(RADIATOR) Access Denied ... 691 error....(Urgent)...
Hi... My config is as follows...I am can anybody tell why I am getting 691 error ( check password) when I am able to authenticate with same password using radpwtst. Your immediate help will be highly appreciated. Best Regards, Mohammed AbdusSami # configuration Secret abcdefgh09876 DupInterval 0 Secret radiator567 DupInterval 0 Identifier Check_Logins DBSourcedbi:ODBC:radius DBUsername radiator DBAuth rad123456 AuthSelect select password from logins \ Where username='%n' and status=0 AccountingTable UsageOnlinehours AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer-date AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AddToReply PoolHint = login, \ Service-Type = Framed-User, \ Framed-Protocol = PPP, \ Session-Timeout = 18000, \ Idle-Timeout = 18000, \ Framed-Compression = Van-Jacobson-TCP-IP # configure AuthBy SQL to check emails (Identifier Check_Emails) Identifier Check_Emails DBSourcedbi:ODBC:radius DBUsername radiator DBAuth rad123456 AuthSelect select password from Emails \ Where popname='%n' and status=0 AccountingTable EmailOnlinehours AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer-date AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctFailedLogFileName %D/missedaccounting AddToReply PoolHint = email, \ Service-Type = Framed-User, \ Framed-Protocol = PPP, \ Session-Timeout = 18000, \ Idle-Timeout = 18000, \ Framed-Compression = Van-Jacobson-TCP-IP # configure Realms (usernames will be of the form user@r1, or user@r2) AuthBy Check_Logins AuthBy Check_Emails === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) performance issue
That I don't understand. How can the authentication radiusd access the session database, when it's not configured -at all- in its configuration file? Please mind, that I'm running 1 radiusd for authentication, and 1 for accounting .. and I don't have any clause, in the authentication one.. -Andy > -Original Message- > From: Hugh Irvine [mailto:[EMAIL PROTECTED]] > Sent: woensdag 18 april 2001 1:45 > To: Andy De Petter; [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: (RADIATOR) performance issue > > > > Hello Andy - > > The session database will be accessed by both authentication (to > delete and > to check limits) and accounting (to insert and delete). > > cheers > > Hugh > > On Wednesday 18 April 2001 00:19, Andy De Petter wrote: > > > Your problem sounds familiar to us because at the beginning, > we launched > > > tests of 1000 authentication requests and the 40% were dropped. > > > > Were those 40% authentication or accounting? > > > > I'm running accounting & authentication on different daemons.. and the > > session db is configured on the accounting daemon, so > authentication here > > is not affected, by any slowdown of the accounting daemon. > > > > -Andy > > > > -- > > "For nothing can seem foul to those that win." > > - Henry IV, Pt1, Act 5, Sc 1 > > > > *** DISCLAIMER *** > > This e-mail and any attachments thereto may contain information, which > > is confidential and/or protected by intellectual property rights and > > are intended for the sole use of the recipient(s) named above. Any use > > of the information contained herein (including, but not limited to, > > total or partial reproduction, communication or distribution in any > > form) by persons other than the designated recipient(s) is prohibited. > > If you have received this e-mail in error, please notify the sender > > either by telephone or by e-mail and delete the material from any > > computer. Thank you for your cooperation. > > > > > > === > > Archive at http://www.starport.net/~radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. > > -- > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. > - > Nets: internetwork inventory and management - graphical, extensible, > flexible with hardware, software, platform and database independence. > === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Access Denied ... 691 error....(Urgent)...
Compare the secret you're using with radpwtst against the one you're using in your config file... Dave > -Original Message- > From: Mohammed AbdusSami [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 18, 2001 4:58 AM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: (RADIATOR) Access Denied ... 691 error(Urgent)... > > > Hi... > > My config is as follows...I am > > can anybody tell why I am getting 691 error ( check password) > when I am able > to authenticate with same password using radpwtst. > > Your immediate help will be highly appreciated. > > Best Regards, > > Mohammed AbdusSami > > # configuration > > > Secret abcdefgh09876 > DupInterval 0 > > > > > Secret radiator567 > DupInterval 0 > > > > > Identifier Check_Logins > DBSourcedbi:ODBC:radius > DBUsername radiator > DBAuth rad123456 > AuthSelect select password from logins \ > Where username='%n' and status=0 > > AccountingTable UsageOnlinehours > AcctColumnDef USERNAME,User-Name > AcctColumnDef TIME_STAMP,Timestamp,integer-date > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets > AcctColumnDef ACCTSESSIONID,Acct-Session-Id > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause > AcctColumnDef NASIDENTIFIER,NAS-Identifier > AcctColumnDef NASPORT,NAS-Port,integer > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address > > AddToReply PoolHint = login, \ > Service-Type = Framed-User, \ > Framed-Protocol = PPP, \ > Session-Timeout = 18000, \ > Idle-Timeout = 18000, \ > Framed-Compression = Van-Jacobson-TCP-IP > > > > # configure AuthBy SQL to check emails (Identifier Check_Emails) > > Identifier Check_Emails > DBSourcedbi:ODBC:radius > DBUsername radiator > DBAuth rad123456 > AuthSelect select password from Emails \ > Where popname='%n' and status=0 > > AccountingTable EmailOnlinehours > AcctColumnDef USERNAME,User-Name > AcctColumnDef TIME_STAMP,Timestamp,integer-date > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets > AcctColumnDef ACCTSESSIONID,Acct-Session-Id > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause > AcctColumnDef NASIDENTIFIER,NAS-Identifier > AcctColumnDef NASPORT,NAS-Port,integer > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address > > AcctFailedLogFileName %D/missedaccounting > > AddToReply PoolHint = email, \ > Service-Type = Framed-User, \ > Framed-Protocol = PPP, \ > Session-Timeout = 18000, \ > Idle-Timeout = 18000, \ > Framed-Compression = Van-Jacobson-TCP-IP > > > > # configure Realms (usernames will be of the form user@r1, or user@r2) > > > AuthBy Check_Logins > > > > AuthBy Check_Emails > > > > === > Archive at http://www.starport.net/~radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) About AuthBy Sql
Hi, We're trying to impliment AuthBy Sql with MSSql 6.5. Is there any way that we can authenticate the users whose passwords are encrypted in sql encryption format? We could work it out fine with plain text password and the MD5 password which we exported to sql table with buildsql command. Thanks in advance. Regds,Ujwol ManandharMercantile CommunicationsP.O.Box 876DurbarMarg Kathmandu, NepalTel : +977-1-240920Fax :+977-1-225407
(RADIATOR) Returning avpairs with a an Access-Reject?
Hi folks, Is it possible to get Radiator to return some attributes back with an Access-Reject? Looking at the code and the docs it seems to me that attributes one puts in - using explicitly AddToReply style operations or sticking them in a 'users' file under AuthFILE or whatever all works fine with an Access-Accept, but none of the attributes get tacked on during an Access-Reject. I have a situation where I really want to drop attributes out with a reject. Can I do it? [I'm writing a back end to talk to a Cisco voice IVR system, which uses Radius as its interaction mechanism, and which needs an Access-Reject with explicit cisco-h232-return-code also part of the response packet, in order to reject things properly] Cheers, Simon --- Simon Hackett, Technical Director, Internode Systems Pty Ltd 31 York St [PO Box 284, Rundle Mall], Adelaide, SA 5000 Australia Email: [EMAIL PROTECTED] Web: http://www.on.net Phone: +61-8-8223-2999 Fax: +61-8-8223-1777 === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: Returning avpairs with a an Access-Reject?
To follow up my own posting... I found one way that works, a PostAuthHook:
# drop an h323 return code of 1 (auth failed) into the reply if it is
# an access reject or reject_immediate - SWH hack for debitcard script
PostAuthHook sub { ${$_[1]}->add_attr('cisco-h323-return-code', \
'h323-return-code=1') \
if (${$_[2]} == $main::REJECT) \
|| (${$_[2]} ==
$main::REJECT_IMMEDIATE)}
Which gets the job done, but I don't see why attributes generated as
part of a reject shouldn't wind up in the return packet. Maybe it's
how I'm rejecting the user (a DEFAULT entry in a users file which
says 'Auth-Type = Reject')?
Also, as a comment about the docs (Hi Mike), the example PostAuthHook
in the manual (which the above is a shameless copy/adaptation of)
doesn't mention that the REJECT code might be REJECT_IMMEDIATE, not
just plain old REJECT. That had me fooled for a while! :)
Perhaps the docs could make a reference in that section to a complete
list of possible values of x for $main::x ...
Cheers,
Simon
---
Simon Hackett, Technical Director, Internode Systems Pty Ltd
31 York St [PO Box 284, Rundle Mall], Adelaide, SA 5000 Australia
Email: [EMAIL PROTECTED] Web: http://www.on.net
Phone: +61-8-8223-2999 Fax: +61-8-8223-1777
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Static Groups
Ok, Please bare with me if I don't make this clear.. I am needing to create a group in the users file for a static user. Here is a simple Default group for a dialup users: # Default Dial-Up PPP User System Profile DEFAULT Auth-Type = System, NAS-Port-Type = Async Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 255.255.255.254, Framed-IP-Netmask = 255.255.255.255, Reply-Message="choice: ", Port-Limit = 1, Idle-Timeout = 1200, Session-Timeout = 28800, Class = default My understanding is that to have a static user, the Framed-IP-Address is going to be different. Is there a way to have a Static group entry? If I did not make this clear just let me know, Keith Olmstead CenturyTel Network === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Returning avpairs with a an Access-Reject?
> I have a situation where I really want to drop attributes out with a
> reject. Can I do it?
PostAuthHook sub { \
if (${$_[2]} == $main::ACCEPT && ${$_[0]}->code eq 'Access-Request') { \
if (${$_[1]}->get_attr('cisco-h323-return-code') ne 'h323-return-code=0') { \
${$_[2]} = $main::REJECT; \
} \
} \
}
Now don't Access-Reject, but Access-Accept and one of the attributes should be
cisco-h323-return-code set to h323-return-code=0 or the return code you want.
Blaz Zupan, Medinet d.o.o, Linhartova 21, 2000 Maribor, Slovenia
E-mail: [EMAIL PROTECTED], Tel: +386-2-320-6320, Fax: +386-2-320-6325
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Double @ signs at login
Hi. I've got a bit of a problem. I get in users that login by entering user@domain1@domain2. I'd like to use the second domain (domain2) as Realm.. but for some reson I can't use that. The only way to make this work is ether via the DEFAULT Realm or by using the first domain (domain1). domain1 is changing from time to time but domain2 is static and wont change. Any ideas how I can solve this ? Best Regards, Patrik Forsberg Dataphone Sweden AB === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Re: Returning avpairs with a an Access-Reject?
Actually, I'd love to see the whole(?) API which is available to us in Hooks
documented in an appendix to the venerable "manual" :) A few are mentioned
throughout already, like get_attr(). But for most you have to look through
the source.
Dave
:O
> -Original Message-
> From: Simon Hackett [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 18, 2001 11:12 AM
> To: [EMAIL PROTECTED]
> Subject: (RADIATOR) Re: Returning avpairs with a an Access-Reject?
>
>
> To follow up my own posting... I found one way that works, a
> PostAuthHook:
>
> # drop an h323 return code of 1 (auth failed) into the reply if it is
> # an access reject or reject_immediate - SWH hack for debitcard script
>
> PostAuthHook sub { ${$_[1]}->add_attr('cisco-h323-return-code', \
> 'h323-return-code=1') \
>if (${$_[2]}
> == $main::REJECT) \
> || (${$_[2]} ==
> $main::REJECT_IMMEDIATE)}
>
> Which gets the job done, but I don't see why attributes generated as
> part of a reject shouldn't wind up in the return packet. Maybe it's
> how I'm rejecting the user (a DEFAULT entry in a users file which
> says 'Auth-Type = Reject')?
>
> Also, as a comment about the docs (Hi Mike), the example PostAuthHook
> in the manual (which the above is a shameless copy/adaptation of)
> doesn't mention that the REJECT code might be REJECT_IMMEDIATE, not
> just plain old REJECT. That had me fooled for a while! :)
>
> Perhaps the docs could make a reference in that section to a complete
> list of possible values of x for $main::x ...
>
> Cheers,
>Simon
>
> ---
> Simon Hackett, Technical Director, Internode Systems Pty Ltd
> 31 York St [PO Box 284, Rundle Mall], Adelaide, SA 5000 Australia
> Email: [EMAIL PROTECTED] Web: http://www.on.net
> Phone: +61-8-8223-2999 Fax: +61-8-8223-1777
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) radiator-2.18 install MD5 problem.
Can/will anyone help me with this problem? I've checked starport.net and found similar problems with solutions, but doesn't quite fit what's happening to me. I've RTFM-ed and don't see the solution. I gunzip and untar Digest-MD5-2.13.tar.gz and cd to the new directory. I then "perl Makefile.PL" then "make" then "make test" then "make install" (this goes cleanly.) I then gunzip and untar Radiator-2.18.tgz. Next, I gunzip and untar the patches-2.18.tar.gz and load. I then "perl Makefile.PL" then "make test" the make part appears to go cleanly, but when the test servers are started, I get the following messages. Starting tests... Starting 2 test servers. Please wait... ok 1a Can't locate object method "hash" via package "MD5" (perhaps you forgot to load "MD5"?) at Radius/Radius.pm line 378. not ok 1b Can't locate object method "hash" via package "MD5" (perhaps you forgot to load "MD5"?) at Radius/Radius.pm line 378. not ok 1c Can't locate object method "hash" via package "MD5" (perhaps you forgot to load "MD5"?) at Radius/Radius.pm line 682. not ok 1d not ok 1e Can't locate object method "hash" via package "MD5" (perhaps you forgot to load "MD5"?) at Radius/Radius.pm line 378. not ok 2a Can't locate object method "hash" via package "MD5" (perhaps you forgot to load "MD5"?) at Radius/Radius.pm line 378. ok 2b Can't locate object method "hash" via package "MD5" (perhaps you forgot to load "MD5"?) at Radius/Radius.pm line 378. not ok 2c . . . system: HP PC 733MHZ OS: FreeBSD 4.2 Stable PERL: version 5.6.1 Earl Dunston, UNIX System Administrator Ferguson Enterprises, HQ Newport News, VA 23602 === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) kill -1 radiator / logfile name
El 17 Apr 2001, a las 19:45, Mariano Absatz escribió:
> Hi all,
>
> I had this problem a couple of times but not sistematically... I'm
> starting a new installation and trying startup scripts (in fact before
> preparing the config files) and now it is sistematic.
>
> Every time I kill -1 Radiator, to re-read the configuration file, it
> fails...
>
> What I remember from my other installation was that if I made a minor
> change to the config file (e.g. the trace level), it worked OK, but if I
> edited something bigger, sometimes, it didn't liked it and it died... I
> thought it had to do with the way Radiator generates perl code on the fly
> while reading the config files.
>
> Now I made a couple of almost empty config files and every time I kill -1
> radiator it yields the following error:
>
> > Can't locate object method "new" via package "Radius::SNMPAgent"
> > (perhaps you forgot to load "Radius::SNMPAgent"?) at
> > /usr/local/lib/perl5/site_perl/5.6.1/Radius/ServerConfig.pm line 133,
> > line 17.
Alright, alright... so I SHOULD have RTFM... I had not installed the
SNMP_Session package and that generated this particular error... anyway,
read below...
>
> As I keep cheking it... it's not generating the correct filenames for the
> logfiles.
>
> There is only one logfile generated in /logs/radius and its name is
> "logfile"... that is, it kinda processed the LogDir statement, but it
> didn't process the LogFile nor the ...
It seems that sometimes, somehow, it starts generating messages before
processing LogFile and , but AFTER processing LogDir... it's
alright, I prefer to have the logs someplace else rather than not having
them at all...
>
> I'm including the contens of the /app/Radiator/etc/radius-acct.cfg (which
> is invoked from the command line) and the contents of
> /app/Radiator/etc/radius-common.cfg (which is included from the former).
I'll change them now... keep reading :-)
>
> For completeness... I also include the startup/shutdown/reload script
> (/etc/init.d/radius-acct). It's running on a Netra T1 AC200, 1CPU 360MHz,
> 512Mb RAM, 2x18Gb HD, Solaris 8, Perl v5.6.1, Radiator 2.18 with all the
> patches up to 10-Apr-2001.
>
So, I installed SNMP_Session, cleaned up things a bit, but still, when I
kill -1, I get strange results...
I started one instance of Radiator (accounting only) and I can stop it
and start it again with no problem, however, if I kill -1 it I get the
following message on screen (and on the logfile too)... anyway, now it
keeps running...
> # /etc/init.d/radius-acct reload
> Reloading Radiator (acct) configuration:
> DBD::Oracle::db prepare failed: ORA-03113: end-of-file on communication
> channel (DBD ERROR: OCIStmtExecute/Describe) {SELECT
> NAS_IDENTIFIER, NAS_SECRET, NAS_IGNOREACCTSIGNATURE, NAS_DUPINTERVAL,
> NAS_DEFAULTREALM, NAS_TYPE, NAS_SNMPCOMMUNITY, NAS_LIVINGSTONOFFS,
> NAS_LIVINGSTONHOLE, NAS_FRAMEDGROUPBASEADDRESS,
> NAS_FRAMEDGROUPMAXPORTSPERCLAS, NAS_REWRITEUSERNAME,
> NAS_NOIGNOREDUPLICATES, NAS_PREHANDLERHOOK FROM NAS_SERVICIO_CALIDAD}
> at /usr/local/lib/perl5/site_perl/5.6.1/Radius/SqlDb.pm line 201,
> line 22.
> -done
Stranger, still, is that the message appears on the and on the
%L/logfile (default name), but NOT in the LogFile...
I use for standard logging (trace level 2 or 3) and have a
commented global LogFile with Trace 4 for debugging, however, this file
only gets the "Radiator starting / Radiator stopping" (I'm not receiving
packets, just testing start/stop/reload).
Anyway, I put the trace level 4 in the clause and got this
result: (keep reading after the trace 4)
==
Wed Apr 18 17:47:09 2001: NOTICE: SIGTERM received: stopping
Wed Apr 18 17:47:15 2001: DEBUG: Adding Clients from SQL database
Wed Apr 18 17:47:15 2001: DEBUG: Query is: SELECT NAS_IDENTIFIER,
NAS_SECRET, NAS_IGNOREACCTSIGNATURE, NAS_DUPINTERVAL, NAS_DEFAULTREALM,
NAS_TYPE, NAS_SNMPCOMMUNITY, NAS_LIVINGSTONOFFS, NAS_LIVINGSTONHOLE,
NAS_FRAMEDGROUPBASEADDRESS, NAS_FRAMEDGROUPMAXPORTSPERCLAS,
NAS_REWRITEUSERNAME, NAS_NOIGNOREDUPLICATES, NAS_PREHANDLERHOOK FROM
NAS_SERVICIO_CALIDAD
Wed Apr 18 17:47:16 2001: INFO: Server started: Radiator 2.18 on mr-radius
Wed Apr 18 17:47:23 2001: NOTICE: SIGHUP received: restarting
Wed Apr 18 17:47:23 2001: DEBUG: Adding Clients from SQL database
Wed Apr 18 17:47:23 2001: DEBUG: Query is: SELECT NAS_IDENTIFIER,
NAS_SECRET, NAS_IGNOREACCTSIGNATURE, NAS_DUPINTERVAL, NAS_DEFAULTREALM,
NAS_TYPE, NAS_SNMPCOMMUNITY, NAS_LIVINGSTONOFFS, NAS_LIVINGSTONHOLE,
NAS_FRAMEDGROUPBASEADDRESS, NAS_FRAMEDGROUPMAXPORTSPERCLAS,
NAS_REWRITEUSERNAME, NAS_NOIGNOREDUPLICATES, NAS_PREHANDLERHOOK FROM
NAS_SERVICIO_CALIDAD
Wed Apr 18 17:47:23 2001: ERR: Execute failed for 'SELECT
NAS_IDENTIFIER, NAS_SECRET, NAS_IGNOREACCTSIGNATURE, NAS_DUPINTERVAL,
NAS_DEFAULTREALM, NAS_TYPE, NAS_SNMPCOMMUNITY, NAS_LIVINGSTON
Re: (RADIATOR) Returning avpairs with a an Access-Reject?
On Wed, Apr 18, 2001 at 11:52:34PM +0930, Simon Hackett wrote: > Hi folks, > > Is it possible to get Radiator to return some attributes back with an > Access-Reject? I ended up adding an extra config keyword "AddToRejectReply" and some extra code, enabling us to add whatever attributes to an Access-Reject. harry > > Looking at the code and the docs it seems to me that attributes one > puts in - using explicitly AddToReply style operations or sticking > them in a 'users' file under AuthFILE or whatever all works fine with > an Access-Accept, but none of the attributes get tacked on during an > Access-Reject. > > I have a situation where I really want to drop attributes out with a > reject. Can I do it? > > [I'm writing a back end to talk to a Cisco voice IVR system, which > uses Radius as its interaction mechanism, and which needs an > Access-Reject with explicit cisco-h232-return-code also part of the > response packet, in order to reject things properly] > > Cheers, >Simon > > --- > Simon Hackett, Technical Director, Internode Systems Pty Ltd > 31 York St [PO Box 284, Rundle Mall], Adelaide, SA 5000 Australia > Email: [EMAIL PROTECTED] Web: http://www.on.net > Phone: +61-8-8223-2999 Fax: +61-8-8223-1777 > > > === > Archive at http://www.starport.net/~radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Re: Returning avpairs with a an Access-Reject?
Hello Dave, Hello Simon -
I have copied this to Mike for his comments, however from my own experience
you are far better off reading the source in any case. Mike's programming
style and copious comments make this a real pleasure.
Simon -
My suggestion would also be to use a PostAuthHook, and I see you have done
that. I put together some sample hooks that illustrate some of the things you
can do in hooks in the file "goodies/hooks.txt" in the distribution. Note
that there have been some additional hooks added recently in Radiator 2.18
(and also a couple in the patches).
BTW - AddToReply will add attributes to a reject in an AuthBy clause.
May the source be with you!
regards
Hugh
On Thursday 19 April 2001 02:20, Kitabjian, Dave wrote:
> Actually, I'd love to see the whole(?) API which is available to us in
> Hooks documented in an appendix to the venerable "manual" :) A few are
> mentioned throughout already, like get_attr(). But for most you have to
> look through the source.
>
> Dave
>
> :O
> :
> > -Original Message-
> > From: Simon Hackett [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, April 18, 2001 11:12 AM
> > To: [EMAIL PROTECTED]
> > Subject: (RADIATOR) Re: Returning avpairs with a an Access-Reject?
> >
> >
> > To follow up my own posting... I found one way that works, a
> > PostAuthHook:
> >
> > # drop an h323 return code of 1 (auth failed) into the reply if it is
> > # an access reject or reject_immediate - SWH hack for debitcard script
> >
> > PostAuthHook sub { ${$_[1]}->add_attr('cisco-h323-return-code', \
> > 'h323-return-code=1') \
> >if (${$_[2]}
> > == $main::REJECT) \
> >
> > || (${$_[2]} ==
> >
> > $main::REJECT_IMMEDIATE)}
> >
> > Which gets the job done, but I don't see why attributes generated as
> > part of a reject shouldn't wind up in the return packet. Maybe it's
> > how I'm rejecting the user (a DEFAULT entry in a users file which
> > says 'Auth-Type = Reject')?
> >
> > Also, as a comment about the docs (Hi Mike), the example PostAuthHook
> > in the manual (which the above is a shameless copy/adaptation of)
> > doesn't mention that the REJECT code might be REJECT_IMMEDIATE, not
> > just plain old REJECT. That had me fooled for a while! :)
> >
> > Perhaps the docs could make a reference in that section to a complete
> > list of possible values of x for $main::x ...
> >
> > Cheers,
> >Simon
> >
> > ---
> > Simon Hackett, Technical Director, Internode Systems Pty Ltd
> > 31 York St [PO Box 284, Rundle Mall], Adelaide, SA 5000 Australia
> > Email: [EMAIL PROTECTED] Web: http://www.on.net
> > Phone: +61-8-8223-2999 Fax: +61-8-8223-1777
> >
> >
> > ===
> > Archive at http://www.starport.net/~radiator/
> > Announcements on [EMAIL PROTECTED]
> > To unsubscribe, email '[EMAIL PROTECTED]' with
> > 'unsubscribe radiator' in the body of the message.
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Static Groups
Hello Keith - I'm afraid I don't understand the question. thanks Hugh On Thursday 19 April 2001 01:27, Keith Olmstead wrote: > Ok, > > Please bare with me if I don't make this clear.. > > I am needing to create a group in the users file for a static user. Here > is a simple Default group for a dialup users: > > # Default Dial-Up PPP User System Profile > DEFAULT Auth-Type = System, NAS-Port-Type = Async > Service-Type = Framed-User, > Framed-Protocol = PPP, > Framed-IP-Address = 255.255.255.254, > Framed-IP-Netmask = 255.255.255.255, > Reply-Message="choice: ", > Port-Limit = 1, > Idle-Timeout = 1200, > Session-Timeout = 28800, > Class = default > > My understanding is that to have a static user, the Framed-IP-Address is > going to be different. Is there a way to have a Static group entry? > > If I did not make this clear just let me know, > > > Keith Olmstead > CenturyTel Network > > === > Archive at http://www.starport.net/~radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) radiator-2.18 install MD5 problem.
Hello Earl - I always use the MD5 distribution: MD5-1.7.tgz I've included a copy in a seperate mail. hth Hugh On Thursday 19 April 2001 02:03, Earl Dunston wrote: > Can/will anyone help me with this problem? I've checked starport.net and > found similar problems with solutions, but doesn't quite fit what's > happening to me. I've RTFM-ed and don't see the solution. > > I gunzip and untar Digest-MD5-2.13.tar.gz and cd to the new directory. > I then "perl Makefile.PL" > then "make" > then "make test" > then "make install" > (this goes cleanly.) > > I then gunzip and untar Radiator-2.18.tgz. > Next, I gunzip and untar the patches-2.18.tar.gz and load. > I then "perl Makefile.PL" > then "make test" > > the make part appears to go cleanly, but when the test servers are > started, I get the following messages. > > > Starting tests... > Starting 2 test servers. Please wait... > ok 1a > Can't locate object method "hash" via package "MD5" (perhaps you forgot to > load "MD5"?) at Radius/Radius.pm line 378. > not ok 1b > Can't locate object method "hash" via package "MD5" (perhaps you forgot to > load "MD5"?) at Radius/Radius.pm line 378. > not ok 1c > Can't locate object method "hash" via package "MD5" (perhaps you forgot to > load "MD5"?) at Radius/Radius.pm line 682. > not ok 1d > not ok 1e > Can't locate object method "hash" via package "MD5" (perhaps you forgot to > load "MD5"?) at Radius/Radius.pm line 378. > not ok 2a > Can't locate object method "hash" via package "MD5" (perhaps you forgot to > load "MD5"?) at Radius/Radius.pm line 378. > ok 2b > Can't locate object method "hash" via package "MD5" (perhaps you forgot to > load "MD5"?) at Radius/Radius.pm line 378. > not ok 2c > .. > .. > .. > > system: HP PC 733MHZ > OS: FreeBSD 4.2 Stable > PERL: version 5.6.1 > > > Earl Dunston, UNIX System Administrator > Ferguson Enterprises, HQ > Newport News, VA 23602 > > > > === > Archive at http://www.starport.net/~radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) About AuthBy Sql
Hello Ujwol - If the encryption is one of the standard types recognised by Radiator it should work fine (as long as you are using PAP authentication). Radiator understands certain prefixes to understand the type of encryption in use and will do the right thing automatically. You can find the prefixes and the encryption types in section 13.1.1 in the Radiator 2.18 reference manual. hth Hugh On Wednesday 18 April 2001 23:53, Ujwol wrote: > > Hi, > We're trying to impliment AuthBy Sql with MSSql 6.5. Is there any way > that we can authenticate the users whose passwords are encrypted in sql > encryption format? We could work it out fine with plain text password and > the MD5 password which we exported to sql table with buildsql command. > Thanks in advance. Regds, > Ujwol Manandhar > Mercantile Communications > P.O.Box 876 > DurbarMarg Kathmandu, Nepal > Tel : +977-1-240920 > Fax :+977-1-225407 Content-Type: text/html; charset="iso-8859-1"; name="Attachment: 1" Content-Transfer-Encoding: quoted-printable Content-Description: -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) kill -1 radiator / logfile name
Hello Mariano -
Mike is travelling this week, but he will take a look at this when he returns.
thanks for reporting the problem
regards
Hugh
On Wednesday 18 April 2001 08:45, Mariano Absatz wrote:
> Hi all,
>
> I had this problem a couple of times but not sistematically... I'm
> starting a new installation and trying startup scripts (in fact before
> preparing the config files) and now it is sistematic.
>
> Every time I kill -1 Radiator, to re-read the configuration file, it
> fails...
>
> What I remember from my other installation was that if I made a minor
> change to the config file (e.g. the trace level), it worked OK, but if I
> edited something bigger, sometimes, it didn't liked it and it died... I
> thought it had to do with the way Radiator generates perl code on the fly
> while reading the config files.
>
> Now I made a couple of almost empty config files and every time I kill -1
>
> radiator it yields the following error:
> > Can't locate object method "new" via package "Radius::SNMPAgent"
> > (perhaps you forgot to load "Radius::SNMPAgent"?) at
> > /usr/local/lib/perl5/site_perl/5.6.1/Radius/ServerConfig.pm line 133,
> > line 17.
>
> As I keep cheking it... it's not generating the correct filenames for the
> logfiles.
>
> There is only one logfile generated in /logs/radius and its name is
> "logfile"... that is, it kinda processed the LogDir statement, but it
> didn't process the LogFile nor the ...
>
> I'm including the contens of the /app/Radiator/etc/radius-acct.cfg (which
> is invoked from the command line) and the contents of
> /app/Radiator/etc/radius-common.cfg (which is included from the former).
>
> For completeness... I also include the startup/shutdown/reload script
> (/etc/init.d/radius-acct). It's running on a Netra T1 AC200, 1CPU 360MHz,
> 512Mb RAM, 2x18Gb HD, Solaris 8, Perl v5.6.1, Radiator 2.18 with all the
> patches up to 10-Apr-2001.
>
> What is wrong?
>
> = /app/Radiator/etc/radius-acct.cfg =
> = /app/Radiator/etc/radius-acct.cfg =
> = /app/Radiator/etc/radius-acct.cfg =
> ##
> #ACCOUNTING CONFIGURATION#
> ##
>
> #
> # include common configuration and global definitions
> include /app/Radiator/etc/radius-common.cfg
>
>
> PidFile %{GlobalVar:TempDir}/rad-acct.pid
> #
> # We only do accounting in this instance of Radiator
> #
> AuthPort
> AcctPort1813
>
>
> Port16113
> Community CONFIGURAR-COMUNIDAD
>
>
>
> ##
> #LOGGING SECTION #
> ##
>
> # For debugging, uncomment the 2 following lines
> Trace 4
> LogFile %L/%Y-%m/debugAcctLog_%d-%q
>
> #Trace:
> #0 ERR. Error conditions. Serious and unexpected failures
> #1 WARNING. Warning conditions. Unexpected failures
> #2 NOTICE. Normal but significant conditions.
> #3 INFO. Informational messages.
> #4 DEBUG. Debugging messages.
> #5 Incoming raw packet dumps in hexadecimal.
>
>
> Identifier fileLoggerMetroAcct
> Filename %L/%Y-%m/stdAcctLog_%d-%q
> Trace 3
>
>
>
> #
> #Log authentication success and failure to a file
> #
> # Identifier acctLoggerMetroRED
> # Filename %L/%Y-%m/acct_%d-%q
> # LogSuccess 1
> # LogFailure 1
> # SuccessFormat %l:%n:<>:OK:-
> # FailureFormat %l:%n:%P:FAIL:%1
> #
>
>
>
>
>
>
> = /app/Radiator/etc/radius-common.cfg
> = /app/Radiator/etc/radius-common.cfg
> = /app/Radiator/etc/radius-common.cfg
> ##
> # COMMON CONFIGURATION #
> ##
>
> ##
> #FILES AND DIRECTORIES SECTION #
> ##
>
> LogDir /logs/radius
> DbDir /app/Radiator/db
> DefineGlobalVar ScriptDir /app/Radiator/scripts
> DefineGlobalVar ConfigDir /app/Radiator/etc
> DefineGlobalVar TempDir /app/Radiator/tmp
>
>
> DictionaryFile %{GlobalVar:ConfigDir}/dictionary
>
> ##
> #REWRITE SECTION #
> ##
>
> # REWRITE USER NAME BEFORE ANYTHING ELSE
> # Rewrite any Name without realm to our realm
> # because defaultrealm does not match on HANDLER
> Rewrit
Re: (RADIATOR) Double @ signs at login
Hello Patrick - I would suggest you use Handlers instead of Realms with a regexp to do what you require: hth Hugh On Thursday 19 April 2001 02:12, Patrik Forsberg wrote: > Hi. > > I've got a bit of a problem. > > I get in users that login by entering user@domain1@domain2. > > I'd like to use the second domain (domain2) as Realm.. but for some > reson I can't use that. The only way to make this work is ether via the > DEFAULT Realm or by using the first domain (domain1). > > domain1 is changing from time to time but domain2 is static and wont > change. > > Any ideas how I can solve this ? > > > Best Regards, > Patrik Forsberg > Dataphone Sweden AB > > === > Archive at http://www.starport.net/~radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Re: Returning avpairs with a an Access-Reject?
Yeah, an "API" reference would make hook writing a lot easier.
Andrew
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Kitabjian, Dave
Sent: Thursday, 19 April 2001 2:20 AM
To: 'Simon Hackett'; [EMAIL PROTECTED]
Subject: RE: (RADIATOR) Re: Returning avpairs with a an Access-Reject?
Actually, I'd love to see the whole(?) API which is available to us in Hooks
documented in an appendix to the venerable "manual" :) A few are mentioned
throughout already, like get_attr(). But for most you have to look through
the source.
Dave
:O
> -Original Message-
> From: Simon Hackett [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, April 18, 2001 11:12 AM
> To: [EMAIL PROTECTED]
> Subject: (RADIATOR) Re: Returning avpairs with a an Access-Reject?
>
>
> To follow up my own posting... I found one way that works, a
> PostAuthHook:
>
> # drop an h323 return code of 1 (auth failed) into the reply if it is
> # an access reject or reject_immediate - SWH hack for debitcard script
>
> PostAuthHook sub { ${$_[1]}->add_attr('cisco-h323-return-code', \
> 'h323-return-code=1') \
>if (${$_[2]}
> == $main::REJECT) \
> || (${$_[2]} ==
> $main::REJECT_IMMEDIATE)}
>
> Which gets the job done, but I don't see why attributes generated as
> part of a reject shouldn't wind up in the return packet. Maybe it's
> how I'm rejecting the user (a DEFAULT entry in a users file which
> says 'Auth-Type = Reject')?
>
> Also, as a comment about the docs (Hi Mike), the example PostAuthHook
> in the manual (which the above is a shameless copy/adaptation of)
> doesn't mention that the REJECT code might be REJECT_IMMEDIATE, not
> just plain old REJECT. That had me fooled for a while! :)
>
> Perhaps the docs could make a reference in that section to a complete
> list of possible values of x for $main::x ...
>
> Cheers,
>Simon
>
> ---
> Simon Hackett, Technical Director, Internode Systems Pty Ltd
> 31 York St [PO Box 284, Rundle Mall], Adelaide, SA 5000 Australia
> Email: [EMAIL PROTECTED] Web: http://www.on.net
> Phone: +61-8-8223-2999 Fax: +61-8-8223-1777
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) kill -1 radiator / logfile name
Hello again Mariano -
Thanks for the detailed investigation.
Mike will take a look when he returns next week.
regards
Hugh
On Thursday 19 April 2001 07:09, Mariano Absatz wrote:
> El 17 Apr 2001, a las 19:45, Mariano Absatz escribió:
> > Hi all,
> >
> > I had this problem a couple of times but not sistematically... I'm
> > starting a new installation and trying startup scripts (in fact before
> > preparing the config files) and now it is sistematic.
> >
> > Every time I kill -1 Radiator, to re-read the configuration file, it
> > fails...
> >
> > What I remember from my other installation was that if I made a minor
> > change to the config file (e.g. the trace level), it worked OK, but if I
> > edited something bigger, sometimes, it didn't liked it and it died... I
> > thought it had to do with the way Radiator generates perl code on the fly
> > while reading the config files.
> >
> > Now I made a couple of almost empty config files and every time I kill -1
> >
> > radiator it yields the following error:
> > > Can't locate object method "new" via package "Radius::SNMPAgent"
> > > (perhaps you forgot to load "Radius::SNMPAgent"?) at
> > > /usr/local/lib/perl5/site_perl/5.6.1/Radius/ServerConfig.pm line 133,
> > > line 17.
>
> Alright, alright... so I SHOULD have RTFM... I had not installed the
> SNMP_Session package and that generated this particular error... anyway,
> read below...
>
> > As I keep cheking it... it's not generating the correct filenames for the
> > logfiles.
> >
> > There is only one logfile generated in /logs/radius and its name is
> > "logfile"... that is, it kinda processed the LogDir statement, but it
> > didn't process the LogFile nor the ...
>
> It seems that sometimes, somehow, it starts generating messages before
> processing LogFile and , but AFTER processing LogDir... it's
> alright, I prefer to have the logs someplace else rather than not having
> them at all...
>
> > I'm including the contens of the /app/Radiator/etc/radius-acct.cfg (which
> > is invoked from the command line) and the contents of
> > /app/Radiator/etc/radius-common.cfg (which is included from the former).
>
> I'll change them now... keep reading :-)
>
> > For completeness... I also include the startup/shutdown/reload script
> > (/etc/init.d/radius-acct). It's running on a Netra T1 AC200, 1CPU 360MHz,
> > 512Mb RAM, 2x18Gb HD, Solaris 8, Perl v5.6.1, Radiator 2.18 with all the
> > patches up to 10-Apr-2001.
>
> So, I installed SNMP_Session, cleaned up things a bit, but still, when I
> kill -1, I get strange results...
>
> I started one instance of Radiator (accounting only) and I can stop it
> and start it again with no problem, however, if I kill -1 it I get the
> following message on screen (and on the logfile too)... anyway, now it
> keeps running...
>
> > # /etc/init.d/radius-acct reload
> > Reloading Radiator (acct) configuration:
> > DBD::Oracle::db prepare failed: ORA-03113: end-of-file on communication
> > channel (DBD ERROR: OCIStmtExecute/Describe) {SELECT
> > NAS_IDENTIFIER, NAS_SECRET, NAS_IGNOREACCTSIGNATURE, NAS_DUPINTERVAL,
> > NAS_DEFAULTREALM, NAS_TYPE, NAS_SNMPCOMMUNITY, NAS_LIVINGSTONOFFS,
> > NAS_LIVINGSTONHOLE, NAS_FRAMEDGROUPBASEADDRESS,
> > NAS_FRAMEDGROUPMAXPORTSPERCLAS, NAS_REWRITEUSERNAME,
> > NAS_NOIGNOREDUPLICATES, NAS_PREHANDLERHOOK FROM NAS_SERVICIO_CALIDAD}
> > at /usr/local/lib/perl5/site_perl/5.6.1/Radius/SqlDb.pm line 201,
> > line 22.
> > -done
>
> Stranger, still, is that the message appears on the and on the
> %L/logfile (default name), but NOT in the LogFile...
>
> I use for standard logging (trace level 2 or 3) and have a
> commented global LogFile with Trace 4 for debugging, however, this file
> only gets the "Radiator starting / Radiator stopping" (I'm not receiving
> packets, just testing start/stop/reload).
>
> Anyway, I put the trace level 4 in the clause and got this
> result: (keep reading after the trace 4)
>
> ==
> Wed Apr 18 17:47:09 2001: NOTICE: SIGTERM received: stopping
> Wed Apr 18 17:47:15 2001: DEBUG: Adding Clients from SQL database
> Wed Apr 18 17:47:15 2001: DEBUG: Query is: SELECT NAS_IDENTIFIER,
> NAS_SECRET, NAS_IGNOREACCTSIGNATURE, NAS_DUPINTERVAL, NAS_DEFAULTREALM,
> NAS_TYPE, NAS_SNMPCOMMUNITY, NAS_LIVINGSTONOFFS, NAS_LIVINGSTONHOLE,
> NAS_FRAMEDGROUPBASEADDRESS, NAS_FRAMEDGROUPMAXPORTSPERCLAS,
> NAS_REWRITEUSERNAME, NAS_NOIGNOREDUPLICATES, NAS_PREHANDLERHOOK FROM
> NAS_SERVICIO_CALIDAD
>
> Wed Apr 18 17:47:16 2001: INFO: Server started: Radiator 2.18 on mr-radius
> Wed Apr 18 17:47:23 2001: NOTICE: SIGHUP received: restarting
> Wed Apr 18 17:47:23 2001: DEBUG: Adding Clients from SQL database
> Wed Apr 18 17:47:23 2001: DEBUG: Query is: SELECT NAS_IDENTIFIER,
> NAS_SECRET, NAS_IGNOREACCTSIGNATURE, NAS_DUPINTERVAL, NAS_DEFAULTREALM,
> NAS_TYPE, NAS_SNMPCOMMUNITY, NAS_LIVINGSTONOFFS, NAS_LIVINGSTONHOLE,
> NAS_FRAMEDGROUPBASEADDRESS, NAS_FRAMED
