I've worked up a small patch that works with OpenLDAP features to
support the use of LDAP URIs for referring to LDAP servers instead of
specifying by host/port. This will work easily for ldap://, ldaps:// and
ldapi:// (LDAP over IPC) URIs. I've plugged this in and tested the
module (with CVS code f
Running 0.8.1.
I'm reviewing doc/rlm_sqlcounter and it references:
"You can make your own names and directives for resetting the counter
by following src/modules/rlm_sqlcounter/README.txt"
Can't find it or any apparent replacement. Is it missing? Replaced?
Deprecated? Ground up for dog food?
th
Well, this is quite bizarre. I have Ascend Maxen, Livingston Portmaster
III's, and a couple of Ciscoes as dialup servers. With Simultaneous-Use
set to 1, if I dial into a Max when the account is already logged on, I
get dropped to the internal ascend% prompt.
I know this is likely an Ascend wierd
I'd rather see LDAP URIs used instead of specifying the server hostname
and port separately - in no small part because in that case, it's easy
to support LDAP over UNIX domain sockets, which (in my experience)
provides lower overhead when doing lots of queries (which is hopefully
going to be the ca
Hello,
I am trying to get our radius servers to authenticate a virtual ISP request.
When we have the Simultaneous-Use attribute in radcheck it ALWAYS fails with
a Multiple login error, no matter how may Simultaneous-Use I give it. It
always says there are more logins then the number I have. I ha
[EMAIL PROTECTED] wrote:
> Iam working on a wireless project and i want to enforce policy based
> authentication.
>
> I want the RADIUS to interact with this application before it can
> authenticate a user.
But that's what the RADIUS server does. It enforces policy based
authentication.
Hi chris/simon
Thanks for the response, let me make myself clear.
This is what i want to do.
Iam working on a wireless project and i want to enforce policy based
authentication.
I want the RADIUS to interact with this application before it can
authenticate
a user.
This applicati
I was doing some research here, and the problems I saw seemed to be
related to the order of the linking of libraries. The solaris linker is
particular about order the "-l" arguments on the command line. It only
goes though a library looking for unresolved symbols once, and this is
only at the t
If checkrad were changed to only output a 0 instead of the dump it
currently produces when it can't connect to snmp on the NAS I think that
could possibly correct the problem, I think that radiusd only expects a 1
character response, maybe it flips when it gets 7 lines of information?
Just an idea
Kristina Pfaff-Harris <[EMAIL PROTECTED]> wrote:
> The wierd thing is, checkrad DOES respond -- it just responds with a
> timeout, and if that weren't strange enough, checkrad appears to be
> exiting normally, that is, it's not hanging or anything.
Yeah, but if it doesn't respond within 10 secon
On Fri, 21 Feb 2003, Alan DeKok wrote:
> That's confusing as all get out. The code which runs checkrad tries
> to kill it if checkrad doesn't respond. But it sends *checkrad* a
> TERM signal, and doesn't send one to the RADIUS server.
The wierd thing is, checkrad DOES respond -- it just respo
Kristina Pfaff-Harris <[EMAIL PROTECTED]> wrote:
> Running 'checkrad cisco (etc)' on a certain of our ciscoes came back with
> "Timeout: No Response from IP address". When called from radiusd, this
> killed the radius daemon completely.
That's confusing as all get out. The code which runs check
At 01:30 PM 2/21/2003 -0500, Derrik Pates wrote:
On Fri, Feb 21, 2003 at 12:18:00PM -0600, Chris Parker wrote:
> DEFAULT NAS-IP-Address == a.b.c.d, Proxy-To-Realm := "foobar"
>Fall-Through = Yes
Excellent. And this it correct even though I'm not proxying, but the
realm is local?
I bel
"Mike Cisar" <[EMAIL PROTECTED]> wrote:
> On another note, is there a way with the counter module of making two
> counters... for example one that expires on a monthly basis, another on a
> daily or weekly basis.
Create two instances of the 'counter' module.
counter daily {
...
}
Justin Wheeler <[EMAIL PROTECTED]> wrote:
> If checkrad is run, and returns that the user is *not* online, does it
> automatically zap them from radutmp?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
=?iso-8859-1?Q?Manuel_S=E1nchez_Cuenca?= <[EMAIL PROTECTED]> wrote:
> Hello, why freeRadius show this:
>
> rad_check_password: Found Auth-Type EAP
> rad_check_password: Found Auth-Type Local
> Warning: Found 2 auth-types on request for user 'lolo'
Because you told it to use two different
On Fri, Feb 21, 2003 at 12:18:00PM -0600, Chris Parker wrote:
> DEFAULT NAS-IP-Address == a.b.c.d, Proxy-To-Realm := "foobar"
>Fall-Through = Yes
Excellent. And this it correct even though I'm not proxying, but the
realm is local?
--
Derrik Pates
[EMAIL PROTECTED]
[EMAIL PROTECTED]
-
A little more info. Looks like maybe an SNMP issue with checkrad?
I modified checkrad to log what it was called as from radiusd, so that I
could recreate what happened when it crashed the server. When I say
"(etc)" below, it's shorthand for the arguments that radiusd called
checkrad with.
Runnin
At 01:05 PM 2/21/2003 -0500, Derrik Pates wrote:
I'm presently responsible for setting up a system using a combination of
OpenLDAP, MySQL and FreeRADIUS to provide centralized RADIUS service
hosting for some of our customers. The only problem I haven't managed to
surmount so far is customers who a
I'm presently responsible for setting up a system using a combination of
OpenLDAP, MySQL and FreeRADIUS to provide centralized RADIUS service
hosting for some of our customers. The only problem I haven't managed to
surmount so far is customers who are unable (or unwilling) to get their
customers to
While we're on the subject, I think I might be retarded. (Again)
Thanks for Kristina, I have it running checkrad properly, however,
regardless of whether it returns 2, 0, 1, -1, "cheese" .. no matter what,
it gives the LOGIN OK and wipes the old session from the radutmp.
Regards,
Justin Wheeler
On Fri, 21 Feb 2003, Adam Fladwood wrote:
> When using checkrad w/ a PM3 if the public snmp string is not set to
> 'public' in the portmaster checkrad will timeout, not that big of an
> issue - however, it causes the entire radius daemon to crash, saying it
> couldn't process signal 15, and shutdo
Just wanted to drop a message to the list about a bug that I came across,
it may already have been discovered, but doing some google searches
nothing came up.
When using checkrad w/ a PM3 if the public snmp string is not set to
'public' in the portmaster checkrad will timeout, not that big of an
i
"Jacob C. Vann" <[EMAIL PROTECTED]> wrote:
> I have been trying unsuccessfully to install FreeRadius version 0.8 on a
> an IBM box running AIX 4.3.3.
AIX is... interesting. It's like Unix if you squint, but it's not
like Unix when you try to do anything useful.
> ltdl.c:161: `malloc' undeclar
"Doug Yeager" <[EMAIL PROTECTED]> wrote:
> *** rlm_sql.c.orig Fri Feb 21 06:53:52 2003
> --- rlm_sql.c Fri Feb 21 06:54:02 2003
...
> +
> + /*
> + * strip and translate usernames.
> + */
> + static int stripMSdomain_escape_func(char *out, int outlen, const char
> *in)
Why? rlm_prep
> > syntax still fails (allows the user to log in regardless of the
> > counter) with the same error in the logs of
>
> Why do you need both? The counter module will send back a
> Reply-Message if the user is over quota
I don't need both to work, as I said your fix solves my immediate needs.
Ho
Hi Eric,
I'm not sure if this is what you're looking for or if it's the best way to
do it but the following setup allows a user to authenticate for a
predetermined time
from first usage. i.e. if I set the time period to be 24hrs then a scratch
card is valid for 24hrs from first usage.
in "rad
i have tried.but seems the rlm_ldap still failed although i pass it in
the 1st time configure
so i separate the step to do
Brian
- Original Message -
From: "Kostas Kalevras" <[EMAIL PROTECTED]>
To: "radius" <[EMAIL PROTECTED]>
Sent: Friday, February 21, 2003 11:47 PM
Subject: Re: rlm_l
> On Fri, 21 Feb 2003, Joseph Raviele wrote:
>
> > I commented out the files lines because I kept getting errors. When I
looked
> > up the error on the mailing list, it said the solution was to comment
the
> > line out. Is the rest of the config, as far as autztyp, correct?
>
> I think so but yo
I don't understand win XP !
When I activate MD5-Challenge in the properties of my network card,
nothing happen !
But if I activate PEAP, it answer to the NAS but my FreeRadius server
and I want eap-md5 challenge!
So, does anybody can explain to me why it happens nothing with
MD5-Challenge ?
th
On Fri, 21 Feb 2003, Brian Leung wrote:
> Today, i finally compile the ldap module of freeradius in solaris platform
>successfully.
> I hope the following steps can help:
>
> 1. install openssl in to /usr/local
> cd /usr/local/src/openssl
> ./config --prefix=/usr/local
> 2. install openldap into
If checkrad is run, and returns that the user is *not* online, does it
automatically zap them from radutmp?
Thanks,
Justin Wheeler
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, 21 Feb 2003, Joseph Raviele wrote:
> I commented out the files lines because I kept getting errors. When I looked
> up the error on the mailing list, it said the solution was to comment the
> line out. Is the rest of the config, as far as autztyp, correct?
I think so but you NEED the file
Today, i finally compile the ldap module of freeradius in solaris
platform successfully.
I hope the following steps can help:
1. install openssl in to /usr/local
cd /usr/local/src/openssl
./config --prefix=/usr/local
2. install openldap into /usr/local/openldap
3. install freeradius
cd /usr/l
I commented out the files lines because I kept getting errors. When I looked
up the error on the mailing list, it said the solution was to comment the
line out. Is the rest of the config, as far as autztyp, correct?
> On Thu, 20 Feb 2003, Joseph Raviele wrote:
>
> > Thanks, for the response, but
At 10:28 AM 2/21/2003 +0100, [EMAIL PROTECTED] wrote:
Hallo,
i got problems with FreeRADIUS using MySQL.
I'm using FreeRADIUS Version 0.8.1, for host powerpc-ibm-aix5.1.0.0,
first i compilied with the flags --
with-mysql-lib-dir=/opt/freeware/lib/mysql
-- with-my
At 09:54 AM 2/21/2003 +0500, Eric wrote:
Hello,
Please, can anyone show me the correct documentation about how to write new
modules for sqlcounter.
I meaning queries, like this:
SELECT SUM(AcctSessionTime - GREATEST(('%b' - UNIX_TIMESTAMP(AcctStartTime)),
0)) FROM radacct ..
or
"SELECT SUM(Acc
At 09:41 AM 2/21/2003 +0500, Eric wrote:
Hello,
I need to make special prepaid cards, which will expire after 2 month of
usage.
Can anyone to help me to write this module for sqlcounter?
If you want them to expire after a certain date, then you don't want
sqlcounter. sqlcounter is useful if you
On Thu, 20 Feb 2003, Mike Cisar wrote:
> Thanks Kostas,
>
> I had just uncommented the existing counter lines in the sample radiusd.conf
> file not stopping to think that the sample might have them in the wrong
> order.
>
> I have moved the counter module down to the bottom of the list and this
>
On Thu, 20 Feb 2003, Joseph Raviele wrote:
> Thanks, for the response, but still no luck. I'm not sure if I'm just
> exhausted and missing something basic, or just some newbie mistake. I admit
> I don't understand the whole autztype thing. Here are my files:
>
> users:
> DEFAULT NAS-IP-Address ==
21-Feb-03 at 08:49, Chris Parker ([EMAIL PROTECTED]) wrote :
> At 01:06 AM 2/21/2003 +, Miquel van Smoorenburg wrote:
> >In article <1045770571.29271.28.camel@lxmt>,
> >Eduardo Roldan <[EMAIL PROTECTED]> wrote:
> >>Some FR developer can include these new redback attributes as described
> >>in
21-Feb-03 at 08:46, Chris Parker ([EMAIL PROTECTED]) wrote :
> At 06:20 PM 2/20/2003 -0600, [EMAIL PROTECTED] wrote:
> >Hi
> >
> >I was wondering how to write some applications which can interact with my
> >RADIUS server. I envision that this application will determine the policy
> >for the RADIUS
At 01:06 AM 2/21/2003 +, Miquel van Smoorenburg wrote:
In article <1045770571.29271.28.camel@lxmt>,
Eduardo Roldan <[EMAIL PROTECTED]> wrote:
>Some FR developer can include these new redback attributes as described
>in the 'AOS Configuration Guide Release 5.0'?
>
>ATTRIBUTE Acct_Dyn_Ac_Ent
At 06:20 PM 2/20/2003 -0600, [EMAIL PROTECTED] wrote:
Hi
I was wondering how to write some applications which can interact with my
RADIUS server. I envision that this application will determine the policy
for the RADIUS to authenticate/reject a user.
I have freeradius 0.7 with userbase in LDAP.
On Thu, 2003-02-20 at 22:06, Miquel van Smoorenburg wrote:
> In article <1045770571.29271.28.camel@lxmt>,
> Eduardo Roldan <[EMAIL PROTECTED]> wrote:
> >Some FR developer can include these new redback attributes as described
> >in the 'AOS Configuration Guide Release 5.0'?
> >
> >ATTRIBUTE Acct_D
*** rlm_sql.c.orig Fri
Feb 21 06:53:52 2003
--- rlm_sql.c Fri
Feb 21 06:54:02 2003
***
*** 224,229
--- 224,283
*out
= '\0';
return len;
}
+
+ /*
+ * strip
and translate usernames.
+ */
+ static
int stripMSdomain_escape_func(char
*
Hello, why freeRadius show this:
rad_check_password: Found Auth-Type
EAP rad_check_password: Found Auth-Type LocalWarning:
Found 2 auth-types on request for user 'lolo'auth: type
Local
the file radliusd.conf contains:
authorize
{
# # The preprocess module
takes car
Hi,
I am in the process of installing freeradius-0.8.1 on a Solaris 7
machine. I've installed OpenSSL( snapshot and main release) successfully.
Freeradius also installs without any major problems. But when I run the
server, it exits with the following error message :
Fri Feb 21 08:57:42 2003 : E
Hallo,
i got problems with FreeRADIUS using MySQL.
I'm using FreeRADIUS Version 0.8.1, for host powerpc-ibm-aix5.1.0.0,
first i compilied with the flags --
with-mysql-lib-dir=/opt/freeware/lib/mysql
-- with-mysql-dir=/opt/freeware
everything worked fine, but when
49 matches
Mail list logo