(RADIATOR) Dyn ip addresses and static ip address
Hi, We want to set up a radius server with dyn. addresses and static ones (for bSMTP customers). The static IP adresses ware in our LDAP database (ipaddress=xxx.xxx.xxx.xxx) Can I combile these two configurations into one radius configuration? -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH-Noknok - RIPE: AS9133 http://www.wish.nl - tel: +31(0)205358535 - fax. +31(0)208762628 PGP key ID 88E5D96A - Sr. IT Engineer / Web Designer / B.O.F.H. Excuse of the day: A plumber is needed, the network drain is clogged === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) active session mrtg
No, I mean how many users are logged in On Wed, Jan 03, 2001 at 08:21:28AM +1100, Hugh Irvine wrote: Hello Robin - On Wednesday 03 January 2001 07:25, Robin Gruyters wrote: Hi, Isit possible to get active session trough SNMP? Because I want to create stats with MRTG. (maybe someone here has already done this?!) http://www.open.com.au/radiator/faq.html#50 hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH-Noknok - RIPE: AS9133 http://www.wish.nl - tel: +31(0)205358535 - fax. +31(0)208762628 PGP key ID 88E5D96A - Sr. IT Engineer / Web Designer / B.O.F.H. Excuse of the day: Well fix that in the next (upgrade, update, patch release, service pack). === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) active session mrtg
Hi, Isit possible to get active session trough SNMP? Because I want to create stats with MRTG. (maybe someone here has already done this?!) -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH-Noknok - RIPE: AS9133 http://www.wish.nl - tel: +31(0)205358535 - fax. +31(0)208762628 PGP key ID 88E5D96A - Sr. IT Engineer / Web Designer / B.O.F.H. Excuse of the day: Change in Earth's rotational speed === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) dictionary.acc
Tue Dec 5 11:03:54 2000: WARNING: There is no attribute named Acc-Dialout-AuthMode in file '/usr/local/etc/raddb/dictionary.acc' be fore line 519 Ignored -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH-Noknok - nic-hdl: RG3771-RIPE http://www.wish.nl - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID 88E5D96A - Manager Engineering / Web Designer / B.O.F.H. BOFH excuse: radiosity depletion === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) authby dynaddress and authby radius
Hi, Isit possible to use authby radius and authby dynadress together? -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.nl - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Manager Engineering / Web Designer / B.O.F.H. BOFH excuse: We are currently trying a new concept of using a live mouse. Unfortuantely, one has yet to survive being hooked up to the computer.please bear with us. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) AuthBy Radius
ed-Compression = Van-Jacobson-TCP-IP Ascend-Client-Primary-DNS = 212.123.129.79 Ascend-Client-Secondary-DNS = 212.123.128.16 Thu Aug 24 18:48:04 2000: ERR: sendTo: send failed: No route to host ** END ** What u can see above is that normally i'll recieve packages from 10.1.0.12 but if I restart the radius proxy, then i'll recieve auth. packages from 212.123.129.70!!! Is this a known problem or this new problem. -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.nl - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Boss' kid fucked up the machine === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Check Attribute in LDAP
I've tried this but my radius doesn't reconice this option (SearchFilter)
On Fri, Aug 11, 2000 at 09:37:12AM -0400, Felicetti, Stephen A. wrote:
This is basically the same thing that I'm doing, and have described in
detail in a previous message to the list.
The search filter would be something like this. Don't quote me, as there may
be differences in the syntax used for seaching your LDAP directory. Check
the previous messages for the link to the RFC.
SearchFilter ((uid=%{User-Name})(accountstatus=1))
-Original Message-
From: Robin Gruyters [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 11, 2000 6:16 AM
To: Felicetti, Stephen A.
Cc: [EMAIL PROTECTED]
Subject: Re: (RADIATOR) Check Attribute in LDAP
Ok, what I want todo is check a attribute that is in the LDAP server
(accountstatus). If a user tries to dail-in then the radius server has to
check
his username, password and if the accountstatus = 1. If the attributed
doesn't
exists or is '0' this the user must be Rejected.
On Thu, Aug 10, 2000 at 09:07:05AM -0400, Felicetti, Stephen A. wrote:
Robin,
I'm sorry, but I really don't understand what you are trying to do.
I laid out a couple scenerios that use additional LDAP attributes
(besides
username/password) during the authentication process. If these choices are
not right for your environment, then I guess I misunderstood your problem.
If you can provide more detail, step by step, on what you want to happen,
I'm sure there's a solution out there for you.
-Steve
-Original Message-
From: Robin Gruyters [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 10, 2000 5:37 AM
To: Felicetti, Stephen A.
Cc: [EMAIL PROTECTED]
Subject: Re: (RADIATOR) Check Attribute in LDAP
Ok,
what i want to do is aan Auth. on the LDAP on a different Attribute. Maybe
this
is possible with a PreAuthHook, but I don't know realy how todo this.
Or isit possible to add a attribute to the Request?
--
Regards,
Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE
http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628
PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H.
BOFH excuse: Zombie processes haunting the computer
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
--
Regards,
Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE
http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628
PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H.
BOFH excuse: Typo in the code
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
--
Regards,
Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE
http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628
PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H.
BOFH excuse: Jupiter is aligned with Mars.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Check Attribute in LDAP
Ok, what I want todo is check a attribute that is in the LDAP server (accountstatus). If a user tries to dail-in then the radius server has to check his username, password and if the accountstatus = 1. If the attributed doesn't exists or is '0' this the user must be Rejected. On Thu, Aug 10, 2000 at 09:07:05AM -0400, Felicetti, Stephen A. wrote: Robin, I'm sorry, but I really don't understand what you are trying to do. I laid out a couple scenerios that use additional LDAP attributes (besides username/password) during the authentication process. If these choices are not right for your environment, then I guess I misunderstood your problem. If you can provide more detail, step by step, on what you want to happen, I'm sure there's a solution out there for you. -Steve -Original Message- From: Robin Gruyters [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 10, 2000 5:37 AM To: Felicetti, Stephen A. Cc: [EMAIL PROTECTED] Subject: Re: (RADIATOR) Check Attribute in LDAP Ok, what i want to do is aan Auth. on the LDAP on a different Attribute. Maybe this is possible with a PreAuthHook, but I don't know realy how todo this. Or isit possible to add a attribute to the Request? -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Zombie processes haunting the computer === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Typo in the code === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Check Attribute in LDAP
HI, Just one question. Is it possible to check an attribute like: if "AccountStatus" exists on the LDAP do Access-Type=Reject So no ocheck on attribute from the NAS, only on de LDAP. -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Incorrect time syncronization === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) LDAP with MIMEBASE64 and MD5
hi,
Because we use in our LDAP for password md5 with MIME64
(userpassword={MD5}qP0OV/oViFka8YbFMWEWeg==)
We had to make some changes in the Radius.pm file. Here is a patch:
--- Radius.pm Tue Jun 13 10:25:10 2000
+++ Radiusmd5.pmTue Jun 13 10:26:12 2000
@@ -708,6 +708,18 @@
# via Apache::AuthenRadius or similar
$result = check_digest_password($user, $submitted_pw, $pw);
}
+elsif ($pw =~ /^{MD5}/)
+{
+require MIME::Base64;
+require Digest::MD5;
+my $context = new MD5;
+$context-reset();
+$context-add("$submitted_pw");
+
+my $tmppw = "{MD5}" . MIME::Base64::encode_base64($context-digest());
+chomp($tmppw);
+$result = ($tmppw eq $pw);
+}
else
{
# Just ordinary old plaintext, look for an exact match
--
Regards,
Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE
http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628
PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H.
BOFH excuse: Telecommunications is downshifting.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Ignoring RADIUS
Hi, Question, isit possible to send with this info message the Identifier?! (see below) Tue Jun 13 12:08:56 2000: INFO: AuthRADIUS: No reply after 3 retransmissions to 1646 for carolijn (116) Tue Jun 13 12:08:56 2000: INFO: AuthRADIUS: No response from any RADIUS hosts. Ignoring -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: bad ether in the cables === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: [(RADIATOR) Multithreaded radiator.]
On Mon, Jun 12, 2000 at 01:03:41PM -0400, Dave Kitabjian wrote: Thanks, all, for your suggestions. This looks like it will be exactly what we need. Only problem is, I can't get it to work. The only difference I see is that we are using ports 1812/1813, not 1645/1646. I changed my config file to: AuthPort1812 AcctPort Then I HUPped radiator. According to the logfile, it did, indeed, appear to ignore accounting requests. However, it showed the following in the log file right after the HUP: Mon Jun 12 12:47:43 2000: WARNING: Unknown service name Furthermore, when I attempt to start a second instance of Radiator with: AuthPort AcctPort1813 it fails to start with a message: # perl /usr/bin/radiusd -config_file /usr/nc_acct.cfg Could not bind accounting socket: Address already in use at /usr/bin/radiusd line 386. Can someone offer further assistance? This IS supposed to work on the same server, correct? Do I need to wait a while for the Accounting port to free up? Thanks. Dave What i had found out is that you can't HUP it. you have to kill the process to get the correct port binds working... (kill -9 pid of old radius program /usr/bin/radiusd -config_file /usr/nc_acct.cfg) -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Failure to adjust for daylight savings time. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Accounting with MySQL
Hi, Got a question, I see that with SQL accounting the date and time is not saved in the SQL database. Why?!? And isit possible to add this? -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Me no internet, only janitor, me just wax floors. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Accounting
Hi, Got a question, i got a problem with the accounting to SQL. Not a problem to log to the SQL server but with the dictionaries. We use two different companies for dail-in, one company uses the Nortel (dictionary) and the otherone the USR (dictionary.usr). First i've set it up for the Nortel, ok works fine! *great* But now I want the USR also log to the same machine on the same SQL system. But is i'm trying to start it, I get error messages like: Thu Jun 8 12:52:12 2000: ERR: Attribute number 39000 (vendor 429) is not defined in your dictionary Thu Jun 8 12:52:12 2000: ERR: Attribute number 39001 (vendor 429) is not defined in your dictionary Thu Jun 8 12:52:12 2000: ERR: Attribute number 39051 (vendor 429) is not defined in your dictionary Thu Jun 8 12:52:12 2000: ERR: Attribute number 38998 (vendor 429) is not defined in your dictionary Why does the Accounting need the dictionary? -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: monitor resolution too high === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Accounting
On Thu, Jun 08, 2000 at 10:04:06AM -0400, Dave Kitabjian wrote: Hey Robin, It needs the dictionary b/c the attributes and "values" come numerically from Radiator: #1 = #2 So to be friendly, Radiator looks them up in the dictionary and logs the "friendly" values in the detail (accounting) file instead of the number: Framed-Protocol = PPP Dave Ok, but isit possible to use two dictionaries? -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Electrons on a bender === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
[hugh@open.com.au: Re: (RADIATOR) Multithreaded radiator.]
Does someone have a example for splitting the auth. and the accounting? - Forwarded message from Hugh Irvine [EMAIL PROTECTED] - Delivered-To: [EMAIL PROTECTED] Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id IAA02376 (8.8.8/IDA-1.7 for [EMAIL PROTECTED]); Fri, 24 Mar 2000 08:48:08 +1100 (EST) From: Hugh Irvine [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Organization: Open System Consultants To: Paul van der Zwan [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: (RADIATOR) Multithreaded radiator. Date: Fri, 24 Mar 2000 08:35:21 +1100 X-Mailer: KMail [version 1.0.28] In-Reply-To: [EMAIL PROTECTED] Precedence: bulk Hello Paul - On Fri, 24 Mar 2000, Paul van der Zwan wrote: Is there any chance of a multi-threaded Radiator ?? We are running into performance issues without running out of CPU cycles . Multi-threading might give us some more performance out of the same boxes. Its not so much about Radiator as it is about Perl and the various Perl modules that Radiator uses. However, there are some things you can do to improve at least perceived performance: 1. Configure two copies of Radiator - one listening only on the authentication port and only doing authentication, and the other listening only on the accounting port and only doing accounting. This makes the authentication much more responsive and lets accounting take as much time as it needs. 2. Add additional machines to do some preprocessing - if you are doing lots of proxy requests, you can add a machine in front of your local machine to handle all the proxy requests (and of course proxy your local requests to the local machine). 3. Add multiple parallel Radiator hosts, configured identically, and put a UDP redirector in front of them to spread the load. 4. Refer to section 23 in the Radiator 2.15 reference manual for more suggestions. hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. - End forwarded message - -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Virus due to computers having unsafe sex. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) NoReplyHook
Hi,
I get a stange error when I try to use NoReplyHook.
Jun 5 11:52:50 dns3 Forwarded from emout2: /usr/bin/radiusd[94772]: Error in
NoReplyHook(): Can't call method "add_attr" on an undefined value at
Radius/AuthGeneric.pm line 1157.
Below you find our configuration.
AuthPort 1645
AcctPort 1646
BindAddress removed
LogDir /var/log/radiusd
DbDir /usr/local/etc/raddb
LogFile %L/%d%m%Y-proxy-vtel.log
PidFile /var/run/proxy.pid
DictionaryFile %D/dictionary
Trace 3
Client 212.48.47.15
Secret removed
/Client
Client 212.48.47.130
Secret removed
/Client
Client 212.48.47.131
Secret removed
/Client
Client 212.48.47.132
Secret removed
/Client
Client 212.48.47.135
Secret removed
/Client
AuthBy FILE
Identifier reject
Filename %D/reject-users
/AuthBy
AuthBy RADIUS
Identifier radius
Host 10.1.0.11
AuthPort 1645
AcctPort 1646
Secret removed
LocalAddress 10.1.0.12
DefaultSimultaneousUse = 2
NoReplyHook sub {Radius::AuthGeneric::find('LDAP')-handle_request(${$_[0]});}
AddToReply Service-Type = Framed-User,\
Framed-Protocol = PPP,\
Framed-IP-Address = 255.255.255.254,\
Framed-MTU = 1500,\
Ascend-Client-Primary-DNS= 212.123.129.79,\
Ascend-Client-Secondary-DNS= 212.123.128.16
/AuthBy
AuthBy LDAP2
Identifier LDAP
Hostldap1.inside.servers
AuthDN cn=radius,o=WISH, c=NL
BaseDN o=WISH, c=NL
AuthPasswordremoved
UsernameAttruid
PasswordAttruserPassword
HoldServerConnection
AddToReply Service-Type = Framed-User,\
Framed-Protocol = PPP,\
Framed-IP-Address = 255.255.255.254,\
Framed-MTU = 1500,\
Ascend-Client-Primary-DNS= 212.123.129.79,\
Ascend-Client-Secondary-DNS= 212.123.128.16
/AuthBy
Handler User-Name = /[^a-zA-Z0-9_-]/
AuthBy reject
/Handler
Handler
AuthBy radius
/Handler
Log SYSLOG
Facility user
Trace 5
/Log
--
Regards,
Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE
http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628
PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H.
BOFH excuse: Recursive traversal of loopback mount points
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) multi threaded
Hi, Just one question, when will Radiator be multi threaded? -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Sticky bits on disk. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) checking other attributes
Hi, We are using Radiator now for a year and it is working great. We using now Radiator 2.15 with LDAP. I've got a question, normaly it checks on username and password, but is it possible to check it on other attributes like "accountStatus" -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Standing room only on the bus. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) monitoring
Hi, Is there a way to see how many bytes a user has used on the net? -- Regards, Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE http://www.wish.net - tel: +31(0)413242500 - fax. +31(0)208762628 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H. BOFH excuse: Bad cafeteria food landed all the sysadmins in the hospital. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Handler
Hi,
Because we get garbage usernames, i've used the handler bit in the config file
(see below):
Handler User-Name = /\\x/
AuthBy FILE
Filename %D/reject-users
/AuthBy
/Handler
Handler
AuthByPolicy ContinueWhileIgnore
RewriteUsername tr/A-Z/a-z/
AuthBy LDAP2
Hosthostname
AuthDN cn=radius,o=WISH, c=NL
BaseDN o=WISH, c=NL
AuthPasswordencrypted
UsernameAttruid
PasswordAttruserPassword
AddToReply Service-Type = Framed-User,\
Framed-Protocol = PPP,\
Framed-IP-Address = 255.255.255.254,\
Framed-MTU = 1500,\
Primary-DNS-Server= 212.123.129.68, \
Secondary-DNS-Server= 212.123.128.16
/AuthBy
AuthBy LDAP2
Hosthostname
AuthDN cn=radius,o=WISH, c=NL
BaseDN o=WISH, c=NL
AuthPasswordencrypted
UsernameAttruid
PasswordAttruserPassword
AddToReply Service-Type = Framed-User,\
Framed-Protocol = PPP,\
Framed-IP-Address = 255.255.255.254,\
Framed-MTU = 1500,\
Primary-DNS-Server= 212.123.129.68, \
Secondary-DNS-Server= 212.123.128.16
/AuthBy
/Handler
Only the first handler doesn't work realy. Here is a dump:
*** Received from 195.7.137.163 port 1812
Code: Access-Request
Identifier: 21
Authentic: 4t18026252168t177148196f\10,20611
Attributes:
User-Name = "1631381881431592352421595176177
o177X22721913015725322324422681561706
2178%228?201141W23728135NssSB135165w147iv138$244z140O255134L152150247209_191224112
160.140239255197241168190147J203223216254239205255229227155201:210154247T2282022
1[218185/(4168|252255|234139P23015011134231239255230131161728y30,$210~230254237n
235i16826X252239255K29176135K139185N2031626cx144%254206254188225iT208"
User-Password = 210;=220139O164a|203176227AT172432m
1452051541371372Z15515730YN11B281
97173320421SJ160O221424{)190L173223)9y152199Kq204234184179)u220K156d*18v144150148
"192172152`3163167205130177133224180229715254147
NAS-IP-Address = 195.7.137.163
NAS-Port = 1299
Acct-Session-Id = "85066624"
Interface-Index = 2555
Supports-Tags = 0
Service-Type = Login
Chassis-Call-Slot = 6
Chassis-Call-Span = 1
Chassis-Call-Channel = 19
Connect-Speed = NONE
Calling-Station-Id = "0478631728"
Called-Station-Id = ""
NAS-Port-Type = Async
Wed Feb 9 18:22:39 2000: DEBUG: Check if Handler User-Name = /\\x/ should be
used to handle this request
Wed Feb 9 18:22:39 2000: DEBUG: Check if Handler should be used to handle this
request
Wed Feb 9 18:22:39 2000: DEBUG: Handling request with Handler ''
Wed Feb 9 18:22:39 2000: DEBUG: Rewrote user name to
\xa3\x8a\xbc\x8f\x9f\xeb\xf2\x9f5\xb0\xb1 o\xb1x\xe3\xdb\x82\x9d\xfd\xdf\xf4\x
e28\x9c\xaa6^B\xb2%\xe4?\xc9\x8dw\xed^\\x87nsssb\x87\xa5w\x93iv\x8a$\xf4z\x8co\xff\x86l\x98\x96\xf7\xd1_^S^L\xf1^L\xa0.\x8c\xef\x
ff\xc5\xf1\xa8\xbe\x93j\xcb\xdf\xd8\xfe\xef\xcd\xff\xe5\xe3\x9b\xc9:\xd2\x9a\xf7t\xe4^T\xdd[\xda\xb9/(^D\xa8|\xfc\xff|\xea\x8bp\xe6\
x96^K\x86\xe7\xef\xff\xe6\x83\xa1^G^\y^^,$\xd2~\xe6\xfe\xedn\xebi\xa8^Zx\xfc\xef\xffk^]\xb0\x87k\x8b\xb9n\xcb\xa26cx\x90%\xfe\xce\xf
e\xbc\xe1it\xd0
Wed Feb 9 18:22:39 2000: DEBUG: Deleting session for
\xa3\x8a\xbc\x8f\x9f\xeb\xf2\x9f5\xb0\xb1 o\xb1X\xe3\xdb\x82\x9d\xfd\xdf\xf4\
xe28\x9c\xaa6^B\xb2%\xe4?\xc9\x8dW\xed^\\x87NssSB\x87\xa5w\x93iv\x8a$\xf4z\x8cO\xff\x86L\x98\x96\xf7\xd1_^S^L\xf1^L\xa0.\x8c\xef\
xff\xc5\xf1\xa8\xbe\x93J\xcb\xdf\xd8\xfe\xef\xcd\xff\xe5\xe3\x9b\xc9:\xd2\x9a\xf7T\xe4^T\xdd[\xda\xb9/(^D\xa8|\xfc\xff|\xea\x8bP\xe6
\x96^K\x86\xe7\xef\xff\xe6\x83\xa1^G^\y^^,$\xd2~\xe6\xfe\xedn\xebi\xa8^ZX\xfc\xef\xffK^]\xb0\x87K\x8b\xb9N\xcb\xa26cx\x90%\xfe\xce\x
fe\xbc\xe1iT\xd0, 195.7.137.163, 1299
Wed Feb 9 18:22:39 2000: DEBUG: Handling with Radius::AuthLDAP2
Wed Feb 9 18:22:39 2000: DEBUG: Connecting to lrad.inside.servers, port 389
Wed Feb 9 18:25:11 2000: DEBUG: Reading users file /etc/raddb/reject-users
Wed Feb 9 18:25:12 2000: INFO: Server started
It says that it is reading the /etc/raddb/reject-users, but also you see that he
tries to contact the ldap server..
Why?
Owya, this is what the reject-users file contains:
DEFAULT Auth-Type = Reject
--
Regards,
Robin Gruyters - SYS/B.O.F.H. - [EMAIL PROTECTED] - http://www.phear.nl
RIPE nic-hdl: RG3771-RIPE http://www.ripe.net/cgi-bin/whois?AS9133
WISH Worldwide Websites B.V. PGP key ID DEB8C991
Tel: +31(0)413242500 - Fax: +31(0)4133322
(RADIATOR) multi threading?
Hi, Is radiator multi threaded? -- Regards, Robin Gruyters - SYS/B.O.F.H. - [EMAIL PROTECTED] - http://www.phear.nl RIPE nic-hdl: RG3771-RIPE http://www.ripe.net/cgi-bin/whois?AS9133 WISH Worldwide Websites B.V. PGP key ID DEB8C991 Tel: +31(0)413242500 - Fax: +31(0)413332281 - http://www.wish.net/ -- System Manager / Web Designer / B.O.F.H. --- "Where do you wanna frag today?" === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) freezing
Hi,
I've got some problems with Radiator v2.14.1. It just freezes (most of the time
in the evening). I'm using Authby RADIUS and Authby LDAP2 with perl v5.00503 on
a FreeBSD system. below you find my config file(s).
Radiusproxy:
AuthPort 1812
AcctPort 1813
LogDir /radius/log
DbDir /etc/raddb
LogFile %L/%d%m%Y-e-tel.log
PidFile %L/e-tel.pid
Trace 3
Realm DEFAULT
AuthBy RADIUS
Host10.1.0.11
Host10.1.0.10
AuthPort1812
AcctPort1813
Secret secretkey
/AuthBy
AcctLogFileName %L/details_e-tel-%d%m%Y
AcctLogFileFormat %l %{Acct-Status-Type} \
%{User-Name} %{Framed-IP-Address} %{Calling-Station-Id}
/Realm
END
Radius config:
AuthPort 1812
AcctPort 1813
LogDir /radius/log
DbDir /etc/raddb
LogFile %L/%d%m%Y-e-tel.log
DictionaryFile %D/dictionary.usr
PidFile %L/e-tel.pid
Trace 3
Realm DEFAULT
AuthBy LDAP2
# Tell Radiator how to talk to the LDAP server
Hostldap4.inside.servers
AuthDN cn=radius,o=WISH, c=NL
BaseDN o=WISH, c=NL
AuthPasswordsecretpassword
UsernameAttruid
PasswordAttruserPassword
AddToReply Service-Type = Framed-User,\
Framed-Protocol = PPP,\
Framed-IP-Address = 255.255.255.254,\
Framed-MTU = 1500,\
Primary_DNS_Server= 212.123.129.68, \
Secondary_DNS_Server= 212.123.128.16
/AuthBy
/Realm
-END
BTW, is it possible to include more dictionaries??!
--
Regards,
Robin Gruyters - SYS/B.O.F.H. - [EMAIL PROTECTED] - http://www.phear.nl
RIPE nic-hdl: RG3771-RIPE http://www.ripe.net/cgi-bin/whois?AS9133
WISH Worldwide Websites B.V. PGP key ID DEB8C991
-- System Manager / Web Designer / B.O.F.H. ---
"Where do you wanna frag today?"
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
