Re: FR2 - proxying inner tunnel

2008-02-16 Thread Alan DeKok 
Dmitry Sergienko wrote:
 Hi!
 Both logs of xsupplicant and freeradius are available here (posting here
 exceeds the limit of 100Kb):

  Ah... you're using xsupplicant.  It's sending an EAP-MSCHAPv2 ACK to
the SUCCESS that the server sends.  Apparently this is handled properly
when the server isn't proxying.  I'm not sure why it isn't handled when
the server proxies the request.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

rlm_python freeradiusd 2.0.2

2008-02-16 Thread Alexander Demidoff 
Hello all!
I want to use python possibilities to authorize users with 
freeradius.

So, I compiled freeradius with options:
--with-experimental-modules \
--with-rlm_python

created config files and my pythom module  radiusd_isp,
put it python path

freeradius -X out me:

  python {
mod_instantiate = radiusd_isp
func_instantiate = instantiate
mod_authorize = radiusd_isp
func_authorize = authorize
mod_authenticate = radiusd_isp
func_authenticate = authenticate
mod_preacct = radiusd_isp
func_preacct = preacct
mod_accounting = radiusd_isp
func_accounting = accounting
mod_detach = radiusd_isp
func_detach = detach
  }
exceptions.ImportError: No module named radiusd_isp
Failed to import python module radiusd_isp
/etc/freeradius/python.conf[32]: Instantiation failed for module python
/etc/freeradius/radiusd.conf[1824]: Failed to find module python.
/etc/freeradius/radiusd.conf[1793]: Errors parsing authorize section.

help me anybody, please !?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_python freeradiusd 2.0.2

2008-02-16 Thread Mike O'Connor 

Hi Alexander

I think your problem is that python does not know where to find your module.

The best way of over coming this issue is to place a file in the 
site-packages directory which indicates where your python code is installed.


[EMAIL PROTECTED] site-packages]# cat radiusd_test.pth
/opt/freeradius-python/
[EMAIL PROTECTED] site-packages]#

Cheers
Mike


Alexander Demidoff wrote:

Hello all!
I want to use python possibilities to authorize users with 
freeradius.


So, I compiled freeradius with options:
--with-experimental-modules \
--with-rlm_python

created config files and my pythom module  radiusd_isp,
put it python path

freeradius -X out me:

  python {
mod_instantiate = radiusd_isp
func_instantiate = instantiate
mod_authorize = radiusd_isp
func_authorize = authorize
mod_authenticate = radiusd_isp
func_authenticate = authenticate
mod_preacct = radiusd_isp
func_preacct = preacct
mod_accounting = radiusd_isp
func_accounting = accounting
mod_detach = radiusd_isp
func_detach = detach
  }
exceptions.ImportError: No module named radiusd_isp
Failed to import python module radiusd_isp
/etc/freeradius/python.conf[32]: Instantiation failed for module python
/etc/freeradius/radiusd.conf[1824]: Failed to find module python.
/etc/freeradius/radiusd.conf[1793]: Errors parsing authorize section.

help me anybody, please !?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
  


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_python freeradiusd 2.0.2

2008-02-16 Thread Alexander Demidoff 
Thanks Mike, I expected this suggestion ...

of course, I placed the module into /usr/lib/python2.4/site-packages/ 
directory ...

I tried to interact with python:
# python
Python 2.4.4 (#2, Jan  3 2008, 13:36:28)
[GCC 4.2.3 20071123 (prerelease) (Debian 4.2.2-4)] on linux2
Type help, copyright, credits or license for more information.
 import radiusd_isp
 

Everything is OK!

but it didn't with freeradius :( ...

On Saturday 16 February 2008, Mike O'Connor wrote:
 Hi Alexander

 I think your problem is that python does not know where to find your
 module.

 The best way of over coming this issue is to place a file in the
 site-packages directory which indicates where your python code is
 installed.

 [EMAIL PROTECTED] site-packages]# cat radiusd_test.pth
 /opt/freeradius-python/
 [EMAIL PROTECTED] site-packages]#

 Cheers
 Mike

 Alexander Demidoff wrote:
  Hello all!
  I want to use python possibilities to authorize users with
  freeradius.
 
  So, I compiled freeradius with options:
  --with-experimental-modules \
  --with-rlm_python
 
  created config files and my pythom module  radiusd_isp,
  put it python path
 
  freeradius -X out me:
 
python {
  mod_instantiate = radiusd_isp
  func_instantiate = instantiate
  mod_authorize = radiusd_isp
  func_authorize = authorize
  mod_authenticate = radiusd_isp
  func_authenticate = authenticate
  mod_preacct = radiusd_isp
  func_preacct = preacct
  mod_accounting = radiusd_isp
  func_accounting = accounting
  mod_detach = radiusd_isp
  func_detach = detach
}
  exceptions.ImportError: No module named radiusd_isp
  Failed to import python module radiusd_isp
  /etc/freeradius/python.conf[32]: Instantiation failed for module python
  /etc/freeradius/radiusd.conf[1824]: Failed to find module python.
  /etc/freeradius/radiusd.conf[1793]: Errors parsing authorize section.
 
  help me anybody, please !?
  -
  List info/subscribe/unsubscribe? See
  http://www.freeradius.org/list/users.html

 -
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_python freeradiusd 2.0.2

2008-02-16 Thread Alexander Demidoff 
At the end of my attempts to resolve the problem I've found out

1. Compiling options
--with-experimental-modules \
--with-rlm_python \
--with-static-modules=python
2. Befor starting of freeradius I created radiusd_isp.pyc file in the 
interactive python shell

After these conditions my python module began to work with freeradius ...

So, this situation satisfies me for a while. But I am needing help to resolve 
this problem in principle.

best regards,
Alexander.

On Saturday 16 February 2008, Alexander Demidoff wrote:
 Thanks Mike, I expected this suggestion ...

 of course, I placed the module into /usr/lib/python2.4/site-packages/
 directory ...

 I tried to interact with python:
 # python
 Python 2.4.4 (#2, Jan  3 2008, 13:36:28)
 [GCC 4.2.3 20071123 (prerelease) (Debian 4.2.2-4)] on linux2
 Type help, copyright, credits or license for more information.

  import radiusd_isp

 Everything is OK!

 but it didn't with freeradius :( ...

 On Saturday 16 February 2008, Mike O'Connor wrote:
  Hi Alexander
 
  I think your problem is that python does not know where to find your
  module.
 
  The best way of over coming this issue is to place a file in the
  site-packages directory which indicates where your python code is
  installed.
 
  [EMAIL PROTECTED] site-packages]# cat radiusd_test.pth
  /opt/freeradius-python/
  [EMAIL PROTECTED] site-packages]#
 
  Cheers
  Mike
 
  Alexander Demidoff wrote:
   Hello all!
   I want to use python possibilities to authorize users with
   freeradius.
  
   So, I compiled freeradius with options:
   --with-experimental-modules \
   --with-rlm_python
  
   created config files and my pythom module  radiusd_isp,
   put it python path
  
   freeradius -X out me:
  
 python {
   mod_instantiate = radiusd_isp
   func_instantiate = instantiate
   mod_authorize = radiusd_isp
   func_authorize = authorize
   mod_authenticate = radiusd_isp
   func_authenticate = authenticate
   mod_preacct = radiusd_isp
   func_preacct = preacct
   mod_accounting = radiusd_isp
   func_accounting = accounting
   mod_detach = radiusd_isp
   func_detach = detach
 }
   exceptions.ImportError: No module named radiusd_isp
   Failed to import python module radiusd_isp
   /etc/freeradius/python.conf[32]: Instantiation failed for module
   python /etc/freeradius/radiusd.conf[1824]: Failed to find module
   python. /etc/freeradius/radiusd.conf[1793]: Errors parsing authorize
   section.
  
   help me anybody, please !?
   -
   List info/subscribe/unsubscribe? See
   http://www.freeradius.org/list/users.html
 
  -
  List info/subscribe/unsubscribe? See
  http://www.freeradius.org/list/users.html

 -
 List info/subscribe/unsubscribe? See
 http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: one username and 2 NAS

2008-02-16 Thread Ivan Kalik 
He can't be connecting from both devices in the same time. That's why
check is failing. Use huntgroups:

pippo   User-Name == pippo   and then list under all the device IPs
he can connect to.

Ivan Kalik
Kalik Informatika ISP


Dana 15/2/2008, enrico fanti [EMAIL PROTECTED] piše:

Hi ,

I have freeradius configured with Mysql.

I would like to have a user can ssh login to 2 server linux (i.e. 2 NAS ,
same username).

Freeradius must make the control if NAS-IP Address is ok for this user in
the radcheck table..

I use the == operator end my radcheck table is:

mysql SELECT id, UserName, Attribute, Value, op from radcheck WHERE
Username = 'pippo' order by id;
++--++---++
| id | UserName | Attribute  | Value | op |
++--++---++
| 39 | pippo| NAS-IP-Address | 10.0.0.52 | == |
| 40 | pippo| NAS-IP-Address | 10.0.0.49 | == |
| 41 | pippo| Expiration | 1203325200| == |
| 42 | pippo| Crypt-Password | v7fawImvQUoXM | == |
++--++---++


It doesn't work..

Some ideas ???

Thank you

Enrico



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html