use exec to modify request attributes

Hi, I have an exec module (formatmac) that would take in the Client-Station-Id, pass it to a perl script (formatmac), which would then set the User-Name of the request packet to a formatted version of the Client-Station-Id. This works but, the sql authentication module then complains that ""rlm

Re: 3 LDAP questions!

In ldap you have only *one* record for each user. If you need different Framed-IP-Address attributes for each user depending on the NAS then you need to either: Create multiple user entries and use a filter to find them: (&(uid=%u)(nasipaddress=%{NAS-IP-Address})) Create multiple ldap module ins

Re: Dialup Admin

Try to create a user and include in those group. - Original Message - From: "Edward Rempala" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, October 27, 2004 6:56 AM Subject: Dialup Admin I am having a problem creating groups under dialupadmin. When I create a group and then

Re: problem authenticating to passwd/shadow files

From: "Alan DeKok" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: problem authenticating to passwd/shadow files Date: Thu, 21 Oct 2004 12:28:03 -0400 "Cameron Birky" <[EMAIL PROTECTED]> wrote: > I encrypt at my client and then the pptpd calls the freeradius >

Dialup Admin

I am having a problem creating groups under dialupadmin. When I create a group and then save it, DA says I have no groups. But then I look in the database and the info I just put in is there. Is this a bug in DA? If so is there a way around it? Edward. _ avast! Antivirus

multiple NASes using just one RADIUS server

Title: multiple NASes using just one RADIUS server hello we are using freeradius for auth on a pix firewall.  right now it is just one firewall going to one radius server.  what would be the best way to add several firewalls (each of which would probably have a different set of users etc) to

RE: Exec-Program output: freeradius not reading response?

> > I've done some troubleshooting of my own, and unsure if this is helpful or > not, but the process appears to be hanging indefinitely until cleaned up > within this section of threads.c (beginning line 1141). The line in > particular it hangs on is the "rcode = ..." line. I am not enuff of a

RE: Exec-Program output: freeradius not reading response?

> > "Nate M" <[EMAIL PROTECTED]> wrote: > > > Problem exists, when posting multiple requests to radiusd it > > occasionally > > > will not receive or somehow omit the exit status of Exec-Program-Wait. > > > > I haven't been able to reproduce it here, so I'm not sure how to fix > > it. > > > > T

RE: Problems compiling Freeradius

Nate: That seems to have fixed it for me as well. I was able to make and make install. The final indication that things seemed to be ok was when I could type radiusd -X and saw the final line saying server ready to process requests. Now that I am at this stage. Hope that I am using the right t

Re: Exec-Program output: freeradius not reading response?

"Nate M" <[EMAIL PROTECTED]> wrote: > While troubleshooting I also confirmed the same issue with rlm_exec doing a > similar task to what I'm accomplishing in exec-program-wait. rlm_exec calls the same functions to do the exec, so it should have all the same "features" as Exec-Program-Wait. > I'

RE: Problems compiling Freeradius

Try: ln -s /usr/include/et/com_err.h /usr/include/com_err.h I had the same issue, that fixed it. - Nathan Miller > -Original Message- > From: [EMAIL PROTECTED] [mailto:freeradius- > [EMAIL PROTECTED] On Behalf Of Ronald I. Nutter > Sent: Tuesday, October 26, 2004 12:16 PM > To: [EMAIL P

RE: Problems compiling Freeradius

I went a little back on the screen and found this. I can probably capture the whole screen if that will help. gmake[6]: Entering directory `/usr/local/src/freeradius-1.0.1/src/modules/rlm_krb5' gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5 -Wall -D_GNU_SOURCE -g -Wshadow -

RE: Exec-Program output: freeradius not reading response?

> "Nate M" <[EMAIL PROTECTED]> wrote: > > Problem exists, when posting multiple requests to radiusd it > occasionally > > will not receive or somehow omit the exit status of Exec-Program-Wait. > > I haven't been able to reproduce it here, so I'm not sure how to fix > it. > > The only thing I

Re: FreeRadius -> Ldap -> Novell DS

On Mon, 25 Oct 2004, [EMAIL PROTECTED] wrote: Hi List I'm hoping that someone out there has done a similar setup to this. I am wanting to authenticate wireless users primarily, against the Novell Directory (NDS) that we have of all the users. I have installed and configured FreeRadius to work usin

Re: accounting file question

On Mon, 25 Oct 2004, Edgars wrote: can someone tell me what kind of information is kept in the 'radutmp' and 'radwtmp' files? radutmp keeps a log of open sessions. radwtmp keeps a log of all previous sessions. They resemble the corresponding utmp and wtmp unix files although they keep somewhat d

Re: vlan and ldap

On Tue, 26 Oct 2004, bmathieu wrote: hi here is my problem : we want to put student and teacher in differents vlans in a wireless lan , but they are in the same ldap i see two solutions: _they have vlan attibute in ldap _ i define two ldap , a specific attribute for each group

Re: Problems compiling Freeradius

Hi, > I am trying to just install freeradius without any options and am > getting errors. Here is what I see at the end - > > gmake[6]: *** [rlm_krb5.o] Error 1 (snipp) That's just make passing the error that occured in some recursive call up to it's parent. The _interesting_ part would

What am I missing??

Lo all, Below is a full debug output of a authentication request. I am trying to get rlm_sqlcounter to work - from what I can see, all the attributes are in place, but the module simply ignores them?? I'd appreciate some assistance, it must be something silly(tm) again... --- Walking the entir

vlan and ldap

hi here is my problem : we want to put student and teacher in differents vlans in a wireless lan , but they are in the same ldap i see two solutions: _they have vlan attibute in ldap _ i define two ldap , a specific attribute for each group in ldap and i use the access_attr in

Problems compiling Freeradius

I am trying to just install freeradius without any options and am getting errors. Here is what I see at the end - gmake[6]: *** [rlm_krb5.o] Error 1 gmake[6]: Leaving directory `/usr/local/src/freeradius-1.0.1/src/modules/rlm_krb5' gmake[5]: *** [common] Error 1 gmake[5]: Leaving directory `/usr/

using tags for tunnel attributes

Can somebody tell me how I should configure the users file to be able to send a tag with the tunnel attributes ? I checked the dictionary and the attributes (like Tunnel-Type) have an extra option "has_tag", but I could not get the radiusserver to recognize it and sent it back to the NAS. I

Re: Exec-Program output: freeradius not reading response?

"Nate M" <[EMAIL PROTECTED]> wrote: > Problem exists, when posting multiple requests to radiusd it occasionally > will not receive or somehow omit the exit status of Exec-Program-Wait. I haven't been able to reproduce it here, so I'm not sure how to fix it. The only thing I can think of is th

Re: Exec-Program-Wait question and rlm_exec

Kostas Zorbadelos <[EMAIL PROTECTED]> wrote: > Actually the conversation in that thread ended by mentioning the ideas > rlm_exec should follow. I didn't see any patch that implemented > them. If there is such a patch please direct me to it and I > will test it. Nope, I haven't seen a patch, sorr

Re: Exec-Program-Wait question and rlm_exec

On Tue, Oct 26, 2004 at 10:20:48AM -0400, Alan DeKok wrote: > Kostas Zorbadelos <[EMAIL PROTECTED]> wrote: > > First of all I have a question for Exec-Program-Wait. I need to run an > > external C program that expects in its environment a proper > > LD_LIBRARY_PATH to run. I followed the obvious so

Re: EAP and multiples LDAP

Sergio Sagliocco <[EMAIL PROTECTED]> wrote: > I've tried a simpler configuration but I've still problems > > My users file is > DEFAULT NAS-IP-Address == 192.168.9.153, Authz-Type:=LDAP No, it's not. There's no "Authz-Type" attribute. When posting to the list, DO NOT re-type the data from y

Re: UDPFROMTO and Proxy Problem

Nicolas Baradakis <[EMAIL PROTECTED]> wrote: > Now you gave us all the details about the problem in your setup, I'm > thinking of a different approach: perhaps it could be easier to add a > source NAT rule on the firewall rather than hacking the source IP > inside radiusd. Did you try this ? Tha

Re: proxy peap

bmathieu <[EMAIL PROTECTED]> wrote: > i m trying to proxy peap request from one server to another > all works fine if i connect directy to the second server i peap > but when i proxy the request i have this error > ... > rlm_eap: Identity does not match User-Name, setting from EAP Identity. T

Re: Exec-Program-Wait question and rlm_exec

Kostas Zorbadelos <[EMAIL PROTECTED]> wrote: > First of all I have a question for Exec-Program-Wait. I need to run an > external C program that expects in its environment a proper > LD_LIBRARY_PATH to run. I followed the obvious solution of using a > wrapper bash shell script, that sets the environ

Re: Prepaid (Scratchcard) Wi-Fi Hotspot with NoCat and FreeRadius

Kostas Kalevras wrote: No you need to make sure that the NAS will send an accounting-stop packet when the user times out. That's what it's supposed to do anyway. If it does not do that, it's broken. Thanks for all your help, Kostas, and others. Now that I've got my head around the exchange that'

RE: framed route in dialup admin

Nevermind... I found it... I should have looked harder... sorry.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of cris boisvert Sent: Tuesday, October 26, 2004 9:35 AM To: [EMAIL PROTECTED] Subject: framed route in dialup admin I'm running Freeradius on

framed route in dialup admin

I'm running Freeradius on Mysql using the dialup admin There is no place in the dialup admin to add a framed route I can add it directly to the radreply table .. but is their a way top add this option to the dialup admin? Thanx --- Outgoing mail is certified Virus Free. Checked by AVG anti-viru

Re: EAP and multiples LDAP

Hi I've tried a simpler configuration but I've still problems My users file is DEFAULT NAS-IP-Address == 192.168.9.153, Authz-Type:=LDAP Fall-Through=1 The autorize section is authorize { preprocess files eap Autz-Type LDAP { ldap } } and the authentication section is

Re: 3 LDAP questions!

On Tue, 26 Oct 2004, Ilia Chipitsine wrote: You could just add it and send it back through a bugs report in bugs.freeradius.org I did so. Thanks i 'll take a look at it. 3) how can equivalent of the following users file be implemented with LDAP: chel Auth-Type := MS-CHAP, NAS-IP-Address == 1

RE: Prepaid (Scratchcard) Wi-Fi Hotspot with NoCat and FreeRadius

Or Mikrotik http://www.mikrotik.com Much better, well rounded routing package on the whole. > -Original Message- > From: Bartosz Jozwiak [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 26, 2004 8:06 AM > To: [EMAIL PROTECTED] > Subject: Re: Prepaid (Scratchcard) Wi-Fi Hotspot with

Re: UDPFROMTO and Proxy Problem

Raimund Sacherer wrote: > Here is a more detailed description of our scenario [...] Thanks, it's a lot easier to undestand now. > For a Proxy Packet the Packet->src_ipaddr is empty. It's the normal behaviour. The RADIUS server doesn't have knowledge about the network routes so it's the kernel

Re: Prepaid (Scratchcard) Wi-Fi Hotspot with NoCat and FreeRadius

On Tue, 26 Oct 2004, Andy Buchanan wrote: Hello list, I'm new to Radius in general, so please excuse me for this question which I'm sure is probably quite simple. I've spent ages looking through the archives and have been unable to find an answer to my question. I'm trying to set up a Wi-Fi hots

Re: Prepaid (Scratchcard) Wi-Fi Hotspot with NoCat and FreeRadius

> Hello list, > > I'm new to Radius in general, so please excuse me for this question > which I'm sure is probably quite simple. I've spent ages looking through > the archives and have been unable to find an answer to my question. > > I'm trying to set up a Wi-Fi hotspot that will use prepaid t

Prepaid (Scratchcard) Wi-Fi Hotspot with NoCat and FreeRadius

Hello list, I'm new to Radius in general, so please excuse me for this question which I'm sure is probably quite simple. I've spent ages looking through the archives and have been unable to find an answer to my question. I'm trying to set up a Wi-Fi hotspot that will use prepaid tickets (scratc

Re: ip pool in mysql

Hi, Make use of '=' opperand instead of ':=' for Reply Attribute . And don't forget to read Docs ;-) On Tuesday 26 October 2004 14:03, Martin Jessa wrote: > Hi. > > I use Mikrotik as my NAS server and there i have configured an IP-Pool > called Official And this is my SQL: > > CREATE TABLE radr

Re: ip pool in mysql

Hi. I use Mikrotik as my NAS server and there i have configured an IP-Pool called Official And this is my SQL: CREATE TABLE radreply ( id int(11) unsigned NOT NULL auto_increment, UserName varchar(64) NOT NULL default '', Attribute varchar(32) NOT NULL default '', op char(2) NOT NULL defa

proxy peap

31 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 modcall[authorize]: module "preprocess" returns ok for request 5 radius_xlat: '/usr/local/var/log/radius/radacct/195.220.107.12/auth-detail-20041026' rlm_detail: /usr/local/va

[OT} EAPOL Client/dialer.

Hello all, I wonder where can i get a dialer Or x1supllaction to do this jobs so that it can work on EAPOL Or the ttls-EAPol with my dlink switch. If anyone are willing to help me wrote it with some prices, I wouldn't mind paying it. Thank You Chan Min Wai -- This message has been scan

proxy peap

i m trying to proxy peap request from one server to another all works fine if i connect directy to the second server i peap but when i proxy the request i have this error rad_check_password: Found Auth-Type eap auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: ent

Exec-Program-Wait question and rlm_exec

Hello to everyone. First of all I have a question for Exec-Program-Wait. I need to run an external C program that expects in its environment a proper LD_LIBRARY_PATH to run. I followed the obvious solution of using a wrapper bash shell script, that sets the environment and calls the C program via e

Traffic Logging in detail file

Hello, postgresql and mysql are not my favorite work unit, can i log details to traffic in detail log file ?? postgresql and mysql are dont work fine, i installed mysql and postgresql on debain system. Auth is work fine, but in freeradius -X a lot of mirrors that is section of my radiusd.conf