RE: Traffic limits
Just FYI :) Archive of the list There is an archive of the list available on the web. The list can be searched at The Mail Archive... http://www.mail-archive.com/freeradius-users@lists.cistron.nl/ ... Miles Mawyer -=- Webmaster . Centralva.net ... ... [EMAIL PROTECTED] ... ... 434.385.5053 ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Varlaam Sobakkin Sent: Tuesday, May 17, 2005 8:53 AM To: freeradius-users@lists.freeradius.org Subject: Traffic limits Hello! I have a very simple question. Maybe there's an answer for it in the archive, but there are no search function in archive =( Few years ago I've used an IC-Radius with octets-patch. Is there any way to limit traffic to user? Some kind of Total-Octets-Limit and Octets-Direction reply items. I haven't found any of that in dictionaries and anywhere else in distro =( Hope for short answer. -- Regards, Varlaam mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: No response from Radius server
Firewall maybe? This could be quite a few different things. You may want to run radiusd in debug mode and see if there is ANY communication with the the NT machine at all. I'm guessing there won't be. ... Miles Mawyer -=- Webmaster . Centralva.net ... ... [EMAIL PROTECTED] ... ... 434.385.5053 ... From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shawn Xu Sent: Thursday, April 21, 2005 3:02 PM To: freeradius-users@lists.freeradius.org Subject: No response from Radius server I installed Freeradius server on FreeBSD. The installation went well, but I tried to test it, I got no response from Radius server. After I ran radiusd, I got "The Apr 21 14:29:23 2005: Info: Starting-reading configuration files... ", then back to radius# If I ran ps, it seems Radius is not running, because it doesn't show Radiusd. If I ran ps -aux | grep radiusd, it shows root 798 0.0 0.7 4764 3368 ?? ss 2:29pm 0:00:00 radiusd If I tested on another Windows machine with NTRadPing Test Utility, I got no response from server. Any help will be appreciated. Shawn Post your free ad now! Yahoo! Canada Personals - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: deployment question
Right. > The user has a login for the php frontend. The frontend would simply use the info from the user table. Username / old password / new password supplied via webform for example, php connect to mysql, and looks for a matching record in the user table for username / old password, compares, voila! ... Miles Mawyer -=- Webmaster . Centralva.net ... ... [EMAIL PROTECTED] ... ... 434.385.5053 ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Maqbool Hashim Sent: Wednesday, April 13, 2005 9:47 AM To: freeradius-users@lists.freeradius.org Subject: Re: deployment question That makes sense. So effectively the php program has a login for the database. The user has a login for the php frontend. What the user sees depends on the credentials he supplies to the php frontend. Therefore the security rests with the php frontend. Right? Miles Mawyer wrote: >See previous answer :P >A php or perl frontend to pull JUST that users record. Have them >authenticate FIRST via the current password, then update the record that >contains that username. Make sense? I don't see a need for them to view >the whole table if you use a method such as this. > > > >... Miles Mawyer -=- Webmaster . Centralva.net ... > >... [EMAIL PROTECTED] ... > >... 434.385.5053 ... > > >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of >Maqbool Hashim >Sent: Wednesday, April 13, 2005 9:22 AM >To: freeradius-users@lists.freeradius.org >Subject: Re: deployment question > >sorry I'm not being clear here. When I meant was, if all users are >contained in the same table, how can I allow a user to change just the >row which corresponds to their username without revealing the rest of >the table? > > >Miles Mawyer wrote: > > > >>>Isn't it going to be difficult to give a single user access to change >>>their password while hiding other users passwords? >>> >>> >>> >>> >>Well, I suppose that depends on what you mean by "give them access". >>Are you you talking direct access via mysql command line or phpmyadmin? >>I don't know your specifics BUT, it sounds to me like a job for a php >>front end of some sort. That would certainly make that a moot point. >> >> >> >>... Miles Mawyer -=- Webmaster . Centralva.net ... >> >>... [EMAIL PROTECTED] ... >> >>... 434.385.5053 ... >> >> >>-Original Message- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] On Behalf Of >>Maqbool Hashim >>Sent: Wednesday, April 13, 2005 9:09 AM >>To: freeradius-users@lists.freeradius.org >>Subject: Re: deployment question >> >>Thanks, I'm just thinking that mysql is a big and complex program which >> >> > > > >>offers a lot of features. Our requirements are quite specific. I'm >> >> >not > > >>saying I'm ruling out using mysql, just would like to hear whether >> >> >there > > >>are any alternatives. Also, I notice that the mysql schema has a a >>users table. Isn't it going to be difficult to give a single user >>access to change their password while hiding other users passwords? >> >>Miles Mawyer wrote: >> >> >> >> >> >>>>However my concern is that MYSQL is a little bloated and would prefer >>>> >>>> >>>> >>>> >>>> >>>> >>>to >>>Bloated? How so? >>> >>>How many users are we talking about here? Sounds like a decent task >>> >>> >for > > >>>MySQL to me :) If you are worried about database size etc. I'd do a >>>shell script or something to throw in X number of dummy users and see >>>what you end up with. >>> >>>... Miles Mawyer -=- Webmaster . Centralva.net ... >>> >>>... [EMAIL PROTECTED] ... >>> >>>... 434.385.5053 ... >>> >>>-Original Message- >>>From: [EMAIL PROTECTED] >>>[mailto:[EMAIL PROTECTED] On Behalf Of >>>Maqbool Hashim >>>Sent: Wednesday, April 13, 2005 8:57 AM >>>To: freeradius-users@lists.freeradius.org >>>Subject: deployment question >>> >>>Hi there, >>> >>>After some trouble I have managed to get freeradius to compile on >>>openbsd! Now I have a question about the backend database to use with >>> >&
RE: deployment question
See previous answer :P A php or perl frontend to pull JUST that users record. Have them authenticate FIRST via the current password, then update the record that contains that username. Make sense? I don't see a need for them to view the whole table if you use a method such as this. ... Miles Mawyer -=- Webmaster . Centralva.net ... ... [EMAIL PROTECTED] ... ... 434.385.5053 ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Maqbool Hashim Sent: Wednesday, April 13, 2005 9:22 AM To: freeradius-users@lists.freeradius.org Subject: Re: deployment question sorry I'm not being clear here. When I meant was, if all users are contained in the same table, how can I allow a user to change just the row which corresponds to their username without revealing the rest of the table? Miles Mawyer wrote: >>Isn't it going to be difficult to give a single user access to change >>their password while hiding other users passwords? >> >> > >Well, I suppose that depends on what you mean by "give them access". >Are you you talking direct access via mysql command line or phpmyadmin? >I don't know your specifics BUT, it sounds to me like a job for a php >front end of some sort. That would certainly make that a moot point. > > > >... Miles Mawyer -=- Webmaster . Centralva.net ... > >... [EMAIL PROTECTED] ... > >... 434.385.5053 ... > > >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of >Maqbool Hashim >Sent: Wednesday, April 13, 2005 9:09 AM >To: freeradius-users@lists.freeradius.org >Subject: Re: deployment question > >Thanks, I'm just thinking that mysql is a big and complex program which >offers a lot of features. Our requirements are quite specific. I'm not > >saying I'm ruling out using mysql, just would like to hear whether there > >are any alternatives. Also, I notice that the mysql schema has a a >users table. Isn't it going to be difficult to give a single user >access to change their password while hiding other users passwords? > >Miles Mawyer wrote: > > > >>>However my concern is that MYSQL is a little bloated and would prefer >>> >>> >>> >>> >>to >>Bloated? How so? >> >>How many users are we talking about here? Sounds like a decent task for >>MySQL to me :) If you are worried about database size etc. I'd do a >>shell script or something to throw in X number of dummy users and see >>what you end up with. >> >>... Miles Mawyer -=- Webmaster . Centralva.net ... >> >>... [EMAIL PROTECTED] ... >> >>... 434.385.5053 ... >> >>-Original Message- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] On Behalf Of >>Maqbool Hashim >>Sent: Wednesday, April 13, 2005 8:57 AM >>To: freeradius-users@lists.freeradius.org >>Subject: deployment question >> >>Hi there, >> >>After some trouble I have managed to get freeradius to compile on >>openbsd! Now I have a question about the backend database to use with >>freeradius. Requirements: >> >>1) Users can access the database and change their own password. >> >>2) Users cannot see or change any other users passwords. >> >>3) The database we use is as small and cut down as possible while >>including the above two features. >> >> >>I have thought about using MYSQL and table priveleges to acheive this. >> >>However my concern is that MYSQL is a little bloated and would prefer >> >> >to > > >>acheive the above using the most cut down db I can. By the way this >>configuration has only one realm. >> >>Thanks in advance. >> >>- >>List info/subscribe/unsubscribe? See >>http://www.freeradius.org/list/users.html >> >>- >>List info/subscribe/unsubscribe? See >> >> >http://www.freeradius.org/list/users.html > > >> >> >> >> > > >- >List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: deployment question
> Isn't it going to be difficult to give a single user access to change > their password while hiding other users passwords? Well, I suppose that depends on what you mean by "give them access". Are you you talking direct access via mysql command line or phpmyadmin? I don't know your specifics BUT, it sounds to me like a job for a php front end of some sort. That would certainly make that a moot point. ... Miles Mawyer -=- Webmaster . Centralva.net ... ... [EMAIL PROTECTED] ... ... 434.385.5053 ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Maqbool Hashim Sent: Wednesday, April 13, 2005 9:09 AM To: freeradius-users@lists.freeradius.org Subject: Re: deployment question Thanks, I'm just thinking that mysql is a big and complex program which offers a lot of features. Our requirements are quite specific. I'm not saying I'm ruling out using mysql, just would like to hear whether there are any alternatives. Also, I notice that the mysql schema has a a users table. Isn't it going to be difficult to give a single user access to change their password while hiding other users passwords? Miles Mawyer wrote: >>However my concern is that MYSQL is a little bloated and would prefer >> >> >to > Bloated? How so? > >How many users are we talking about here? Sounds like a decent task for >MySQL to me :) If you are worried about database size etc. I'd do a >shell script or something to throw in X number of dummy users and see >what you end up with. > >... Miles Mawyer -=- Webmaster . Centralva.net ... > >... [EMAIL PROTECTED] ... > >... 434.385.5053 ... > >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of >Maqbool Hashim >Sent: Wednesday, April 13, 2005 8:57 AM >To: freeradius-users@lists.freeradius.org >Subject: deployment question > >Hi there, > >After some trouble I have managed to get freeradius to compile on >openbsd! Now I have a question about the backend database to use with >freeradius. Requirements: > >1) Users can access the database and change their own password. > >2) Users cannot see or change any other users passwords. > >3) The database we use is as small and cut down as possible while >including the above two features. > > >I have thought about using MYSQL and table priveleges to acheive this. > >However my concern is that MYSQL is a little bloated and would prefer to > >acheive the above using the most cut down db I can. By the way this >configuration has only one realm. > >Thanks in advance. > >- >List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Dialup_admin tools for FreeRADIUS version 1.0.2
I'd recommend the README, the instructions were detailed enough.. It runs via apache, so it will run on whatever port you tell it to. ... Miles Mawyer -=- Webmaster . Centralva.net ... ... [EMAIL PROTECTED] ... ... 434.385.5053 ... From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jamal Taweel Sent: Wednesday, April 13, 2005 6:46 AM To: freeradius-users@lists.freeradius.org Subject: Dialup_admin tools for FreeRADIUS version 1.0.2 Could you please provide me with your instruction about how can I run these tools through HTTP, and on which port they operate? Thanks, jamal * The contents of this email and any attachments are confidential. It is intended for the named recipient(s) only. If you have received this email in error please notify the system manager or the sender immediately and do not disclose the contents to any one or make copies. * PALTEL E-Safety System scanned this email and found NO viruses, vandals or malicious content. * Should you need any information or clarifications regarding this system, please do not hesitate to contact our team at the IP Dep. . * - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: deployment question
> However my concern is that MYSQL is a little bloated and would prefer to Bloated? How so? How many users are we talking about here? Sounds like a decent task for MySQL to me :) If you are worried about database size etc. I'd do a shell script or something to throw in X number of dummy users and see what you end up with. ... Miles Mawyer -=- Webmaster . Centralva.net ... ... [EMAIL PROTECTED] ... ... 434.385.5053 ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Maqbool Hashim Sent: Wednesday, April 13, 2005 8:57 AM To: freeradius-users@lists.freeradius.org Subject: deployment question Hi there, After some trouble I have managed to get freeradius to compile on openbsd! Now I have a question about the backend database to use with freeradius. Requirements: 1) Users can access the database and change their own password. 2) Users cannot see or change any other users passwords. 3) The database we use is as small and cut down as possible while including the above two features. I have thought about using MYSQL and table priveleges to acheive this. However my concern is that MYSQL is a little bloated and would prefer to acheive the above using the most cut down db I can. By the way this configuration has only one realm. Thanks in advance. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Auth problem (freeradius+mysql)
It looks like the secret you specified in the radtest command, does not exist
in your clients.conf file.
client 127.0.0.1 {
secret = radius
shortname = localhost
nastype = other
}
Do you have an entry like the above in your clients.conf file?
... Miles Mawyer -=- Webmaster . Centralva.net ...
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Gao
Sent: Friday, April 01, 2005 11:31 AM
To: 'freeradius-users@lists.freeradius.org'
Subject: Auth problem (freeradius+mysql)
Hi,
I have freeradius and mysql installed on my debian box, both of them are
working fine.
But when I run command: radtest testing password localhost 17 radius
I got the messages like:
Sending Access-Request of id 129 to 127.0.0.1:1812
User-Name = "testing"
User-Password = "password"
NAS-IP-Address = pkany217
NAS-Port = 17
Re-sending Access-Request of id 129 to 127.0.0.1:1812
User-Name = "testing"
User-Password = "\24485\302\347\241-\325\361\300\342\241\300>\336\366"
NAS-IP-Address = pkany217
NAS-Port = 17
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=129, length=20
rad_decode: Received Access-Reject packet from 127.0.0.1:1812 with invalid
signature (err=2)! (Shar
ed secret is incorrect.)
radclient: radclient.c:440: send_one_packet: Assertion `radclient->reply ==
((void *)0)' failed.
/usr/bin/radtest: line 53: 27008 Done ( echo "User-Name =
\"$1\""; echo "User-Pas
sword = \"$2\""; echo "NAS-IP-Address = $nas"; echo "NAS-Port = $4"; if [ "$6"
]; then
echo "Framed-Protocol = PPP";
fi )
27009 Aborted | $radclient $DICTIONARY -x $3 auth $5
Does anybody know why and how to solve this issue?
Thanks
Brian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
