Re[4]: segmentation fault
DH Alan, Saturday, July 16, 2005, 12:32:16 AM, you wrote: AD> avudz <[EMAIL PROTECTED]> wrote: >> i don't know if i can run 2 or more radius on my machine ? AD> Yes, you can. You don't need two *installations*, though. Just AD> install one, and configure two services. --- ok thanks Alan, i use -d option to use radius read another config :-) nice. -- Best regards, ./avdmailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: segmentation fault
DH Alan, Friday, July 15, 2005, 10:53:39 PM, you wrote: AD> You probably have two incompatible copies of the server on the same AD> platform. --- i don't know if i can run 2 or more radius on my machine ? and listen to another port, range from 1812-1814, 1815-1817 etc.. the condition is, my company want different database from each client site, customer can only login with the account from one place, when he move to another place the username & password will invalid. i have test my case above with radius from rpm binary, its run well, but in .tar.gz format always appear "Segmentation Fault". -- Best regards, ./avd - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
segmentation fault
Hello, i just installed freeradius-1.0.4 on MDK 10.1, each time i run the radius always appear "Segmentation fault", in instalation and configuration didn't display any error message. the weird again is radius running well with rpm format. any idea ? here is end of error radiusd -X sql: safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /" Segmentation fault [EMAIL PROTECTED] freeradius-1.0.4]# ldd /usr/local/radius/sbin/radiusd linux-gate.so.1 => (0xe000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x40023000) libradius-1.0.4.so => /usr/local/radius-bali/lib/libradius-1.0.4.so (0x4005) libltdl.so.3 => /usr/local/lib/libltdl.so.3 (0x40064000) libdl.so.2 => /lib/libdl.so.2 (0x4006b000) libnsl.so.1 => /lib/libnsl.so.1 (0x4006e000) libresolv.so.2 => /lib/libresolv.so.2 (0x40081000) libpthread.so.0 => /lib/tls/libpthread.so.0 (0x40092000) libcrypto.so.0.9.7 => /usr/lib/libcrypto.so.0.9.7 (0x400a3000) libssl.so.0.9.7 => /usr/lib/libssl.so.0.9.7 (0x401a3000) libc.so.6 => /lib/tls/libc.so.6 (0x401d4000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x4000) [EMAIL PROTECTED] freeradius-1.0.4]# uname -a Linux radius 2.6.8.1-10mdk #1 Wed Sep 8 17:00:52 CEST 2004 i686 Intel(R) Pentium(R) 4 CPU 2.40GHz unknown GNU/Linux [EMAIL PROTECTED] freeradius-1.0.4]# gcc -v Reading specs from /usr/lib/gcc/i586-mandrake-linux-gnu/3.4.1/specs Configured with: ../configure --prefix=/usr --libdir=/usr/lib --with-slibdir=/lib --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --disable-checking --enable-long-long --enable-__cxa_atexit --enable-clocale=gnu --disable-libunwind-exceptions --enable-languages=c,c++,ada,f77,objc,java --host=i586-mandrake-linux-gnu --with-system-zlib Thread model: posix gcc version 3.4.1 (Mandrakelinux 10.1 3.4.1-4mdk) -- Best regards, ./avd mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[14]: daily limit
Hello Marcin, Wednesday, May 11, 2005, 6:32:36 PM, you wrote: MJ> Maybe the date format is incorrect? MJ> I am not sure what those silly americans use but afair it's MJ> of Month-Day-Year format - as logical as using bodyparts as the MJ> scale value for meassurements :) MJ> What does the debugging info say? nah nah, you quite right :-) when i change the date format, its work well now :-) thanks to god my friend help me !! -- Best regards, avudzmailto:[EMAIL PROTECTED] *gila ni radius, cari manual tak dapat2 :p* - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
posgresql how to
Hello, anybody knows where can i download / read radius-postgre how to ? i think i better switch to postgre :-) -- Best regards, ./avd mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[13]: daily limit
Hello Marcin, Wednesday, May 11, 2005, 6:32:36 PM, you wrote: MJ> Maybe the date format is incorrect? MJ> I am not sure what those silly americans use but afair it's MJ> of Month-Day-Year format - as logical as using bodyparts as the MJ> scale value for meassurements :) MJ> What does the debugging info say? hehehe.. i don't have any idea about this, how to debug sql date ? i try this one : mysql> select now(); +-+ | now() | +-+ | 2005-05-11 18:40:36 | +-+ 1 row in set (0.00 sec) i guess the format are same, Year-Month-Date format. -- Best regards, avudzmailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[11]: daily limit
Wednesday, May 11, 2005, 5:47:16 PM, you wrote: a> Hello Marcin, a> Wednesday, May 11, 2005, 5:09:01 PM, you wrote: MJ>> Hi. MJ>> Yepp, that should work, i.e. mysql>>> select * from radcheck; MJ>> ++--+---+++ MJ>> | id | UserName | Attribute | op | Value | MJ>> ++--+---+++ MJ>> | 5 | yazzy| User-Password | := | yazzy | MJ>> | 6 | yazzy| Max-Daily-Session | := | 3600 | MJ>> | 7 | yazzy| Expiration| := | 2005-01-10 | MJ>> ++--+---+++ MJ>> Or you could put it to the readgroupreply table as well for your group. --- hello, sorry for bothering again :-) i've follow the example like you paste, but i still can login with user 'avudz' even i set date older 4 months. is it need some special option on first configure ? Database changed mysql> select * from radcheck; ++--+---+++ | id | UserName | Attribute | op | Value | ++--+---+++ [SNIP] | 11 | 81 | Password | := | avudz | | 12 | 81 | Expiration| := | 2005-01-10 | ++--+---+++ 10 rows in set (0.00 sec) -- Best regards, avudz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[10]: daily limit
Hello Marcin, Wednesday, May 11, 2005, 5:09:01 PM, you wrote: MJ> Hi. MJ> Yepp, that should work, i.e. mysql>> select * from radcheck; MJ> ++--+---+++ MJ> | id | UserName | Attribute | op | Value | MJ> ++--+---+++ MJ> | 5 | yazzy| User-Password | := | yazzy | MJ> | 6 | yazzy| Max-Daily-Session | := | 3600 | MJ> | 7 | yazzy| Expiration| := | 2005-01-10 | MJ> ++--+---+++ MJ> Or you could put it to the readgroupreply table as well for your group. --- wow, ok, dankee :-) -- Best regards, avudzmailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[8]: daily limit
Wednesday, May 11, 2005, 4:36:26 PM, you wrote: CK> I'll second that idea. Definately would need some external maintenance CK> on the database every night to expire accounts older than 24hrs... CK> Alternatively, you *can* do some nifty sql query on the authentication query CK> that compaires radacct to the account being authenticated, but that would be CK> a performance hit on authentication times. A nightly maintenance run would CK> be the best way to go IMHO. --- thanks so much for response and idea, btw last *hope* :-) is it possible to do like this : Database changed mysql> select * from radgroupcheck; ++---+-+++ | id | GroupName | Attribute | op | Value | ++---+-+++ [SNIP] | 6 | test | Expiration | := | 2005-01-10 | ++---+-+++ 4 rows in set (0.00 sec) so all user which in group test if date > 10-01-2005 will expire. *last hope* :-) -- Best regards, avudz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[6]: daily limit
Hello Marcin, Wednesday, May 11, 2005, 4:06:52 PM, you wrote: MJ> Hi. MJ> As far as I know the sqlcounter will disallow furhter MJ> authentrication only if the user has used her time limit quota. MJ> The Session-Timeout Attribute will kick him out when loged in MJ> and the Max-XYZ-Session will be checked the next time a user wants MJ> to login. MJ> You would need an additional Attribute for user expiration date as well. --- mm i c, so i think i need external script to do this ?? like Exec-Program ? if min(AcctStartTime) or AcctStartTime == 0 the voucher will not expire, or its possible to generate from PHP script and doing query to database 'Expire' each time there was authenticate ? -- Best regards, avudzmailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[4]: daily limit
Hello Marcin, Wednesday, May 11, 2005, 2:54:09 PM, you wrote: MJ> In your case you should change reset=never to reset=1h if you MJ> want to reset the counter every hour. MJ> But in that case it would not make sense to call it MJ> Max-Hour-Session-Time since the counter would be reset after the MJ> user's time is off and then she would be able to login again... --- ups, sorry. thanks for correcting my mistake. MJ> What do you exactly wanna do? Your config as it is now does not make any sense. MJ> Your SQL says you want to allow your users to stay on 24 MJ> hours a day. But then you want to reset the counter every hour? MJ> That would make sense if the reset value was greater than the MJ> corresponding value of your Max-XYZ-Session. --- in my case, i have 1 day voucher limited to 24 hour, the password will expire next day after first login even the user only use 3 hours. -- Best regards, avudz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: daily limit
Monday, May 9, 2005, 9:34:05 PM, you wrote:
SE> Hm... maybe you should set the SQL statements in your sqlcounter.conf file
SE> that can be usually found in /etc/raddb or
SE> /usr/local/etc/raddb depending on
SE> distribution...
SE> You can define the different counters for your vouchers that will count time
SE> or traffic by defining them in the file I mentioned...
SE> I dont know, but maybe you should take a look at
SE> /usr/share/doc/packages/freeradius/rlm_sqlcounter if you already didnt do
SE> that...
hello, i still cant solve the problem about 1 day limit. now im thinking to put
in
sqlcounter.conf :
sqlcounter hourcounter {
counter-name = Max-Hour-Session-Time
check-name = Max-Hour-Session
sqlmod-inst = sql
key = User-Name
reset = never
query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
}
and i set 86400 in radgroupcheck, and input :
INSERT INTO radgroupcheck (id,GroupName,Attribute,Value,op)
-> VALUES
('','plan_name','Password-Expire','86400',':=');
is it will work regard to my case ? the point is, customer cant login
after next day, the login voucher will valid for twenty four hours
from the first time login. please advice. thanks
--
Best regards,
avudz
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
daily limit
Hello, i'm realy happy my rlm_sqlcounter now run as i hope :-) but now i have 3 another case, i have three model voucher. 1st for 4 hours and the voucher valid for 2 days, 2nd 8 hours, valid for four days, last is one day, valid for 24 hours, so when the user log in, *maybe* the radius will log the user start time and will close the session when the session is over limit. how can i make like that ? what should i read ? please advice. -- Best regards, ./avd mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
re-force auth
Hello, is it possible force users re-authenticate to radius when its already connected ? or it base on NAS ? i've search in archive but still cant find how to kick online user. -- Best regards, ./avd - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[3]: about limit
Hello,
sorry, i still confuse with user max-daily-session, how can radius
reject the user if user have over quota ?
maybe anybody knows how to make a simple script like :
"if sum_sess_time > than radgroupcheck.value than reject"
ugh, i have follow the rlm_sqlcounter manual, also follow radkill
instruction but the exceed user time still can use my internet access
:(( is there something wrong with my config i've paste before ?
mysql> select * from radgroupcheck;
++---+-++---+
| id | GroupName | Attribute | op | Value |
++---+-++---+
| 1 | c | Max-All-Session | := | 360 |
| 2 | d | Max-All-Session | := | 360 |
++---+-++---+
2 rows in set (0.00 sec)
mysql> select * from radcheck;
++--+---++---+
| id | UserName | Attribute | op | Value |
++--+---++---+
| 1 | aw | Password | == | aw|
| 2 | avudz | Password | == | avudz |
| 3 | ampun| User-Password | := | ampun |
| 4 | joko | User-Password | := | joko |
| 5 | gede | User-Password | := | gede |
| 6 | a| User-Password | := | a |
| 8 | b| User-Password | := | b |
| 9 | c| User-Password | := | c |
| 11 | d| User-Password | := | d |
++--+---++---+
9 rows in set (0.00 sec)
here is user 'd' information from dialup_admin
Connections 9
Online time 54 minutes, 25 seconds
Failed Logins 0
Upload 83.40 KBs
Download 39.32 KBs
Average Time 6 minutes, 2 seconds
Average Upload 9.27 KBs
Average Download 4.37 KBs
the user can still online ever i have limit it to 360 second
and this also from radkill log :
[EMAIL PROTECTED] radkill]# radwho
Login Name What TTY When From Location
d d shell S0 Sat 14:52 20x.x8.x9 10.11.12.12
[EMAIL PROTECTED] radkill]# ./radkill
[EMAIL PROTECTED] radkill]# more /usr/local/dialupadmin/htdocs/radkill.txt
Sat Apr 23 14:47:02 WIT 2005
Online : 0 Preferred: 1Absolute: 1
Next to Die: Last Kill: ###NONE###
Guar UsedRem Max Min PortUserLocation
--- --- ---
# more radkill.conf
###
# Config file for radkill by Jason Straight #
###
# USERLIMIT where nn is a maximum # of users allowed online before
# radkill starts terminating connections.
#
# format is: username:timelimit:minimum
# timelimit is the max time username can stay on for one session
# minimum is the minimum amount of time a user can be online before being kicked
# when USERLIMIT is met.
#
# Setting a users limits to over and minimum to over makes that user a
# priority user that will NEVER get kicked
#
# username @ is default user, any usernames not specified in this file will
# acquire user @'s setting values.
NasName:netnet
NasType:net
AdminUser:avudz
AdminPass:avudz
# RadiusUsersFile:/usr/local/etc/raddb/users
PrefMax:1
AbsMax:1
OutFile:/usr/local/dialupadmin/htdocs/radkill.txt
MailDomain:net.net
### users and settings ###
### username:timelimit:minimum:getmailtime:mailafter:maxlogins:lockoutduration
###
d:360:360
@:360:N
# ps ax | grep radkill
26983 pts/0S 0:00 tclsh ./radkill
*confuse* the most important i hope from radius is access limiting :-)
pls advice.
--
Best regards,
avudz
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: about limit
27;%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}',
'%{NAS-IP
-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL
(%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0})
SECON
D), '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}',
'%{Acct-Input-Octets}',
'%{Acct-Output-Octets}',
'%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Acct-Terminate-Cause}',
'%{Service-Type}', '%{Framed-Protocol}',
'%{Frame
d-IP-Address}', '0', '%{Acct-Delay-Time}')"
sql: group_membership_query = "SELECT GroupName FROM usergroup WHERE
UserName='%{SQL-User-Name}'"
sql: connect_failure_retry_delay = 60
sql: simul_count_query = ""
sql: simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName,
NASIPAddress, NASPortId, FramedIPAddress,
CallingStatio
nId, FramedProtocol FROM radacct WHERE UserName='%{SQL-User-Name}' AND
AcctStopTime = 0"
sql: postauth_table = "radpostauth"
sql: postauth_query = "INSERT into radpostauth (id, user, pass, reply, date)
values ('', '%{User-Name}',
'%{User-Password:-Ch
ap-Password}', '%{reply:Packet-Type}', NOW())"
sql: safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to [EMAIL PROTECTED]:/radius
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
rlm_sql (sql): starting 1
rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (sql): Connected new DB handle, #1
rlm_sql (sql): starting 2
rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (sql): Connected new DB handle, #2
rlm_sql (sql): starting 3
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql (sql): starting 4
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
rlm_sql_mysql: Starting connect to MySQL server for #4
rlm_sql (sql): Connected new DB handle, #4
Module: Instantiated sql (sql)
Module: Loaded SQL Counter
sqlcounter: counter-name = "Max-All-Session-Time"
sqlcounter: check-name = "Max-All-Session"
sqlcounter: key = "User-Name"
sqlcounter: sqlmod-inst = "sql"
sqlcounter: query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{%k}'"
sqlcounter: reset = "never"
rlm_sqlcounter: Counter attribute Max-All-Session-Time is number 1671
rlm_sqlcounter: Check attribute Max-All-Session is number 1672
rlm_sqlcounter: Current Time: 1114196966 [2005-04-23 02:09:26], Next reset 0
[2005-04-23 02:00:00]
rlm_sqlcounter: Current Time: 1114196966 [2005-04-23 02:09:26], Prev reset 0
[2005-04-23 02:00:00]
Module: Instantiated sqlcounter (noresetcounter)
sqlcounter: counter-name = "Daily-Session-Time"
sqlcounter: check-name = "Max-Daily-Session"
sqlcounter: key = "User-Name"
sqlcounter: sqlmod-inst = "sql"
sqlcounter: query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE
UserN
ame='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
sqlcounter: reset = "daily"
rlm_sqlcounter: Counter attribute Daily-Session-Time is number 1673
rlm_sqlcounter: Check attribute Max-Daily-Session is number 1674
rlm_sqlcounter: Current Time: 1114196966 [2005-04-23 02:09:26], Next reset
1114275600 [2005-04-24 00:00:00]
rlm_sqlcounter: Current Time: 1114196966 [2005-04-23 02:09:26], Prev reset
1114189200 [2005-04-23 00:00:00]
Module: Instantiated sqlcounter (dailycounter)
sqlcounter: counter-name = "Monthly-Session-Time"
sqlcounter: check-name = "Max-Monthly-Session"
sqlcounter: key = "User-Name"
sqlcounter: sqlmod-inst = "sql"
sqlcounter: query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE
UserN
ame='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
sqlcounter: reset = "monthly"
rlm_sqlcounter: Counter attribute Monthly-Session-Time is number 1675
rlm_sqlcounter: Check attribute Max-Monthly-Session is number 1676
rlm_sqlcounter: Current Time: 1114196966 [2005-04-23 02:09:26], Next reset
1114880400 [2005-05-01 00:00:00]
rlm_sqlcounter: Current Time: 1114196966 [2005-04-23 02:09:26], Prev reset
1112288400 [2005-04-01 00:00:00]
Module: Instantiated sqlcounter (monthlycounter)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port-Id"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Listening on proxy *:1814
Ready to process requests.
-
mohon pencerahan nya pak. terima kasih :-)
--
Best regards,
avudz
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
about limit
Hello,
sorry for this fool question, perhaps this have been discuss before.
i user freeradius-1.0.2 and dialup admin, the problem is, the
clients still can connect through radius server even the daily limit
is over.
i've implement
http://www.lh.freeradius.org/radiusd/doc/rlm_sqlcounter howto, and
put field like this :
INSERT into radcheck VALUES ('','b','Max-All-Session','400',':=');
but user b still can login after 6 minutes ? so how can i limit the
max-daily-session ?
here is the log from dialup admin :
User is not online now
-
Last Connection Time 2005-04-22 11:03:03
Online Time 33 minutes, 10 seconds
Server 202.78.193.83 (202.78.193.83)
Server Port 0
Workstation 00:E0:4C:13:8B:1B
Upload 152.89 KBs
Download 7.41 KBs
Allowed Session user can login for 0 seconds (Out of daily quota)
<--- over quota ?
Usefull User Description -
--
Best regards,
./avd
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
