about sqlippool
Hello, I got it. I defined Pool-Name attribute in wrong place. Tseveen. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
About sqlippool
Hello, Sorry for ask newbie question. I would like to implement sqlippool functionality on FreeRADIUS 2.1.3. I read /usr/local/share/doc/freeradius/rlm_sqlippool there has following note "IP-Pool Attribute (Keep in mind that its a **CHECK** item, not reply)" I didn't understand. which attribute (IP-Pool or Pool-Name) needed for sqlippool? and I also defined sqlippool in accounting { ...} and post-auth {...} directive. But pool didn't work. You can see more detailed below. Thanks for any help. accounting { # # Create a 'detail'ed log of the packets. # Note that accounting requests which are proxied # are also logged in the detail file. detail # daily # Update the wtmp file # # If you don't use "radlast", you can delete this line. #unix # # Log traffic to an SQL database. # # See "Accounting queries" in sql.conf sql *sqlippool* # # For Simultaneous-Use tracking. # # Due to packet losses in the network, the data here # may be incorrect. There is little we can do about it. radutmp # sradutmp # Return an address to the IP Pool when we see a stop record. # main_pool # # Instead of sending the query to the SQL server, # write it into a log file. # # sql_log # Cisco VoIP specific bulk accounting # pgsql-voip # Filter attributes from the accounting response. attr_filter.accounting_response # # See "Autz-Type Status-Server" for how this works. # # Acct-Type Status-Server { # # } } and post-auth { # Get an address from the IP Pool. # main_pool # # If you want to have a log of authentication replies, # un-comment the following line, and the 'detail reply_log' # section, above. # reply_log # # After authenticating the user, do another SQL query. # # See "Authentication Logging Queries" in sql.conf sql *sqlippool* # # Instead of sending the query to the SQL server, # write it into a log file. # # sql_log # # Un-comment the following if you have set # 'edir_account_policy_check = yes' in the ldap module sub-section of # the 'modules' section. # # ldap exec # # Access-Reject packets are sent through the REJECT sub-section of the # post-auth section. # # Add the ldap module name (or instance) if you have set # 'edir_account_policy_check = yes' in the ldap module configuration # Post-Auth-Type REJECT { attr_filter.access_reject } } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: UPDATED: dumb humble question about sqlippool
Yes. That is the way we handle it also :-) -Peter On Wed 04 Oct 2006 02:45, Guilherme Franco wrote: > Nevermind the proxy issue, I've managed to circumvent it using attrs file > > Thanks > > On 10/3/06, Guilherme Franco <[EMAIL PROTECTED]> wrote: > > Mr. Peter, > > > > Thanks, I was using "sql_instance2{...}" instead of "sql > > sql_instance2{...}" > > > > :) > > > > Everything is working nice now with this hybrid oracle/postgresql > > except when I'm proxying and sqlippool won't set an IP because of > > 255.255.255.254 answer from the proxy server. > > > > As we talked earlier, there's no override = yes for this so I need to > > put "Pool-Name := FOO" in radreply, but even with the reply, it > > doesn't work. What I'm doing is convince the proxy ISP to change it's > > conf so it don't send me 255.255.255.254 for now. > > > > I have to thank you again for all your help! Now it's my turn to > > contribute, as soon as I have the time to look for, I hope to patch > > rlm_sqlippool.c and CVS it along with oracle.sqlippool.conf and > > radippool schema for oracle. > > > > Greetings > > > > On 10/3/06, Peter Nixon <[EMAIL PROTECTED]> wrote: > > > On Tue 03 Oct 2006 19:29, Guilherme Franco wrote: > > > > Hello, > > > > > > > > I've installed Postgres with exactly the same configuration as > > > > Oracle's and Postgres works. > > > > > > Good. > > > > > > > The only point of failure using Oracle should be in radippool > > > > Framedipaddress which is VARCHAR in Oracle but is INET in Postgres. > > > > > > > > Could be a parsing error in rlm_sqlippool.c > > > > > > Hmm. It could be. Patches to fix it are welcome :-) > > > > > > > That's because xlat outputs: > > > > - > > > > 'SELECT framedipaddress FROM (select framedipaddress from radippool > > > > WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where rownum = 1' > > > > sqlippool_query1: row[0] returned NULL > > > > rlm_sqlippool: ip=[] len=0 > > > > radius_xlat: 'COMMIT' > > > > rlm_sqlippool: IP number could not be allocated. > > > > - > > > > > > > > The same query on sqlplus is ok: > > > > SQL> SELECT framedipaddress FROM (select framedipaddress from > > > > radippool WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where > > > > rownum = 1; > > > > > > > > FRAMEDIPADDRESS > > > > -- > > > > 192.168.1.3 > > > > > > > > Now, considering that Postgres works like a breeze, how can I setup > > > > just sqlippool.conf to look in postgres, but the regular user and > > > > password queries to look in oracle? > > > > > > > > I've created a sql.conf containing oracle's confs (sql{..}) and > > > > sql2.conf containing postgres confs (sql2{...}). > > > > > > > > If I specify sql-instance-name = "sql2" in sqlippool.conf it does not > > > > works. > > > > > > http://wiki.freeradius.org/Rlm_sql#Instances > > > > > > Just give your instances different names as the documentation says. > > > > > > > I appreciate any help on this issue. Thanks! > > > > > > Cheers > > > > > > -- > > > > > > Peter Nixon > > > http://www.peternixon.net/ > > > PGP Key: http://www.peternixon.net/public.asc > > > > > > > > > - > > > List info/subscribe/unsubscribe? See > > > http://www.freeradius.org/list/users.html > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc pgp0fsaRXAHc5.pgp Description: PGP signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: UPDATED: dumb humble question about sqlippool
Nevermind the proxy issue, I've managed to circumvent it using attrs file Thanks On 10/3/06, Guilherme Franco <[EMAIL PROTECTED]> wrote: Mr. Peter, Thanks, I was using "sql_instance2{...}" instead of "sql sql_instance2{...}" :) Everything is working nice now with this hybrid oracle/postgresql except when I'm proxying and sqlippool won't set an IP because of 255.255.255.254 answer from the proxy server. As we talked earlier, there's no override = yes for this so I need to put "Pool-Name := FOO" in radreply, but even with the reply, it doesn't work. What I'm doing is convince the proxy ISP to change it's conf so it don't send me 255.255.255.254 for now. I have to thank you again for all your help! Now it's my turn to contribute, as soon as I have the time to look for, I hope to patch rlm_sqlippool.c and CVS it along with oracle.sqlippool.conf and radippool schema for oracle. Greetings On 10/3/06, Peter Nixon <[EMAIL PROTECTED]> wrote: > On Tue 03 Oct 2006 19:29, Guilherme Franco wrote: > > Hello, > > > > I've installed Postgres with exactly the same configuration as > > Oracle's and Postgres works. > > Good. > > > The only point of failure using Oracle should be in radippool > > Framedipaddress which is VARCHAR in Oracle but is INET in Postgres. > > > > Could be a parsing error in rlm_sqlippool.c > > Hmm. It could be. Patches to fix it are welcome :-) > > > That's because xlat outputs: > > - > > 'SELECT framedipaddress FROM (select framedipaddress from radippool > > WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where rownum = 1' > > sqlippool_query1: row[0] returned NULL > > rlm_sqlippool: ip=[] len=0 > > radius_xlat: 'COMMIT' > > rlm_sqlippool: IP number could not be allocated. > > - > > > > The same query on sqlplus is ok: > > SQL> SELECT framedipaddress FROM (select framedipaddress from > > radippool WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where > > rownum = 1; > > > > FRAMEDIPADDRESS > > -- > > 192.168.1.3 > > > > Now, considering that Postgres works like a breeze, how can I setup > > just sqlippool.conf to look in postgres, but the regular user and > > password queries to look in oracle? > > > > I've created a sql.conf containing oracle's confs (sql{..}) and > > sql2.conf containing postgres confs (sql2{...}). > > > > If I specify sql-instance-name = "sql2" in sqlippool.conf it does not > > works. > > http://wiki.freeradius.org/Rlm_sql#Instances > > Just give your instances different names as the documentation says. > > > I appreciate any help on this issue. Thanks! > > Cheers > > -- > > Peter Nixon > http://www.peternixon.net/ > PGP Key: http://www.peternixon.net/public.asc > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: UPDATED: dumb humble question about sqlippool
Mr. Peter, Thanks, I was using "sql_instance2{...}" instead of "sql sql_instance2{...}" :) Everything is working nice now with this hybrid oracle/postgresql except when I'm proxying and sqlippool won't set an IP because of 255.255.255.254 answer from the proxy server. As we talked earlier, there's no override = yes for this so I need to put "Pool-Name := FOO" in radreply, but even with the reply, it doesn't work. What I'm doing is convince the proxy ISP to change it's conf so it don't send me 255.255.255.254 for now. I have to thank you again for all your help! Now it's my turn to contribute, as soon as I have the time to look for, I hope to patch rlm_sqlippool.c and CVS it along with oracle.sqlippool.conf and radippool schema for oracle. Greetings On 10/3/06, Peter Nixon <[EMAIL PROTECTED]> wrote: On Tue 03 Oct 2006 19:29, Guilherme Franco wrote: > Hello, > > I've installed Postgres with exactly the same configuration as > Oracle's and Postgres works. Good. > The only point of failure using Oracle should be in radippool > Framedipaddress which is VARCHAR in Oracle but is INET in Postgres. > > Could be a parsing error in rlm_sqlippool.c Hmm. It could be. Patches to fix it are welcome :-) > That's because xlat outputs: > - > 'SELECT framedipaddress FROM (select framedipaddress from radippool > WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where rownum = 1' > sqlippool_query1: row[0] returned NULL > rlm_sqlippool: ip=[] len=0 > radius_xlat: 'COMMIT' > rlm_sqlippool: IP number could not be allocated. > - > > The same query on sqlplus is ok: > SQL> SELECT framedipaddress FROM (select framedipaddress from > radippool WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where > rownum = 1; > > FRAMEDIPADDRESS > -- > 192.168.1.3 > > Now, considering that Postgres works like a breeze, how can I setup > just sqlippool.conf to look in postgres, but the regular user and > password queries to look in oracle? > > I've created a sql.conf containing oracle's confs (sql{..}) and > sql2.conf containing postgres confs (sql2{...}). > > If I specify sql-instance-name = "sql2" in sqlippool.conf it does not > works. http://wiki.freeradius.org/Rlm_sql#Instances Just give your instances different names as the documentation says. > I appreciate any help on this issue. Thanks! Cheers -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: UPDATED: dumb humble question about sqlippool
On Tue 03 Oct 2006 19:29, Guilherme Franco wrote: > Hello, > > I've installed Postgres with exactly the same configuration as > Oracle's and Postgres works. Good. > The only point of failure using Oracle should be in radippool > Framedipaddress which is VARCHAR in Oracle but is INET in Postgres. > > Could be a parsing error in rlm_sqlippool.c Hmm. It could be. Patches to fix it are welcome :-) > That's because xlat outputs: > - > 'SELECT framedipaddress FROM (select framedipaddress from radippool > WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where rownum = 1' > sqlippool_query1: row[0] returned NULL > rlm_sqlippool: ip=[] len=0 > radius_xlat: 'COMMIT' > rlm_sqlippool: IP number could not be allocated. > - > > The same query on sqlplus is ok: > SQL> SELECT framedipaddress FROM (select framedipaddress from > radippool WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where > rownum = 1; > > FRAMEDIPADDRESS > -- > 192.168.1.3 > > Now, considering that Postgres works like a breeze, how can I setup > just sqlippool.conf to look in postgres, but the regular user and > password queries to look in oracle? > > I've created a sql.conf containing oracle's confs (sql{..}) and > sql2.conf containing postgres confs (sql2{...}). > > If I specify sql-instance-name = "sql2" in sqlippool.conf it does not > works. http://wiki.freeradius.org/Rlm_sql#Instances Just give your instances different names as the documentation says. > I appreciate any help on this issue. Thanks! Cheers -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc pgpzdlErLs3XW.pgp Description: PGP signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
UPDATED: dumb humble question about sqlippool
Hello, I've installed Postgres with exactly the same configuration as Oracle's and Postgres works. The only point of failure using Oracle should be in radippool Framedipaddress which is VARCHAR in Oracle but is INET in Postgres. Could be a parsing error in rlm_sqlippool.c That's because xlat outputs: - 'SELECT framedipaddress FROM (select framedipaddress from radippool WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where rownum = 1' sqlippool_query1: row[0] returned NULL rlm_sqlippool: ip=[] len=0 radius_xlat: 'COMMIT' rlm_sqlippool: IP number could not be allocated. - The same query on sqlplus is ok: SQL> SELECT framedipaddress FROM (select framedipaddress from radippool WHERE pool_name = 'SPW' ORDER BY dbms_random.value) where rownum = 1; FRAMEDIPADDRESS -- 192.168.1.3 Now, considering that Postgres works like a breeze, how can I setup just sqlippool.conf to look in postgres, but the regular user and password queries to look in oracle? I've created a sql.conf containing oracle's confs (sql{..}) and sql2.conf containing postgres confs (sql2{...}). If I specify sql-instance-name = "sql2" in sqlippool.conf it does not works. I appreciate any help on this issue. Thanks! On 9/29/06, Peter Nixon <[EMAIL PROTECTED]> wrote: On Fri 29 Sep 2006 15:23, Guilherme Franco wrote: > Thanks for all the answers Mr. Peter! > > To clarify some things: > >> NONE of the ippool modules let you set the pool name. You HAVE to set > >> Pool-Name = whatever as a check > >> item > > The radcheck table already have Pool-Name := "whatever" as a > attribute, op, value for all users, but that's ok because I can set it > manually in sqlippool.conf and the select DOES run in the correct > table then (xlat outputs correctly then and I did a network sniff that > shows the query is ok). If you set it in sqlippool.conf it is ignored by the module It will make no difference to the operation at all. > > Other issue is related to multiple pools, one with dynamic IP's and > > other with fixed ones (actually it's not possible to do that with only > > just one sqlippool.conf file without modifying rlm_sqlippool.c). > > > >> IT IS!! > >> Run two copies of the module! > > Sorry, i meant that I think that it is not possible without loading 2 > or more modules (just with one module and one sqlippool.conf) dumb > question, sorry. OK. We we specifically designed the module so you can run more than one instance of it (like most other radius modules) and the different instances may have different queries, tables and sql connections (Completely different database types if you wish) > > Another thing lies in proxy -> if the proxy returns IP 255.255.255.254 > > for me, sqlippool does not overrides it and do nothing (it doesn't > > have the override = yes option like ippool). > > > >>This can be added. Although why would you return an IP like that when you > >> dont need to? Just return the Pool-Name and let the module do its job. > > I didn't think about it, thanks. You are welcome :-) Infact we have added today the capability to detect an ip address of 255.255.255.254 but this makes no sense except for when you are acting as a proxy and wish to add an ip address from a pool to an accept packet comming from a home server. Just use "Pool-Name" for all local users. > Besides that I had to remove the BEGIN statement of allocate-begin > (and all other begins) because oracle does not need it, and if you > need to specify begin, then it needs to be in a different way (through > the sniff, I saw that the begin was stated, then 4 "space" chars and > then a "/" which is the same as doing "BEGIN;/" in sqlplus, > generating "ORA end-of-file errors") Don't know from where that "/" > came from thought. To solve this, I had to change "BEGIN" in > allocate-begin for "commit" (a normal oracle operation before any > query). Please send me a copy (privately if you wish) of your existing sqlippool.conf and working source code (or patch) so that we can integrate it into the existing code. > About the postgresql installation, I was thinking in installing it. I > will do that just to see it's behaviour, thanks. OK. I assumed that you had done this long ago. Please do it as a test. > THANKS A LOT AGAIN! Cheers -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html pgp8NfdSLPtkj.pgp Description: PGP signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dumb humble question about sqlippool
On Fri 29 Sep 2006 15:23, Guilherme Franco wrote: > Thanks for all the answers Mr. Peter! > > To clarify some things: > >> NONE of the ippool modules let you set the pool name. You HAVE to set > >> Pool-Name = whatever as a check > >> item > > The radcheck table already have Pool-Name := "whatever" as a > attribute, op, value for all users, but that's ok because I can set it > manually in sqlippool.conf and the select DOES run in the correct > table then (xlat outputs correctly then and I did a network sniff that > shows the query is ok). If you set it in sqlippool.conf it is ignored by the module It will make no difference to the operation at all. > > Other issue is related to multiple pools, one with dynamic IP's and > > other with fixed ones (actually it's not possible to do that with only > > just one sqlippool.conf file without modifying rlm_sqlippool.c). > > > >> IT IS!! > >> Run two copies of the module! > > Sorry, i meant that I think that it is not possible without loading 2 > or more modules (just with one module and one sqlippool.conf) dumb > question, sorry. OK. We we specifically designed the module so you can run more than one instance of it (like most other radius modules) and the different instances may have different queries, tables and sql connections (Completely different database types if you wish) > > Another thing lies in proxy -> if the proxy returns IP 255.255.255.254 > > for me, sqlippool does not overrides it and do nothing (it doesn't > > have the override = yes option like ippool). > > > >>This can be added. Although why would you return an IP like that when you > >> dont need to? Just return the Pool-Name and let the module do its job. > > I didn't think about it, thanks. You are welcome :-) Infact we have added today the capability to detect an ip address of 255.255.255.254 but this makes no sense except for when you are acting as a proxy and wish to add an ip address from a pool to an accept packet comming from a home server. Just use "Pool-Name" for all local users. > Besides that I had to remove the BEGIN statement of allocate-begin > (and all other begins) because oracle does not need it, and if you > need to specify begin, then it needs to be in a different way (through > the sniff, I saw that the begin was stated, then 4 "space" chars and > then a "/" which is the same as doing "BEGIN;/" in sqlplus, > generating "ORA end-of-file errors") Don't know from where that "/" > came from thought. To solve this, I had to change "BEGIN" in > allocate-begin for "commit" (a normal oracle operation before any > query). Please send me a copy (privately if you wish) of your existing sqlippool.conf and working source code (or patch) so that we can integrate it into the existing code. > About the postgresql installation, I was thinking in installing it. I > will do that just to see it's behaviour, thanks. OK. I assumed that you had done this long ago. Please do it as a test. > THANKS A LOT AGAIN! Cheers -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc pgpilHV4TWstI.pgp Description: PGP signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dumb humble question about sqlippool
Thanks for all the answers Mr. Peter! To clarify some things: NONE of the ippool modules let you set the pool name. You HAVE to set Pool-Name = whatever as a check item The radcheck table already have Pool-Name := "whatever" as a attribute, op, value for all users, but that's ok because I can set it manually in sqlippool.conf and the select DOES run in the correct table then (xlat outputs correctly then and I did a network sniff that shows the query is ok). Other issue is related to multiple pools, one with dynamic IP's and other with fixed ones (actually it's not possible to do that with only just one sqlippool.conf file without modifying rlm_sqlippool.c). IT IS!! Run two copies of the module! Sorry, i meant that I think that it is not possible without loading 2 or more modules (just with one module and one sqlippool.conf) dumb question, sorry. Another thing lies in proxy -> if the proxy returns IP 255.255.255.254 for me, sqlippool does not overrides it and do nothing (it doesn't have the override = yes option like ippool). This can be added. Although why would you return an IP like that when you dont need to? Just return the Pool-Name and let the module do its job. I didn't think about it, thanks. Besides that I had to remove the BEGIN statement of allocate-begin (and all other begins) because oracle does not need it, and if you need to specify begin, then it needs to be in a different way (through the sniff, I saw that the begin was stated, then 4 "space" chars and then a "/" which is the same as doing "BEGIN;/" in sqlplus, generating "ORA end-of-file errors") Don't know from where that "/" came from thought. To solve this, I had to change "BEGIN" in allocate-begin for "commit" (a normal oracle operation before any query). About the postgresql installation, I was thinking in installing it. I will do that just to see it's behaviour, thanks. THANKS A LOT AGAIN! On 9/29/06, Peter Nixon <[EMAIL PROTECTED]> wrote: On Fri 29 Sep 2006 01:02, Guilherme Franco wrote: > Thank you very much for your kindness. > > I'm sorry, again, for posting too much questions about this. > > It's correct that I'm trying to put this in production as this is the > only module that does not worked for me. > > I'm happy with dialup_admin, AAA and everything else in Oracle! > > The only missing thing is sqlippool :( > > I know that it is an experimental module and I also have limited time > to work on this module as it's not for me, it's for another company. > > In the mean time, I'm using regular ippool db in a NFS with just 1 > radius active per time (to prevent lockups). That was the only way > I've managed to do ippools with 2 servers (is there any > alternatives?). > > As you see I can't abandon oracle, nor install postgre as it would > break up some dependencies with other oracle databases that we have. > > I'm being such a pain for you guys because the sqlippool module is > almost working! If I saw that it wouldn't work at all, I would never > took the time to work in it as I'm taking now :) > > I appreciate your concerns and as I'm out of time to deliver the > solution to the client, I think I can't try sqlippool anymore. > > That's a shame because I'm almost there! > > Now that I've managed to change somethings it's doing all the selects > without any errors (that return ie: ip 1.1.1.1 in sqlplus) but it's > stating sqlippool_query1: row[0] returned NULL in radiusd -X ( how can > it be null if the select was successful? ). It's the only [EMAIL PROTECTED] thing > that is preventing the user to get an IP!! That kind of things just > take time to debug... > > Besides that, if I don't set pool_name = "name_of_the_pool" in > sqlippool.conf, allocate-find tries to select from "ippool" (wich does > not exists) instead of the one I've set in radippool table. I would double check this behaviour. It should not select at all if there is no pool-name. NONE of the ippool modules let you set the pool name. You HAVE to set Pool-Name = whatever as a check item > Other issue is related to multiple pools, one with dynamic IP's and > other with fixed ones (actually it's not possible to do that with only > just one sqlippool.conf file without modifying rlm_sqlippool.c). IT IS!! Run two copies of the module! > Another thing lies in proxy -> if the proxy returns IP 255.255.255.254 > for me, sqlippool does not overrides it and do nothing (it doesn't > have the override = yes option like ippool). This can be added. Although why would you return an IP like that when you dont need to? Just return the Pool-Name and let the module do its job. > So, to close this out, I would REALLY LIKE to make this work and help > you guys as well, but because of lack of time, the only way would do > this as an enhancement to the already deployed solution for the > client, thanks. Do you have sqlippool worki
Re: dumb humble question about sqlippool
On Fri 29 Sep 2006 01:02, Guilherme Franco wrote: > Thank you very much for your kindness. > > I'm sorry, again, for posting too much questions about this. > > It's correct that I'm trying to put this in production as this is the > only module that does not worked for me. > > I'm happy with dialup_admin, AAA and everything else in Oracle! > > The only missing thing is sqlippool :( > > I know that it is an experimental module and I also have limited time > to work on this module as it's not for me, it's for another company. > > In the mean time, I'm using regular ippool db in a NFS with just 1 > radius active per time (to prevent lockups). That was the only way > I've managed to do ippools with 2 servers (is there any > alternatives?). > > As you see I can't abandon oracle, nor install postgre as it would > break up some dependencies with other oracle databases that we have. > > I'm being such a pain for you guys because the sqlippool module is > almost working! If I saw that it wouldn't work at all, I would never > took the time to work in it as I'm taking now :) > > I appreciate your concerns and as I'm out of time to deliver the > solution to the client, I think I can't try sqlippool anymore. > > That's a shame because I'm almost there! > > Now that I've managed to change somethings it's doing all the selects > without any errors (that return ie: ip 1.1.1.1 in sqlplus) but it's > stating sqlippool_query1: row[0] returned NULL in radiusd -X ( how can > it be null if the select was successful? ). It's the only [EMAIL PROTECTED] > thing > that is preventing the user to get an IP!! That kind of things just > take time to debug... > > Besides that, if I don't set pool_name = "name_of_the_pool" in > sqlippool.conf, allocate-find tries to select from "ippool" (wich does > not exists) instead of the one I've set in radippool table. I would double check this behaviour. It should not select at all if there is no pool-name. NONE of the ippool modules let you set the pool name. You HAVE to set Pool-Name = whatever as a check item > Other issue is related to multiple pools, one with dynamic IP's and > other with fixed ones (actually it's not possible to do that with only > just one sqlippool.conf file without modifying rlm_sqlippool.c). IT IS!! Run two copies of the module! > Another thing lies in proxy -> if the proxy returns IP 255.255.255.254 > for me, sqlippool does not overrides it and do nothing (it doesn't > have the override = yes option like ippool). This can be added. Although why would you return an IP like that when you dont need to? Just return the Pool-Name and let the module do its job. > So, to close this out, I would REALLY LIKE to make this work and help > you guys as well, but because of lack of time, the only way would do > this as an enhancement to the already deployed solution for the > client, thanks. Do you have sqlippool working with Postgresql?? it seems to me that you do not quite understand how it works which tells me that you dont have a working installation to compare with. IF YOU DO NOT HAVE A WORKING INSTALLATION OF SQLIPPOOL ON POSTGRESQL DO THAT RIGHT NOW BEFORE DOING ANY MORE TESTING WITH ORACLE! PLEASE!!! Cheers -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc pgpYSJ8SHPLUo.pgp Description: PGP signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dumb humble question about sqlippool
Thank you very much for your kindness. I'm sorry, again, for posting too much questions about this. It's correct that I'm trying to put this in production as this is the only module that does not worked for me. I'm happy with dialup_admin, AAA and everything else in Oracle! The only missing thing is sqlippool :( I know that it is an experimental module and I also have limited time to work on this module as it's not for me, it's for another company. In the mean time, I'm using regular ippool db in a NFS with just 1 radius active per time (to prevent lockups). That was the only way I've managed to do ippools with 2 servers (is there any alternatives?). As you see I can't abandon oracle, nor install postgre as it would break up some dependencies with other oracle databases that we have. I'm being such a pain for you guys because the sqlippool module is almost working! If I saw that it wouldn't work at all, I would never took the time to work in it as I'm taking now :) I appreciate your concerns and as I'm out of time to deliver the solution to the client, I think I can't try sqlippool anymore. That's a shame because I'm almost there! Now that I've managed to change somethings it's doing all the selects without any errors (that return ie: ip 1.1.1.1 in sqlplus) but it's stating sqlippool_query1: row[0] returned NULL in radiusd -X ( how can it be null if the select was successful? ). It's the only [EMAIL PROTECTED] thing that is preventing the user to get an IP!! That kind of things just take time to debug... Besides that, if I don't set pool_name = "name_of_the_pool" in sqlippool.conf, allocate-find tries to select from "ippool" (wich does not exists) instead of the one I've set in radippool table. Other issue is related to multiple pools, one with dynamic IP's and other with fixed ones (actually it's not possible to do that with only just one sqlippool.conf file without modifying rlm_sqlippool.c). Another thing lies in proxy -> if the proxy returns IP 255.255.255.254 for me, sqlippool does not overrides it and do nothing (it doesn't have the override = yes option like ippool). So, to close this out, I would REALLY LIKE to make this work and help you guys as well, but because of lack of time, the only way would do this as an enhancement to the already deployed solution for the client, thanks. Thank you again! On 9/28/06, Peter Nixon <[EMAIL PROTECTED]> wrote: On Wed 27 Sep 2006 16:41, Guilherme Franco wrote: > Hi, > > I know you guys must be angry with all the questions I'm posting here. > > In Devel-List, I found this: "Is it usefull to community? (SQLIPPOOL > and NASCATS)" by Roman M. Bibikov on Thu, 16 Oct 2003 17:36:26 +1100. > > He says that created a sucessfull ip pool in Oracle (exactly what I'm > trying to do) and also that developed stored functions and procedures > handling in rlm_oracle (sql_runfunction() and sql_runprocedure()) > > I didn't found out those functions and I'm wondering if it's because > of this that I can't make sqlippool work in oracle... Hi Guilherme We are not angry. We are however busy, and have limited time. Any posts you see about sqlippool prior to August 2006 do not directly relate to the sqlippool module that is in FreeRADIUS 1.1.3 (Although it may share some code.. There have been several different modules available on the net called sqlippool prior to the one that is now available as part of FreeRADIUS) The code in CVS head has been modified even futher (as you know). sqlippool is an EXPERIMENTAL module which is why it is not enabled by default. It is currently tested ONLY on Postgresql. There are currently no _known_ production deployments of (our) sqlippool on Oracle although we are happy that you are testing it and appreciate your feedback. Currently you are writing many emails to the list with "CRITICAL/URGENT etc" in the subject in relation to sqlippool and you are clearly trying to deploy it for production use. I have very clearly told you previously these issues and you KNOW that it is an experimental module!! We are trying to help you as much as we can, but we expect you to also be prepared to do testing and possibly some development yourself, otherwise please dont use EXPERIMENTAL modules, especially not in production! If you wish to have my company (Suntel Communications) develop, test and support this module for/on an Oracle version of your choice then we would be happy to do so for a fee (which we can discuss offlist without bothering everyone else) otherwise you will have to make do with the (free) support we are providing to you and everyone else via this mailing list in our spare time. Alternatively there is a list of other companies/people who would also be happy to provide you support at
Re: dumb humble question about sqlippool
On Wed 27 Sep 2006 16:41, Guilherme Franco wrote: > Hi, > > I know you guys must be angry with all the questions I'm posting here. > > In Devel-List, I found this: "Is it usefull to community? (SQLIPPOOL > and NASCATS)" by Roman M. Bibikov on Thu, 16 Oct 2003 17:36:26 +1100. > > He says that created a sucessfull ip pool in Oracle (exactly what I'm > trying to do) and also that developed stored functions and procedures > handling in rlm_oracle (sql_runfunction() and sql_runprocedure()) > > I didn't found out those functions and I'm wondering if it's because > of this that I can't make sqlippool work in oracle... Hi Guilherme We are not angry. We are however busy, and have limited time. Any posts you see about sqlippool prior to August 2006 do not directly relate to the sqlippool module that is in FreeRADIUS 1.1.3 (Although it may share some code.. There have been several different modules available on the net called sqlippool prior to the one that is now available as part of FreeRADIUS) The code in CVS head has been modified even futher (as you know). sqlippool is an EXPERIMENTAL module which is why it is not enabled by default. It is currently tested ONLY on Postgresql. There are currently no _known_ production deployments of (our) sqlippool on Oracle although we are happy that you are testing it and appreciate your feedback. Currently you are writing many emails to the list with "CRITICAL/URGENT etc" in the subject in relation to sqlippool and you are clearly trying to deploy it for production use. I have very clearly told you previously these issues and you KNOW that it is an experimental module!! We are trying to help you as much as we can, but we expect you to also be prepared to do testing and possibly some development yourself, otherwise please dont use EXPERIMENTAL modules, especially not in production! If you wish to have my company (Suntel Communications) develop, test and support this module for/on an Oracle version of your choice then we would be happy to do so for a fee (which we can discuss offlist without bothering everyone else) otherwise you will have to make do with the (free) support we are providing to you and everyone else via this mailing list in our spare time. Alternatively there is a list of other companies/people who would also be happy to provide you support at http://www.freeradius.org/business/ Regards -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc pgpR1UonHyzT7.pgp Description: PGP signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
dumb humble question about sqlippool
Hi, I know you guys must be angry with all the questions I'm posting here. In Devel-List, I found this: "Is it usefull to community? (SQLIPPOOL and NASCATS)" by Roman M. Bibikov on Thu, 16 Oct 2003 17:36:26 +1100. He says that created a sucessfull ip pool in Oracle (exactly what I'm trying to do) and also that developed stored functions and procedures handling in rlm_oracle (sql_runfunction() and sql_runprocedure()) I didn't found out those functions and I'm wondering if it's because of this that I can't make sqlippool work in oracle... Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html