Re: Its so simple, but it doesn't work!
Thanks for you prompt reply, Alan. I'll follow your advice. The reason I havent used the "pair" functions is because although I spotted the API header, havent spotted any instructions on how they are used? The check for return values were removed from this example, as I wish to make it as short as possible. This test program is to be the basis of a client app, which is the reason im not using radclient. If fact I compared the data structure of the example packet I generate, with that created by radclient using the same data - They look identical except the vector value is different. This lack of difference is what i can't explain. Many thanks, Arun Mundray. - Original Message - From: "Alan DeKok" <[EMAIL PROTECTED]> To: Sent: Friday, May 20, 2005 5:09 PM Subject: Re: Its so simple, but it doesn't work! "Arun Mundray" <[EMAIL PROTECTED]> wrote: I was hoping someone could explain to me why this very basic radius client test program does not work. What's wrong with using "radclient"? vp1 = (VALUE_PAIR *)malloc(sizeof(VALUE_PAIR)); What's wrong with calling pairmake()? ppacket->vps = vp1; vp1->next = vp2; vp2->next = NULL; What's wrong with calling pairadd()? These functions exist for a reason. Use them. rad_send(ppacket, NULL, secret); So... what does radsend when you set the debuging flags? close (ppacket->sockfd); rad_free(&ppacket); And you don't look for a response. Hm... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Its so simple, but it doesn't work!
Hi all, I was hoping someone could explain to me why this very basic radius client test program does not work. It seems simple enough. Everything's fine except, the password received by the server is always garbled. I'm using rad_alloc to create and packet and librad_md5_calc to encrypt the vector. Isn't that all there is to it? I'm at my wits end! What am I missing!! And help would be very much appreciated. regards, Arun Mundray. char secret[] = "smeg"; char password[] = "pig"; char username[] = "user1"; int main (int argc, char **argv) { int sockfd,x,i; char *ppassword; RADIUS_PACKET *ppacket = NULL; VALUE_PAIR *vp1; VALUE_PAIR *vp2; ppacket = rad_alloc(1); sockfd = socket(AF_INET, SOCK_DGRAM, 0); ppacket->sockfd = sockfd; ppacket->src_ipaddr = 0; ppacket->src_port = 0; ppacket->dst_ipaddr = inet_addr("127.0.0.1"); ppacket->dst_port = 1812; ppacket->id = getpid(); ppacket->code = PW_AUTHENTICATION_REQUEST; ppacket->timestamp = 0; ppacket->verified = 0; /* Not set. Returned packet*/ ppacket->data_len = 0; /* Not set. Returned packet*/ ppacket->data = NULL; librad_md5_calc(ppacket->vector, ppacket->vector, sizeof(ppacket->vector)); vp1 = (VALUE_PAIR *)malloc(sizeof(VALUE_PAIR)); vp2 = (VALUE_PAIR *)malloc(sizeof(VALUE_PAIR)); memset(vp1,0,sizeof(VALUE_PAIR)); memset(vp2,0,sizeof(VALUE_PAIR)); ppacket->vps = vp1; vp1->next = vp2; vp2->next = NULL; strcpy(vp1->name,"User-Name"); vp1->attribute = PW_USER_NAME; strcpy(vp1->strvalue,username); vp1->operator = T_OP_EQ; vp1->length = strlen(username); strcpy(vp2->name,"User-Password"); vp2->attribute = PW_PASSWORD; strcpy(vp2->strvalue, password); vp2->length = strlen(password); vp2->operator = T_OP_EQ; rad_send(ppacket, NULL, secret); close (ppacket->sockfd); rad_free(&ppacket); } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Help in Working EAP-TTLS (TTS and MD5 working fine)
Hi I have successfully used Freeradius1.0.1 to authenticate my clients using EAP-MD5 and EAP-TLS. But i am not able to get EAP -TTLS working. I have the same username password (users file) used in case of EAP-TTLS phase2 as that used in EAP-MD5 which is successful and also I have the same server cert being used for EAP -TTLS as that used in EAP-TLS which is successful Just that making the EAP-TTLS work is causing problems although with these credentials already working for EAP TLS and EAP -MD5 ... Following is the log i have attached for a single EAP-TTLS Authentication session initiated by xsupplicant. Can any one suggest me how to work it ... regards arun Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc//raddb/clients.conf Config: including file: /usr/local/etc//raddb/snmp.conf Config: including file: /usr/local/etc//raddb/eap.conf Config: including file: /usr/local/etc//raddb/sql.conf main: prefix = "/usr/local" main: localstatedir = "/usr/local/var" main: logdir = "/usr/local/var/log/radius" main: libdir = "/usr/local/lib" main: radacctdir = "/usr/local/var/log/radius/radacct" main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = "/usr/local/var/log/radius/radius.log" main: log_auth = yes main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid" main: user = "(null)" main: group = "(null)" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: checkrad = "/usr/local/sbin/checkrad" main: proxy_requests = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded exec exec: wait = yes exec: program = "(null)" exec: input_pairs = "request" exec: output_pairs = "(null)" exec: packet_type = "(null)" rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = "crypt" Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = "(null)" mschap: authtype = "MS-CHAP" mschap: ntlm_auth = "(null)" Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = "(null)" unix: shadow = "(null)" unix: group = "(null)" unix: radwtmp = "/usr/local/var/log/radius/radwtmp" unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = "ttls" eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/home/vpn/certs/ca_radius.pem" tls: certificate_file = "/home/vpn/certs/ca_radius.pem" tls: CA_file = "/home/vpn/certs/root.pem" tls: private_key_password = "test" tls: dh_file = "/etc/1x/dh" tls: random_file = "/etc/1x/random" tls: fragment_size = 1398 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = "(null)" rlm_eap: Loaded and initialized type tls ttls: default_eap_type = "md5" ttls: copy_request_to_tunnel = no ttls: use_tunneled_reply = no rlm_eap: Loaded and initialized type ttls mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = "/usr/local/etc//raddb/huntgroups" preprocess: hints = "/usr/local/etc//raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Modu
Re: Segmentation Fault with EAP-TLS
Thanks a lot., i am new and totally clueless as to what i need to be doing . I did use ./configure --with-openssl-includes=/usr/local/openssl/include --with-openssl-libraries=/usr/local/openssl/lib What else do i need to be doing to make the radiusd read the right libraries regards, arun On 5/16/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: >Hi, > > > 1) ldd /usr/local/sbin/radiusd > > libcrypt.so.1 => /lib/libcrypt.so.1 (0x40033000) > > libnsl.so.1 => /lib/libnsl.so.1 (0x4006) > > libresolv.so.2 => /lib/libresolv.so.2 (0x40076000) > > libpthread.so.0 => /lib/i686/libpthread.so.0 (0x40088000) > > libcrypto.so.2 => /lib/libcrypto.so.2 (0x4009d000) > > libssl.so.2 => /lib/libssl.so.2 (0x4016) > > libradius-1.0.2.so => /usr/local/lib/libradius-1.0.2.so (0x4018e000) > > libsnmp-0.4.2.1.so => /usr/lib/libsnmp-0.4.2.1.so (0x401a1000) > > libltdl.so.3 => /usr/lib/libltdl.so.3 (0x401f8000) > > libdl.so.2 => /lib/libdl.so.2 (0x401fe000) > > libc.so.6 => /lib/i686/libc.so.6 (0x40202000) > > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000) > > Well, /lib/libcrypto.so.2 and /lib/libssl.so.2 don't really look like the > right libs, that should probably the same ...so.0.9.7 libs that are used > here: > > > 2)ldd /usr/local/lib/rlm_eap_tls-1.0.2.so > > libssl.so.0.9.7 => /usr/local/openssl/lib/libssl.so.0.9.7 > > (0x40024000) > > libcrypto.so.0.9.7 => > > /usr/local/openssl/lib/libcrypto.so.0.9.7 (0x40053000) > > libnsl.so.1 => /lib/libnsl.so.1 (0x40146000) > > libresolv.so.2 => /lib/libresolv.so.2 (0x4015c000) > > libpthread.so.0 => /lib/i686/libpthread.so.0 (0x4016e000) > > libc.so.6 => /lib/i686/libc.so.6 (0x40183000) > > libdl.so.2 => /lib/libdl.so.2 (0x402bf000) > > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000) > >Regards, > Stefan > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Segmentation Fault with EAP-TLS
Hi I am trying to Install Freeradius1.0.2 on Redhat 7.2. and am using openssl-0.9.7. I have installed openssl in /usr/local/openssl and to install freeradius i executed the following commands ./configure --with-openssl-includes=/usr/local/openssl/include --with-openssl-libraries=/usr/local/openssl/lib make and make install Before the make , I also ensured that the makefile for tls was generated properly The installation seems successful, but in case of a EAP-TLS request, the server gives a segmentation fault as in the following logs: modcall: group authorize returns updated for request 2 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization TLS_accept: SSLv3 read client hello A TLS_accept: SSLv3 write server hello A ./run-radius: line 5: 1164 Segmentation fault /usr/local/sbin/radiusd -X -A Having gone through other mails in the list, this looks like a problem with 2 version of openssl running on the machine and freeradius is not looking for the right one. But the information provided by ldd command on the system shows that the freeradius is looking for the library files at /usr/local/openssl/lib ( which is where i have installed openssl0.9.7) I Also Attempted this :tried editing the /etc/ld.so.conf and appended /usr/local/openssl/lib. And executed ldconfig -v to update the ld.so.cache. Although it looks like the problem is due to 2 different versions of openssl, but still the ldd command executed on rlm_eap_tls.so and rlm_eap_tls.so-1.0.2 and radiusd show that they use the libcrypto0.9.7 and libssl.0.9.7 which i have installed at/usr/loca/openssl/lib. Following is the output of the ldd commmands executed on these three files... 1) ldd /usr/local/sbin/radiusd libcrypt.so.1 => /lib/libcrypt.so.1 (0x40033000) libnsl.so.1 => /lib/libnsl.so.1 (0x4006) libresolv.so.2 => /lib/libresolv.so.2 (0x40076000) libpthread.so.0 => /lib/i686/libpthread.so.0 (0x40088000) libcrypto.so.2 => /lib/libcrypto.so.2 (0x4009d000) libssl.so.2 => /lib/libssl.so.2 (0x4016) libradius-1.0.2.so => /usr/local/lib/libradius-1.0.2.so (0x4018e000) libsnmp-0.4.2.1.so => /usr/lib/libsnmp-0.4.2.1.so (0x401a1000) libltdl.so.3 => /usr/lib/libltdl.so.3 (0x401f8000) libdl.so.2 => /lib/libdl.so.2 (0x401fe000) libc.so.6 => /lib/i686/libc.so.6 (0x40202000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000) 2)ldd /usr/local/lib/rlm_eap_tls-1.0.2.so libssl.so.0.9.7 => /usr/local/openssl/lib/libssl.so.0.9.7 (0x40024000) libcrypto.so.0.9.7 => /usr/local/openssl/lib/libcrypto.so.0.9.7 (0x40053000) libnsl.so.1 => /lib/libnsl.so.1 (0x40146000) libresolv.so.2 => /lib/libresolv.so.2 (0x4015c000) libpthread.so.0 => /lib/i686/libpthread.so.0 (0x4016e000) libc.so.6 => /lib/i686/libc.so.6 (0x40183000) libdl.so.2 => /lib/libdl.so.2 (0x402bf000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000) 3) libssl.so.0.9.7 => /usr/local/openssl/lib/libssl.so.0.9.7 (0x40024000) libcrypto.so.0.9.7 => /usr/local/openssl/lib/libcrypto.so.0.9.7 (0x40053000) libnsl.so.1 => /lib/libnsl.so.1 (0x40146000) libresolv.so.2 => /lib/libresolv.so.2 (0x4015c000) libpthread.so.0 => /lib/i686/libpthread.so.0 (0x4016e000) libc.so.6 => /lib/i686/libc.so.6 (0x40183000) libdl.so.2 => /lib/libdl.so.2 (0x402bf000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x8000) can any of you help me on understanding where i am going wrong and whats else i need to be doiing to get this fixed. thanks a lot regards arun - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MD5 password encyption - how?
I was hoping someone could explain what I'm doing wrong here. I'm confused to how I should go about encrypting the password using MD5 on a client. To keep this simple i'm using a password less the 16 chars. So why doesn't this work? In a buffer i'm adding a random vector to the secret, then running MD5 and XORing the result with password. The result is placed (copied) as the user-password, and the vector value copied to the packet header. Seems right? But clearly it isn't! The packet seems well formed but the user password is decrypted as garbage (Radius -X). /* MD5 Make a hash of the data */ createIndentifier(vector); /* Calculate the md5 digest */ secretlen = strlen(secret); memcpy(md5buf, secret, secretlen); memcpy(md5buf + secretlen, vector, RADIUS_RANDOM_VECTOR_LEN); MD5_Init (&sum); MD5_Update (&sum, md5buf, secretlen + RADIUS_RANDOM_VECTOR_LEN); MD5_Final (digest, &sum); memset(passbuf, 0, RADIUS_RANDOM_VECTOR_LEN); strcpy(passbuf, password); for (i = 0; i < RADIUS_RANDOM_VECTOR_LEN; i++) { // run through the 16 values of the digest and XOR with password result[i] = digest[i] ^ passbuf[i]; } Thanks, Arun M. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
C++ client wrapper / lib for radius
Does anyone know whether there exists a C++ client library or wrapper for radius. I google search has revealed no obvious standalone libs. I could write my own, but wouldn't this be reinventing the wheel? Any help would be much appreciated. Regards, Arun Mundray.
Re: using user-defined attributes and radreply
You were spot on. This was exactly the problem. I needed to create my own VENDOR and attribute set below 256. Thanks, Arun. - Original Message - From: <[EMAIL PROTECTED]> To: Sent: Friday, April 29, 2005 6:55 PM Subject: Re: using user-defined attributes and radreply Hi, ATTRIBUTE myattrib 340 string ATTRIBUTE myattrib2 341 integer VALUE myattrib2 value0 0 VALUE myattrib2 value1 1 VALUE myattrib2 value2 2 Now im not entirely sure whether this is right. Using the limited documentation, it appears that values 340 & 341 are currently unused and seem to correct ones to use for the required reply (I have also tried other unused values in other free ranges, e.g. 2000 &2001). IIRC, RADIUS defines attributes to be just one byte, i.e. the value must be less than 256. Everything with a larger value is either for server's internal use only (and since it just can't be transmitted according to protocol specs, that's a nice trick to mark those) or maybe a somewhat "strange" representation for a vendor specific attribute (those are the way to get around that limitation of 256 attributes). I'd recommend to read a bit about "vendor specific attributes", and use those for your own attributes. Essentially, just additionally define a new "Vendor ID" and then define attributes for that new "vendor", using 1,2,... instead of 340,341, ... HTH, Stefan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
using user-defined attributes and radreply
I am new to freeradius, and i was wondering if anyone could help with a basic problem i am having creating user-defined attributes. I have set up a dictionary file with the following entries. ATTRIBUTE myattrib 340 string ATTRIBUTE myattrib2 341 integer VALUE myattrib2 value0 0 VALUE myattrib2 value1 1 VALUE myattrib2 value2 2 Now im not entirely sure whether this is right. Using the limited documentation, it appears that values 340 & 341 are currently unused and seem to correct ones to use for the required reply (I have also tried other unused values in other free ranges, e.g. 2000 &2001). Now invoking this with the following radreply db entries (postgress), using user4 and the correct password and secret key:- id | username | attribute | op | value +--+--++--- 1 | user4 | myattrib | = | hello 3 | user4 | myattrib2 | = | 1 2 | user4 | service-type | = | 1 Results in a response:- ---25/04/2005 14:02:25 Test started [MYTASK]- Info:Sending Access-Request of id 0 to 10.101.2.5:1812 User-Name = "user4" Password = "user3" Info: Access-Accept packet from host 10.101.2.5:1812, id=0, length=26 Service-Type = Login-User 25/04/2005 14:02:25 Test finished [MYTASK]- That is, only the system defined attribute is returned (login-user), not the other two. As a test, if I change 340, 341 to values that are already defined by system, say, 245 & 246. Then the response is. 25/04/2005 11:56:08 Test started [MYTASK]- Info:Sending Access-Request of id 0 to 10.101.2.5:1812 User-Name = "user4" Password = "user3" Info: Access-Accept packet from host 10.101.2.5:1812, id=0, length=39 X-Ascend-Preempt-Limit = 0x68656c6c6f Service-Type = Login-User X-Ascend-Callback = 1 25/04/2005 11:56:08 Test finished [MYTASK]- Here you can see three results including, X-Ascend-Preempt-Limit and X-Ascend-Callback Corresponding to the duplicate values defined in the system dictionary file. As these essentially overwrite my attributes, but the service-type entry still works, which suggest that though the db is working correctly and my attributes are being read, they are being ignored. Thus, what i think must be happening is that either Im missing some part of the configuration indicating the values I use (345 & 346) may be used as return values, or the attribute values are not setup properly. Does anyone know what im doing wrong? Ive looked at all the other configuration files nothing is obvious. Any suggestions? regards, Arun Mundray.
PAM problem - from India
Hi all, I have setup freeradius-0.9.3-1 on RHEL 3.0 ES. I have given the default Auth-Type as Pam in /etc/radd/users. I am using NTrad utility to check the setting. I am getting the following PAM error, which i have attached below. i am assuming that it looks for the deprecated /etc/pam.conf file instead for the new /etc/pam.d/radiusd I have to use PAM and will be very gratefull if any of you can shed light on how to correct this.Thanking you regards Arun Jul 23 13:58:20 venus radiusd: rad_recv: Access-Request packet from host 192.168.1.5:32769, id=28, length=44 Jul 23 13:58:20 venus radiusd: Thread 4 assigned request 3 Jul 23 13:58:20 venus radiusd: --- Walking the entire request list --- Jul 23 13:58:20 venus radiusd: Threads: total/active/spare threads = 5/1/4 Jul 23 13:58:20 venus radiusd: Waking up in 5 seconds... Jul 23 13:58:20 venus radiusd: Thread 4 handling request 3, (1 handled so far) Jul 23 13:58:20 venus radiusd: ^IUser-Name = "mani" Jul 23 13:58:20 venus radiusd: ^IUser-Password = "mani" Jul 23 13:58:20 venus radiusd: modcall: entering group authorize for request 3 Jul 23 13:58:20 venus radiusd: modcall[authorize]: module "preprocess" returns ok for request 3 Jul 23 13:58:20 venus radiusd: modcall[authorize]: module "chap" returns noop for request 3 Jul 23 13:58:20 venus radiusd: modcall[authorize]: module "eap" returns noop for request 3 Jul 23 13:58:20 venus radiusd: rlm_realm: No '@' in User-Name = "mani", looking up realm NULL Jul 23 13:58:20 venus radiusd: rlm_realm: No such realm "NULL" Jul 23 13:58:20 venus radiusd: modcall[authorize]: module "suffix" returns noop for request 3 Jul 23 13:58:20 venus radiusd: users: Matched DEFAULT at 158 Jul 23 13:58:20 venus radiusd: modcall[authorize]: module "files" returns ok for request 3 Jul 23 13:58:20 venus radiusd: modcall[authorize]: module "mschap" returns noop for request 3 Jul 23 13:58:20 venus radiusd: modcall: group authorize returns ok for request 3 Jul 23 13:58:20 venus radiusd: rad_check_password: Found Auth-Type PAM Jul 23 13:58:20 venus radiusd: auth: type "PAM" Jul 23 13:58:20 venus radiusd: modcall: entering group authenticate for request 3 Jul 23 13:58:20 venus radiusd: pam_pass: using pamauth string for pam.conf lookup Jul 23 13:58:20 venus radiusd: pam_pass: function pam_authenticate FAILED for . Reason: Authentication failure Jul 23 13:58:20 venus radiusd: modcall[authenticate]: module "pam" returns reject for request 3 Jul 23 13:58:20 venus radiusd: modcall: group authenticate returns reject for request 3 Jul 23 13:58:20 venus radiusd: auth: Failed to validate the user. Jul 23 13:58:20 venus radiusd: Delaying request 3 for 1 seconds Jul 23 13:58:20 venus radiusd: Finished request 3 Jul 23 13:58:20 venus radiusd: Going to the next request Jul 23 13:58:20 venus radiusd: Thread 4 waiting to be assigned a request Jul 23 13:58:25 venus radiusd: --- Walking the entire request list --- Jul 23 13:58:25 venus radiusd: Threads: total/active/spare threads = 5/0/5 Jul 23 13:58:25 venus radiusd: Sending Access-Reject of id 28 to 192.168.1.5:32769 Jul 23 13:58:25 venus radiusd: Waking up in 1 seconds... Jul 23 13:58:26 venus radiusd: --- Walking the entire request list --- Jul 23 13:58:26 venus radiusd: Cleaning up request 3 ID 28 with timestamp 4100cc24 Jul 23 13:58:26 venus radiusd: Nothing to do. Sleeping until we see a request. __ Do you Yahoo!? Vote for the stars of Yahoo!'s next ad campaign! http://advision.webevents.yahoo.com/yahoo/votelifeengine/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html