Re: radmin del client error
Go install the new version. It works. - Yup, I will try this again. Thanks. We know. The dynamic clients code does this, and is *documented* as doing this. Your multiple email messages have said you want to do this. Explaining it again here means you're assuming we're either blind or stupid. - I am really sorry if i made you guys think that way. My intention was to write my understanding to describe my implementation, that's why i detailed every steps i took and narrated in the message multiple times. I am glad so far my understanding is correct and is achievable, I will keep trying. Sincere apologies again. We're trying. We're not really succeeding. - Nah, You and Arran and Alan are indeed very helpful enough and succeeded in a way of what this forum is for. Appreciate Arran for his great patience. :) Cheers Last but not least, I would like to say thanks to all of you again and give an update if i ever succeed in the dynamic-client. I am sure its just some silly mistakes that i overlooked. Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4745003.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
tohaikmeng wrote:
> My aim is to achieve the addition of client entries without any server
> reloading/restart, and AAA will permits for those newly added clients. My
> first thought was to use radmin -e "add client file " and it works for
> me but the deletion "del client ipaddr " failed on me.
Go install the new version. It works.
> My requirement.
> 1. Client entries can be added dynamically after server has been started.
> 2. Each client entry consists of an IP address with a unique secret
> associated with it.
We know. The dynamic clients code does this, and is *documented* as
doing this. Your multiple email messages have said you want to do this.
Explaining it again here means you're assuming we're either blind or
stupid.
> My assumption.
> Dynamic-client - 1 & 2. (hopefully this method is what i thought)
> Static-client - standard client {} entries are going into it, then just add
> them to clients.conf instead as the server will need reloading to read new
> content of those files.
>
> Hope my understanding is correct. Please correct me if i am wrong. :-)
We're trying. We're not really succeeding.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Arran and Alan,
My aim is to achieve the addition of client entries without any server
reloading/restart, and AAA will permits for those newly added clients. My
first thought was to use radmin -e "add client file " and it works for
me but the deletion "del client ipaddr " failed on me.
My requirement.
1. Client entries can be added dynamically after server has been started.
2. Each client entry consists of an IP address with a unique secret
associated with it.
My assumption.
Dynamic-client - 1 & 2. (hopefully this method is what i thought)
Static-client - standard client {} entries are going into it, then just add
them to clients.conf instead as the server will need reloading to read new
content of those files.
Hope my understanding is correct. Please correct me if i am wrong. :-)
Alex
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4744741.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Arran and Alan, Arran is right. Yes! Thanks guys for yours patience. I would love to send you guy a tarball of my configs. Currently, I away from my server for the next 2 days. And I will send u guys once I am back in office. :) Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4738057.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
On 26 Aug 2011, at 12:38, Alan Buxey wrote:
> Hi,
>
>> I think he's saying he created a directory to put all the dynamic clients
>> files, and that he's symlinked the virtual server correctly.
>
> at which point I would ask, WHY bother with the dynamic-client
> VS at all?? if all that is happening is that standard client {}
> entries are going into it, then just add them to clients.conf instead
> as the server will need reloading to read new content of those
> files anyway..
>
If you read back through the thread you'll see the reason.
-Arran
Arran Cudbard-Bell
a.cudba...@freeradius.org
RADIUS - Half the complexity of Diameter
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hi,
> I think he's saying he created a directory to put all the dynamic clients
> files, and that he's symlinked the virtual server correctly.
at which point I would ask, WHY bother with the dynamic-client
VS at all?? if all that is happening is that standard client {}
entries are going into it, then just add them to clients.conf instead
as the server will need reloading to read new content of those
files anyway..
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Alan,
Yes, this 'dynamic-clients' is a file, the original and default file as you
mentioned in the previous message. The content is as follows. If you
noticed? the directory was assigned with a dynamic-clients folder resides in
raddb folder.
client dynamic {
ipaddr = 0.0.0.0
netmask = 0
dynamic_clients = dynamic_client_server
directory = ${confdir}/dynamic-clients/
lifetime = 3600
}
Alex
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4737651.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
On 26 Aug 2011, at 12:10, Alan Buxey wrote: > Hi, > >> [root@server sites-enabled]# pwd >> /usr/local/etc/raddb/sites-enabled >> [root@server sites-enabled]# ls -al >> total 0 >> lrwxrwxrwx 1 root root 33 2011-08-22 15:58 control-socket -> >> ../sites-available/control-socket >> lrwxrwxrwx 1 root root 26 2011-08-22 15:58 default -> >> ../sites-available/default >> lrwxrwxrwx 1 root root52 2011-08-24 16:27 dynamic-clients -> >> /usr/local/etc/raddb/sites-available/dynamic-clients > > this 'dynamic-clients' should be a file, not a directory I think he's saying he created a directory to put all the dynamic clients files, and that he's symlinked the virtual server correctly. Could you just send us a tarball of your config with the sensitive bits removed? -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hi, > [root@server sites-enabled]# pwd > /usr/local/etc/raddb/sites-enabled > [root@server sites-enabled]# ls -al > total 0 > lrwxrwxrwx 1 root root 33 2011-08-22 15:58 control-socket -> > ../sites-available/control-socket > lrwxrwxrwx 1 root root 26 2011-08-22 15:58 default -> > ../sites-available/default > lrwxrwxrwx 1 root root52 2011-08-24 16:27 dynamic-clients -> > /usr/local/etc/raddb/sites-available/dynamic-clients this 'dynamic-clients' should be a file, not a directory alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Alan,
Very thankful for your reply and correct my understanding.
(Shown below) I actually did the symlink to dynamic-clients file. This file
allows me to indicate the directory where client definitions are stored. I
uncommented this -> directory = ${confdir}/dynamic-clients/ <- however this
dynamic-clients does not exist, so i did a mkdir dynamic-clients under
$confdir (which is raddb). This folder is empty so after i started the
radiusd -X -x, I will add a client definition file to this newly created
folder (dynamic-clients/). Am I right to do that? Did i miss out any steps?
Hope this is clearer.
[root@server sites-enabled]# pwd
/usr/local/etc/raddb/sites-enabled
[root@server sites-enabled]# ls -al
total 0
lrwxrwxrwx 1 root root 33 2011-08-22 15:58 control-socket ->
../sites-available/control-socket
lrwxrwxrwx 1 root root 26 2011-08-22 15:58 default ->
../sites-available/default
lrwxrwxrwx 1 root root52 2011-08-24 16:27 dynamic-clients ->
/usr/local/etc/raddb/sites-available/dynamic-clients
lrwxrwxrwx 1 root root 31 2011-08-22 15:58 inner-tunnel ->
../sites-available/inner-tunnel
Alex
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4737604.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hi,
> Hello,
>
> I have manually moved the 192.168.169.74 file into raddb/dynamic-clients
> folder after i start radius daemon. (radiusd -X -x)
>
> I did make sure that raddb/sites-available/dynamic_clients contains
> directory = /usr/local/etc/raddb/dynamic-clients
>
> I sent a packet to the server yet i still received the following error.
> Error: Ignoring request to authentication address * port 1812 from unknown
> client 192.168.169.74 port 56181
>
> Is there any mistakes i did in the above?
>
> In case, you are curious.. my file 192.168.169.74 contains the following.
>
> client 192.168.169.74 {
> ipaddr = 192.168.169.74
> secret = secret
> }
huh??? what are you doing with that config?
just take the default file 'dynamic-clients', either put a COPY of that into
raddb/sites-enabled/ directory, or put a symlink to it
then edit dynamic-clients file for your purpose
you have instead done some wierd things, you have a file in sites-available
whoich will never be read by the main server - its sites-AVAILABLE - if you
read the output of radiusd -X you will cearly see that the file is never read
or used.
cheers
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello,
I have manually moved the 192.168.169.74 file into raddb/dynamic-clients
folder after i start radius daemon. (radiusd -X -x)
I did make sure that raddb/sites-available/dynamic_clients contains
directory = /usr/local/etc/raddb/dynamic-clients
I sent a packet to the server yet i still received the following error.
Error: Ignoring request to authentication address * port 1812 from unknown
client 192.168.169.74 port 56181
Is there any mistakes i did in the above?
In case, you are curious.. my file 192.168.169.74 contains the following.
client 192.168.169.74 {
ipaddr = 192.168.169.74
secret = secret
}
Regards,
Alex
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4737256.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hi, > 1) secret is required in the client definition (file: 192.168.169.74)? How > do i make sure the server validate the client secret upon receiving the > radius packet? Is the logic lies with dynamic_client_server? I noticed > FreeRADIUS-Client-Secret was dynamically hard-coded in the example? Pardon > me if i asked silly question. if you need a different secret then change that entry, if you need a different secret for particular IP then use the SQL method for NAS client selection (secrets are pulled out of DB) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Thanks Allan and Arran, the server is responding after i did a symbolic link
as below.
Below is the command that i did.
ln -sf /usr/local/etc/raddb/sites-available/dynamic-clients
/usr/local/etc/raddb/sites-enabled/
Just a couple of doubts.
1) secret is required in the client definition (file: 192.168.169.74)? How
do i make sure the server validate the client secret upon receiving the
radius packet? Is the logic lies with dynamic_client_server? I noticed
FreeRADIUS-Client-Secret was dynamically hard-coded in the example? Pardon
me if i asked silly question.
Within sites-available/dynamic-clients,
client dynamic {
ipaddr = 0.0.0.0
netmask = 0
dynamic_clients = dynamic_client_server
directory = /usr/local/etc/raddb/dynamic-clients
lifetime = 3600
}
server dynamic_client_server {
}
Within raddb/dynamic-clients/192.168.169.74
client 192.168.169.74 {
secret = secret123
}
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4733324.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
tohaikmeng wrote: > I read site-available/dynamic-clients. But I can't find the link that > trigger radius daemon to add the dynamic client definition file. I named the > client ip as file name instructed and placed in the appointed client > definition directory. Is there any steps that I missed out? Send the server a packet from that client IP. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Alex, Please start the radius server in debug mode radiusd -X and ensure it is also V 3.0.0 Thanks, Arran On 24 Aug 2011, at 14:13, tohaikmeng wrote: > Hello Arran, > > The method that I use to add dynamic client is via radmin -e "add client > file "? > > I read site-available/dynamic-clients. But I can't find the link that > trigger radius daemon to add the dynamic client definition file. I named the > client ip as file name instructed and placed in the appointed client > definition directory. Is there any steps that I missed out? > > Alex > > -- > View this message in context: > http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4730201.html > Sent from the FreeRadius - User mailing list archive at Nabble.com. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Arran, The method that I use to add dynamic client is via radmin -e "add client file "? I read site-available/dynamic-clients. But I can't find the link that trigger radius daemon to add the dynamic client definition file. I named the client ip as file name instructed and placed in the appointed client definition directory. Is there any steps that I missed out? Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4730201.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Bjorn & Arran, Sorry, I don't quite following u guys were saying. :( is there any differences in the source that I downloaded? Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4730190.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Alex, Could you make sure you're running 3.0 of the server as well... the validation logic is in the server not the radmin client... -Arran On 24 Aug 2011, at 12:57, tohaikmeng wrote: > Hello Arran, > > Yes. I did. Is there anything i did wrongly? > > [root@FC-O ~]# radmin -e "del client ipaddr 192.168.169.74" > ERROR: Must specify > > [root@FC-O ~]# radmin > radmin 3.0.0 - FreeRADIUS Server administration tool. > Copyright (C) 2008 The FreeRADIUS server project and contributors. > There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A > PARTICULAR PURPOSE. > You may redistribute copies of FreeRADIUS under the terms of the > GNU General Public License v2. > radmin> del client ipaddr 192.168.169.74 > ERROR: Must specify > radmin> > > Alex > > > -- > View this message in context: > http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4730033.html > Sent from the FreeRadius - User mailing list archive at Nabble.com. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
On 24 Aug 2011, at 12:50, Bjørn Mork wrote:
> tohaikmeng writes:
>
>> [root@FC-O ~]# radmin -e "del client ipaddr"
>> ERROR: Must specify
>> [root@FC-O ~]# radmin -e "del client ipaddr 192.168.169.74"
>> ERROR: Client 192.168.169.74 was not dynamically defined.
>
> Yes, that looks true even with yesterday's patch, provided ""
> actually resolves to a non dynamic client...
>
> I forgot that specific error path. It's fixed by this:
>
> diff --git a/src/main/command.c b/src/main/command.c
> index 8377d21..f2d3bc2 100644
> --- a/src/main/command.c
> +++ b/src/main/command.c
> @@ -1818,7 +1818,7 @@ static int command_del_client(rad_listen_t *listener,
> int argc, char *argv[])
>if (!client) return 0;
>
>if (!client->dynamic) {
> - cprintf(listener, "ERROR: Client %s was not dynamically
> defined.\n", argv[1]);
> + cprintf(listener, "ERROR: Client %s was not dynamically
> defined.\n", argv[0]);
>return 0;
>}
>
>
> Bjørn
>
Thanks, pulled and merged to 2.1.x
-Arran
Arran Cudbard-Bell
a.cudba...@freeradius.org
RADIUS - Half the complexity of Diameter
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Arran, Yes. I did. Is there anything i did wrongly? [root@FC-O ~]# radmin -e "del client ipaddr 192.168.169.74" ERROR: Must specify [root@FC-O ~]# radmin radmin 3.0.0 - FreeRADIUS Server administration tool. Copyright (C) 2008 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. radmin> del client ipaddr 192.168.169.74 ERROR: Must specify radmin> Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4730033.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
tohaikmeng writes:
> [root@FC-O ~]# radmin -e "del client ipaddr"
> ERROR: Must specify
> [root@FC-O ~]# radmin -e "del client ipaddr 192.168.169.74"
> ERROR: Client 192.168.169.74 was not dynamically defined.
Yes, that looks true even with yesterday's patch, provided ""
actually resolves to a non dynamic client...
I forgot that specific error path. It's fixed by this:
diff --git a/src/main/command.c b/src/main/command.c
index 8377d21..f2d3bc2 100644
--- a/src/main/command.c
+++ b/src/main/command.c
@@ -1818,7 +1818,7 @@ static int command_del_client(rad_listen_t *listener, int
argc, char *argv[])
if (!client) return 0;
if (!client->dynamic) {
- cprintf(listener, "ERROR: Client %s was not dynamically
defined.\n", argv[1]);
+ cprintf(listener, "ERROR: Client %s was not dynamically
defined.\n", argv[0]);
return 0;
}
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Arran Cudbard-Bell writes: > Hi Alex, > > I just built from master myself > > And it seems to be working fine for me... > > radmin> del client ipaddr 192.168.1.1 > ERROR: No such client > radmin> del client > del client ipaddr - Delete a dynamically created client > radmin> del client ipaddr 192.168.1.1.1.1 > ERROR: Failed parsing IP address; ip_hton: nodename nor servname provided, or > not known > radmin> Works for me as well, but I noticed that I missed this error path: radmin> del client ipaddr 127.0.0.1 ERROR: Client was not dynamically defined. I've sent a new pull request (since you already pulled) for the trivial one byte fix to that as well. Feel free to merge the commits if you like. Bjørn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Ok couple of things, did you actually try radmin -e "del client ipaddr 192.168.169.74"? could you run it in interactive mode and see if you get the same result? -Arran On 24 Aug 2011, at 12:28, tohaikmeng wrote: > Hello Arran, > > Thanks for double checking this. It's weird. Below is what i got. I install > freeradius on a fresh linux. > > Is there any other file that i can verify to prove my source is identical as > yours? > > [root@FC-O ~]# radiusd -v > radiusd: FreeRADIUS Version 3.0.0, for host i686-pc-linux-gnu, built on Aug > 24 2011 at 23:48:29 > Copyright (C) 1999-2011 The FreeRADIUS server project and contributors. > There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A > PARTICULAR PURPOSE. > You may redistribute copies of FreeRADIUS under the terms of the > GNU General Public License. > For more information about these matters, see the file named COPYRIGHT. > [root@FC-O ~]# radmin -e "show client list" >127.0.0.1 > [root@FC-O ~]# radmin -e "add client file /usr/local/etc/raddb/alex.conf" > [root@FC-O ~]# radmin -e "show client list" >127.0.0.1 >192.168.169.74 > [root@FC-O ~]# radmin -e "del client ipaddr" > ERROR: Must specify > [root@FC-O ~]# radmin -e "del client ipaddr 192.168.169.74" > ERROR: Client 192.168.169.74 was not dynamically defined. > [root@FC-O ~]# > > Regards, > Alex > > -- > View this message in context: > http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4729970.html > Sent from the FreeRadius - User mailing list archive at Nabble.com. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Arran, Thanks for double checking this. It's weird. Below is what i got. I install freeradius on a fresh linux. Is there any other file that i can verify to prove my source is identical as yours? [root@FC-O ~]# radiusd -v radiusd: FreeRADIUS Version 3.0.0, for host i686-pc-linux-gnu, built on Aug 24 2011 at 23:48:29 Copyright (C) 1999-2011 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License. For more information about these matters, see the file named COPYRIGHT. [root@FC-O ~]# radmin -e "show client list" 127.0.0.1 [root@FC-O ~]# radmin -e "add client file /usr/local/etc/raddb/alex.conf" [root@FC-O ~]# radmin -e "show client list" 127.0.0.1 192.168.169.74 [root@FC-O ~]# radmin -e "del client ipaddr" ERROR: Must specify [root@FC-O ~]# radmin -e "del client ipaddr 192.168.169.74" ERROR: Client 192.168.169.74 was not dynamically defined. [root@FC-O ~]# Regards, Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4729970.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hi Alex, I just built from master myself And it seems to be working fine for me... radmin> del client ipaddr 192.168.1.1 ERROR: No such client radmin> del client del client ipaddr - Delete a dynamically created client radmin> del client ipaddr 192.168.1.1.1.1 ERROR: Failed parsing IP address; ip_hton: nodename nor servname provided, or not known radmin> Make sure you're running the binary you built... bash-3.2# ./sbin/radiusd -v radiusd: FreeRADIUS Version 3.0.0, for host i386-apple-darwin11.1.0, built on Aug 24 2011 at 11:34:53 Should be version 3.0.0 -Arran > > > I have built the master copy from git and tested. The result still the same. > Not fixed. :) > > Alex > > -- > View this message in context: > http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4729575.html > Sent from the FreeRadius - User mailing list archive at Nabble.com. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Arran, I have built the master copy from git and tested. The result still the same. Not fixed. :) Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4729575.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Arran Cudbard-Bell writes:
> On 23 Aug 2011, at 09:52, tohaikmeng wrote:
>>
>> What do you mean by parameter parsing?
>
> This:
>
> radmin> del client ipaddr 192.168.168.111
> ERROR: Must specify
> radmin> del client ipaddr 192.168.168.111
>
> Obviously the first form you used is correct, the fact that it needs
> is the bug...
So trivial to fix that I just sent a pull request.
> If radmin says it can only delete dynamic clients, then it can only
> delete dynamic clients. Clients read from a clients.conf file are not
> dynamic, they are static. Dynamic clients are those added dynamically
> by the dynamic client virtual server, look in raddb/sites-available
> for examples.
And looking at the "del client" code, you have the explanation why this
matters in a comment:
if (!client->dynamic) {
cprintf(listener, "ERROR: Client %s was not dynamically
defined.\n", argv[1]);
return 0;
}
/*
* DON'T delete it. Instead, mark it as "dead now". The
* next time we receive a packet for the client, it will
* be deleted.
*
* If we don't receive a packet from it, the client
* structure will stick around for a while. Oh well...
*/
client->lifetime = 1;
So the clients aren't really deleted. The code just marks it dead and
leaves deletion to the automatic dead client reaping in the dynamic
client implementation.
Bjørn
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Wow, awesome. You guys are really great. I am going to try that now! Keep you guys informed. thanks again! :-) Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4726165.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Bjørn Mork submitted a patch which i've merged into master and 2.1.x, clone a copy of the source and build yourself if you want to check its fixed. -Arran On 23 Aug 2011, at 10:49, Arran Cudbard-Bell wrote: > See here: > https://github.com/alandekok/freeradius-server/blob/master/raddb/sites-available/dynamic-clients > > Looks like Alan even added the functionality to load in clients via flat > files. > >> Do you mean dynamically generated client can be achieved via >> sites-available/ ? thanks for this link. I will test if it works. :) > > Yes! > > -Arran > > On 23 Aug 2011, at 10:32, tohaikmeng wrote: > >> Hello Arran, >> >> Will the bug be fixed on freeradius next release? Or will the >> solution be posted? :) >> >> My design aims to achieve zero downtime, therefore deletion of client >> without restart of radius daemon seems the best solution. >> >> >> >> Alex >> >> >> >> -- >> View this message in context: >> http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725972.html >> Sent from the FreeRadius - User mailing list archive at Nabble.com. >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > Arran Cudbard-Bell > a.cudba...@freeradius.org > > RADIUS - Half the complexity of Diameter > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
See here: https://github.com/alandekok/freeradius-server/blob/master/raddb/sites-available/dynamic-clients Looks like Alan even added the functionality to load in clients via flat files. > Do you mean dynamically generated client can be achieved via > sites-available/ ? thanks for this link. I will test if it works. :) Yes! -Arran On 23 Aug 2011, at 10:32, tohaikmeng wrote: > Hello Arran, > > Will the bug be fixed on freeradius next release? Or will the > solution be posted? :) > > My design aims to achieve zero downtime, therefore deletion of client > without restart of radius daemon seems the best solution. > > > > Alex > > > > -- > View this message in context: > http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725972.html > Sent from the FreeRadius - User mailing list archive at Nabble.com. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
On Tue, Aug 23, 2011 at 3:32 PM, tohaikmeng wrote: > My design aims to achieve zero downtime, therefore deletion of client > without restart of radius daemon seems the best solution. "zero downtime" sounds nice, but most of the time the cost would be too high. > > Do you mean dynamically generated client can be achieved via > sites-available/ ? thanks for this link. I will test if it works. :) Have you tried using NAS table in SQL? You'll still need a "kill -HUP", but the downtime (if any) is minimal. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Arran, Will the bug be fixed on freeradius next release? Or will the solution be posted? :) My design aims to achieve zero downtime, therefore deletion of client without restart of radius daemon seems the best solution. Do you mean dynamically generated client can be achieved via sites-available/ ? thanks for this link. I will test if it works. :) Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725972.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
On 23 Aug 2011, at 09:52, tohaikmeng wrote: > Hello Arran, > > What do you mean by parameter parsing? This: radmin> del client ipaddr 192.168.168.111 ERROR: Must specify radmin> del client ipaddr 192.168.168.111 Obviously the first form you used is correct, the fact that it needs is the bug... > > I would like to achieve deletion of client without restarting of the radius Why? > daemon, which is part of the design. > If radmin says it can only delete dynamic clients, then it can only delete dynamic clients. Clients read from a clients.conf file are not dynamic, they are static. Dynamic clients are those added dynamically by the dynamic client virtual server, look in raddb/sites-available for examples. -Arran > Alex > > -- > View this message in context: > http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725861.html > Sent from the FreeRadius - User mailing list archive at Nabble.com. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Hello Arran, What do you mean by parameter parsing? I would like to achieve deletion of client without restarting of the radius daemon, which is part of the design. Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725861.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Well you found a workaround for the parameter parsing. The rest of it is by design. What are you actually trying to accomplish here? Why do you need to delete dynamic clients? -Arran On 23 Aug 2011, at 09:31, tohaikmeng wrote: > Thanks Arran for your quick response and acknowledgement. > > Is there a quick workaround for this? I really need yours and Allan help on > this. > > Alex > > -- > View this message in context: > http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725813.html > Sent from the FreeRadius - User mailing list archive at Nabble.com. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
Thanks Arran for your quick response and acknowledgement. Is there a quick workaround for this? I really need yours and Allan help on this. Alex -- View this message in context: http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725813.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radmin del client error
It's referring to clients loaded dynamically using the dynamic clients virtual
server.
Even if you can reload clients.conf during the lifetime of the daemon (I don't
know if you can or not, i'm not up to date with the progress on radmin),
the entries will still count as static entries.
Regarding the weirdness with the client itself, yes thats obviously a bug. If I
have time i'll look at it, else Alan will probably handle it.
-Arran
On 23 Aug 2011, at 04:02, tohaikmeng wrote:
> Hello,
>
> I tried using radmin to delete a client that was added dynamically via "add
> client file alex.conf".
>
> alex.conf contains the following content.
> client 192.168.168.111 {
> secret = secret
> }
>
> however, i experience the following error. Can you show me the correct del
> command for this?
>
> radmin> show client list
>192.168.169.86
>192.168.169.74
>192.168.169.123
>192.168.168.111
> radmin> del client ipaddr 192.168.168.111
> ERROR: Must specify
> radmin> del client ipaddr 192.168.168.111
> ERROR: Client 192.168.168.111 was not dynamically defined.
>
>
> Your help is greatly appreciated.
>
> --
> View this message in context:
> http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725176.html
> Sent from the FreeRadius - User mailing list archive at Nabble.com.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
Arran Cudbard-Bell
a.cudba...@freeradius.org
RADIUS - Half the complexity of Diameter
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radmin del client error
Hello,
I tried using radmin to delete a client that was added dynamically via "add
client file alex.conf".
alex.conf contains the following content.
client 192.168.168.111 {
secret = secret
}
however, i experience the following error. Can you show me the correct del
command for this?
radmin> show client list
192.168.169.86
192.168.169.74
192.168.169.123
192.168.168.111
radmin> del client ipaddr 192.168.168.111
ERROR: Must specify
radmin> del client ipaddr 192.168.168.111
ERROR: Client 192.168.168.111 was not dynamically defined.
Your help is greatly appreciated.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/radmin-del-client-error-tp4725176p4725176.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
