Re: Switching from Cistron radius to Free radius
Le jeudi 16 décembre 2004 à 10:49 -0500, Lisa Casey a écrit : > Hi, > > I have a radius server currently authenticating dialup users using Cistron. > I'm in the process of switching over to Free radius. I have downloaded and > installed Free radius 1.0.1 and have edited radiusd.conf to suit my needs. I > haven't started using it yet in place of Cistron but I'm about ready to. I > have a qauestion though: > > In .../freeradius-1.0.1/scripts there is a script to start the radius daemon > called rc.radiusd. My cistron is currently started with a script in > /etc/init.d called radiusd. Should I just copy rc.radiusd to /etc/init.d > then rename it radiusd? > > Actually, in .../freeradius-1.0.1/scripts, there are two scripts: > rc.radiusd and rc.radiusd.in What's the difference between these and which > should I use? rc.radiusd is generated from rc.radiusd.in at build-time. The one you should use is rc.radiusd, unless you want to fix things and submit your changes to FreeRADIUS. > Thanks, > > Lisa Casey - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: We are willing to pay to get support on this (Was: Cisco-AVPair & cisco_vsa_hack())
Le mar 20/04/2004 à 00:47, Paul Hampson a écrit :
> On Sun, Apr 18, 2004 at 03:51:12PM +0200, Jerome Warnier wrote:
> > On Sun, 2004-04-18 at 15:13, Paul Hampson wrote:
> > > On Sun, Apr 18, 2004 at 12:33:53PM +0200, Jerome Warnier wrote:
> > > > On Sun, 2004-04-18 at 05:43, Paul Hampson wrote:
> > > > > On Sat, Apr 17, 2004 at 11:41:27PM +0200, Jerome Warnier wrote:
> > > > > > On Sat, 2004-04-17 at 06:02, Paul Hampson wrote:
> > > > > > > On Fri, Apr 16, 2004 at 09:55:01PM +0200, Jerome Warnier wrote:
> > > > > > > > On Fri, 2004-04-16 at 20:42, Alan DeKok wrote:
> > > > > > > > > ?ISO-8859-1?Q?J=E9r=F4me?= Warnier <[EMAIL PROTECTED]> wrote:
> > > > > > > > > ...
>
> > > > > > > > > Try the latest CVS snapshot, it may work better there.
>
> > > > And you have of course to use dh_perl in debian/rules to substitute the
> > > > ${perl:Depends}. I suggest the following (not tested):
> > > > dh_perl -p freeradius-dialupadmin dialup_admin/bin
>
> > > I think I'll make that a Recommends, not a Depends... Unless those perl
> > > scripts are vital to the operation of most of dialup-admin? A brief
> > > examination of the README suggest they're all optional extras, that I
> > > (for example) would never run. (We don't do bandwidth tracking/billing,
> > > and I don't want it whacking data from my radacct table.)
> > There is also a crontab file in this directory, which uses most the
> > other scripts there, but needs fixing before being (optionally) put into
> > /etc/cron.d. This file needs fixing anyway, because it currently points
> > to /usr/local/...
>
> I'll put this in as an example, I think. However, I will have to add a
> sed script to fix the paths in the crontab.
Yes, put it in /usr/share/doc/freeradius-dialupadmin/examples instead of
the current directory.
Do you want me to write the sed script?
Something like this should do the trick:
sed -i 's/usr/local/dialup\_admin_/usr/share/dialupadmin'
dialup_admin.cron
> > Did not use any yet, so you are probably right. Maybe a debconf question
> > would be useful (setup crontab for accounting or not)?
> > Don't forget it just applies to Dialup Admin, which many people won't
> > probably bother installing anyway.
>
> Bleh, no good. Conditionally installing a file into /etc/ is a pain
> under Debian Policy. I'll have to make a note in the README.Debian
> about that.
Ok.
--
Jérôme Warnier
Consultant
BeezNest
http://beeznest.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
We are willing to pay to get support on this (Was: Cisco-AVPair & cisco_vsa_hack())
Le lun 12/04/2004 à 17:37, Pascal Polleunus a écrit :
> Hi,
>
> We are trying to do VoIP accounting using Cisco material but we've
> problems with the attribute "Cisco-AVPair".
>
> We've defined "with_cisco_vsa_hack = yes", and it works for other
> Cisco's VSA.
>
> In rlm_preprocess.c, in cisco_vsa_hack(), I found:
>/*
> * Cisco-AVPair's get packed as:
> *
> * Cisco-AVPair = "h323-foo-bar = baz"
> *
> * which makes sense only if you're a lunatic.
> * This code looks for the attribute named inside
> * of the string, and if it exists, adds it as a new
> * attribute.
> */
>
> Does that well mean that %{h323-foo-bar} will be available (if defined
> in a dictionary)?
>
> So if we receive the following:
>Cisco-AVPair = "h323-incoming-conf-id=..."
>Cisco-AVPair = "gw-rxd-cdn=ton:0,npi:1,#:0123456789"
>Cisco-AVPair = "in-carrier-id=1"
>
> %{h323-incoming-conf-id}, %{gw-rxd-cdn} and %{in-carrier-id} should be
> available, right?
>
>
> h323-incoming-conf-id is already defined in dictionary.cisco, so we
> didn't redefined it, but for the others, we've defined a dictionary
> containing the following entries:
> ATTRIBUTE in-carrier-id 224 string Cisco
> ATTRIBUTE out-carrier-id 225 string Cisco
> ATTRIBUTE gw-rxd-cdn 226 string Cisco
>
> And we tried also with the following entries instead:
> VALUE Cisco-AVPairin-carrier-id 224
> VALUE Cisco-AVPairout-carrier-id 225
> VALUE Cisco-AVPairgw-rxd-cdn 226
>
>
> But, %{Cisco-AVPair} contains only the first attribute received
> ("h323-incoming-conf-id=...") and %{gw-rxd-cdn} and %{in-carrier-id}
> contain nothing.
>
>
> Does someone know how to solve that?
>
>
> Thanks for your help,
> Pascal Polleunus
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Jérôme Warnier
Consultant
BeezNest
http://beeznest.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems running against rlm_sql_postgresql
Le jeu 01/04/2004 à 05:07, Chris Ross a écrit : > Hey there. I've built FreeRADIUS, and built, installed, and tested > PostgreSQL 7.4.2 beforehand. rlm_sql and rlm_sql_postgresql seem to > build and install alright, but when rlm_sql tries to load rlm_sql_postgresql > it fails to resolve the dependancy. It looks like libltdl is trying to > do something bogus. Regardless, I don't see any syscalls looking for > .so files, just the .la files. But, PostgreSQL doesn't use libtool to > build, so there is no .la file. > > Has anyone else seen this problem? Does anyone have a suggestion? Just an idea: The build process still needs libtool < 1.5 Hope it helps. -- Jérôme Warnier Consultant BeezNest http://beeznest.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re[4]: accounting from alive packets doesn't go to sql
Le ven 02/04/2004 à 19:04, Alexander Lunyov a écrit : > Hello Jérôme, > > Friday, April 2, 2004, 8:18:33 PM, you wrote: > > >> JW> We are having the exact same problem, see my mail with subject > >> JW> "FreeRADIUS and PostgreSQL" from Wed, 31 Mar 2004 21:44:59 +0200. > >> > >> No, in my case the problem is occures only with Alive packets, and > >> when radius receives Stop packet - it's ok, he put accounting data > >> in sql normally. So i think it's not the same problem. > JW> Could you tell me what a "ldd /usr/sbin/freeradius" tells you then, > JW> please? > > Here you go > > # ldd /usr/local/sbin/radpppd > /usr/local/sbin/radpppd: > libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x2807e000) > libutil.so.3 => /usr/lib/libutil.so.3 (0x28097000) > libmd.so.2 => /usr/lib/libmd.so.2 (0x280a) > libpcap.so.2 => /usr/lib/libpcap.so.2 (0x280a9000) > libradius.so.1 => /usr/lib/libradius.so.1 (0x280c5000) > libc.so.4 => /usr/lib/libc.so.4 (0x280ca000) I have the same kind of dependencies, though I realized that the DB librairies are plugins, and are not linked into the main program. > JW> Optionally, could you provide us your current configuration, so that we > JW> could compare? > > In attachment, hope this will help you. > And i hope someone will help me :) > Once again - we talking about Alive packets and sql accounting :) It is working now, thanks to every people that helped. It seems now that FreeRADIUS is not giving acknowledgment to our Cisco routers. I'm going to search that. -- Jérôme Warnier Consultant BeezNest http://beeznest.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Could not link driver "rlm_sql_mysql" problem.
Le sam 03/04/2004 à 13:27, Paul Hampson a écrit : > On Sat, Apr 03, 2004 at 12:40:28PM +0200, Jérôme Warnier wrote: > > Le sam 03/04/2004 à 12:34, Paul Hampson a écrit : > > > Looks good to me. > > To me too, but my problem is still unsolved: it doesn't want to write in > > the DB, nor in the sqltrace file. > > OK... > > What's FreeRADIUS's debugging output say? Is it loading SQL drivers, or > even trying? trtwo:~# freeradius -x Starting - reading configuration files ... Using deprecated naslist file. Support for this will go away soon. Using deprecated clients file. Support for this will go away soon. Using deprecated realms file. Support for this will go away soon. Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded eap rlm_eap: Loaded and initialized the type md5 rlm_eap: Loaded and initialized the type leap Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded files Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Module: Loaded SQL rlm_sql (sql): Driver rlm_sql_postgresql (module rlm_sql_postgresql) loaded and linked rlm_sql (sql): Attempting to connect to _tr_radius@:/pnixon rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #4 rlm_sql (sql): Connected new DB handle, #4 rlm_sql (sql): starting 5 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #5 rlm_sql (sql): Connected new DB handle, #5 rlm_sql (sql): starting 6 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #6 rlm_sql (sql): Connected new DB handle, #6 rlm_sql (sql): starting 7 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #7 rlm_sql (sql): Connected new DB handle, #7 rlm_sql (sql): starting 8 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #8 rlm_sql (sql): Connected new DB handle, #8 rlm_sql (sql): starting 9 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #9 rlm_sql (sql): Connected new DB handle, #9 rlm_sql (sql): starting 10 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #10 rlm_sql (sql): Connected new DB handle, #10 rlm_sql (sql): starting 11 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #11 rlm_sql (sql): Connected new DB handle, #11 rlm_sql (sql): starting 12 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #12 rlm_sql (sql): Connected new DB handle, #12 rlm_sql (sql): starting 13 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #13 rlm_sql (sql): Connected new DB handle, #13 rlm_sql (sql): starting 14 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #14 rlm_sql (sql): Connected new DB handle, #14 rlm_sql (sql): starting 15 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #15 rlm_sql (sql): Connected new DB handle, #15 rlm_sql (sql): starting 16 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #16 rlm_sql (sql): Connected new DB handle, #16 rlm_sql (sql): starting 17 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #17 rlm_sql (sql): Connected new DB handle, #17 rlm_sql (sql): starting 18 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #18 rlm_sql (sql): Connected new DB handle, #18 rlm_sql (sql): starting 19 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #19 rlm_sql (sql): Connected new DB handle, #19 rlm_sql (sql): starting 20 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #20 rlm_sql (sql): Connected new DB handle, #20 rlm_sql (sql): starting 21 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #21 rlm_sql (sql): Connected new DB handle, #21 rlm_sql (sql): starting 22 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #22 rlm_sql (sql): Connected new DB handle, #22 rlm_sql (sql): starting 23 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #23 rlm_sql (sql): Connected new DB handle, #23 rlm_sql (sql): starting 24 rlm_sql (sql): Attempting to connect rlm_sql_postgresql #24 rlm_sql (sql): Connected new DB handle, #24 Module: Instantiated sql (sql) Initializ
Re: Could not link driver "rlm_sql_mysql" problem.
Le sam 03/04/2004 à 12:34, Paul Hampson a écrit : > On Sat, Apr 03, 2004 at 11:42:19AM +0200, Jérôme Warnier wrote: > > Le ven 02/04/2004 à 23:58, Paul Hampson a écrit : > > > That's ldd of rlm_sql_mysql.so? Weird. > > > No, that was a "ldd /usr/sbin/freeradius", but I think it is not linked > > against PostgreSQL anyway, as I realized later. > > > A "ldd /usr/lib/freeradius/rlm_sql_postgresql-0.9.2.so" gives: > > libpq.so.3 => /usr/lib/libpq.so.3 (0x40009000) > > libc.so.6 => /lib/libc.so.6 (0x40024000) > > libssl.so.0.9.7 => /usr/lib/i686/cmov/libssl.so.0.9.7 > > (0x40158000) > > libcrypto.so.0.9.7 => /usr/lib/i686/cmov/libcrypto.so.0.9.7 > > (0x40189000)libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x40286000) > > libcrypt.so.1 => /lib/libcrypt.so.1 (0x402ee000) > > libresolv.so.2 => /lib/libresolv.so.2 (0x4031b000) > > libnsl.so.1 => /lib/libnsl.so.1 (0x4032d000) > > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000) > > libdl.so.2 => /lib/libdl.so.2 (0x40343000) > > libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x40346000) > > libcom_err.so.2 => /lib/libcom_err.so.2 (0x40368000) > > > So this seems right to me. What do you think? > > Looks good to me. To me too, but my problem is still unsolved: it doesn't want to write in the DB, nor in the sqltrace file. -- Jérôme Warnier Consultant BeezNest http://beeznest.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Could not link driver "rlm_sql_mysql" problem.
Le ven 02/04/2004 à 23:58, Paul Hampson a écrit :
> On Fri, Apr 02, 2004 at 05:48:48PM +0200, Jérôme Warnier wrote:
> > Le jeu 01/04/2004 à 10:24, Costin Manda a écrit :
> > > you can check dependencies with the Linux command ldd. What version of
> > > Freeradius are you using and have you compiled freeradius yourself?
> > Yes, I compiled it myself because I need the PostgreSQL support.
> > I'm running Debian Sarge.
>
> Did you compile it using dpkg-buildpackage, from the Debian sources?
Yes.
>
> You can use the Sarge version with PostgreSQL, you just need to run
> it though iODBC. It'll save you recompiling when new versions are
> released.
I'm really concerned about performance, that's why I preferred using
libpq. I don't care about recompiling, it takes less than 3 minutes to
do it on the current machine, and it is not the more powerful I have.
> > What is it supposed to give?
> > Mine is like so:
> > libcrypt.so.1 => /lib/libcrypt.so.1 (0x4001d000)
> > libnsl.so.1 => /lib/libnsl.so.1 (0x4004a000)
> > libresolv.so.2 => /lib/libresolv.so.2 (0x4005f000)
> > libpthread.so.0 => /lib/libpthread.so.0 (0x40072000)
> > libradius-0.9.2.so => /usr/lib/freeradius/libradius-0.9.2.so
> > (0x400c3000)
> > libltdl.so.3 => /usr/lib/libltdl.so.3 (0x400d5000)
> > libdl.so.2 => /lib/libdl.so.2 (0x400dc000)
> > libc.so.6 => /lib/libc.so.6 (0x400df000)
> > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000)
>
> > It does not show any reference to MySQL or PostgreSQL like I was
> > expecting. Nor does a "ldd /usr/lib/freeradius/libradius-0.9.2.so".
>
> That's ldd of rlm_sql_mysql.so? Weird.
No, that was a "ldd /usr/sbin/freeradius", but I think it is not linked
against PostgreSQL anyway, as I realized later.
A "ldd /usr/lib/freeradius/rlm_sql_postgresql-0.9.2.so" gives:
libpq.so.3 => /usr/lib/libpq.so.3 (0x40009000)
libc.so.6 => /lib/libc.so.6 (0x40024000)
libssl.so.0.9.7 => /usr/lib/i686/cmov/libssl.so.0.9.7
(0x40158000)
libcrypto.so.0.9.7 => /usr/lib/i686/cmov/libcrypto.so.0.9.7
(0x40189000)libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x40286000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x402ee000)
libresolv.so.2 => /lib/libresolv.so.2 (0x4031b000)
libnsl.so.1 => /lib/libnsl.so.1 (0x4032d000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000)
libdl.so.2 => /lib/libdl.so.2 (0x40343000)
libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x40346000)
libcom_err.so.2 => /lib/libcom_err.so.2 (0x40368000)
So this seems right to me. What do you think?
> --
> Paul "TBBle" Hampson, on an alternate email client.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Jérôme Warnier
Consultant
BeezNest
http://beeznest.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re[2]: accounting from alive packets doesn't go to sql
Le ven 02/04/2004 à 18:15, Alexander Lunyov a écrit :
> Hello Jérôme,
>
> Friday, April 2, 2004, 7:15:03 PM, you wrote:
>
> JW> Le ven 02/04/2004 à 12:10, Alexander Lunyov a écrit :
> >> Hello freeradius-users,
> >>
> >> First of all, i'd like to thank all those people, who helped me last
> >> time with traffic limiting (thread "how can i limit traffic use?"),
> >> and special thanks to Alexander M. Pravking.
> >>
> >> Now, i have freebsd 4.8R-p13, freeradius-0.9.3, exppp-0.2 as a NAS and traffic
> >> limiting is working with that system. My NAS (exppp) able to send
> >> alive packets to radius, and when i enable sending alive-packets to
> >> radius, accounting information shows in
> >> /var/log/radius/radacct/${nas_ip}/detail but not affecting sql
> >> accounting to change. Messages appearing in detail file is something
> >> like:
>
> [skip]
>
> >> But it's not affecting sql :( And, while this accounting data is not shows up
> >> in
> >> sql, traffic is leaking!
> >>
> >> Accounting block in radiusd.conf:
> >>
> >> accounting {
> >> acct_unique
> >> detail
> >> unix
> >> radutmp
> >> sql
> >> }
> >>
> >> Or it's not possible? Please, help.
> JW> We are having the exact same problem, see my mail with subject
> JW> "FreeRADIUS and PostgreSQL" from Wed, 31 Mar 2004 21:44:59 +0200.
>
> No, in my case the problem is occures only with Alive packets, and
> when radius receives Stop packet - it's ok, he put accounting data
> in sql normally. So i think it's not the same problem.
Could you tell me what a "ldd /usr/sbin/freeradius" tells you then,
please?
Optionally, could you provide us your current configuration, so that we
could compare?
Thanks.
--
Jérôme Warnier
Consultant
BeezNest
http://beeznest.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Could not link driver "rlm_sql_mysql" problem.
Le jeu 01/04/2004 à 10:24, Costin Manda a écrit : > you can check dependencies with the Linux command ldd. What version of > Freeradius are you using and have you compiled freeradius yourself? Yes, I compiled it myself because I need the PostgreSQL support. I'm running Debian Sarge. What is it supposed to give? Mine is like so: libcrypt.so.1 => /lib/libcrypt.so.1 (0x4001d000) libnsl.so.1 => /lib/libnsl.so.1 (0x4004a000) libresolv.so.2 => /lib/libresolv.so.2 (0x4005f000) libpthread.so.0 => /lib/libpthread.so.0 (0x40072000) libradius-0.9.2.so => /usr/lib/freeradius/libradius-0.9.2.so (0x400c3000) libltdl.so.3 => /usr/lib/libltdl.so.3 (0x400d5000) libdl.so.2 => /lib/libdl.so.2 (0x400dc000) libc.so.6 => /lib/libc.so.6 (0x400df000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000) It does not show any reference to MySQL or PostgreSQL like I was expecting. Nor does a "ldd /usr/lib/freeradius/libradius-0.9.2.so". > > - Original Message - > From: "Shannon Sariman" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, April 01, 2004 10:29 AM > Subject: Could not link driver "rlm_sql_mysql" problem. > > > > I am trying to use MySQL with FreeRadius for accounting purposes. I am > > getting an error message when running freeradius in debug mode using > > radiusd -X. The error message is something like: > > > > rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found > > rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the > > search path of your system's ld. > > radiusd.conf[14]: sql: Module instantiation failed. > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Jérôme Warnier Consultant BeezNest http://beeznest.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: accounting from alive packets doesn't go to sql
Le ven 02/04/2004 à 12:10, Alexander Lunyov a écrit :
> Hello freeradius-users,
>
> First of all, i'd like to thank all those people, who helped me last
> time with traffic limiting (thread "how can i limit traffic use?"),
> and special thanks to Alexander M. Pravking.
>
> Now, i have freebsd 4.8R-p13, freeradius-0.9.3, exppp-0.2 as a NAS and traffic
> limiting is working with that system. My NAS (exppp) able to send
> alive packets to radius, and when i enable sending alive-packets to
> radius, accounting information shows in
> /var/log/radius/radacct/${nas_ip}/detail but not affecting sql
> accounting to change. Messages appearing in detail file is something
> like:
>
> Wed Mar 31 18:15:23 2004
> Calling-Station-Id = "0:4:79:67:88:a6"
> Called-Station-Id = "pppoe"
> Service-Type = Framed-User
> User-Name = "user"
> Framed-Protocol = PPP
> Framed-IP-Address = 192.168.253.239
> Framed-IP-Netmask = 0.0.0.0
> NAS-Identifier = "zeus.domain.ru"
> NAS-Port-Type = Ethernet
> NAS-Port = 304
> Acct-Status-Type = Alive
> Acct-Session-Id = "s--1044316270"
> Acct-Multi-Session-Id = ""
> Acct-Delay-Time = 0
> Acct-Input-Octets = 299610
> Acct-Input-Packets = 4591
> Acct-Output-Octets = 3559729
> Acct-Output-Packets = 7397
> Acct-Session-Time = 5263
> NAS-IP-Address = ip.ad.dre.ss
> Client-IP-Address = ip.ad.dre.ss
> Acct-Unique-Session-Id = "e71ea15b188b6941"
> Timestamp = 1080742523
>
> But it's not affecting sql :( And, while this accounting data is not shows up in
> sql, traffic is leaking!
>
> Accounting block in radiusd.conf:
>
> accounting {
> acct_unique
> detail
> unix
> radutmp
> sql
> }
>
> Or it's not possible? Please, help.
We are having the exact same problem, see my mail with subject
"FreeRADIUS and PostgreSQL" from Wed, 31 Mar 2004 21:44:59 +0200.
If you find a solution, please help.
--
Jérôme Warnier
Consultant
BeezNest
http://beeznest.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRADIUS and PostgreSQL
Le jeu 01/04/2004 à 00:13, Amedzekor Kafui a écrit : > Do you see the rlm_postgresql module loaded in > /var/log/radius/radius.log when you start radius I guess this replies to your question: Tue Mar 30 01:47:47 2004 : Info: rlm_sql (sql): Driver rlm_sql_postgresql (module rlm_sql_postgresql) loaded and linked Tue Mar 30 01:47:47 2004 : Info: rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:/pnixon So this is not the problem. > --- Jrme Warnier <[EMAIL PROTECTED]> wrote: > > We are trying to set up FreeRADIUS with PostgreSQL > > (7.4.2), and it seems > > to refuse to log anything in the DB. What seems even > > stranger, is that > > the sqltrace file is not even created. > > Anyone has a quick idea of what can cause that? > > > > In the meanwhile, I'm going to try to fix it. > > > > Thanks > > -- > > Jrme Warnier > > Consultant > > BeezNest > > http://beeznest.net > > > > > > - > > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > __ > Do you Yahoo!? > Yahoo! Finance Tax Center - File online. File on time. > http://taxes.yahoo.com/filing.html > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Jérôme Warnier Consultant BeezNest http://beeznest.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRADIUS and PostgreSQL
We are trying to set up FreeRADIUS with PostgreSQL (7.4.2), and it seems to refuse to log anything in the DB. What seems even stranger, is that the sqltrace file is not even created. Anyone has a quick idea of what can cause that? In the meanwhile, I'm going to try to fix it. Thanks -- Jérôme Warnier Consultant BeezNest http://beeznest.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: R: MySQL accounting and Cisco-AVPair
Le ven 26/03/2004 à 11:24, Pugnaloni Federico a écrit :
> I've found an old patch to cisco_vsa_hack
> http://lists.cistron.nl/pipermail/freeradius-devel/2001-August/001181.html
This patch (well, a modified version) has already been applied to the
0.9.2 version in Debian Sarge/Sid. I rebuild FreeRADIUS with latest
PostgreSQL version anyway, and it seems at least to run.
I will let you know, guys.
> i don't know C language so i've applied the patch as it was...
>
> it works!!
> cisco_vsa_hack change
> Cisco-AVPair = "ip:source-ip=192.168.0.127"
> to
> ip:source-ip=192.168.0.127
>
> so i've modified sql.conf to store this info on db radacct
> and now it's ok
>
> i don't know if the cisco_vsa_hack now is ok but it seems to works fine
>
> > -Messaggio originale-
> > Da: Jérôme Warnier [mailto:[EMAIL PROTECTED]
> > Inviato: giovedì 25 marzo 2004 19:30
> > A: '[EMAIL PROTECTED]'
> > Oggetto: Re: MySQL accounting and Cisco-AVPair
> >
> >
> > Le lun 22/03/2004 à 11:47, Pugnaloni Federico a écrit :
> > > Hi,
> > > i'm using FreeRADIUS Version 0.9.3on FreeBSD 4.9
> > > i'm using with a Cisco PIX to AAA internet access
> > > it works fine, but i need to store the Cisco-AVPair info in
> > radacct SQL
> > > table.
> > >
> > > As i can see in the detail accounting freeradius store
> > Cisco-AVPair info
> > >
> > > -snip-
> > > Cisco-AVPair = "ip:source-ip=192.168.0.127"
> > > Cisco-AVPair = "ip:source-port=4051"
> > > Cisco-AVPair = "ip:destination-ip=10.10.10.1"
> > > Cisco-AVPair = "ip:destination-port=23"
> > > -snip
> > >
> > > but i cannot store this info on sql
> > > I've tried to modify sql.conf as is:
> > >
> > > accounting_stop_query_alt = "INSERT into ${acct_table2} (RadAcctId,
> > > AcctSessionId... AcctStopDelay) values('', '%{Acct-Session-Id}',
> > > '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}',
> > > '%{NAS-IP-Address}', '%{NAS-Port}'... '%{Cisco-AVPair}',
> > > '%{Cisco-AVPair}'..}')"
> > >
> > > but it returns only the first instance of Cisco-AVPair
> > > ("ip:source-ip=192.168.0.127")
> > >
> > > how can i store all the values?
> >
> > Does the following help you?
> > http://www.freeradius.org/cgi-bin/cvsweb.cgi/~checkout~/radius
> d/src/billing/README?rev=1.5&content-type=text/plain
>
> >
> > --
> > Federico Pugnaloni
--
Jérôme Warnier
Consultant
BeezNest
http://beeznest.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRADIUS with Cisco hardware for VoIP
I'm searching for FreeRADIUS with Cisco hardware for VoIP. Specifically, I'm having trouble with the cisco-av-pair stuff. I read somewhere that Peter Nixon had experience in this, but can't find him. Thanks to help. -- Jérôme Warnier Consultant BeezNest http://beeznest.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MySQL accounting and Cisco-AVPair
Le lun 22/03/2004 à 11:47, Pugnaloni Federico a écrit :
> Hi,
> i'm using FreeRADIUS Version 0.9.3on FreeBSD 4.9
> i'm using with a Cisco PIX to AAA internet access
> it works fine, but i need to store the Cisco-AVPair info in radacct SQL
> table.
>
> As i can see in the detail accounting freeradius store Cisco-AVPair info
>
> -snip-
> Cisco-AVPair = "ip:source-ip=192.168.0.127"
> Cisco-AVPair = "ip:source-port=4051"
> Cisco-AVPair = "ip:destination-ip=10.10.10.1"
> Cisco-AVPair = "ip:destination-port=23"
> -snip
>
> but i cannot store this info on sql
> I've tried to modify sql.conf as is:
>
> accounting_stop_query_alt = "INSERT into ${acct_table2} (RadAcctId,
> AcctSessionId... AcctStopDelay) values('', '%{Acct-Session-Id}',
> '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}',
> '%{NAS-IP-Address}', '%{NAS-Port}'... '%{Cisco-AVPair}',
> '%{Cisco-AVPair}'..}')"
>
> but it returns only the first instance of Cisco-AVPair
> ("ip:source-ip=192.168.0.127")
>
> how can i store all the values?
Does the following help you?
http://www.freeradius.org/cgi-bin/cvsweb.cgi/~checkout~/radiusd/src/billing/README?rev=1.5&content-type=text/plain
>
> --
> Federico Pugnaloni
--
Jérôme Warnier
Consultant
BeezNest
http://beeznest.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cisco attributes
Le jeu 25/03/2004 à 14:42, Alex a écrit : > Hello, > > I'm trying to set up rate-limited user access using a cisco router > (1700) ie simulating a NAS. Clients (WinXP) connect using PPPoE to the > router which acts as RADIUS client for freeradius. Connections are ok > but rate limitation doesn't work at all. I tried adding > Cisco-Data-Rate, Cisco-Data-Xmit, connect-rx-speed > and connect-tx-speed as attributes to the radreply table but the > router seems to ignore them (ex. username is 'test', attribute is > 'Cisco-Data-Rate', op is '=' and value is '256' i.e. 256kbit/s). > > Cisco vsa hack is yes in radiusd.conf > > Here's the Cisco configuration: > > aaa group server radius PPPOE > server 192.168.2.3 auth-port 1812 acct-port 1813 > ! > aaa authentication ppp default if-needed group radius local > aaa authentication ppp pppoe_client group radius > aaa authorization network default group radius > aaa accounting update newinfo > aaa accounting exec default start-stop group radius > aaa accounting network default start-stop group radius > aaa accounting connection default start-stop group radius > aaa session-id common I would suggest you have a look at the following archive: http://www.freeradius.org/cgi-bin/cvsweb.cgi/~checkout~/radiusd/src/billing/README?rev=1.5&content-type=text/plain Let me know if it helped. > Thanx, > Alex -- Jérôme Warnier Consultant BeezNest http://beeznest.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
