Re: Re :checking authorization in the duration of connection
Radius and NAS can worked in one way. Only NAS send accounts paket to RADIUS. RADIUS CANT send packet to NAS server (if quota user traffic limit exceeded)!!! - Original Message - From: Eric To: freeradius-users@lists.freeradius.org Sent: Sunday, May 03, 2009 2:09 PM Subject: Re :checking authorization in the duration of connection NAS sends accounting update packets in periodic times. I want freeradius use this updates and check my online users periodically and send Disconnect packet if user's traffic is above my limit.How can it do this?any document about config ? Eric wrote:Hi,My radius server use ldap server for authorize and authentication.I set an attribute in ldap server that is the check-name in sqlcounter to limit users Input traffic. I want when user traffic reaches to this amount the user become stop but radius checks ldap attributes only at the first of connection not in the middle. How can I set radius server check users traffic with the amount of this attribute in ldap server in the duration of connection? The radius server steps out of the way once authentication and authorization is complete, nor does it have the ability to disconnect a user from a NAS. You need to have the NAS disconnect the user itself when a threshold is reached. This is accomplished by returning a vendor specific attribute specifying the limit for the session which the NAS then maintains. Once the limit on the NAS is reached the NAS terminates the session. You'll have to check your NAS documentation for a traffic limiting parameter. In the other common case of disconnect after a time duration it's handled by computing the session length during authorization and returning attribute 194 with the maximum number of seconds for the connection. This attribute is understood by comon NAS devices and is known variously as Ascend-Maximum-Time, Cisco-Maximum-Time or Lucent-Maximum-Time. You'll need to apply the same logic for data volume. -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRADIUS 2.1.5 on CentOS 4.4
ttributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: Loading Realms and Home Servers
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
require_message_authenticator = no
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: Loading Clients
client localhost {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "testing123"
nastype = "other"
}
radiusd: Instantiating modules
instantiate {
Module: Linked to module rlm_exec
Module: Instantiating exec
exec {
wait = no
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating expr
Module: Linked to module rlm_expiration
Module: Instantiating expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating logintime
logintime {
reply-message = "You are calling outside your allowed timespan "
minimum-timeout = 60
}
}
radiusd: Loading Virtual Servers
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating chap
Module: Linked to module rlm_mschap
Module: Instantiating mschap
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = no
}
Module: Linked to module rlm_unix
Module: Instantiating unix
unix {
radwtmp = "/usr/local/var/log/radius/radwtmp"
}
Module: Linked to module rlm_eap
Module: Instantiating eap
eap {
default_eap_type = "md5"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/server.pem"
certificate_file = "/usr/local/etc/raddb/certs/server.pem"
CA_file = "/usr/local/etc/raddb/certs/ca.pem"
private_key_password = "rifywbi!"
dh_file = "/usr/local/etc/raddb/certs/dh"
random_file = "/usr/local/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
make_cert_command = "/usr/local/etc/raddb/certs/bootstrap"
cache {
enable = no
lifetime = 24
max_entries = 255
}
}
rlm_eap: SSL error error:0906D06C:PEM routines:PEM_read_bio:no start line
rlm_eap_tls: Error reading private key file
/usr/local/etc/raddb/certs/server.pem
rlm_eap: Failed to initialize type tls
/usr/local/etc/raddb/eap.conf[17]: Instantiation failed for module "eap"
/usr/local/etc/raddb/sites-enabled/default[280]: Failed to find module "eap".
/usr/local/etc/raddb/sites-enabled/default[227]: Errors parsing authenticate
section.
}
Errors initializing modules
2009/4/18 Волошин Вячеслав
Delete from '/usr/local/etc/raddb/sites-enabled' all files, except
'default'.
- Original Message -
From: Glen Millard
To: freeradius-users@lists.freeradius.org
Sent: Saturday, A
Re: FreeRADIUS 2.1.5 on CentOS 4.4
Delete from '/usr/local/etc/raddb/sites-enabled' all files, except 'default'.
- Original Message -
From: Glen Millard
To: freeradius-users@lists.freeradius.org
Sent: Saturday, April 18, 2009 6:00 PM
Subject: FreeRADIUS 2.1.5 on CentOS 4.4
Hello All;
I have been spinning my wheels on this for a couple of days now.
I build FreeRADIUS from the source , no errors, builds successfully.
However, when I launch the FreeRADIUS server ( radiusd -X) this is what I see.
If I use the 'fake' certs ( the test ones with the bootstrap script) , it
runs successfully.
Any ideas? I see discussion similar, but nothing very clear.
Anyone?
Thanks
Glen
+++
FreeRADIUS Version 2.1.5, for host i686-pc-linux-gnu, built on Apr 18 2009 at
05:17:11
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.
conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file
/usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
including dictionary file /usr/local/etc/raddb/dictionary
main {
prefix = "/usr/local"
localstatedir = "/usr/local/var"
logdir = "/usr/local/var/log/radius"
libdir = "/usr/local/lib"
radacctdir = "/usr/local/var/log/radius/radacct"
hostname_lookups = no
problev with radius
radiusd -v: radiusd: FreeRADIUS Version 1.0.4, for host , built on Jun 19 2005 at 14:01:31 Copyright (C) 2000-2003 The FreeRADIUS server project. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License. For more information about these matters, see the file named COPYRIGHT. Has this error, when client connected in radius server: In /var/log/radius/radius.log Fri Apr 17 09:25:50 2009 : Error: Discarding duplicate request from client gnugk:48117 - ID: 126 due to unfinished request 229 Fri Apr 17 09:26:22 2009 : Auth: Login OK: [4413] (from client gnugk port 0 cli 4413) Fri Apr 17 09:33:32 2009 : Error: Discarding duplicate request from client st17-gw:1232 - ID: 15 due to unfinished request 235 Fri Apr 17 09:33:34 2009 : Error: Discarding duplicate request from client st17-gw:1232 - ID: 15 due to unfinished request 235 Fri Apr 17 09:33:40 2009 : Error: Discarding duplicate request from client st17-gw:1233 - ID: 16 due to unfinished request 236 Fri Apr 17 09:33:42 2009 : Error: Discarding duplicate request from client st17-gw:1233 - ID: 16 due to unfinished request 236 Fri Apr 17 09:33:51 2009 : Error: Discarding duplicate request from client st17-gw:1233 - ID: 17 due to unfinished request 237 Fri Apr 17 09:33:53 2009 : Error: Discarding duplicate request from client st17-gw:1233 - ID: 17 due to unfinished request 237 Fri Apr 17 09:34:17 2009 : Error: Dropping conflicting packet from client rep-hsgw01:2972 - ID: 206 due to unfinished request 238 Fri Apr 17 09:34:20 2009 : Error: Dropping conflicting packet from client rep-hsgw01:2972 - ID: 206 due to unfinished request 238 Fri Apr 17 09:35:22 2009 : Error: Dropping conflicting packet from client st17-gw:1233 - ID: 18 due to unfinished request 239 Fri Apr 17 09:35:24 2009 : Error: Dropping conflicting packet from client st17-gw:1233 - ID: 18 due to unfinished request 239 Fri Apr 17 09:35:35 2009 : Error: Dropping conflicting packet from client rep-hsgw01:2972 - ID: 207 due to unfinished request 240 Fri Apr 17 09:35:38 2009 : Error: Dropping conflicting packet from client rep-hsgw01:2972 - ID: 207 due to unfinished request 240 Fri Apr 17 09:36:36 2009 : Error: Discarding duplicate request from client st17-gw:1233 - ID: 19 due to unfinished request 241 Fri Apr 17 09:36:38 2009 : Error: Discarding duplicate request from client st17-gw:1233 - ID: 19 due to unfinished request 241 Fri Apr 17 09:36:42 2009 : Error: Discarding duplicate request from client st17-gw:1233 - ID: 20 due to unfinished request 242 Fri Apr 17 09:36:44 2009 : Error: Discarding duplicate request from client st17-gw:1233 - ID: 20 due to unfinished request 242 Fri Apr 17 09:36:49 2009 : Error: Discarding duplicate request from client st17-gw:1234 - ID: 21 due to unfinished request 243 Fri Apr 17 09:36:51 2009 : Error: Discarding duplicate request from client st17-gw:1234 - ID: 21 due to unfinished request 243 Fri Apr 17 09:37:05 2009 : Error: Discarding duplicate request from client st17-gw:1234 - ID: 22 due to unfinished request 244 Fri Apr 17 09:37:07 2009 : Error: Discarding duplicate request from client st17-gw:1234 - ID: 22 due to unfinished request 244 when the reboot radiusd, auth and accounting req normal processing: Fri Apr 17 09:51:53 2009 : Error: Discarding duplicate request from client st17-gw:1258 - ID: 74 due to unfinished request 303 Fri Apr 17 09:51:54 2009 : Error: Discarding duplicate request from client st17-gw:1259 - ID: 75 due to unfinished request 304 Fri Apr 17 09:52:01 2009 : Error: Discarding duplicate request from client st17-gw:1260 - ID: 76 due to unfinished request 305 Fri Apr 17 09:52:05 2009 : Info: Ready to process requests. Fri Apr 17 09:52:09 2009 : Auth: Login OK: [miracle] (from client st17-gw port 367362 cli 00:14:A4:46:73:26) Fri Apr 17 09:52:12 2009 : Auth: Login OK: [stepanov] (from client st17-gw port 367363 cli 00:0E:A6:3A:A5:4E) Fri Apr 17 09:52:13 2009 : Auth: Login OK: [260130] (from client rep-hsgw01 port 2151678103 cli 00:1F:C6:A6:F9:A6) What this mean this error? Formula+ LTD, т.(8617) 61-02-01 ф.(8617) 61-34-16 м.(918) 634-7550 volos...@maks.net www.formulaplus.ru- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: how to disable double connection
I m use db and nas alive/iterium-update packets and rlm_perl scripts. - Original Message - From: "Alan DeKok" To: "FreeRadius users mailing list" Sent: Thursday, April 16, 2009 12:02 PM Subject: Re: how to disable double connection Tseveendorj wrote: I didn't know where is the problem. Neither do I. You haven't posted the debug output, as suggested in the FAQ, README, INSTALL, "man" page, and daily on this list. Really appreciate help on it more detailed. Did you follow the instructions in the file doc/Simultaneous-Use? Do you have any questions about it? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius-server-2.1.4 make fails
use this : http://www.howtoforge.com/how-to-create-a-freeradius-2.1.1-6-rpm-package-on-centos-5.2 for your version freeradius, I m use this. - Original Message - From: "Thor Spruyt" To: Sent: Friday, April 10, 2009 8:43 PM Subject: freeradius-server-2.1.4 make fails Hi, I'm trying to compile freeradius-server-2.1.4 on CentOS 4.6 32-bit Configure command: ./configure --prefix=/opt/freeradius-2.1.4 --with-mysql --with-postgresql --with-openldap --without-snmp --without-openssl --without-krb5 --without-vmps But make fails: /home/thor/freeradius-server-2.1.4/libtool --mode=compile gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG -I/home/thor/freeradius-server-2.1.4/src -DHOSTINFO=\"i686-pc-linux-gnu\" -DRADIUSD_VERSION=\"2.1.5\" -DNO_OPENSSL -c listen.c gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -DNDEBUG -I/home/thor/freeradius-server-2.1.4/src -DHOSTINFO=\"i686-pc-linux-gnu\" -DRADIUSD_VERSION=\"2.1.5\" -DNO_OPENSSL -c listen.c -fPIC -DPIC -o .libs/listen.o listen.c: In function `client_listener_find': listen.c:126: warning: passing arg 1 of pointer to function discards qualifiers from pointer target type listen.c:206: warning: assignment discards qualifiers from pointer target type In file included from listen.c:1053: command.c: In function `command_show_client_config': command.c:845: warning: passing arg 2 of `cf_section2file' discards qualifiers from pointer target type listen.c: In function `listen_init': listen.c:1795: error: `RAD_LISTEN_VQP' undeclared (first use in this function) listen.c:1795: error: (Each undeclared identifier is reported only once listen.c:1795: error: for each function it appears in.) gmake[4]: *** [listen.lo] Error 1 gmake[4]: Leaving directory `/home/thor/freeradius-server-2.1.4/src/main' gmake[3]: *** [common] Error 2 gmake[3]: Leaving directory `/home/thor/freeradius-server-2.1.4/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/home/thor/freeradius-server-2.1.4/src' gmake[1]: *** [common] Error 2 gmake[1]: Leaving directory `/home/thor/freeradius-server-2.1.4' make: *** [all] Error 2 Any idea what's going wrong? Regards, Thor Spruyt - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius server not starting!
Failed creating PID file /usr/local/fnmt/var/run/radiusd/radiusd.pid:
Permission denied
set this:
[r...@bill ~]# ls -ltr /var/run/radiusd
total 4
srw-rw 1 rootradiusd 0 Apr 10 17:26 radiusd.sock
-rw-r--r-- 1 radiusd radiusd 6 Apr 10 17:26 radiusd.pid
in your file /usr/local/fnmt/var/run/radiusd/radiusd.pid
Log file created?
- Original Message -
From: ramesh p
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 4:37 PM
Subject: Re: Freeradius server not starting!
now its giving like this...
[r...@localhost init.d]# /usr/local/fnmt/etc/init.d/radiusd start
Starting FreeRADIUS:Fri Apr 10 07:15:32 2009 : Info: Starting - reading
configuration files ...
radiusd
# ps -eaf|grep radiusd
root 4412 31100 0 07:15 pts/000:00:00 grep radius
No pid created.
Why? want is going wrong?
2009/4/10 Волошин Вячеслав
[r...@bill etc]# [r...@bill radius]# ls -ltr
total 12
drwxr-xr-x 3 radiusd radiusd 4096 Mar 19 16:41 radacct
-rw-r- 1 radiusd radiusd 111 Apr 10 15:37 radius.log
set this.
- Original Message -
From: ramesh p
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 4:08 PM
Subject: Re: Freeradius server not starting!
[r...@localhost data]# ls -ltr /usr/local/fnmt/var/log/radius
total 16
drwx-- 2 root root 4096 Apr 28 2007 radacct
-rwxr-xr-x 1 root root 8298 Apr 10 06:43 radius.log
2009/4/10 Волошин Вячеслав
set pach /usr/local/fnmt/var/log/radius/ group owner "radiusd", and
give write and read access for group. check this into user "radiusd".
- Original Message -----
From: Волошин Вячеслав
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 3:31 PM
Subject: Re: Freeradius server not starting!
Hmm, what the linux u use? or u use Sun OS?
pach /usr/local/fnmt/var/log/radius/radius.log is non-standard, this
directory exist? Can u create file in?
- Original Message -
From: ramesh p
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 3:25 PM
Subject: Re: Freeradius server not starting!
Already it's in disable state.
[r...@localhost raddb]# more /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
2009/4/10 Волошин Вячеслав
Disable SELinux.
- Original Message -
From: ramesh p
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 3:14 PM
Subject: Freeradius server not starting!
[r...@localhost log]# /usr/local/fnmt/etc/init.d/radiusd start
Starting FreeRADIUS:Fri Apr 10 05:52:13 2009 : Info: Starting -
reading configuration files ...
radiusd: Couldn't open
/usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied
(rlm_exec: Wait=yes but no output defined. Did you mean
output=none?)
radiusd: Couldn't open
/usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied
(rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql)
loaded and linked)
radiusd: Couldn't open
/usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied
(rlm_sql (sql): Attempting to connect to
rad...@localhost:/LWT)
radiusd: Couldn't open
/usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #0)
radiusd: Couldn't open
/usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #1)
radiusd: Couldn't open
/usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #2)
radiusd: Couldn't open
/usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #3)
radiusd: Couldn't open
/usr/lo
Re: Freeradius server not starting!
[r...@bill etc]# [r...@bill radius]# ls -ltr
total 12
drwxr-xr-x 3 radiusd radiusd 4096 Mar 19 16:41 radacct
-rw-r- 1 radiusd radiusd 111 Apr 10 15:37 radius.log
set this.
- Original Message -
From: ramesh p
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 4:08 PM
Subject: Re: Freeradius server not starting!
[r...@localhost data]# ls -ltr /usr/local/fnmt/var/log/radius
total 16
drwx-- 2 root root 4096 Apr 28 2007 radacct
-rwxr-xr-x 1 root root 8298 Apr 10 06:43 radius.log
2009/4/10 Волошин Вячеслав
set pach /usr/local/fnmt/var/log/radius/ group owner "radiusd", and give
write and read access for group. check this into user "radiusd".
- Original Message -
From: Волошин Вячеслав
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 3:31 PM
Subject: Re: Freeradius server not starting!
Hmm, what the linux u use? or u use Sun OS?
pach /usr/local/fnmt/var/log/radius/radius.log is non-standard, this
directory exist? Can u create file in?
- Original Message -
From: ramesh p
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 3:25 PM
Subject: Re: Freeradius server not starting!
Already it's in disable state.
[r...@localhost raddb]# more /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
2009/4/10 Волошин Вячеслав
Disable SELinux.
- Original Message -
From: ramesh p
To: FreeRadius users mailing list
Sent: Friday, April 10, 2009 3:14 PM
Subject: Freeradius server not starting!
[r...@localhost log]# /usr/local/fnmt/etc/init.d/radiusd start
Starting FreeRADIUS:Fri Apr 10 05:52:13 2009 : Info: Starting -
reading configuration files ...
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(rlm_exec: Wait=yes but no output defined. Did you mean
output=none?)
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql)
loaded and linked)
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(rlm_sql (sql): Attempting to connect to rad...@localhost:/LWT)
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #0)
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #1)
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #2)
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #3)
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(rlm_sql_mysql: Starting connect to MySQL server for #4)
radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log
for logging: Permission denied
(Failed creating PID file
/usr/local/fnmt/var/run/radiusd/radiusd.pid: Permission denied
)
radiusd
Please suggest me.
Regards,
Ramesh.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info
Re: Freeradius server not starting!
set pach /usr/local/fnmt/var/log/radius/ group owner "radiusd", and give write and read access for group. check this into user "radiusd". - Original Message ----- From: Волошин Вячеслав To: FreeRadius users mailing list Sent: Friday, April 10, 2009 3:31 PM Subject: Re: Freeradius server not starting! Hmm, what the linux u use? or u use Sun OS? pach /usr/local/fnmt/var/log/radius/radius.log is non-standard, this directory exist? Can u create file in? - Original Message - From: ramesh p To: FreeRadius users mailing list Sent: Friday, April 10, 2009 3:25 PM Subject: Re: Freeradius server not starting! Already it's in disable state. [r...@localhost raddb]# more /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted 2009/4/10 Волошин Вячеслав Disable SELinux. - Original Message - From: ramesh p To: FreeRadius users mailing list Sent: Friday, April 10, 2009 3:14 PM Subject: Freeradius server not starting! [r...@localhost log]# /usr/local/fnmt/etc/init.d/radiusd start Starting FreeRADIUS:Fri Apr 10 05:52:13 2009 : Info: Starting - reading configuration files ... radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_exec: Wait=yes but no output defined. Did you mean output=none?) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql (sql): Attempting to connect to rad...@localhost:/LWT) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #0) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #1) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #2) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #3) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #4) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (Failed creating PID file /usr/local/fnmt/var/run/radiusd/radiusd.pid: Permission denied ) radiusd Please suggest me. Regards, Ramesh. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius server not starting!
Hmm, what the linux u use? or u use Sun OS? pach /usr/local/fnmt/var/log/radius/radius.log is non-standard, this directory exist? Can u create file in? - Original Message - From: ramesh p To: FreeRadius users mailing list Sent: Friday, April 10, 2009 3:25 PM Subject: Re: Freeradius server not starting! Already it's in disable state. [r...@localhost raddb]# more /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted 2009/4/10 Волошин Вячеслав Disable SELinux. - Original Message - From: ramesh p To: FreeRadius users mailing list Sent: Friday, April 10, 2009 3:14 PM Subject: Freeradius server not starting! [r...@localhost log]# /usr/local/fnmt/etc/init.d/radiusd start Starting FreeRADIUS:Fri Apr 10 05:52:13 2009 : Info: Starting - reading configuration files ... radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_exec: Wait=yes but no output defined. Did you mean output=none?) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql (sql): Attempting to connect to rad...@localhost:/LWT) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #0) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #1) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #2) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #3) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #4) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (Failed creating PID file /usr/local/fnmt/var/run/radiusd/radiusd.pid: Permission denied ) radiusd Please suggest me. Regards, Ramesh. -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius server not starting!
Disable SELinux. - Original Message - From: ramesh p To: FreeRadius users mailing list Sent: Friday, April 10, 2009 3:14 PM Subject: Freeradius server not starting! [r...@localhost log]# /usr/local/fnmt/etc/init.d/radiusd start Starting FreeRADIUS:Fri Apr 10 05:52:13 2009 : Info: Starting - reading configuration files ... radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_exec: Wait=yes but no output defined. Did you mean output=none?) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql (sql): Attempting to connect to rad...@localhost:/LWT) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #0) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #1) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #2) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #3) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (rlm_sql_mysql: Starting connect to MySQL server for #4) radiusd: Couldn't open /usr/local/fnmt/var/log/radius/radius.log for logging: Permission denied (Failed creating PID file /usr/local/fnmt/var/run/radiusd/radiusd.pid: Permission denied ) radiusd Please suggest me. Regards, Ramesh. -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem with rlm_perl
Ок, я так и сделал.
Но дело в том что мой радиус будет авторизовывать и считать несколько
сервисов с разных NAS.
И очень не плохо было бы их разнести.
Причем если запускать radius без режима дебага, то он какое то время будет
работать нормально, правда только какое-то.
---
Ok, I and have made.
But the matter is that my radius will be authenticate and acccounting some
services with different NAS.
And very much it would be not bad to carry them.
And if to start radius without a debug mode it what that time will work
normally, the truth only any.
- Original Message -
From: "Anatoly S. Zimin"
To: "FreeRadius users mailing list"
Sent: Tuesday, April 07, 2009 3:45 PM
Subject: Re: Problem with rlm_perl
Привет!
На самом деле, весьма _неудобно_ искать проблемы просто по дебагу +
конфиг.
Уж лучше описать её хоть на "ломаном" англ.
Это так отступление...
А вообще, у rlm_perl весьма много глюков.
Например при работе с разными модулями, типа IO::Socket::.
Попробуйте все засунуть в один скрипт.
Hello.
Config:
perl auth_perl_pppoe {
module = /var/www/radius/radius_auth.pl
func_accounting = accounting
}
perl acc_perl_pppoe {
module = /var/www/radius/radius_accounting.pl
func_authenticate = authenticate
}
-
authenticate {
Auth-Type PPPOE_AUTH {
auth_perl_pppoe
}
}
#
# Accounting. Log the accounting data.
#
accounting {
Acct-Type PPPOE_ACC {
acc_perl_pppoe
}
detail
unix
radutmp
}
this error in radiusd -X:
rad_recv: Access-Request packet from host 93.95.41.141 port 53773, id=8,
length=146
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 100
NAS-Port-Type = Ethernet
User-Name = "pppoe_test"
Calling-Station-Id = "00:13:77:60:60:CB"
Called-Station-Id = "internet"
NAS-Port-Id = "e2_v15"
CHAP-Challenge = 0x3b30fc1959ca610275bdc66582b579cf
CHAP-Password = 0x013e0573332525cd3ebc797dbe68f0969d
NAS-Identifier = "ntk-hsgw"
NAS-IP-Address = 93.95.41.141
+- entering group authorize {...}
++[preprocess] returns ok
[suffix] No '@' in User-Name = "pppoe_test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[mschap] returns noop
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 1
[files] users: Matched entry DEFAULT at line 7
[files] users: Matched entry DEFAULT at line 19
++[files] returns ok
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication
may fail because of this.
++[pap] returns noop
Found Auth-Type = PPPOE_AUTH
+- entering group PPPOE_AUTH {...}
GOT CLONE -1209066800 0x91011d8
rlm_perl: Added pair NAS-Port-Type = Ethernet
rlm_perl: Added pair CHAP-Password = 0x013e0573332525cd3ebc797dbe68f0969d
rlm_perl: Added pair Huntgroup-Name = ntk_pppoe
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Called-Station-Id = internet
rlm_perl: Added pair Calling-Station-Id = 00:13:77:60:60:CB
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair User-Name = pppoe_test
rlm_perl: Added pair CHAP-Challenge = 0x3b30fc1959ca610275bdc66582b579cf
rlm_perl: Added pair NAS-Identifier = ntk-hsgw
rlm_perl: Added pair NAS-IP-Address = 93.95.41.141
rlm_perl: Added pair NAS-Port = 100
rlm_perl: Added pair NAS-Port-Id = e2_v15
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Class = dialup
rlm_perl: Added pair Mikrotik-Rate-Limit = 256k
rlm_perl: Added pair Framed-Compression = Van-Jacobson-TCP-IP
rlm_perl: Added pair Auth-Type = PPPOE_AUTH
++[auth_perl_pppoe] returns ok
Login OK: [pppoe_test] (from client ntk-hsgw port 100 cli
00:13:77:60:60:CB)
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 8 to 93.95.41.141 port 53773
Framed-Protocol = PPP
Service-Type = Framed-User
Class = 0x6469616c7570
Mikrotik-Rate-Limit = "256k"
Framed-Compression = Van-Jacobson-TCP-IP
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 93.95.41.141 port 57551,
id=9,
length=157
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 100
NAS-Port-Type = Ethernet
User-Name = "pppoe_test"
Calling-Station-Id = "00:13:77:60:60:CB"
Called-Station-Id = "internet"
NAS-Port-Id = "e2_v15"
Class = 0x6469616c7570
Acct-Session-Id = "8170005c"
Framed-IP-Address = 93.95.42.63
Acct-Authentic = RADIUS
Event-Timestamp = "Apr 7 2009 17:07:22 MSD"
Acct-Status-Type = Start
NAS-Identifier = "ntk-hsgw"
NAS-IP-Address = 93.95.41.141
Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] retu
Problem with rlm_perl
Hello.
Config:
perl auth_perl_pppoe {
module = /var/www/radius/radius_auth.pl
func_accounting = accounting
}
perl acc_perl_pppoe {
module = /var/www/radius/radius_accounting.pl
func_authenticate = authenticate
}
-
authenticate {
Auth-Type PPPOE_AUTH {
auth_perl_pppoe
}
}
#
# Accounting. Log the accounting data.
#
accounting {
Acct-Type PPPOE_ACC {
acc_perl_pppoe
}
detail
unix
radutmp
}
this error in radiusd -X:
rad_recv: Access-Request packet from host 93.95.41.141 port 53773, id=8,
length=146
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 100
NAS-Port-Type = Ethernet
User-Name = "pppoe_test"
Calling-Station-Id = "00:13:77:60:60:CB"
Called-Station-Id = "internet"
NAS-Port-Id = "e2_v15"
CHAP-Challenge = 0x3b30fc1959ca610275bdc66582b579cf
CHAP-Password = 0x013e0573332525cd3ebc797dbe68f0969d
NAS-Identifier = "ntk-hsgw"
NAS-IP-Address = 93.95.41.141
+- entering group authorize {...}
++[preprocess] returns ok
[suffix] No '@' in User-Name = "pppoe_test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[mschap] returns noop
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 1
[files] users: Matched entry DEFAULT at line 7
[files] users: Matched entry DEFAULT at line 19
++[files] returns ok
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication
may fail because of this.
++[pap] returns noop
Found Auth-Type = PPPOE_AUTH
+- entering group PPPOE_AUTH {...}
GOT CLONE -1209066800 0x91011d8
rlm_perl: Added pair NAS-Port-Type = Ethernet
rlm_perl: Added pair CHAP-Password = 0x013e0573332525cd3ebc797dbe68f0969d
rlm_perl: Added pair Huntgroup-Name = ntk_pppoe
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Called-Station-Id = internet
rlm_perl: Added pair Calling-Station-Id = 00:13:77:60:60:CB
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair User-Name = pppoe_test
rlm_perl: Added pair CHAP-Challenge = 0x3b30fc1959ca610275bdc66582b579cf
rlm_perl: Added pair NAS-Identifier = ntk-hsgw
rlm_perl: Added pair NAS-IP-Address = 93.95.41.141
rlm_perl: Added pair NAS-Port = 100
rlm_perl: Added pair NAS-Port-Id = e2_v15
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Class = dialup
rlm_perl: Added pair Mikrotik-Rate-Limit = 256k
rlm_perl: Added pair Framed-Compression = Van-Jacobson-TCP-IP
rlm_perl: Added pair Auth-Type = PPPOE_AUTH
++[auth_perl_pppoe] returns ok
Login OK: [pppoe_test] (from client ntk-hsgw port 100 cli 00:13:77:60:60:CB)
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 8 to 93.95.41.141 port 53773
Framed-Protocol = PPP
Service-Type = Framed-User
Class = 0x6469616c7570
Mikrotik-Rate-Limit = "256k"
Framed-Compression = Van-Jacobson-TCP-IP
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 93.95.41.141 port 57551, id=9,
length=157
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 100
NAS-Port-Type = Ethernet
User-Name = "pppoe_test"
Calling-Station-Id = "00:13:77:60:60:CB"
Called-Station-Id = "internet"
NAS-Port-Id = "e2_v15"
Class = 0x6469616c7570
Acct-Session-Id = "8170005c"
Framed-IP-Address = 93.95.42.63
Acct-Authentic = RADIUS
Event-Timestamp = "Apr 7 2009 17:07:22 MSD"
Acct-Status-Type = Start
NAS-Identifier = "ntk-hsgw"
NAS-IP-Address = 93.95.41.141
Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing 'NAS-Port = 100,Client-IP-Address =
93.95.41.141,NAS-IP-Address = 93.95.41.141,Acct-Session-Id =
"8170005c",User-Name = "pppoe_test"'
[acct_unique] Acct-Unique-Session-ID = "de65ab6044a69020".
++[acct_unique] returns ok
[files] acct_users: Matched entry DEFAULT at line 29
++[files] returns ok
Found Acct-Type PPPOE_ACC
+- entering group PPPOE_ACC {...}
rlm_perl: perl_embed:: module = /var/www/radius/radius_accounting.pl , func
= accounting exit status= Undefined subroutine &main::accounting called.
Use of uninitialized value.
rlm_perl: Added pair NAS-Port-Type = Ethernet
rlm_perl: Added pair Acct-Session-Id = 8170005c
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Acct-Unique-Session-Id = de65ab6044a69020
rlm_perl: Added pair Called-Station-Id = internet
rlm_perl: Added pair Acct-Authentic = RADIUS
rlm_perl: Added pair Acct-Status-Type = Start
rlm_perl: Added pair NAS-IP-Address = 93.95.41.141
rlm_perl: Added pair NAS-Port-Id = e2_v15
rlm_perl: Added pair Huntgroup-Name = ntk_pppoe
rlm_perl: Added pair Calling-Station-Id = 00:13:77:60:60:CB
r
Problem with rlm_perl
Hello.
Config:
perl auth_perl_pppoe {
module = /var/www/radius/radius_auth.pl
func_accounting = accounting
}
perl acc_perl_pppoe {
module = /var/www/radius/radius_accounting.pl
func_authenticate = authenticate
}
-
authenticate {
Auth-Type PPPOE_AUTH {
auth_perl_pppoe
}
}
#
# Accounting. Log the accounting data.
#
accounting {
Acct-Type PPPOE_ACC {
acc_perl_pppoe
}
detail
unix
radutmp
}
this error in radiusd -X:
rad_recv: Access-Request packet from host 93.95.41.141 port 53773, id=8,
length=146
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 100
NAS-Port-Type = Ethernet
User-Name = "pppoe_test"
Calling-Station-Id = "00:13:77:60:60:CB"
Called-Station-Id = "internet"
NAS-Port-Id = "e2_v15"
CHAP-Challenge = 0x3b30fc1959ca610275bdc66582b579cf
CHAP-Password = 0x013e0573332525cd3ebc797dbe68f0969d
NAS-Identifier = "ntk-hsgw"
NAS-IP-Address = 93.95.41.141
+- entering group authorize {...}
++[preprocess] returns ok
[suffix] No '@' in User-Name = "pppoe_test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[mschap] returns noop
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 1
[files] users: Matched entry DEFAULT at line 7
[files] users: Matched entry DEFAULT at line 19
++[files] returns ok
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication
may fail because of this.
++[pap] returns noop
Found Auth-Type = PPPOE_AUTH
+- entering group PPPOE_AUTH {...}
GOT CLONE -1209066800 0x91011d8
rlm_perl: Added pair NAS-Port-Type = Ethernet
rlm_perl: Added pair CHAP-Password = 0x013e0573332525cd3ebc797dbe68f0969d
rlm_perl: Added pair Huntgroup-Name = ntk_pppoe
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Called-Station-Id = internet
rlm_perl: Added pair Calling-Station-Id = 00:13:77:60:60:CB
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair User-Name = pppoe_test
rlm_perl: Added pair CHAP-Challenge = 0x3b30fc1959ca610275bdc66582b579cf
rlm_perl: Added pair NAS-Identifier = ntk-hsgw
rlm_perl: Added pair NAS-IP-Address = 93.95.41.141
rlm_perl: Added pair NAS-Port = 100
rlm_perl: Added pair NAS-Port-Id = e2_v15
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Class = dialup
rlm_perl: Added pair Mikrotik-Rate-Limit = 256k
rlm_perl: Added pair Framed-Compression = Van-Jacobson-TCP-IP
rlm_perl: Added pair Auth-Type = PPPOE_AUTH
++[auth_perl_pppoe] returns ok
Login OK: [pppoe_test] (from client ntk-hsgw port 100 cli 00:13:77:60:60:CB)
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 8 to 93.95.41.141 port 53773
Framed-Protocol = PPP
Service-Type = Framed-User
Class = 0x6469616c7570
Mikrotik-Rate-Limit = "256k"
Framed-Compression = Van-Jacobson-TCP-IP
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 93.95.41.141 port 57551, id=9,
length=157
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 100
NAS-Port-Type = Ethernet
User-Name = "pppoe_test"
Calling-Station-Id = "00:13:77:60:60:CB"
Called-Station-Id = "internet"
NAS-Port-Id = "e2_v15"
Class = 0x6469616c7570
Acct-Session-Id = "8170005c"
Framed-IP-Address = 93.95.42.63
Acct-Authentic = RADIUS
Event-Timestamp = "Apr 7 2009 17:07:22 MSD"
Acct-Status-Type = Start
NAS-Identifier = "ntk-hsgw"
NAS-IP-Address = 93.95.41.141
Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing 'NAS-Port = 100,Client-IP-Address =
93.95.41.141,NAS-IP-Address = 93.95.41.141,Acct-Session-Id =
"8170005c",User-Name = "pppoe_test"'
[acct_unique] Acct-Unique-Session-ID = "de65ab6044a69020".
++[acct_unique] returns ok
[files] acct_users: Matched entry DEFAULT at line 29
++[files] returns ok
Found Acct-Type PPPOE_ACC
+- entering group PPPOE_ACC {...}
rlm_perl: perl_embed:: module = /var/www/radius/radius_accounting.pl , func
= accounting exit status= Undefined subroutine &main::accounting called.
Use of uninitialized value.
rlm_perl: Added pair NAS-Port-Type = Ethernet
rlm_perl: Added pair Acct-Session-Id = 8170005c
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Acct-Unique-Session-Id = de65ab6044a69020
rlm_perl: Added pair Called-Station-Id = internet
rlm_perl: Added pair Acct-Authentic = RADIUS
rlm_perl: Added pair Acct-Status-Type = Start
rlm_perl: Added pair NAS-IP-Address = 93.95.41.141
rlm_perl: Added pair NAS-Port-Id = e2_v15
rlm_perl: Added pair Huntgroup-Name = ntk_pppoe
rlm_perl: Added pair Calling-Station-Id = 00:13:77:60:60:CB
r
