Re: (RADIATOR) MaxSessions
Hello Harrison - What version of Radiator are you running? This problem was fixed in Radiator 2.18.1: Fixed a problem with Handlers where a MaxSessions denial would still permit AuthBys to run and perhaps 2 replies to be returned. Reported by Frederic Gargula regards Hugh On Thursday 30 August 2001 12:05, Harrison Ng wrote: Hello, Is it possible to prevent executing AuthBy clauses when MaxSessions exceeds (within a Handler). When radiator receives Access-Request, it determine an appropriate handler to process request. Then it checks whether the user has reach MaxSessions. In this case user has reach MaxSessions, therefore it should send Access-Reject to NAS and stop executing AuthBy clauses. However radiator still go through the clauses and eventually send out Access-Accept to NAS. At the same time, our NAS takes in Access-Accept and open a PPP session. Pls find attached trace 4 capture and extracts of our radius.cfg. Can anyone give us a hint. Harrison SmarTone BroadBand Services Limited MaxSession.txt radius.cfg Content-Type: text/html; charset=iso-8859-1; name=Attachment: 1 Content-Transfer-Encoding: quoted-printable Content-Description: Content-Type: text/plain; charset=iso-8859-1; name=MaxSession.txt Content-Transfer-Encoding: quoted-printable Content-Description: Content-Type: application/octet-stream; charset=iso-8859-1; name=radius.cfg Content-Transfer-Encoding: quoted-printable Content-Description: -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) 2.18.3: ORA-00911: invalid character
Hi,
I've just installed Radiator 2.18.3.
In the logfile I see ERR message like this:
Thu Aug 30 12:12:37 2001: DEBUG: Handling request with Handler ''
Thu Aug 30 12:12:37 2001: DEBUG: SessDB Adding session for MARGO, x.x.x.2, 4
Thu Aug 30 12:12:37 2001: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='%0' and NASPORT=0%2
Thu Aug 30 12:12:37 2001: ERR: do failed for 'delete from RADONLINE where
NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute)
Thu Aug 30 12:12:43 2001: ERR: do failed for 'delete from RADONLINE where
NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute)
Thu Aug 30 12:12:43 2001: DEBUG: do query is: insert into RADONLINE (USERNAME,
NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS,
NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2', 04, '11C9', 999159157, '',
'Async', 'Framed-User')
Thu Aug 30 12:12:45 2001: ERR: do failed for 'insert into RADONLINE (USERNAME,
NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS,
NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2', 04, '11C9', 999159157, '',
'Async', 'Framed-User')': ORA-1: unique constraint (RADIUS.RADONLINE_I) violated
(DBD ERROR: OCIStmtExecute)
Can you help me to correct this bug?
With respect,
Pavel A Crasotin
OJSC SeverTransCom
40/13 Sobinova, Yaroslavl, 15, Russia
Tel/Fax: +7 (0852) 47-71-70, 47-69-49
+7 (0852) 72-17-28, 72-17-38
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: Re: (RADIATOR) SimultaneousUse
Hugh: See conf below: (radius.cfg) Foreground LogStdout Trace 3 PidFile /usr/local/etc/raddb/radiusd.pid AuthPort 1645 AcctPort 1646 LogDir /usr/local/etc/raddb DbDir /usr/local/etc/raddb LogFile %L/logfile.%Y.%m.%d DictionaryFile %D/dictionary SnmpgetProg /usr/bin/snmpget Client X.X.X.X Secret IgnoreAcctSignature /Client Realm DEFAULT AcctLogFileName %L/detail.%Y.%m.%d RejectHasReason AuthBy FILE Identifier Check-FILE Filename %D/users DefaultSimultaneousUse 1 /AuthBy AuthBy UNIX Identifier Check-UNIX Filename/etc/shadow DefaultSimultaneousUse 1 /AuthBy /Realm 'Tunde Ogedengbe ORIGINAL MESSAGE BELOW Hello Camilo, Hello 'Tunde - In general, problems with simultaneous use are usually due to dropped accounting packets (sometimes congested links, sometimes NAS bugs, sometimes configuration problems with Radiator). I am happy to assist with any problems, but I need to see what is going on. Please send me a copy of the configuration file (no secrets) together with a trace 4 debug from Radiator showing the problem. It would also be helpful if you could provide some description of what you are trying to accomplish. thanks Hugh On Thursday 30 August 2001 01:04, Camilo Fernando Corena G. wrote: I have the same problem. Someone can help us??? 'Tunde Ogedengbe wrote: Hello: We are having problems with this attribute. In some of our installations, the attribute does not work at all and so no restriction is enforced. On another installation, it works but with severe problems. For instance customers with an attribute of 1 who previously connected to our system and later disconnected are having problems reconnecting. This has resulted in a serious problem in which a significant percentage of connection problems were related to the SimultaneousUse attribute. What we have done in the interim is to set the attribute to 3. How can we resolve this problem? 'Tunde Ogedengbe Linkserve Limited 22 Akin Adesola Street Victoria Island Lagos - Nigeria Tel: +234 1 2623900 Fax: +234 1 2623906 URL: http://www.linkserve.net - Original Message - From: Hugh Irvine [EMAIL PROTECTED] To: lloyd [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, August 29, 2001 8:48 AM Subject: (RADIATOR) Re: two authby clauses Hello Lloyd - What exactly are you trying to do? thanks Hugh On Wednesday 29 August 2001 14:28, lloyd wrote: hi, how do i configure radiator in such a way that before it proxy's to another radius server, it checks for the Called-Station-Id in say a flat file or a database? will this work (file based with only one field: telephonenumbers). AuthBy FILE Identifier calledstationid FileName %d/Called-Station-ID /AuthBy AuthBy RADIUS Identifier radiusproxy Host ***.***.***.*** Secret ** AuthPort AcctPort /AuthBy Realm AuthByPolicy ContinueAlways AuthBy calledstationid AuthBy radiusproxy /Realm Lloyd Dagoc InterDotNet Philippines Inc. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. All Linkserve mails have been certified to be virus-free, thanks for your patronage. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Minimum password length restriction in Radiator
Is it possible to enforce a minimum password length of 8 characters say in Radiator/RAdmin? Colin === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Ascend SNMP Problems
Hugh, Returning to the Logfile: Mon Aug 27 11:53:11 2001: DEBUG: Checking if user is still online: AscendSNMP, lydia, 207.65.70.7, 842, 326199869 Mon Aug 27 11:53:11 2001: DEBUG: Running command `/usr/bin/snmpget 207.65.70.7 community .iso.org.dod.internet.private.enterprises.326199869 Mon Aug 27 11:53:11 2001: NOTICE: sessiondb Session for lydia at 207.65.70.7:842 has gone away Mon Aug 27 11:53:11 2001: DEBUG: sessiondb Deleting session for lydia, 207.65.70.7, 842 Mon Aug 27 11:53:11 2001: DEBUG: do query is: delete from RADONLINE where USERNAME='[EMAIL PROTECTED]' and NASIDENTIFIER='207.65.70.7' As you can see the function AscendSNMP gets called with the re-written username. If this is incorrect Please enlighten me why the log files show the wrong message. :) Leon -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 7:22 PM To: Leon Oosterwijk; '[EMAIL PROTECTED]' Subject: Re: (RADIATOR) Ascend SNMP Problems Hello Leon - Radiator will always use the original username as received in the request for checking the NAS. However I note in your configuration below that you should probably (correct me if I'm wrong) change the CountQuery to count the rewritten usernames: CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from \ RADONLINE where RRUSERNAME='%U' hth Hugh === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) AuthBy LDAP2 - support for LDAP referrals?
Hello. Does anybody know if Radiator 2.18.2 with its LDAP2 authentication method supports LDAP referrals? We have an LDAP server for our organization that sits at the top of our LDAP tree, has most data local and implements referrals for some organization departments to other LDAP servers within our organization. Is we use a restrictive base DN for one department (ou=dent,o=auth,c=GR) AuthBy LDAP2 works fine with ServerChecksPassword. If we use the general base DN of the top level (o=auth, c=GR) we get the following error, which seems to say that Radiator gets back an "LDAP_PARTIAL_RESULTS" answer with referrals from the LDAP server and does not know how to deal with it: Thu Aug 30 16:42:30 2001: DEBUG: Handling request with Handler 'Realm=DEFAULT' Thu Aug 30 16:42:30 2001: DEBUG: Deleting session for poptest, 203.63.154.1, 1234 Thu Aug 30 16:42:30 2001: DEBUG: Handling with Radius::AuthLDAP2 Thu Aug 30 16:42:30 2001: DEBUG: Connecting to ldap.auth.gr, port 389 Thu Aug 30 16:42:30 2001: DEBUG: Attempting to bind with , Thu Aug 30 16:42:30 2001: ERR: ldap search failed with error LDAP_PARTIAL_RESULTS. Thu Aug 30 16:42:30 2001: ERR: Disconnecting from LDAP server. Has anybody tried using Radiator with an LDAP server that has referrals for at least some part of its contents? Thanks in advance for any help. -- Dimitris Daskopoulos Network Services Manager Network Operation Center Aristotle University of Thessaloniki PO Box 888, 540 06 Thessaloniki, GREECE tel: 998490 fax: 998492 e-mail: [EMAIL PROTECTED] begin:vcard n:Daskopoulos;Dimitris tel;fax:+30 31 998492 tel;work:+30 31 998490 x-mozilla-html:FALSE url:http://noc.auth.gr org:Aristotle University of Thessaloniki;Network Operation Center version:2.1 email;internet:[EMAIL PROTECTED] title:Network Services Manager adr;quoted-printable:;;Biology Building, 1st Floor=0D=0A(or PO Box 888);Thessaloniki;Macedonia;540 06;Greece x-mozilla-cpt:;1 fn:Dimitris Daskopoulos end:vcard
(RADIATOR) Could not connect to SQL database with DBI-connectCould not connect to any SQL database. Request is ignored
Hi: I got the subjected problem many times, it happens when radiator dies and is restarted. But after restart it a couple of times, it then goes to SQL and will work for a while. Has anybody ever had the same problem? I'm not sure if it's the problem of perl and DBI, or on the radiator side. Any hints will be appreciated. Leon Sys Admin. World Trade Network, Inc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) SimultaneousUse
Hi Hugh, Im using XtRadius and we have a Cisco AS5300. My radius.cfg file is: = # radius.cfg LogStdout Trace 4 AuthPort 1812 AcctPort 1813 LogFile /var/log/radius/radius.log DictionaryFile /usr/local/radiator/dictionary DictionaryFile /usr/local/radiator/dictionary.cisco Client ***> Secret *** /Client> Client ***> Secret *** /Client> Client DEFAULT> Secret *** DupInterval 0 StatusServerShowClientDetails /Client> Realm DEFAULT> RewriteUsername s/^([^@]+).*/$1/ RewriteUsername tr/[A-Z]/[a-z]/ MaxSessions 1 AcctLogFileName /var/log/radius/detail PasswordLogFileName /var/log/radius/password-radius.log RejectHasReason AuthBy FILE> Filename /etc/radiator/users UseAddressHint AddToReply Reply-Message=hello AddToReplyIfNotExist Ascend-Data-Filter="ip in forward tcp est" DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP DefaultSimultaneousUse 1 /AuthBy> /Realm> Realm unix.realm> RewriteUsername s/^([^@]+).*/$1/ RewriteUsername tr/A-Z/a-z RewriteUsername s/\s+//g AuthBy UNIX> Filename /etc/passwd GroupFilename /etc/group DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP /AuthBy> /Realm> Realm system.realm> RewriteUsername s/^([^@]+).*/$1/ AuthBy SYSTEM> Identifier System1 /AuthBy> /Realm> = Thanks, Camilo C. Hugh Irvine wrote: Hello Camilo, Hello 'Tunde - In general, problems with simultaneous use are usually due to dropped accounting packets (sometimes congested links, sometimes NAS bugs, sometimes configuration problems with Radiator). I am happy to assist with any problems, but I need to see what is going on. Please send me a copy of the configuration file (no secrets) together with a trace 4 debug from Radiator showing the problem. It would also be helpful if you could provide some description of what you are trying to accomplish. thanks Hugh On Thursday 30 August 2001 01:04, Camilo Fernando Corena G. wrote: > I have the same problem. > > Someone can help us??? > > 'Tunde Ogedengbe wrote: > > Hello: > > > > We are having problems with this attribute. In some of our > > installations, the attribute does not work at all and so no restriction > > is enforced. On another installation, it works but with severe > > problems. For instance customers with an attribute of 1 who previously > > connected to our system and later disconnected are having problems > > reconnecting. This has resulted in a serious problem in which a > > significant percentage of connection problems were related to the > > SimultaneousUse attribute. What we have done in the interim is to set > > the attribute to 3. How can we resolve this problem? > > > > 'Tunde Ogedengbe > > Linkserve Limited > > 22 Akin Adesola Street > > Victoria Island > > Lagos - Nigeria > > Tel: +234 1 2623900 > > Fax: +234 1 2623906 > > URL: http://www.linkserve.net > > - Original Message - > > From: "Hugh Irvine" [EMAIL PROTECTED]> > > To: "lloyd" [EMAIL PROTECTED]>; [EMAIL PROTECTED]> > > Cc: [EMAIL PROTECTED]> > > Sent: Wednesday, August 29, 2001 8:48 AM > > Subject: (RADIATOR) Re: two authby clauses > > > > > Hello Lloyd - > > > > > > What exactly are you trying to do? > > > > > > thanks > > > > > > Hugh > > > > > > On Wednesday 29 August 2001 14:28, lloyd wrote: > > > > hi, > > > > how do i configure radiator in such a way that before it proxy's to > > > > another radius server, it checks for the Called-Station-Id in say a > > > > flat file or a database? > > > > > > > > > > > > will this work (file based with only one field: > > > > telephonenumbers). > > > > > > > > AuthBy FILE> > > > > Identifier calledstationid > > > > FileName %d/Called-Station-ID > > > > /AuthBy> > > > > > > > > AuthBy RADIUS> > > > > Identifier radiusproxy> > > > > Host ***.***.***.*** > > > > Secret ** > > > > AuthPort > > > > AcctPort > > > > /AuthBy> > > > > > > > > Realm> > > > > AuthByPolicy ContinueAlways > > > > AuthBy calledstationid > > > > AuthBy radiusproxy > > > > /Realm> > > > > > > > > > > > > Lloyd Dagoc > > > > InterDotNet Philippines Inc. > > > > > > -- > > > Radiator: the most portable, flexible and configurable RADIUS server > > > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. > > > - > > > Nets: internetwork inventory and management - graphical, extensible, > > > flexible with hardware, software, platform and database independence. > > > === > > > Archive at http://www.open.com.au/archives/radiator/ > > > Announcements on [EMAIL PROTECTED] > > > To unsubscribe, email '[EMAIL PROTECTED]' with > > > 'unsubscribe radiator' in the body of the message. > > > > === > > Archive at http://www.open.com.au/archives/radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT,
RE: (RADIATOR) 2.18.3: ORA-00911: invalid character
I have the same thing. Looks like there's a bug in the Sqldm.pm code
release for Radiator 2.8.3:
lab1.yml# ./radpwtst -user user-name -password password
sending Access-Request...
OK
sending Accounting-Request Start...
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-1: unique constraint
(RADIUS15.RADONLINE_PK) violated (DBD ERROR: OCIStmtExecute) at
/usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 232.
OK
sending Accounting-Request Stop...
OK
Please advise.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Pavel A Crasotin
Sent: Thursday, August 30, 2001 4:28 AM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) 2.18.3: ORA-00911: invalid character
Hi,
I've just installed Radiator 2.18.3.
In the logfile I see ERR message like this:
Thu Aug 30 12:12:37 2001: DEBUG: Handling request with Handler ''
Thu Aug 30 12:12:37 2001: DEBUG: SessDB Adding session for MARGO,
x.x.x.2, 4
Thu Aug 30 12:12:37 2001: DEBUG: do query is: delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2
Thu Aug 30 12:12:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')
Thu Aug 30 12:12:45 2001: ERR: do failed for 'insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')': ORA-1:
unique constraint (RADIUS.RADONLINE_I) violated (DBD ERROR:
OCIStmtExecute)
Can you help me to correct this bug?
With respect,
Pavel A Crasotin
OJSC SeverTransCom
40/13 Sobinova, Yaroslavl, 15, Russia
Tel/Fax: +7 (0852) 47-71-70, 47-69-49
+7 (0852) 72-17-28, 72-17-38
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) 2.18.3: ORA-00911: invalid character
Hi all,
Ok digging deeper into the code it appears it's not SqlDb.pm that is the
problem but rather SessSQL.pm:
SessSQL.pm:$self-{DeleteQuery} = delete from RADONLINE where
NASIDENTIFIER='%0' and NASPORT=0%2;
Note the missing tick ' where the zero is 0 above.
Hmm shouldn't this have been caught in the alpha or beta test cycle?
Come on guys.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Colin D. Easton
Sent: Thursday, August 30, 2001 11:45 AM
To: 'Pavel A Crasotin'; Radiator
Subject: RE: (RADIATOR) 2.18.3: ORA-00911: invalid character
I have the same thing. Looks like there's a bug in the Sqldm.pm code
release for Radiator 2.8.3:
lab1.yml# ./radpwtst -user user-name -password password
sending Access-Request...
OK
sending Accounting-Request Start...
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-1: unique constraint
(RADIUS15.RADONLINE_PK) violated (DBD ERROR: OCIStmtExecute) at
/usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 232.
OK
sending Accounting-Request Stop...
OK
Please advise.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Pavel A Crasotin
Sent: Thursday, August 30, 2001 4:28 AM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) 2.18.3: ORA-00911: invalid character
Hi,
I've just installed Radiator 2.18.3.
In the logfile I see ERR message like this:
Thu Aug 30 12:12:37 2001: DEBUG: Handling request with Handler ''
Thu Aug 30 12:12:37 2001: DEBUG: SessDB Adding session for MARGO,
x.x.x.2, 4
Thu Aug 30 12:12:37 2001: DEBUG: do query is: delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2
Thu Aug 30 12:12:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')
Thu Aug 30 12:12:45 2001: ERR: do failed for 'insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')': ORA-1:
unique constraint (RADIUS.RADONLINE_I) violated (DBD ERROR:
OCIStmtExecute)
Can you help me to correct this bug?
With respect,
Pavel A Crasotin
OJSC SeverTransCom
40/13 Sobinova, Yaroslavl, 15, Russia
Tel/Fax: +7 (0852) 47-71-70, 47-69-49
+7 (0852) 72-17-28, 72-17-38
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) 2.18.3: ORA-00911: invalid character
Further localized to SessSQL.pm in
/usr/local/lib/perl5/site_perl/5.005/Radius
and made the mod' as follows (like the 2.8.2 code:
$self-{DeleteQuery} = delete from RADONLINE where
NASIDENTIFIER='%N' and NASPORT=0%{NAS-Port};
But still getting the following 'ERR' message after the change above in
the Radius log:
Thu Aug 30 19:02:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT='%2'': ORA-01722: invalid n
umber (DBD ERROR: OCIStmtExecute)
Thu Aug 30 19:02:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT='%2'': ORA-01722: invalid n
umber (DBD ERROR: OCIStmtExecute)
Thoughts/comments/feedback welcome.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Colin D. Easton
Sent: Thursday, August 30, 2001 11:45 AM
To: 'Pavel A Crasotin'; Radiator
Subject: RE: (RADIATOR) 2.18.3: ORA-00911: invalid character
I have the same thing. Looks like there's a bug in the Sqldm.pm code
release for Radiator 2.8.3:
lab1.yml# ./radpwtst -user user-name -password password
sending Access-Request...
OK
sending Accounting-Request Start...
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-1: unique constraint
(RADIUS15.RADONLINE_PK) violated (DBD ERROR: OCIStmtExecute) at
/usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 232.
OK
sending Accounting-Request Stop...
OK
Please advise.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Pavel A Crasotin
Sent: Thursday, August 30, 2001 4:28 AM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) 2.18.3: ORA-00911: invalid character
Hi,
I've just installed Radiator 2.18.3.
In the logfile I see ERR message like this:
Thu Aug 30 12:12:37 2001: DEBUG: Handling request with Handler ''
Thu Aug 30 12:12:37 2001: DEBUG: SessDB Adding session for MARGO,
x.x.x.2, 4
Thu Aug 30 12:12:37 2001: DEBUG: do query is: delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2
Thu Aug 30 12:12:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')
Thu Aug 30 12:12:45 2001: ERR: do failed for 'insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')': ORA-1:
unique constraint (RADIUS.RADONLINE_I) violated (DBD ERROR:
OCIStmtExecute)
Can you help me to correct this bug?
With respect,
Pavel A Crasotin
OJSC SeverTransCom
40/13 Sobinova, Yaroslavl, 15, Russia
Tel/Fax: +7 (0852) 47-71-70, 47-69-49
+7 (0852) 72-17-28, 72-17-38
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) return of snmpget.
Hello all, While it is recommended to use snmpget with Radiator, it appears I am going to have to use snmpinfo on AIX. What is the output that Radiator is expecting to see? Also, how can I find out what the exact command is that Radiator would send via snmpget and can I change that (for Linux computers that will use snmpget.) Griff Hamlin, III === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) co-locating Radiator
We are planning to move our NAS server to a colocated facility. We are using
Rodopi for billing. I would like to keep the Rodopi box in my office and
setup Radiator at the co-lo facility. However, for reasons of speed I want
the authentication of occur locally.
Below is a snippet from radius.cfg. My plan (unless someone has a better
suggestion) is to have Rodopi ftp a flat users file to my Radiator server at
the co-lo facility. I still need Rodopi to read the data for on-line usage
info. Is it as simple as deleting the first section of AuthByPolicy
ContinueUntilAccept and just leaving AuthBy FILE
Realm cshore.com
# AuthByPolicy ContinueUntilAccept
AcctLogFileName %L/%Y/%m/%d-details
AuthBy RODOPI
DBSourcedbi:Sybase:server=AbacBill
DBUsername rodopi
DBAuth rodopi
/AuthBy
AuthBy FILE
Filename /etc/acctmgr/users
/AuthBy
/Realm
SessionDatabase SQL
DBSource dbi:mysql:Radius
DBUsername Radius
DBAuth KnubbyDo
AddQuery \
insert into Sessions (UserName, NASIdent, NASPort, \
SessionID, TimeStamp, FramedIPAddress, NASPortType, \
ServiceType) values ('%n', '%N', %{NAS-Port}, \
'%{Acct-Session-Id}', %{Timestamp}, '%{Framed-Address}', \
'%{NAS-Port-Type}', '%{Service-Type}')
DeleteQuery \
delete from Sessions where Username='%n' and \
NASIdent='%N' and NASPort=%{NAS-Port}
ClearNasQuery \
delete from Sessions where NASIdent='%N'
CountQuery \
select NASIdent, NASPort, SessionID from Sessions \
where Username='%n'
/SessionDatabase
Andrew P. Kaplan
Network Administrator
CyberShore, Inc.
http://www.cshore.com
I couldn't give him advice in business and he couldn't give me
advice in technology. --Linus Torvalds, about why he wouldn't
be interested in meeting Bill Gates.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) 2.18.3: ORA-00911: invalid character
Hi,
I didn't download the new version... but looking at Pavel's message, what it
seems is that the %0 and %2 arguments have not been replaced by the correct
vaules... in runtime (i.e. when the log is generated), %0 should be replaced
by the NAS-Identifier and %2 with the NAS-Port attributes...
Mike?
It seems I'll wait a couple more days before installing it :-)
El 30 Aug 2001, a las 14:39, Colin D. Easton escribió:
Hi all,
Ok digging deeper into the code it appears it's not SqlDb.pm that is the
problem but rather SessSQL.pm:
SessSQL.pm:$self-{DeleteQuery} = delete from RADONLINE where
NASIDENTIFIER='%0' and NASPORT=0%2;
Note the missing tick ' where the zero is 0 above.
Hmm shouldn't this have been caught in the alpha or beta test cycle?
Come on guys.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Colin D. Easton
Sent: Thursday, August 30, 2001 11:45 AM
To: 'Pavel A Crasotin'; Radiator
Subject: RE: (RADIATOR) 2.18.3: ORA-00911: invalid character
I have the same thing. Looks like there's a bug in the Sqldm.pm code
release for Radiator 2.8.3:
lab1.yml# ./radpwtst -user user-name -password password
sending Access-Request...
OK
sending Accounting-Request Start...
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-1: unique constraint
(RADIUS15.RADONLINE_PK) violated (DBD ERROR: OCIStmtExecute) at
/usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 232.
OK
sending Accounting-Request Stop...
OK
Please advise.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Pavel A Crasotin
Sent: Thursday, August 30, 2001 4:28 AM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) 2.18.3: ORA-00911: invalid character
Hi,
I've just installed Radiator 2.18.3.
In the logfile I see ERR message like this:
Thu Aug 30 12:12:37 2001: DEBUG: Handling request with Handler ''
Thu Aug 30 12:12:37 2001: DEBUG: SessDB Adding session for MARGO,
x.x.x.2, 4
Thu Aug 30 12:12:37 2001: DEBUG: do query is: delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2
Thu Aug 30 12:12:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')
Thu Aug 30 12:12:45 2001: ERR: do failed for 'insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')': ORA-1:
unique constraint (RADIUS.RADONLINE_I) violated (DBD ERROR:
OCIStmtExecute)
Can you help me to correct this bug?
With respect,
Pavel A Crasotin
OJSC SeverTransCom
40/13 Sobinova, Yaroslavl, 15, Russia
Tel/Fax: +7 (0852) 47-71-70, 47-69-49
+7 (0852) 72-17-28, 72-17-38
--
Mariano Absatz
El Baby
--
This isn't an office. It's Hell with fluorescent lighting.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) return of snmpget.
Turn on your debugging level to 4 and you'll see the entire snmpget commandline in the logfile. Of course, to force the command to run, you need to build up a Session DB and have a user exceed their login limit, etc Dave -Original Message- From: Griff Hamlin [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 30, 2001 2:15 PM To: [EMAIL PROTECTED] Subject: (RADIATOR) return of snmpget. Hello all, While it is recommended to use snmpget with Radiator, it appears I am going to have to use snmpinfo on AIX. What is the output that Radiator is expecting to see? Also, how can I find out what the exact command is that Radiator would send via snmpget and can I change that (for Linux computers that will use snmpget.) Griff Hamlin, III === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Is this possible?
Is it possible to write a handler using NAS-Address-Port-List %D/portlist or something to say build a default route for a port (say port 25) to only route to a particular mail server? This would prevent spam via open relays on other servers. Suggestions? === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) SQL configuration
Good Day, I'm having an odd situation here... we were testing with Radiator 2.18.2 Trial version and it was working fine with the configuration below... when we purchased our license the live version was Radiator 2.18.3... with this new version the following configuration does not work.. All I get when doing the perl test on it is: Thu Aug 30 17:34:43 2001: ERR: Attribute number 48943 (vendor 429) is not defined in your dictionary Thu Aug 30 17:34:43 2001: ERR: Attribute number 38999 (vendor 429) is not defined in your dictionary Even though there's not yet any radius packets coming to it. Could anyone tell me what I'm doing wrong (this config is to authenticate packets coming from our main Radius server which is still running a 3com radius product [switching it over once we've run the product on this realm for awhile]).. Thanks, Derek Buttineau Internet Systems Administrator Compu-SOLVE Internet Services -- Foreground LogStdout LogDir /var/log DbDir /usr/local/etc/raddb # You will probably want to change this to suit your site. Client DEFAULT Secret Hum69Mer DupInterval 0 /Client # You can put client details in a database table # and get their details from there with something like this: ClientListSQL DBSourcedbi:mysql:radius DBUsername radius DBAuth **password** /ClientListSQL # This will authenticate users from SUBSCRIBERS Realm DEFAULT AuthBy SQL # Adjust DBSource, DBUsername, DBAuth to suit your DB DBSourcedbi:mysql:radius DBUsername radius DBAuth csrox # You may want to tailor these for your ACCOUNTING table # You can add your own columns to store whatever you like AccountingTable ACCOUNTING AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address # You can arrange to log accounting to a file if the # SQL insert fails with AcctFailedLogFileName # That way you could recover from a broken SQL # server #AcctFailedLogFileName %D/missedaccounting /AuthBy === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Second copy of Accounting Data (was RE: (RADIATOR) Connecting to MS SQL 2000)
Hugh and List, I have resorted to running Radiator locally on the SQL 2000 Server with ActiveState Perl and DBI::ODBC. Works very well! - and not surprisingly the database access is fast :) Our existing Radiator server is running on a linux box and talking to a PostgreSQL database on another machine, but we eventually want to move over to the new server. We have our new database structure in place but to begin the software development cycle it would be really great to have a second copy of all the accounting records flowing into the SQL 2000 database as well as our exisiting PostgreSQL database. Is there anything I can do to the Radiator config on the production machine to get it to forward a copy of all the accounting radius packets to the second server? Cheers, Jamz. -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 29 August 2001 11:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: (RADIATOR) Connecting to MS SQL 2000 Importance: Low Hello Jamz - I personally have had the most success with the free version of Sybase for Linux (www.sybase.com) with DBI:Sybase, and configure the Sybase client to connect to the MSSQL host. Alternatively, you can install a copy of Radiator on W2000k using DBI:ODBC and then proxy from Radiator on the Linux host to Radiator on the W2000k host. hth Hugh On Wednesday 29 August 2001 12:05, [EMAIL PROTECTED] wrote: Hi, We have been using Radiator on Linux for a while now, connecting to a PostgreSQL server and everything has been great. However we are now moving to MS SQL 2000 in line with upsizing of our operations and I was wondering if anyone out there had any recommendation as to how to get Perl DBI connectivity to MS SQL 2000. I have already tried: DBI:MSSQL DBI:Sybase + FreeTDS DBI:ODBC + Merant's Sequallink DBI:ODBC + Openlink And can get none of them to work - however Merant's Sequalink seems the most promising as it says that it can verify the DSN okay, However DBI:ODBC won't use it - says driver manager cant connect and no default driver specified. If we can't get it connected we may have to consider other RADIUS servers, like bundled MS one, but hopefully we can get Radiator talking to the MS SQL before then. Any comments would be appreciated. Regards, Jamz. _ Jamz Boman Internal Systems Developer http://www.airnet.com.au/ Ph: (08) 8168 8068 Ph: (08) 8211 9200 149 Currie Street, Adelaide South Australia 5000 Australia I have as yet to establish a telepathic link to your computer, please wait... -- Andrew Hill on Customer Support Content-Type: text/html; name=Attachment: 1 Content-Transfer-Encoding: quoted-printable Content-Description: -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) 2.18.3 and SessionDatabase SQL
Following reports of a problem with DeleteQuery in SessionDatabase SQL in the new 2.18.3, we have fixed these problems and reissued 2.18.3. If you are affected by this problem, please download a new copy of the 2.18.3 distribution. We apologise for this problem. Cheers. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) expected return from snmpget
Hello, I got some replies, and have checked the goodies directory for assistance, but cannot find exactly what radius is expecting from the snmpget command. Griff Hamlin === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) [Fwd: trouble with Radiator evaluation]
My company, Epoch Internet, is evaluation the Radiator radius server software. We have installed the evaluation version and configured it as a proxy server. It works fine when proxying requests to our Ascend radius server, but doesn't work when proxying requests to a server that belongs to one of our customers (I don't know which radius server software they use). Below is the portion of the trace 4 log that shows the test (using radpwtst on localhost). As you can see from the log, a response is returned to the proxy and parsed, but that response is for some reason not accepted. Any idea why? Thu Aug 30 13:47:23 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 3449 Code: Access-Request Identifier: 203 Authentic: 1234567890123456 Attributes: User-Name = HLC/FCC/grtools Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 Called-Station-Id = 123456789 Calling-Station-Id = 987654321 NAS-Port-Type = Async User-Password = 17611233K131+724824190185171188230 Thu Aug 30 13:47:23 2001: DEBUG: Check if Handler User-Name = /^HLC\/FCC\/grtools/i should be used to handle this request Thu Aug 30 13:47:23 2001: DEBUG: Handling request with Handler 'User-Name = /^HLC\/FCC\/grtools/i' Thu Aug 30 13:47:23 2001: DEBUG: Deleting session for HLC/FCC/grtools, 203.63.154.1, 1234 Thu Aug 30 13:47:23 2001: DEBUG: Handling with Radius::AuthRADIUS Thu Aug 30 13:47:23 2001: DEBUG: Packet dump: *** Sending to 216.133.92.135 port 1647 Code: Access-Request Identifier: 1 Authentic: 1234567890123456 Attributes: User-Name = HLC/FCC/grtools Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 Called-Station-Id = 123456789 Calling-Station-Id = 987654321 NAS-Port-Type = Async User-Password = t182E207199R231132:IO7176229?22 Thu Aug 30 13:47:23 2001: DEBUG: Packet dump: *** Received from 216.133.92.135 port 1647 Code: Access-Accept Identifier: 1 Authentic: 20419Y2260178j205191183-149195175:[ Attributes: Service-Type = Framed-User Framed-Protocol = PPP Thu Aug 30 13:47:23 2001: WARNING: Unknown reply received in AuthRADIUS for request 1 from 216.133.92.135:1647 Thu Aug 30 13:47:28 2001: DEBUG: Timed out, retransmitting
(RADIATOR) Re: Fwd: Cisco-NAS-Port
Hello Andy - I have problem with identifing channel on BRI interface. If I set radius-server attribute nas-port format x, where x is a,b,c or d I get Cisco-NAS-Port in format BRI X/Y/Z, but I need channel info or some information to identify unique voice channel. Could you help me please? I would have thought that the combination of Cisco-NAS-Port and the Service-Type attribute would give you the information you need, however I am not an expert on Cisco voice features. I have posted this message to the Radiator mailing list, as someone else may have a better idea. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) SQL configuration
Hello Derek - Could you please send me a trace 4 debug from Radiator showing everything from startup onwards. thanks Hugh On Friday 31 August 2001 07:47, Derek Buttineau wrote: Good Day, I'm having an odd situation here... we were testing with Radiator 2.18.2 Trial version and it was working fine with the configuration below... when we purchased our license the live version was Radiator 2.18.3... with this new version the following configuration does not work.. All I get when doing the perl test on it is: Thu Aug 30 17:34:43 2001: ERR: Attribute number 48943 (vendor 429) is not defined in your dictionary Thu Aug 30 17:34:43 2001: ERR: Attribute number 38999 (vendor 429) is not defined in your dictionary Even though there's not yet any radius packets coming to it. Could anyone tell me what I'm doing wrong (this config is to authenticate packets coming from our main Radius server which is still running a 3com radius product [switching it over once we've run the product on this realm for awhile]).. Thanks, Derek Buttineau Internet Systems Administrator Compu-SOLVE Internet Services -- Foreground LogStdout LogDir /var/log DbDir /usr/local/etc/raddb # You will probably want to change this to suit your site. Client DEFAULT Secret Hum69Mer DupInterval 0 /Client # You can put client details in a database table # and get their details from there with something like this: ClientListSQL DBSourcedbi:mysql:radius DBUsername radius DBAuth **password** /ClientListSQL # This will authenticate users from SUBSCRIBERS Realm DEFAULT AuthBy SQL # Adjust DBSource, DBUsername, DBAuth to suit your DB DBSourcedbi:mysql:radius DBUsername radius DBAuth csrox # You may want to tailor these for your ACCOUNTING table # You can add your own columns to store whatever you like AccountingTable ACCOUNTING AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address # You can arrange to log accounting to a file if the # SQL insert fails with AcctFailedLogFileName # That way you could recover from a broken SQL # server #AcctFailedLogFileName %D/missedaccounting /AuthBy === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Is this possible?
Hello Todd - In general it is much easier to configure filters on your NAS(s) and/or routers. However, it is possible to send filter definitions in radius replies, but you will have to check with your NAS vendor exactly how to specify them. BTW - there are a few examples in the file called users in the Radiator distribution. hth Hugh On Friday 31 August 2001 07:29, Todd Dokey wrote: Is it possible to write a handler using NAS-Address-Port-List %D/portlist or something to say build a default route for a port (say port 25) to only route to a particular mail server? This would prevent spam via open relays on other servers. Suggestions? === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) co-locating Radiator
Hello Andrew -
Yes. You will need to either comment out the AuthBy RODOPI clause or just
remove it entirely.
regards
Hugh
On Friday 31 August 2001 05:15, Andrew Kaplan wrote:
We are planning to move our NAS server to a colocated facility. We are
using Rodopi for billing. I would like to keep the Rodopi box in my office
and setup Radiator at the co-lo facility. However, for reasons of speed I
want the authentication of occur locally.
Below is a snippet from radius.cfg. My plan (unless someone has a better
suggestion) is to have Rodopi ftp a flat users file to my Radiator server
at the co-lo facility. I still need Rodopi to read the data for on-line
usage info. Is it as simple as deleting the first section of AuthByPolicy
ContinueUntilAccept and just leaving AuthBy FILE
Realm cshore.com
# AuthByPolicy ContinueUntilAccept
AcctLogFileName %L/%Y/%m/%d-details
AuthBy RODOPI
DBSourcedbi:Sybase:server=AbacBill
DBUsername rodopi
DBAuth rodopi
/AuthBy
AuthBy FILE
Filename /etc/acctmgr/users
/AuthBy
/Realm
SessionDatabase SQL
DBSource dbi:mysql:Radius
DBUsername Radius
DBAuth KnubbyDo
AddQuery \
insert into Sessions (UserName, NASIdent, NASPort, \
SessionID, TimeStamp, FramedIPAddress, NASPortType, \
ServiceType) values ('%n', '%N', %{NAS-Port}, \
'%{Acct-Session-Id}', %{Timestamp}, '%{Framed-Address}', \
'%{NAS-Port-Type}', '%{Service-Type}')
DeleteQuery \
delete from Sessions where Username='%n' and \
NASIdent='%N' and NASPort=%{NAS-Port}
ClearNasQuery \
delete from Sessions where NASIdent='%N'
CountQuery \
select NASIdent, NASPort, SessionID from Sessions \
where Username='%n'
/SessionDatabase
Andrew P. Kaplan
Network Administrator
CyberShore, Inc.
http://www.cshore.com
I couldn't give him advice in business and he couldn't give me
advice in technology. --Linus Torvalds, about why he wouldn't
be interested in meeting Bill Gates.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: Re: (RADIATOR) SimultaneousUse
Hello 'Tunde - Thanks for the configuration file, however I will also need to see a trace 4 debug from Radiator showing the problem. thanks Hugh On Friday 31 August 2001 02:22, 'Tunde Ogedengbe wrote: Hugh: See conf below: (radius.cfg) Foreground LogStdout Trace 3 PidFile /usr/local/etc/raddb/radiusd.pid AuthPort 1645 AcctPort 1646 LogDir /usr/local/etc/raddb DbDir /usr/local/etc/raddb LogFile %L/logfile.%Y.%m.%d DictionaryFile %D/dictionary SnmpgetProg /usr/bin/snmpget Client X.X.X.X Secret IgnoreAcctSignature /Client Realm DEFAULT AcctLogFileName %L/detail.%Y.%m.%d RejectHasReason AuthBy FILE Identifier Check-FILE Filename %D/users DefaultSimultaneousUse 1 /AuthBy AuthBy UNIX Identifier Check-UNIX Filename/etc/shadow DefaultSimultaneousUse 1 /AuthBy /Realm 'Tunde Ogedengbe ORIGINAL MESSAGE BELOW Hello Camilo, Hello 'Tunde - In general, problems with simultaneous use are usually due to dropped accounting packets (sometimes congested links, sometimes NAS bugs, sometimes configuration problems with Radiator). I am happy to assist with any problems, but I need to see what is going on. Please send me a copy of the configuration file (no secrets) together with a trace 4 debug from Radiator showing the problem. It would also be helpful if you could provide some description of what you are trying to accomplish. thanks Hugh On Thursday 30 August 2001 01:04, Camilo Fernando Corena G. wrote: I have the same problem. Someone can help us??? 'Tunde Ogedengbe wrote: Hello: We are having problems with this attribute. In some of our installations, the attribute does not work at all and so no restriction is enforced. On another installation, it works but with severe problems. For instance customers with an attribute of 1 who previously connected to our system and later disconnected are having problems reconnecting. This has resulted in a serious problem in which a significant percentage of connection problems were related to the SimultaneousUse attribute. What we have done in the interim is to set the attribute to 3. How can we resolve this problem? 'Tunde Ogedengbe Linkserve Limited 22 Akin Adesola Street Victoria Island Lagos - Nigeria Tel: +234 1 2623900 Fax: +234 1 2623906 URL: http://www.linkserve.net - Original Message - From: Hugh Irvine [EMAIL PROTECTED] To: lloyd [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, August 29, 2001 8:48 AM Subject: (RADIATOR) Re: two authby clauses Hello Lloyd - What exactly are you trying to do? thanks Hugh On Wednesday 29 August 2001 14:28, lloyd wrote: hi, how do i configure radiator in such a way that before it proxy's to another radius server, it checks for the Called-Station-Id in say a flat file or a database? will this work (file based with only one field: telephonenumbers). AuthBy FILE Identifier calledstationid FileName %d/Called-Station-ID /AuthBy AuthBy RADIUS Identifier radiusproxy Host ***.***.***.*** Secret ** AuthPort AcctPort /AuthBy Realm AuthByPolicy ContinueAlways AuthBy calledstationid AuthBy radiusproxy /Realm Lloyd Dagoc InterDotNet Philippines Inc. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) 2.18.3: ORA-00911: invalid character
Hello Colin, Hello All -
As mentioned in another email, there is a bug in the Radiator 2.18.3
distribution which will be fixed later today.
The bug is not the definition of the the query shown below, rather it is the
call to format_special() later in the code that does not pass the correct
arguments to expand %0 and %1.
Our apologies to everyone who has had a problem.
regards
Hugh
On Friday 31 August 2001 05:09, Colin D. Easton wrote:
Further localized to SessSQL.pm in
/usr/local/lib/perl5/site_perl/5.005/Radius
and made the mod' as follows (like the 2.8.2 code:
$self-{DeleteQuery} = delete from RADONLINE where
NASIDENTIFIER='%N' and NASPORT=0%{NAS-Port};
But still getting the following 'ERR' message after the change above in
the Radius log:
Thu Aug 30 19:02:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT='%2'': ORA-01722: invalid n
umber (DBD ERROR: OCIStmtExecute)
Thu Aug 30 19:02:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT='%2'': ORA-01722: invalid n
umber (DBD ERROR: OCIStmtExecute)
Thoughts/comments/feedback welcome.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Colin D. Easton
Sent: Thursday, August 30, 2001 11:45 AM
To: 'Pavel A Crasotin'; Radiator
Subject: RE: (RADIATOR) 2.18.3: ORA-00911: invalid character
I have the same thing. Looks like there's a bug in the Sqldm.pm code
release for Radiator 2.8.3:
lab1.yml# ./radpwtst -user user-name -password password
sending Access-Request...
OK
sending Accounting-Request Start...
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-00911: invalid character (DBD ERROR:
OCIStmtExecute) at /usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm
line 232.
DBD::Oracle::db do failed: ORA-1: unique constraint
(RADIUS15.RADONLINE_PK) violated (DBD ERROR: OCIStmtExecute) at
/usr/local/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 232.
OK
sending Accounting-Request Stop...
OK
Please advise.
Colin
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Pavel A Crasotin
Sent: Thursday, August 30, 2001 4:28 AM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) 2.18.3: ORA-00911: invalid character
Hi,
I've just installed Radiator 2.18.3.
In the logfile I see ERR message like this:
Thu Aug 30 12:12:37 2001: DEBUG: Handling request with Handler ''
Thu Aug 30 12:12:37 2001: DEBUG: SessDB Adding session for MARGO,
x.x.x.2, 4
Thu Aug 30 12:12:37 2001: DEBUG: do query is: delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2
Thu Aug 30 12:12:37 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: ERR: do failed for 'delete from RADONLINE
where NASIDENTIFIER='%0' and NASPORT=0%2': ORA-00911: invalid character
(DBD ERROR: OCIStmtExecute)
Thu Aug 30 12:12:43 2001: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')
Thu Aug 30 12:12:45 2001: ERR: do failed for 'insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE,SERVICETYPE) values ('MARGO', 'x.x.x.2',
04, '11C9', 999159157, '', 'Async', 'Framed-User')': ORA-1:
unique constraint (RADIUS.RADONLINE_I) violated (DBD ERROR:
OCIStmtExecute)
Can you help me to correct this bug?
With respect,
Pavel A Crasotin
OJSC SeverTransCom
40/13 Sobinova, Yaroslavl, 15, Russia
Tel/Fax: +7 (0852) 47-71-70, 47-69-49
+7 (0852) 72-17-28, 72-17-38
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]'
Re: (RADIATOR) return of snmpget.
Hello Griff - I would strongly encourage you to download the source for the correct package and compile it on your box. Otherwise you will have to rewirte the code in SNMP.pm (at least) and it will be extremely messy. In most cases compiling is as simple as # cd ucd-snmp-4.2.1 # ./configure # make You will find the latest source code here: http://net-snmp.sourceforge.net regards Hugh On Friday 31 August 2001 04:15, Griff Hamlin wrote: Hello all, While it is recommended to use snmpget with Radiator, it appears I am going to have to use snmpinfo on AIX. What is the output that Radiator is expecting to see? Also, how can I find out what the exact command is that Radiator would send via snmpget and can I change that (for Linux computers that will use snmpget.) Griff Hamlin, III === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) SimultaneousUse
Hello Camilo - Thanks for sending the configuration file, however I will need to see a trace 4 debug from Radiator showing the problem. BTW - I don't think your configuration file is correct, so perhaps you could also send me a description of what you are wanting Radiator to do? thanks Hugh On Friday 31 August 2001 01:31, Camilo Fernando Corena G. wrote: Hi Hugh, I´m using XtRadius and we have a Cisco AS5300. My radius.cfg file is: = # radius.cfg LogStdout Trace 4 AuthPort 1812 AcctPort 1813 LogFile /var/log/radius/radius.log DictionaryFile /usr/local/radiator/dictionary DictionaryFile /usr/local/radiator/dictionary.cisco Client *** Secret *** /Client Client *** Secret *** /Client Client DEFAULT Secret *** DupInterval 0 StatusServerShowClientDetails /Client Realm DEFAULT RewriteUsername s/^([^@]+).*/$1/ RewriteUsername tr/[A-Z]/[a-z]/ MaxSessions 1 AcctLogFileName /var/log/radius/detail PasswordLogFileName /var/log/radius/password-radius.log RejectHasReason AuthBy FILE Filename /etc/radiator/users UseAddressHint AddToReply Reply-Message=hello AddToReplyIfNotExist Ascend-Data-Filter=ip in forward tcp est DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP DefaultSimultaneousUse 1 /AuthBy /Realm Realm unix.realm RewriteUsername s/^([^@]+).*/$1/ RewriteUsername tr/A-Z/a-z RewriteUsername s/\s+//g AuthBy UNIX Filename /etc/passwd GroupFilename /etc/group DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP /AuthBy /Realm Realm system.realm RewriteUsername s/^([^@]+).*/$1/ AuthBy SYSTEM Identifier System1 /AuthBy /Realm = Thanks, Camilo C. Hugh Irvine wrote: Hello Camilo, Hello 'Tunde - In general, problems with simultaneous use are usually due to dropped accounting packets (sometimes congested links, sometimes NAS bugs, sometimes configuration problems with Radiator). I am happy to assist with any problems, but I need to see what is going on. Please send me a copy of the configuration file (no secrets) together with a trace 4 debug from Radiator showing the problem. It would also be helpful if you could provide some description of what you are trying to accomplish. thanks Hugh On Thursday 30 August 2001 01:04, Camilo Fernando Corena G. wrote: I have the same problem. Someone can help us??? 'Tunde Ogedengbe wrote: Hello: We are having problems with this attribute. In some of our installations, the attribute does not work at all and so no restriction is enforced. On another installation, it works but with severe problems. For instance customers with an attribute of 1 who previously connected to our system and later disconnected are having problems reconnecting. This has resulted in a serious problem in which a significant percentage of connection problems were related to the SimultaneousUse attribute. What we have done in the interim is to set the attribute to 3. How can we resolve this problem? 'Tunde Ogedengbe Linkserve Limited 22 Akin Adesola Street Victoria Island Lagos - Nigeria Tel: +234 1 2623900 Fax: +234 1 2623906 URL: http://www.linkserve.net - Original Message - From: Hugh Irvine [EMAIL PROTECTED] To: lloyd [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, August 29, 2001 8:48 AM Subject: (RADIATOR) Re: two authby clauses Hello Lloyd - What exactly are you trying to do? thanks Hugh On Wednesday 29 August 2001 14:28, lloyd wrote: hi, how do i configure radiator in such a way that before it proxy's to another radius server, it checks for the Called-Station-Id in say a flat file or a database? will this work (file based with only one field: telephonenumbers). AuthBy FILE Identifier calledstationid FileName %d/Called-Station-ID /AuthBy AuthBy RADIUS Identifier radiusproxy Host ***.***.***.*** Secret ** AuthPort AcctPort /AuthBy Realm AuthByPolicy ContinueAlways AuthBy calledstationid AuthBy radiusproxy /Realm Lloyd Dagoc InterDotNet Philippines Inc. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with
Re: (RADIATOR) Ascend SNMP Problems
Hello Leon - Could you please send me the complete configuration file (no secrets)? thanks Hugh On Friday 31 August 2001 00:23, Leon Oosterwijk wrote: Hugh, Returning to the Logfile: Mon Aug 27 11:53:11 2001: DEBUG: Checking if user is still online: AscendSNMP, lydia, 207.65.70.7, 842, 326199869 Mon Aug 27 11:53:11 2001: DEBUG: Running command `/usr/bin/snmpget 207.65.70.7 community .iso.org.dod.internet.private.enterprises.326199869 Mon Aug 27 11:53:11 2001: NOTICE: sessiondb Session for lydia at 207.65.70.7:842 has gone away Mon Aug 27 11:53:11 2001: DEBUG: sessiondb Deleting session for lydia, 207.65.70.7, 842 Mon Aug 27 11:53:11 2001: DEBUG: do query is: delete from RADONLINE where USERNAME='[EMAIL PROTECTED]' and NASIDENTIFIER='207.65.70.7' As you can see the function AscendSNMP gets called with the re-written username. If this is incorrect Please enlighten me why the log files show the wrong message. :) Leon -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 29, 2001 7:22 PM To: Leon Oosterwijk; '[EMAIL PROTECTED]' Subject: Re: (RADIATOR) Ascend SNMP Problems Hello Leon - Radiator will always use the original username as received in the request for checking the NAS. However I note in your configuration below that you should probably (correct me if I'm wrong) change the CountQuery to count the rewritten usernames: CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from \ RADONLINE where RRUSERNAME='%U' hth Hugh === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Could not connect to SQL database with DBI-connectCould not connect to any SQL database. Request is ignored
Hello Leon - I will need to see a copy of your configuration file (no secrets) together with a trace 4 debug from Radiator showing what is happening. I will also need to know what hardware/software platform you are running on and what version of Radiator and what version of Perl. thanks Hugh On Friday 31 August 2001 00:46, Leon wrote: Hi: I got the subjected problem many times, it happens when radiator dies and is restarted. But after restart it a couple of times, it then goes to SQL and will work for a while. Has anybody ever had the same problem? I'm not sure if it's the problem of perl and DBI, or on the radiator side. Any hints will be appreciated. Leon Sys Admin. World Trade Network, Inc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Pseudo-Request-Source ?
Thanks Hugh. I was not able to find that attribute in standard dictionary file. May be it is vendor specific. Daniel Jung System Administrator GMO inc On Thu, 30 Aug 2001, Hugh Irvine wrote: Hello Daniel - I can't find any attribute like that. You can tell whether the requests were proxied by checking which Client clause received the request, either in a Handler, or in a user definition. hth Hugh On Wednesday 29 August 2001 23:55, daniel wrote: Hi all, Does anyone know Pseudo-Request-Source Attribute mean ? As I heard it, it is the source IP where packets were sent from. Is there a way for me to tell whether packets received were proxied or not in the access-request ? Thanks for your help. Daniel Jung System Administrator GMO inc === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: Second copy of Accounting Data (was RE: (RADIATOR) Connecting to MS SQL 2000)
Thanks Hugh - after some stuffing around with new date formats, this works very well! -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Friday, 31 August 2001 9:27 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Second copy of Accounting Data (was RE: (RADIATOR) Connecting to MS SQL 2000) Importance: Low Hello Jamz - This is very easy to do simply by adding a second AuthBy clause. # define AuthBy RADIUS AuthBy RADIUS Identifier ForwardAccountingOnly Host . Secret . NoForwardAuthentication . /AuthBy AuthBy SQL Identifier YourNormalAuthBy .. /AuthBy ... # define Realm(s) or Handler(s) Realm . AuthByPolicy ContinueAlways AuthBy ForwardAccountingOnly AuthBy YourNormalAuthBy /Realm hth Hugh On Friday 31 August 2001 09:11, [EMAIL PROTECTED] wrote: Hugh and List, I have resorted to running Radiator locally on the SQL 2000 Server with ActiveState Perl and DBI::ODBC. Works very well! - and not surprisingly the database access is fast :) Our existing Radiator server is running on a linux box and talking to a PostgreSQL database on another machine, but we eventually want to move over to the new server. We have our new database structure in place but to begin the software development cycle it would be really great to have a second copy of all the accounting records flowing into the SQL 2000 database as well as our exisiting PostgreSQL database. Is there anything I can do to the Radiator config on the production machine to get it to forward a copy of all the accounting radius packets to the second server? Cheers, Jamz. -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 29 August 2001 11:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: (RADIATOR) Connecting to MS SQL 2000 Importance: Low Hello Jamz - I personally have had the most success with the free version of Sybase for Linux (www.sybase.com) with DBI:Sybase, and configure the Sybase client to connect to the MSSQL host. Alternatively, you can install a copy of Radiator on W2000k using DBI:ODBC and then proxy from Radiator on the Linux host to Radiator on the W2000k host. hth Hugh On Wednesday 29 August 2001 12:05, [EMAIL PROTECTED] wrote: Hi, We have been using Radiator on Linux for a while now, connecting to a PostgreSQL server and everything has been great. However we are now moving to MS SQL 2000 in line with upsizing of our operations and I was wondering if anyone out there had any recommendation as to how to get Perl DBI connectivity to MS SQL 2000. I have already tried: DBI:MSSQL DBI:Sybase + FreeTDS DBI:ODBC + Merant's Sequallink DBI:ODBC + Openlink And can get none of them to work - however Merant's Sequalink seems the most promising as it says that it can verify the DSN okay, However DBI:ODBC won't use it - says driver manager cant connect and no default driver specified. If we can't get it connected we may have to consider other RADIUS servers, like bundled MS one, but hopefully we can get Radiator talking to the MS SQL before then. Any comments would be appreciated. Regards, Jamz. _ Jamz Boman Internal Systems Developer http://www.airnet.com.au/ Ph: (08) 8168 8068 Ph: (08) 8211 9200 149 Currie Street, Adelaide South Australia 5000 Australia I have as yet to establish a telepathic link to your computer, please wait... -- Andrew Hill on Customer Support Content-Type: text/html; name=Attachment: 1 Content-Transfer-Encoding: quoted-printable Content-Description: -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To
