Frank Bulk wrote:
> I scoured online and in the archives but I haven't found a solution to my
> question: is there a way to log additional attributes, not unlike what's
> done in ISC's DHCP logging?
What do you mean by that?
> I know that 'detail' logging is possible, but
> those are stored in
Raffael Himmelreich wrote:
> we're encountering that our radius clients - who don't send anything but
> access requests and session stop packets with accounting info - repeatedly
> send the same accounting stop request multiple times.
Find out why, and fix it. It's usually because the accountin
I scoured online and in the archives but I haven't found a solution to my
question: is there a way to log additional attributes, not unlike what's
done in ISC's DHCP logging? I know that 'detail' logging is possible, but
those are stored in a separate file for each connection. I just want to add
If you're using database for storing account informations, you should
set unique attribute for AcctUniqueId field.
Raffael Himmelreich wrote:
Hi,
we're encountering that our radius clients - who don't send anything but
access requests and session stop packets with accounting info -
repeatedly
Hi,
we're encountering that our radius clients - who don't send anything but
access requests and session stop packets with accounting info -
repeatedly
send the same accounting stop request multiple times.
We tried to filter those requests with increasing both the cleanup_delay
and max_reques
> Module: Instantiating eap-mschapv2
> mschapv2 {
>with_ntdomain_hack = no//i set "yes in /etc/raddb/module/mschap
> for this
> but still stay on "no"
> }
Because this is from eap.conf.
Ivan Kalik
Kalik Informatika ISP
-
L
Hello ELOM
My english is not good. So I undestand you want drop all downloads bigger than
25 M and uploads biggers than 12 M, if it's that you wan, I guess is no way to
do that with radius, maybe yo can do that with one proxy.
But if you want limit an account to 25 M of Download or 12 Upload you
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: In
Josip Rodin wrote:
> OK, yes, but this particular situation is a bit strange... the variables.txt
> file says:
Yes...
> Which information is authoritative - should we use and depend on this,
> or not?
The expansions documented in doc/variables.txt are historical, but
still work. This is wha
Hi,
> Hi
> all,is it possible to place radius users in more than one
> Livingston-style file.For example one file is maintained by another
> department than the other.What is the syntax in the radiusd.conf file
> when using more than one fileThx ThorstenSPIRIT/21
> AG
just create one 'tree' u
Hi,
on your command line
locate winbind_privileged
it'll usually be /var/cache/samba/
cd /var/cache/samba/
chgrp radiusd winbind_priviledged (if you run radius as group radiusd)
restart freeradius
i dont see how the error/debug output could be any clearer
alan
-
List info/subscribe/unsub
true!
there was a great problem with winbindwhich did'n want to run. I had to rename
winbindd_priviledged to make it work.
so now, the previous error:
---
rlm_mschap: No Cleartext-Password configured. Cannot create LM-Password.
rlm_mschap: No Cl
On Fri, Jul 18, 2008 at 03:25:50PM +0200, Alan DeKok wrote:
> > It would be good if this was documented somewhere - I actually looked in
> > the unlang manual page for a way to get a date string, but found nothing.
>
> doc/variables.txt
>
> > However, the VARIABLES section doesn't mention that
Josip Rodin wrote:
> Oh. These seemingly random expansions have always surprised me. The other
> day I just happened to stumble upon that when writing:
>
> if ((Connect-Info != "NONE") && (Connect-Info < "%Y%m%d")) {
>
> It would be good if this was documented somewhere - I actually looked
attributes 'FormatTimestamp=TRUE',
> > 'Prefix=/var/log/foo/bar-', 'Mode=DAILY', and then it creates the log files
> > named /var/log/foo/bar-20080718, and automatically moves on as necessary.
> >
> > That sounds like a reasonably useful facili
Configure multiple instances of files module. Just like with all other
multiple instances replace "files" in the virtual server configuration
with the name of the instance you want to use.
Ivan Kalik
Kalik Informatika ISP
Dana 18/7/2008, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> piše:
>Hi all,is
Hi all,is it possible to place radius users in more than one Livingston-style file.For example one file is maintained by another department than the other.What is the syntax in the radiusd.conf file when using more than one fileThx ThorstenSPIRIT/21 AG
Sitz der Gesellschaft: Böblingen
Vorstand: Gu
ELOM ETSE wrote:
> I want to limit users downloaded and uploaded file size.
See the NAS documentation for how to do that.
If the documentation does not say it's possible, then it's not possible.
Few NASes (if any) support this feature.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
on the topic - Navis RADIUS has the option of having log
> files be automatically switched based on timestamps. In other words, if you
> set a log file to be 'TimeFile', and set attributes 'FormatTimestamp=TRUE',
> 'Prefix=/var/log/foo/bar-', 'Mode=DAILY
ing log
files be automatically switched based on timestamps. In other words, if you
set a log file to be 'TimeFile', and set attributes 'FormatTimestamp=TRUE',
'Prefix=/var/log/foo/bar-', 'Mode=DAILY', and then it creates the log files
named /var/log/foo
Hello!
I want to limit users downloaded and uploaded file size. I remark that
WISPr-Bandwidth attributes can limit the band width.But this what i need: For
example
Hitchcock can never download more than file of 25 Mo
Hopeson can upload file less than 12Mo of size.
Please which attributes must i
Josip Rodin wrote:
> It looks to me that it would be a good idea to have a default
> /var/log/freeradius/debug.log where the daemon would write the output
> normally found with -X. Plus with timestamps.
That is very, very, expensive, and will slow the server down a lot.
But yes, the idea is good
On Thu, Jul 17, 2008 at 12:30:31PM +0200, Alan DeKok wrote:
> [EMAIL PROTECTED] wrote:
> > :) yes that's what it was thank you for your "help". I'm sorry you had a
> > bad day my friend.
>
> You have tried very hard to make it a bad day.
>
> It's incredibly frustrating to help people who figh
Norbert Wegener wrote:
> I want to use a second database searching users, when not found in the
> first one.
> So I have setup two sql modules: sqldef and sqlps.
> In my server configuration there is:
>
> authorize {
>
> group sqlall {
...
>if ("%{sqlall:SELECT UserName from radcheck whe
Hello,
I want to use a second database searching users, when not found in the
first one.
So I have setup two sql modules: sqldef and sqlps.
In my server configuration there is:
authorize {
group sqlall {
sqldef {
notfound = 1
}
sqlps
> rlm_mschap: Told to do MS-CHAPv2 for glouglou with NT-Password
>expand: --username=%{mschap:User-Name} -> --username=glouglou
> mschap2: 14
>expand: --challenge=%{mschap:Challenge:-00} ->
> --challenge=91426d1805c9df8e
>expand: --nt-response=%{mschap:NT-Response:-00} ->
Alan DeKok wrote:
if (proxy:NAS-IP-Address == 172.29.51.24) {
update proxy {
NAS-IP-Address := 172.26.64.100
}
}
It works, but instead of update proxy should be update proxy-request,
and instead of proxy:NAS-IP-Address shou
27 matches
Mail list logo