Exec on acct-stop received
Hi, Is it possible to execute external program when an acct-stop record is received? (without writing new rlm_module) If the answer is yes - is there an example (with passing parameters) Thanks in advance. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authorize section
To all, I know the answer to this is most likely in the docs/list, but I cannot find it and it is crunch time. I have users that will be dailing a certain number so they can get a new "dialer" that pushes out new numbers ( Any of them dailing this number will get authenticated by default). I have an entry in the users file that checks for anything coming from that number, if it does give them certain reply attributes, but the problem being is, it continues down the line and checks the sql section ( giving the reply attributes I don't want them to have yet). I need it to check the files, if it matches, stop everything. I have it checking files before my redundant sql section. DEFAULT Called-Station-Id == "55", Auth-Type := Accept Framed-Compression := Van-Jacobsen-TCP-IP, Service-Type := Framed, Framed-MTU := 1500, cisco-avpair = "lcp:interface-config=ip policy route-map migrate" Is in my users file. Do I need to do something with Autz-Type? Any help please. Thanks for any help, Ross - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius compiilation
Hello to All! ive try to install freeradius for wireless authentication but my problem i got this error when i compile. btw im using slackware 9.0 and radiusd-02.28.02. thanks rex king all in src... gmake[2]: Entering directory `/home/ap1/802.11z/radiusd/src' gmake[3]: Entering directory `/home/ap1/802.11z/radiusd/src' Making all in lib... gmake[4]: Entering directory `/home/ap1/802.11z/radiusd/src/lib' gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -g -W shadow -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Wstrict-pro totypes -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -D_LIBR ADIUS -I../include -c misc.c misc.c: In function `ip_hostname': misc.c:57: warning: passing arg 7 of `gethostbyaddr_r' from incompatible pointer type misc.c:57: too few arguments to function `gethostbyaddr_r' misc.c:57: warning: assignment makes pointer from integer without a cast misc.c: In function `ip_getaddr': misc.c:90: warning: passing arg 5 of `gethostbyname_r' from incompatible pointer type misc.c:90: too few arguments to function `gethostbyname_r' misc.c:90: warning: assignment makes pointer from integer without a cast gmake[4]: *** [misc.o] Error 1 gmake[4]: Leaving directory `/home/ap1/802.11z/radiusd/src/lib' gmake[3]: *** [common] Error 1 gmake[3]: Leaving directory `/home/ap1/802.11z/radiusd/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/home/ap1/802.11z/radiusd/src' gmake[1]: *** [common] Error 1 gmake[1]: Leaving directory `/home/ap1/802.11z/radiusd' make: *** [all] Error 2 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: how can i limit traffic use?
Alexander Lunyov <[EMAIL PROTECTED]> wrote: >I'm running FreeRadius 0.9.3 on FreeBSD 4.8R-p13, and now i'm >planning to start using radius for authenticating and accounting my >Ethernet users via PPPoE. Can you tell me, where to read about 'how >to setup traffic limits with freeradius'? You can't, really. You can enforce traffic limits after a user has exceeded quota, for the next time a user logs in. But you can't tell the NAS to kick a user off once they've reached their quota. > Because it seems to be that >attributes such as Monthly-Octets-Limit and Daily-Octets-Limit can >be used only with IC-Radius, and i didn't found anything about >freeradius. See rlm_counter. It counts and enforces limitations. The example configuration enforces time limits, but you can easily re-configure it to enforce bandwidth limits. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: LDAP & MySQL
On Sat, 28 Feb 2004, Alan DeKok wrote: > Jan-Piet Mens <[EMAIL PROTECTED]> wrote: > > My `radcheck' MySQL table is empty > > That is most likely the problem. If nothing in the databases > matches, then the replies aren't added. > > Add an attribute which will always match to the check table, and you > should see the reply. Can you give me a hint on what kind of attribute that could be? Thanks & regards, -JP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Mysql libraries
"Nick Marino" <[EMAIL PROTECTED]> wrote: > Ok I know this has been asked many times before and I have gone through the > faq and tried all suggestions there. I have also dug through thousands of > post from the list here about the same problem but am unable to resolve the > issue after trying many recommendations posted here on the list. > > Has anyone ever found a stable resolution to this problem? Static linking. If you don't have static MySQL libraries, build them. Also, there was a patch to libltdl added recently to the CVS head. It turns out that this particular error (i.e. unhelpful one) is caused by a few bugs in libltdl. The current CVS snapshot should behave a little better. There's no guarantee that it will work any better, but at least the error messages won't be useless. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius 0.8.1 and timeout replies to authentication requests
Its specifically access-rejects to accounts that have timed out i.e. via rlm_sqlcounter. The mechanism works fine but I have noticed an anomaly and I'm not sure if its a freeradius (perhaps only 0.8.1) issue or if my radius client is misbehaving. When I send a request to authenticate a user account that has effectively exceeded its time (via sql counter) the initial authentication request seems to time out. However via the log file on the server I notice the request coming through BUT the reply isn't received on the client. My client then times out and tries again. The server then seems to respond but with the previous requests identifier. so I get another failure because the ids don't match. so we try again. This time it works fine i.e. server responds and ids match. And I get a correct replay message that the user account has expired which is what I want. Now if the authentication succeeds i.e. an valid/active accout, I don't see this behaviour i.e. it works first time. Have I missed this in the mailing list ? Should I simply upgrade to a newer version ? http://www.zurowski.btinternet.co.uk";>John Zurowski _ It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Mysql libraries
Ok I know this has been asked many times before and I have gone through the faq and tried all suggestions there. I have also dug through thousands of post from the list here about the same problem but am unable to resolve the issue after trying many recommendations posted here on the list. Has anyone ever found a stable resolution to this problem? rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the search path of your system's ld. radiusd.conf[14]: sql: Module instantiation failed. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Windows XP PEAP and FreeRadius Authorization
[EMAIL PROTECTED] wrote: >I'm trying to get working Windows XP - PEAP - MS-CHAPv2 with > freeRadius, but I don't know how to configure it correctly. I have > followed the instructions in the radiusd.conf, it's also seems 'working' > to me but I don't know now where is the problem (something like mschapv2 > - messing with tls?). The wireless client is sending EAP-MS-CHAPv2 *outside* of the TLS tunnel, and then ignoring the servers response. I don't think there's much you can do on the server to fix a broken client. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Hotspot nearing completion
Aime <[EMAIL PROTECTED]> wrote: > But when the user reconnects he could have again 600s, > because Session_timeout did not change and that it the > attribute the access point is taking for the total > session-time of the user. > > So how to i can handle this ? The AP issues interim > accounting time to time. Read radiusd.conf, and look for the "counter" module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: LDAP & MySQL
Jan-Piet Mens <[EMAIL PROTECTED]> wrote: > My `radcheck' MySQL table is empty That is most likely the problem. If nothing in the databases matches, then the replies aren't added. Add an attribute which will always match to the check table, and you should see the reply. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
how can i limit traffic use?
Hello freeradius-users, I'm running FreeRadius 0.9.3 on FreeBSD 4.8R-p13, and now i'm planning to start using radius for authenticating and accounting my Ethernet users via PPPoE. Can you tell me, where to read about 'how to setup traffic limits with freeradius'? Because it seems to be that attributes such as Monthly-Octets-Limit and Daily-Octets-Limit can be used only with IC-Radius, and i didn't found anything about freeradius. -- Best regards, Alexander mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
