Re: Different behavior when run with -X and not
I did some more testing. It happens only on Access-Reject. No problem when sending Access-Accept. I ran it as radiusd -fxxyz -l stdout, which is only one difference(spawn child processes) from radiusd -X. In the following log, it finished processing the request and waited for about 15 second to send out the reject packets. Please help me to solve the problem. Thanks. Exec-Program output: h323-return-code=3 Exec-Program-Wait: value-pairs: h323-return-code=3 Exec-Program: returned: 1 Delaying request 2 for 1 seconds Finished request 2 Going to the next request Thread 3 waiting to be assigned a request === = about 15 seconds later=== === rad_recv: Access-Request packet from host 10.1.2.182:1812, id=82, length=108 Sending Access-Reject of id 82 to 10.1.2.182 port 1812 --- Walking the entire request list --- [EMAIL PROTECTED] wrote: I'm running FreeRADIUS 1.1.6 on a CentOS 3 box. I'm using Exec-Program-Wait to call my external program. When I run it in debug mode with radiusd -X, the process goes fine. But when I run it in normal mode, the server didn't response the first time. It responses when the NAS timed out and send the access request again (I can see it with Ethereal). My external program will output debug info and I can see it has processed the request the first time. When NAS re-sending the request the RADIUS is responding with cached result because my program only run once. I was running version 1.0.1 and I thought it might be the server so I upgrade to 1.1.6 but no luck here. Below is the radiusd -X log(which is OK) because I don't know how to get the same log in non-debug mode, the one that have problem is second access-request(request 2). Please tell me how can I find where the problem is and fix it. Thanks for your help. Chih-Chen Hwang ps. I only modified users, acct_user and clients.conf after installation. Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/proxy.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/clients.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/snmp.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/eap.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/sql.conf main: prefix = /usr/local/freeradius-1.1.6 main: localstatedir = /usr/local/freeradius-1.1.6/var main: logdir = /usr/local/freeradius-1.1.6/var/log/radius main: libdir = /usr/local/freeradius-1.1.6/lib main: radacctdir = /usr/local/freeradius-1.1.6/var/log/radius/radacct main: hostname_lookups = no main: snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /usr/local/freeradius-1.1.6/var/log/radius/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /usr/local/freeradius-1.1.6/var/run/radiusd/radiusd.pid main: user = (null) main: group = (null) main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/local/freeradius-1.1.6/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/freeradius-1.1.6/lib Module: Loaded exec exec: wait = yes exec: program = (null) exec: input_pairs = request exec: output_pairs = (null) exec: packet_type = (null) rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = crypt pap: auto_header = yes Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache =
Different behavior when run with -X and not
I'm running FreeRADIUS 1.1.6 on a CentOS 3 box. I'm using Exec-Program-Wait to call my external program. When I run it in debug mode with radiusd -X, the process goes fine. But when I run it in normal mode, the server didn't response the first time. It responses when the NAS timed out and send the access request again (I can see it with Ethereal). My external program will output debug info and I can see it has processed the request the first time. When NAS re-sending the request the RADIUS is responding with cached result because my program only run once. I was running version 1.0.1 and I thought it might be the server so I upgrade to 1.1.6 but no luck here. Below is the radiusd -X log(which is OK) because I don't know how to get the same log in non-debug mode, the one that have problem is second access-request(request 2). Please tell me how can I find where the problem is and fix it. Thanks for your help. Chih-Chen Hwang ps. I only modified users, acct_user and clients.conf after installation. Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/proxy.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/clients.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/snmp.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/eap.conf Config: including file: /usr/local/freeradius-1.1.6/etc/raddb/sql.conf main: prefix = /usr/local/freeradius-1.1.6 main: localstatedir = /usr/local/freeradius-1.1.6/var main: logdir = /usr/local/freeradius-1.1.6/var/log/radius main: libdir = /usr/local/freeradius-1.1.6/lib main: radacctdir = /usr/local/freeradius-1.1.6/var/log/radius/radacct main: hostname_lookups = no main: snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /usr/local/freeradius-1.1.6/var/log/radius/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /usr/local/freeradius-1.1.6/var/run/radiusd/radiusd.pid main: user = (null) main: group = (null) main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/local/freeradius-1.1.6/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/freeradius-1.1.6/lib Module: Loaded exec exec: wait = yes exec: program = (null) exec: input_pairs = request exec: output_pairs = (null) exec: packet_type = (null) rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = crypt pap: auto_header = yes Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = (null) unix: shadow = (null) unix: group = (null) unix: radwtmp = /usr/local/freeradius-1.1.6/var/log/radius/radwtmp unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = md5 eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = Password: gtc: auth_type = PAP rlm_eap: Loaded and initialized type gtc mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = /usr/local/freeradius-1.1.6/etc/raddb/huntgroups preprocess: hints = /usr/local/freeradius-1.1.6/etc/raddb/hints preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no preprocess: with_alvarion_vsa_hack = no Module: Instantiated preprocess (preprocess)