Radius don't write on MySQL radacct
Hi all, I have one FreeRADIUS 1.1.7_2 server running on a FreeBSD 6.2-STABLE box, and other FreeBSD 6.3-STABLE box running MySQL 5.0.51a. These RADIUS system, are running at least for one year, and I got no problems, but now, since one month ago, I have no write on radacct table. Here is the result of radiusd -X: http://pastebin.ca/1201080 Does anybody knows what does it could be? Thank you very much, Felipe Neuwald. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius don't write on MySQL radacct
Ivan, I hope sql is listed in accouting section. Take a look: radiusd.conf: http://pastebin.ca/1201150 sql.conf: http://pastebin.ca/1201151 Felipe. 2008/9/12 [EMAIL PROTECTED]: sql is not listed in accounting section. Or it's commented out. Ivan Kalik Kalik Informatika ISP Dana 12/9/2008, Felipe Neuwald [EMAIL PROTECTED] piše: Hi all, I have one FreeRADIUS 1.1.7_2 server running on a FreeBSD 6.2-STABLE box, and other FreeBSD 6.3-STABLE box running MySQL 5.0.51a. These RADIUS system, are running at least for one year, and I got no problems, but now, since one month ago, I have no write on radacct table. Here is the result of radiusd -X: http://pastebin.ca/1201080 Does anybody knows what does it could be? Thank you very much, Felipe Neuwald. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Very big user database
Hi folks, I put to work our new freeradius server, and I'm getting this message on my /var/log/radius.log: Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Our user database is big, something about 120k users. Does anybody knows how to solve this problem? Thank you, Felipe Neuwald. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Very big user database (solved)
Oops, sorry.. solved: [EMAIL PROTECTED] /usr/local/etc/raddb]# cat sql.conf | grep num_sql_socks num_sql_socks = 15 Increased from 5 to 15. Thanks, Felipe. --- Hi folks, I put to work our new freeradius server, and I'm getting this message on my /var/log/radius.log: Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Thu Dec 28 15:47:15 2006 : Info: rlm_sql (sql): There are no DB handles to use! skipped 0, tried to connect 0 Our user database is big, something about 120k users. Does anybody knows how to solve this problem? Thank you, Felipe Neuwald. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Multiple ISPs and big user database
Hi Folks, My MySQL database is working ok, thank you all of you guys. More one problem: I have two ISPs here, each one with 3 NAS IP addresses: ISP1: NAS 1: 10.1.1.1 NAS 2: 10.1.1.2 NAS 3: 10.1.1.3 ISP2: NAS 1: 10.2.2.1 NAS 2: 10.2.2.2 NAS 3: 10.2.2.3 And my radcheck table is like this: id: (incremental) username: the user name attribute: (always Password) op: (always ==) value: the password isp: (can be 1 or 2) A simple example: id: 33934 username: john attribute: Password op: == value: smith isp: 1 The question is. When a user come from ISP1, can I pass one SQL paramether, and whan a user come from ISP2, can I pass other SQL paramether? Thanks, Felipe Neuwald. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Multiple ISPs and big user database
Hi Dennis, ok, thank you. I'll make tests and send you the result. Regards, Felipe Neuwald. Dennis Skinner escreveu: Felipe Neuwald wrote: ISP1: NAS 1: 10.1.1.1 NAS 2: 10.1.1.2 NAS 3: 10.1.1.3 ISP2: NAS 1: 10.2.2.1 NAS 2: 10.2.2.2 NAS 3: 10.2.2.3 Try this: huntgroups file: ISP1Client-IP-Address == 10.1.1.1 SQL-Group == ISP1 ISP1Client-IP-Address == 10.1.1.2 SQL-Group == ISP1 ISP1Client-IP-Address == 10.1.1.3 SQL-Group == ISP1 ISP2Client-IP-Address == 10.2.2.1 SQL-Group == ISP1 ISP2Client-IP-Address == 10.2.2.2 SQL-Group == ISP1 ISP2Client-IP-Address == 10.2.2.3 SQL-Group == ISP1 Now instead of the radcheck table, use the usergroup table like this: +---++---+ | id| UserName | GroupName | +---++---+ | 1 | [EMAIL PROTECTED] | ISP1 | | 2 | [EMAIL PROTECTED] | ISP2 | +---++---+ It should just work. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MySQL: don't logging to radacct
): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Instantiated sql (sql) Module: Loaded Acct-Unique-Session-Id acct_unique: key = User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port Module: Instantiated acct_unique (acct_unique) Module: Loaded realm realm: format = suffix realm: delimiter = @ realm: ignore_default = no realm: ignore_null = no Module: Instantiated realm (suffix) Module: Loaded files files: usersfile = /usr/local/etc/raddb/users files: acctusersfile = /usr/local/etc/raddb/acct_users files: preproxy_usersfile = /usr/local/etc/raddb/preproxy_users files: compat = no Module: Instantiated files (files) Module: Loaded detail detail: detailfile = /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = /var/log/radutmp radutmp: username = %{User-Name} radutmp: case_sensitive = yes radutmp: check_with_nas = yes radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:51938, id=206, length=55 User-Name = brt User-Password = adsl NAS-IP-Address = 255.255.255.255 NAS-Port = 0 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module preprocess returns ok for request 0 radius_xlat: 'brt' rlm_sql (sql): sql_set_user escaped user -- 'brt' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'brt' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'brt' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'brt' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'brt' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module sql returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 auth: type Local auth: user supplied User-Password matches local User-Password Processing the session section of radiusd.conf modcall: entering group session for request 0 radius_xlat: '/var/log/radutmp' radius_xlat: 'brt' modcall[session]: module radutmp returns ok for request 0 modcall: leaving group session (returns ok) for request 0 Login OK: [brt/adsl] (from client localhost port 0) Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 0 rlm_sql (sql): Processing sql_postauth radius_xlat: 'brt' rlm_sql (sql): sql_set_user escaped user -- 'brt' radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values ('', 'brt', 'adsl', 'Access-Accept', NOW())' rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, pass, reply, date) values ('', 'brt', 'adsl', 'Access-Accept', NOW()) rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): Released sql socket id: 3 modcall[post-auth]: module sql returns ok for request 0 modcall: leaving group post-auth (returns ok) for request 0 Sending Access-Accept of id 206 to 127.0.0.1 port 51938 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 206 with timestamp 457ede6a Nothing to do. Sleeping until we see a request. ^C Does somebody knows why there is no entry on my radacct table? Thank you, Felipe Neuwald. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RE : MySQL: don't logging to radacct
Hi Dennis and Thibault, I redirected some users of my old radius to this new radius and I still have no accounting. I redirected traffic in firewall directly from ISP to old server to new server. And here the results of radclient: [EMAIL PROTECTED] /tmp]# cat radius.teste | radclient 127.0.0.1 auth teste Received response ID 198, code 2, length = 20 [EMAIL PROTECTED] /tmp]# cat radius.teste | radclient 127.0.0.1 acct teste radclient: no response from server for ID 204 no response from an acct command. Any idea? Thank you, Felipe Neuwald. Thibault Le Meur escreveu: -Message d'origine- De : [EMAIL PROTECTED] radius.org [mailto:[EMAIL PROTECTED] sts.freeradius.org] De la part de Felipe Neuwald Envoyé : mardi 12 décembre 2006 18:06 À : freeradius-users@lists.freeradius.org Objet : MySQL: don't logging to radacct Hi Folks, I'm using freeradius-1.1.3_1 on FreeBSD 6.2-PRERELEASE and mysql-server-5.0.27. My database connection is ok, and I'm sucessfully authorizeing on MySQL databse. After user connection, a entry is added on radpostauth table. My problem is cause there is no entry on radacct table. Here is an authentication: [EMAIL PROTECTED] /usr/local/etc/raddb]# radtest brt adsl 127.0.0.1 0 teste Sending Access-Request of id 206 to 127.0.0.1 port 1812 User-Name = brt User-Password = adsl NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=206, length=20 Does somebody knows why there is no entry on my radacct table? Yes, look at your logs... radtest sends only an Access Request packet not an Accounting packet: that's why no accounting entry is added to raddact. Try radclient in order to send an accounting packet HTH, Thibault - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RE : MySQL: don't logging to radacct
Hi Dennis and Thibault, I redirected some users of my old radius to this new radius and I still have no accounting. I redirected traffic in firewall directly from ISP to old server to new server. And here the results of radclient: [EMAIL PROTECTED] /tmp]# cat radius.teste | radclient 127.0.0.1 auth teste Received response ID 198, code 2, length = 20 [EMAIL PROTECTED] /tmp]# cat radius.teste | radclient 127.0.0.1 acct teste radclient: no response from server for ID 204 no response from an acct command. Any idea? Thank you, Felipe Neuwald. Thibault Le Meur escreveu: -Message d'origine- De : [EMAIL PROTECTED] radius.org [mailto:[EMAIL PROTECTED] sts.freeradius.org] De la part de Felipe Neuwald Envoyé : mardi 12 décembre 2006 18:06 À : freeradius-users@lists.freeradius.org Objet : MySQL: don't logging to radacct Hi Folks, I'm using freeradius-1.1.3_1 on FreeBSD 6.2-PRERELEASE and mysql-server-5.0.27. My database connection is ok, and I'm sucessfully authorizeing on MySQL databse. After user connection, a entry is added on radpostauth table. My problem is cause there is no entry on radacct table. Here is an authentication: [EMAIL PROTECTED] /usr/local/etc/raddb]# radtest brt adsl 127.0.0.1 0 teste Sending Access-Request of id 206 to 127.0.0.1 port 1812 User-Name = brt User-Password = adsl NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=206, length=20 Does somebody knows why there is no entry on my radacct table? Yes, look at your logs... radtest sends only an Access Request packet not an Accounting packet: that's why no accounting entry is added to raddact. Try radclient in order to send an accounting packet HTH, Thibault - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication registers on MySQL
Hi Folks, I'm building a new freeradius server here, and I wanna make some implementations: 1. Log every authentication (sucessfull or not) to MySQL database; 2. but, log *only* the last 10 registers of authentication in database. The database connection is already working ok, and I'm retrieving the user information from radcheck table. Does anybody knows how to implement this? Thanks, Felipe Neuwald. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRadius+MySQL+PHP
Hello Folks, Today I'm using FreeRadius getting login information from system user accounts. I wanna migrate the accounts to MySQL, and use FreeRadius+MySQL. I made some test and today everything is working fine with this solution, FreeRadius+MySQL. What I wanna know, is if exist one PHP admin interface or something like it to work with FreeRadius+MySQL. Best Regards, -- Felipe Neuwald [EMAIL PROTECTED] +55 61 3038-5038 +55 61 8135-8918 -- Chave pública PGP / PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x8AE508F3 signature.asc Description: Esta =?ISO-8859-1?Q?=E9?= uma parte de mensagem assinada digitalmente
Re: FreeRadius+MySQL+PHP
Hello Dinko, This isn't the best solution because it's not only me that will have acess to the informations. I think a GUI better than PHPMyAdmin would be good for this. Regards, -- Felipe Neuwald [EMAIL PROTECTED] +55 61 3038-5038 +55 61 8135-8918 -- Chave pública PGP / PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x8AE508F3 Em Qui, 2004-05-27 às 11:13, Dinko Korunic escreveu: On Thu, May 27, 2004 at 10:48:57AM -0300, Felipe Neuwald wrote: What I wanna know, is if exist one PHP admin interface or something like it to work with FreeRadius+MySQL. I've been using PHPMyadmin for Web-based PHP/MySQL interface. Though, it is a pure SQL client and you'll have to know things stated in FreeRADIUS documentation. signature.asc Description: Esta =?ISO-8859-1?Q?=E9?= uma parte de mensagem assinada digitalmente
RE: FreeRadius+MySQL+PHP
Thanks Bart, I'll check it. After done, I'll give my opinion to the list. Regards, -- Felipe Neuwald [EMAIL PROTECTED] +55 61 3038-5038 +55 61 8135-8918 -- Chave pública PGP / PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x8AE508F3 Em Qui, 2004-05-27 às 10:59, Bart Van Daal escreveu: Hi Felipe, check out dialup_admin that came with the package. -Original Message- From: Felipe Neuwald [mailto:[EMAIL PROTECTED] Sent: donderdag 27 mei 2004 15:49 To: [EMAIL PROTECTED] Subject: FreeRadius+MySQL+PHP Hello Folks, Today I'm using FreeRadius getting login information from system user accounts. I wanna migrate the accounts to MySQL, and use FreeRadius+MySQL. I made some test and today everything is working fine with this solution, FreeRadius+MySQL. What I wanna know, is if exist one PHP admin interface or something like it to work with FreeRadius+MySQL. Best Regards, -- Felipe Neuwald [EMAIL PROTECTED] +55 61 3038-5038 +55 61 8135-8918 -- Chave pública PGP / PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x8AE508F3 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html signature.asc Description: Esta =?ISO-8859-1?Q?=E9?= uma parte de mensagem assinada digitalmente
Re: Logging to syslog
Alan, I'm running 'radiusd -l syslog' and the logs aren't going to syslog. -- Felipe Neuwald [EMAIL PROTECTED] +55 61 3038-5038 +55 61 8135-8918 -- Chave pública PGP / PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x8AE508F3 Em Sex, 2004-05-21 às 11:20, Alan DeKok escreveu: Felipe Neuwald [EMAIL PROTECTED] wrote: anybody know how to make FreeRadius log everything to syslog, not to a regular file? radiusd -h Read it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Logging to syslog
Just to complete: I'm running 'radiusd -l syslog' and it still logging to /var/log/radius.log. -- Felipe Neuwald [EMAIL PROTECTED] +55 61 3038-5038 +55 61 8135-8918 -- Chave pública PGP / PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x8AE508F3 Em Sex, 2004-05-21 às 11:20, Alan DeKok escreveu: Felipe Neuwald [EMAIL PROTECTED] wrote: anybody know how to make FreeRadius log everything to syslog, not to a regular file? radiusd -h Read it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html signature.asc Description: Esta =?ISO-8859-1?Q?=E9?= uma parte de mensagem assinada digitalmente
FreeRadius logging to syslog
Folks, have a way that FreeRadius log everything to syslog, not directly to a file? Regards, -- Felipe Neuwald [EMAIL PROTECTED] +55 61 3038-5038 +55 61 8135-8918 -- Chave pública PGP / PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x8AE508F3 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Logging to syslog
Folks, anybody know how to make FreeRadius log everything to syslog, not to a regular file? Thanks, -- Felipe Neuwald [EMAIL PROTECTED] +55 61 3038-5038 +55 61 8135-8918 -- Chave pública PGP / PGP public key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x8AE508F3 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html