12 Thread Tico Kamide 
I'm using FR v.0.7.1 and I can't clear any entry from radwtmp using radzap.

[root@server2 tico]# radlast |grep annelore
annelore 002:maripa   200.203.239.195  Mon Nov 11 23:48   still logged in
(it's an old session)

[root@server2 tico]# radzap maripa 2 annelore
maripa: host not found.
(in naslist: 200.203.239.214 maripa  portslave, but it can't
resolve nasname?)

[root@server2 tico]# radzap 200.203.239.214 2 annelore
/usr/bin/radzap: zapping termserver 200.203.239.214, port 2, user annelore
(it seems ok!)

[root@server2 tico]# radlast |grep annelore
annelore 002:maripa   200.203.239.195  Mon Nov 11 23:48   still logged in
(oh, no, it's still there!!??!!)

Any ideas?
Thanks in advance.

Tico


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap...old issue

2002-05-17 Thread Alan DeKok 

"Anteva Support" <[EMAIL PROTECTED]> wrote:
> The fact is that radzap won't do jack unless it can talk to the termserver
> from whence the connection was made.

  No, the error messages are confusing you.

> > > radzap: zapping termserver ip.addr.of.termserver, port 14, user
> user@realm
> > > radzap: no response from server

  This message does NOT mean that it's trying to contact the terminal
server, it means that radzap is trying to contact the RADIUS server.

> 1: The termserver parameter is required.

  Yes... you have to say which NAS the user was logged in on.

> 2: It has been my experience that it doesn't matter what the value is, it
> still won't work
> 3: I've tried the following and always get either 'no entry found' or 'no
> response from server':

  OK... the 'entry not found' means that it's looking up an entry in
the 'radutmp' file, and not finding it.  'strace radzap ...' will show
you what's happening.


  The problem is really that 'radzap' is old, and meant to work only
with the 'radutmp' file.  That's wrong, and should be fixed.

  Instead, it should send a fake accounting packet to the server, and
never look at the radutmp file.  That will require source code
patches.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap...old issue

2002-05-16 Thread Anteva Support 

> "Vector" <[EMAIL PROTECTED]> wrote:
> > I am unable to use radzap to get an entry out of radutmp.  I had to
reboot
> > the router today and there are some stale entries in there that I must
> > remove.  radzap yields the following:
> >
> > # radzap name-of-termserver 14 "user@realm"
> > radzap: zapping termserver ip.addr.of.termserver, port 14, user
user@realm
> > radzap: no response from server
>
>   OK, it's apparently undocumented, but I've just fixed that in the
> 'man' page for radzap.  In any case, looking at the command-line
> options for 'radzap' will tell you how to solve the problem.
>
>
>
> [aland@akula radiusd]$ ./src/main/radzap
> Usage: ./src/main/radzap [-p acct_port] [-r servername|serverip]
> termserver [port] [user]
> Options:
>
>   -p acct_portAccounting port on radius server
>   -r radserverRadius server name or IP address
>   termserver  Terminal Server (NAS) name or IP address to match,
> can be '' for any
>   [port]  Terminal Server port to match
>   [user]  Login account to match
>
>
>   Alan DeKok.


Uh, huhand just how is that?

1: The termserver parameter is required.
2: It has been my experience that it doesn't matter what the value is, it
still won't work
3: I've tried the following and always get either 'no entry found' or 'no
response from server':
radzap '' 14 user@realm
radzap name-of-termserver 14 user@realm
radzap ip.of.term.server 14 user@realm
radzap '' user@realm
radzap name-of-termserver user@realm
radzap ip.of.term.server user@realm
    radzap -p 1812 -r ip.of.radius.server '' 14 user@realm
bla bla, on and on you get the ideaall and many many many many
many other possible combinations, none of which seem to get the job done.

The fact is that radzap won't do jack unless it can talk to the termserver
from whence the connection was made.
What the man page should say is:
"If radzap is unable to communicate with the terminal server specified, then
it will exit with an error while performing *no* action whatsoever on
radutmp"

vec



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap...old issue

2002-05-16 Thread Alan DeKok 

"Vector" <[EMAIL PROTECTED]> wrote:
> I am unable to use radzap to get an entry out of radutmp.  I had to reboot
> the router today and there are some stale entries in there that I must
> remove.  radzap yields the following:
> 
> # radzap name-of-termserver 14 "user@realm"
> radzap: zapping termserver ip.addr.of.termserver, port 14, user user@realm
> radzap: no response from server

  OK, it's apparently undocumented, but I've just fixed that in the
'man' page for radzap.  In any case, looking at the command-line
options for 'radzap' will tell you how to solve the problem.



[aland@akula radiusd]$ ./src/main/radzap 
Usage: ./src/main/radzap [-p acct_port] [-r servername|serverip]
termserver [port] [user]
Options:

  -p acct_portAccounting port on radius server
  -r radserverRadius server name or IP address
  termserver  Terminal Server (NAS) name or IP address to match,
can be '' for any
  [port]  Terminal Server port to match
  [user]  Login account to match


  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radzap...old issue

2002-05-15 Thread Vector 

I am unable to use radzap to get an entry out of radutmp.  I had to reboot
the router today and there are some stale entries in there that I must
remove.  radzap yields the following:

# radzap name-of-termserver 14 "user@realm"
radzap: zapping termserver ip.addr.of.termserver, port 14, user user@realm
radzap: no response from server

I then do a radwho and sure enough, the entry is still there.  I need it to
go away even if it can't talk to the termserver.  Alan commented on this
last time I posted about this problem claiming that radzap didn't work this
way, but it is again giving me grief and I'd rather not have to wipe out the
entire radutmp file like I did before...any suggestions?  Thanks,

vec



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap

2002-04-19 Thread Anteva Support 

Thanks for the reply.  However, the following is what happens:

[root@somehost]# radzap ip.of.nas.server 7 tee
radzap: zapping termserver ip.of.nas.server, port 7, user 
radzap: no response from server
[root@somehost]#

I've tried using -p 1646, -p 1813, -p  and nothing seems to
work.  I've tried specifying the radius server's ip with -r
ip.of.radius.erver and that doesn't help either.  I just want the
ghost entry out of radutmp.  For what I need I don't much care if
radzap can talk to the nas or not.  So far I've needed to do this
twice and each time I must resort to wiping out the whole file just to
get rid of the entry because I can't seem to get radzap to do it.
Thnx,

vec


- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, April 19, 2002 9:24 AM
Subject: Re: radzap


> "Vector" <[EMAIL PROTECTED]> wrote:
> > I'm trying to remove an entry from radutmp with radzap.
Apparently it
> > *must* connect to the termserver in order to do this.  Why is that
the
> > case?
>
>   I don't think it's the case.  It shouldn't be doing that.
>
>
> >  I would like to remove the entry from radutmp even if the
> > termserver is, say for examle...offline.  Is this possible?  Thnx,
>
>   Yes.
>
>   Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap

2002-04-19 Thread Alan DeKok 

"Vector" <[EMAIL PROTECTED]> wrote:
> I'm trying to remove an entry from radutmp with radzap.  Apparently it
> *must* connect to the termserver in order to do this.  Why is that the
> case?

  I don't think it's the case.  It shouldn't be doing that.


>  I would like to remove the entry from radutmp even if the
> termserver is, say for examle...offline.  Is this possible?  Thnx,

  Yes.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radzap

2002-04-16 Thread Vector 

I'm trying to remove an entry from radutmp with radzap.  Apparently it
*must* connect to the termserver in order to do this.  Why is that the
case?  I would like to remove the entry from radutmp even if the
termserver is, say for examle...offline.  Is this possible?  Thnx,

vec


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap

2002-03-07 Thread Eduardo Roldan 

On Thu, 2002-03-07 at 16:01, Alan DeKok wrote:
> Eduardo Roldan <[EMAIL PROTECTED]> wrote:
> > I dowloaded the CVS snapshot freeradius-snapshot-20020307.tar.gz
> > radzap has changed from the 0.4 version, correct?
> 
>   Slightly.
> 
> > And the new version request a radius server.. I don't understand. Why an
> > app to clean the utmp request a radius server?
> 
>   It now does more than that.  Multiple databases may have utmp-style
> data.  The only way to update ALL of them is to send a packet to the
> server.

. Now I understand.

> 
> > radzap: zapping termserver 200.40.77.19, port 117440712, user
> > [EMAIL PROTECTED]
> > radzap: no response from server
> 
>   You should be able to use "server:port" to send the packet to the
> port that the server is listening on.

Ok, the sintax server:port doesn't work for me, but I use -p PORT, it's
the same.

But, something strange happens to me. Start the server with -X
parameter. OK, for me the latest 2 lines says:
Listening on IP address *, ports 1812/udp and 1813/udp.
Ready to process requests.

Ok, now zap that bad user!

radzap -r data  -p 1812 rac 117440712 [EMAIL PROTECTED]

Ooops, the log says:

rad_recv: Accounting-Request packet from host 127.0.0.1:32850, id=97,
length=127
Accounting-Request packet sent to a non-accounting port from client
localhost:32850 - ID 97 : IGNORED
--- Walking the entire request list ---
Nothing to do.  Sleeping until we see a request.

Hehe, 1812 isn't the accounting port, it's 1813. Ok , this will work
now:

[root@data sbin]# radzap -r data  -p 1813 rac 117440712
[EMAIL PROTECTED]
radzap: zapping termserver 200.40.77.19, port 117440712, user
[EMAIL PROTECTED]
radzap: no response from server

Arr!!!, now nothing new in the logs, nothing.

What happens now?

This is driving me mad.






 




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radzap

2002-03-07 Thread Alan DeKok 

Eduardo Roldan <[EMAIL PROTECTED]> wrote:
> I dowloaded the CVS snapshot freeradius-snapshot-20020307.tar.gz
> radzap has changed from the 0.4 version, correct?

  Slightly.

> And the new version request a radius server.. I don't understand. Why an
> app to clean the utmp request a radius server?

  It now does more than that.  Multiple databases may have utmp-style
data.  The only way to update ALL of them is to send a packet to the
server.

> radzap: zapping termserver 200.40.77.19, port 117440712, user
> [EMAIL PROTECTED]
> radzap: no response from server

  You should be able to use "server:port" to send the packet to the
port that the server is listening on.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radzap

2002-03-07 Thread Eduardo Roldan 

I dowloaded the CVS snapshot freeradius-snapshot-20020307.tar.gz
radzap has changed from the 0.4 version, correct?

I never used radzap from 0.4, so, this version don't interest me.
But, the help says:

Usage: radzap termserver [port] [user]
   radzap is only an admin tool to clean the radutmp file!

And the new version request a radius server.. I don't understand. Why an
app to clean the utmp request a radius server?

Anyway, I can't zap a utmp entry with freeradius-snapshot-20020307
See:


[root@data root]# radwho -r
Login  Name  What  TTY  When  From  Location
[EMAIL PROTECTED],[EMAIL PROTECTED],PPP,S117440712,Thu
14:28,rac,
[root@data root]# radzap -r data rac S117440712 [EMAIL PROTECTED]
radzap: zapping termserver 200.40.77.19, port 117440712, user
[EMAIL PROTECTED]
radzap: no response from server

rac is my NAS, data is the radius server and where I'm logged.
My radius server is running:
Thu Mar  7 14:53:46 2002 : Info: Listening on IP address *, ports
1812/udp and 1813/udp.

Some hint?




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

How to use radzap to terminate the user session

2001-07-31 Thread Tecth Lam 

Hello! Does any body knows how to use radzap to terminate the user session? 

I have try to do so, but I got the following error message

[root raddb]# radzap 210.123.123.123  3 [EMAIL PROTECTED]
radzap: zapping termserver 210.123.123.123, port 3, user [EMAIL PROTECTED]
radzap:Error receiving packet from host 0.0.0.0: Connection refused

Please help, thank you very much! .+-Šwèþ˛±ÊâmïîžË›±Êâmäžzm§ÿðÃëyêÚv+¬¢¸?–+-þë®Èmš