Re: (RADIATOR) multiple cisco-avpair attributes
Hello I've downloaded 2.15 but still have problems with multiple attributes with the same name stored in LDAP and fetched via replaceIfNotExistProfiles: ... DEBUG: LDAP got radiuscisco-avpair: ip:dns-servers=212.117.64.86 \ 212.117.67.2 ip:addr-pool=setup_pool ... DEBUG: Access accepted for 8W13000a ... DEBUG: Packet dump: *** Sending to 127.0.0.1 port 2132 Code: Access-Accept Identifier: 62 Authentic: 1234567890123456 Attributes: User-Name = "8W13000a TEST dynamisch" Framed-Protocol = PPP Framed-Routing = None Service-Type = Framed-User cisco-avpair = "ip:dns-servers=212.117.64.86 212.117.67.2" There's still missing the second cisco-avpair with the ip-pool, although it is fetched as you can see in the first line. Any hints? bye, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 [EMAIL PROTECTED] Internet Security for ProfessionalsFax 0241/911879 === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Some problems with mixed access servers
Title: RE: (RADIATOR) Some problems with mixed access servers Here is the code in question from Radius/Nas.pm: # sub isOnlineAscendSNMP { my ($name, $nas_id, $nas_port, $session_id, $client) = @_; return 1 unless Radius::SNMP::snmpgetprogExists(); my $result = Radius::SNMP::snmpget($nas_id, $client-{SNMPCommunity}, $Radius::Nas::AscendMIB.12.2.1.3.$nas_port); if ($result =~ /^.*\([^]+).*$/) { return $1 eq $name; } return 0; } If you would like to try to test your theory, you can change the line $Radius::Nas::AscendMIB.12.2.1.3.$nas_port); to $Radius::Nas::AscendMIB.12.2.1.4.$session_id); Please let us know what you find, and tell us which version of Ascend code you are running if the above does work. I made the change in Nas.PM but it doesnt effect to my situation Do I need to change SessSQL.PM too? Regards Lutfi NB - if you change the module in the distribution directory, and you have previously installed Radiator into the Perl directory structure, you will need to copy the changed module into the Perl directory and restart Radiator. Otherwise you can just change the copy in the Perl directory directly, but don't forget to save the original and save your changed copy in either case. many thanks Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
Re: (RADIATOR) Compatibility with Livingston
Hello William - On Tue, 16 May 2000, William Hernandez wrote: We're thinking of converting from Cistron Radius and would like to minimize conversion of our users file. Is the conversion as simple as using the sample configuration file in goodies/livingCompat.cfg (i.e, with this configuration can I use my users file unchanged)? That's the theory, yes. If you send me a couple of example users from your existing users file (no passwords), I'll have a look and let you know. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Some problems with mixed access servers
Thanks Lutfi - Could you tell me what was wrong and what you did? You mention the Ascend Mailing list, but there is no reference. regards Hugh On Tue, 16 May 2000, Lutfi YUNUSOGLU wrote: Hi I made a mistake. It works now. My TAOS ver. is 8.0.2 I found this from a old mail in Ascend Mailing List. I think it would work with old versions too. But don't believe me, check it ;-)) Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Lutfi YUNUSOGLU Sent: Monday, May 15, 2000 12:14 PM To: [EMAIL PROTECTED] Subject: RE: (RADIATOR) Some problems with mixed access servers Here is the code in question from "Radius/Nas.pm": # sub isOnlineAscendSNMP { my ($name, $nas_id, $nas_port, $session_id, $client) = @_; return 1 unless Radius::SNMP::snmpgetprogExists(); my $result = Radius::SNMP::snmpget($nas_id, $client-{SNMPCommunity}, "$Radius::Nas::AscendMIB.12.2.1.3.$nas_port"); if ($result =~ /^.*\"([^"]+)".*$/) { return $1 eq $name; } return 0; } If you would like to try to test your theory, you can change the line "$Radius::Nas::AscendMIB.12.2.1.3.$nas_port"); to "$Radius::Nas::AscendMIB.12.2.1.4.$session_id"); Please let us know what you find, and tell us which version of Ascend code you are running if the above does work. I made the change in Nas.PM but it doesnt effect to my situation Do I need to change SessSQL.PM too? Regards Lutfi NB - if you change the module in the distribution directory, and you have previously installed Radiator into the Perl directory structure, you will need to copy the changed module into the Perl directory and restart Radiator. Otherwise you can just change the copy in the Perl directory directly, but don't forget to save the original and save your changed copy in either case. many thanks Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) CGI/Perl scripts to change passwords in MySQL database
*This message was transferred with a trial version of CommuniGate(tm) Pro* Asif: Let me tell u first, I am not a pro in Perl or CGIs. I would like to know whether anyone knows about any CGI/Perl scripts available to change passwords in the MySQL database. I'm using mSQL (similar with MySQL, but less powerful) with radiator 2.14.1 too. Well the CGI I have were wrote by me. I sugest you do the same thing. I'm not a Perl CGI pro neither, but is too easy to learn perl to make cgi and other cool stuff (maybe this is one of the reasons radiator was writen with). :) there is a little example how to make a password change via CGI #!/usr/bin/perl use DBI; use CGI; q= new CGI; $newpass = $q-param("newpassword"); $username = $q-param("loginname"); $dbhandler = DBI-connect('DBI:mSQL:radius') or die "Couldn't make connection because: ".DBI-errstr; # you will need also a password to access MySQL. $sthandler = $dbhandler-prepare("UPDATE SUBSCRIBERS SET PASSWORD = ? WHERE USERNAME = ?") or die "Couldn't prepare query because: ".$dbh-errstr; $sthandler-execute($newpass,$username); $sthandler-finish; $dbhandler-disconnect; of course you have to receive via cgi post the loginname and the newpassword variables from a html form. I think a brief introduction of the setup would be useful to u.. I am using Radiator 2.14 which interacts with MySQL database. In a table inside a MySQL database usernames and passwords are stored. We are running Apache webserver where I would like the CGI/Perl script to reside and work. And yes.. one more thing, if possible can this script have some kind of encryption, so that the username and passwords are encrypted during the transfer. Well in Perl 5.003 (i'm not sure about older ones), there is a function called crypt that receives a salt, a string and returns the string encrypted with the salt (usually to alpha-numeric caracters). I think this will be useful to you to acomplish the crypt task you need. In fact radiator can receive either plain or ecrypted password to make the authentication. It's up to you to realice what method to use. Any help on the above issue would be highly appreciated. Thanks in advance for your help.. hth -- Sergio Gonzalez Calle 100 #8A-55 Torre C oficina 711 [EMAIL PROTECTED] NOC- SkyNet de Colombia. (57) +1 6422020 (57) +3 2277871 === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: Add to Reply
Hello Vincent - On Tue, 16 May 2000, Vincent Torres wrote: Hello, As far as I understand the docs, add to reply works only on access-accepts. Is there a way to add reply items to access requests which are denied? Any attributes that have been added to the reply packet prior to the request being denied will be returned to the NAS. Perhaps you could explain what you are trying to accomplish? BTW - if you want to add a reject message, you will need to add the "RejectHasReason" parameter to your Realm or Handler. (Its not in the manual, but that will be fixed in the next release.) hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Re: Blocking Access based on Caller Id
Edgar, Check the hooks.txt in the patches area on the webserver. You will find some examples there that will be of help. - Joost. Edgar R Gutierrez wrote: Hi there, I would like to implement black listing caller ids which have known to have been used to hack into SYstems or into ISP accounts. Of course, I also need to know how to get the value of the Calling-Station-Id inside the PreAuthHook Code so that I could make a check if the caller id is black listed. If it is, Radiator will deny access. A pseudo code of what I want to implement is written below: a) Get value of Calling Station Id b) Search Black List Table for that caller id c) If caller id is black listed, then deny access Hoping for any support from all Radiator Guru out there..=) Egie --- Edgar R Gutierrez NOC- Network Services Manager Impact Information Systems - Original Message - From: Hugh Irvine [EMAIL PROTECTED] To: [EMAIL PROTECTED]; Randy Cosby [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, May 13, 2000 8:59 AM Subject: RE: (RADIATOR) Merged ISP's Hi Randy - On Sat, 13 May 2000, Randy Cosby wrote: How do I BEST deal with the fall-through to the next radius if the first fails? You would specify multiple Host parameters in the AuthBy RADIUS clauses. Have a look at section 6.25.1 in the Radiator 2.15 reference manual. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Joost Stegeman Service Developer Integration Services KPN OVN BBT/IP Integration Services tel. 070 - 371 37 83 fax. 070 - 371 26 38 E-mail: [EMAIL PROTECTED] === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.