Looking at the source of rlm_sqlcounter i saw that when a users tries to
conect at a time close to the next reset time, the value of the
check-item for the next cycle is added to the reply item.
I'd like to avoid this behaviour for **some** of my users. Indeed I want
to use counters to count traffi
Di Klikrupiah, anda akan mendapatkan uang setiap klik iklan.
Prosesnya cukup mudah anda cuma klik iklan dan lihat beberapa detik
kemudian uang masuk kesaldo anda. Anda tidak membutuhkan keahlian.
Yang anda butuhkan hanya lihat iklan dan klik yang ada di website
kami. Anda
bisa mengajak teman anda
Greg Woods wrote:
> Hopefully the feedback provided from that was useful.
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
reset parameter controls value of %b.
Ivan Kalik
Kalik Informatika ISP
Dana 9/9/2008, "Alexandre Chapellon" <[EMAIL PROTECTED]> piše:
>so what's the use of the reset parameter if th sql query is managing it
>all by its own?
>
>Alexandre Chapellon a écrit :
>>
>>
>> [EMAIL PROTECTED] a écrit :
>
On Tue, 2008-09-09 at 22:48 +0100, [EMAIL PROTECTED] wrote:
> a nightly tarball, i guess, would be what you would
> prefer for this sort of action?
What I generally prefer is to wait for a stable release. For my own
needs, I could well have done that this time too. But in this case, Alan
asked me
so what's the use of the reset parameter if th sql query is managing it
all by its own?
Alexandre Chapellon a écrit :
>
>
> [EMAIL PROTECTED] a écrit :
>>> here is the counter definition:
>>> sqlcounter bytesQuota {
>>>counter-name = traffic_quota
>>>check-name = Max-Traffic
>>>
[EMAIL PROTECTED] a écrit :
>> here is the counter definition:
>> sqlcounter bytesQuota {
>>counter-name = traffic_quota
>>check-name = Max-Traffic
>>reply-name = Tmp-Integer-0
>>sqlmod-inst = mysqldb
>>key = User-Name
>>reset = hourly
>>que
>here is the counter definition:
>sqlcounter bytesQuota {
>counter-name = traffic_quota
>check-name = Max-Traffic
>reply-name = Tmp-Integer-0
>sqlmod-inst = mysqldb
>key = User-Name
>reset = hourly
>query = "SELECT SUM(acctinputoctets + acctou
Hi,
> Much of the time, by the time I get around to wanting to build
> freeradius, it's been months since the server was installed, so I don't
> really know what's installed on it unless I check. I do know that when
> include files are not found, it might mean a -devel package needs to be
> instal
Hi,
> While this was on CentOS, I expect the same things could bite somebody
> using RHEL (or any x86_64 system with yum).
i'm usually torn between advocating the use of ./configure
or the use of eg rpmbuild and the .spec file for CentOS
and Fedora folk. if you used the spec and built your own
Hi,
> CentOS box for configure and make. Just a bit more of a pain than
> downloading a release tar file.
but thats the point...the stuff you want isnt in a release tar
just yet - a nightly tarball, i guess, would be what you would
prefer for this sort of action?
alan
-
List info/subscribe/unsub
[EMAIL PROTECTED] a écrit :
>> Good it's sent in the reply to the nas! Thx
>> But the sqlcounter i setup was supposed to reset every hours , but
>> apparently doesn't...
>> Where can i take a look to find out why?
>>
>
> Check the sql query definition and value of reset in counter.conf.
>
On Tue, 2008-09-09 at 21:56 +0100, [EMAIL PROTECTED] wrote:
> but you chose to use the system stuff in the configure stage
> rather than the supplied version, yes?
Much of the time, by the time I get around to wanting to build
freeradius, it's been months since the server was installed, so I don'
>Thanks for your answer Leonardo but, if I define the groups in the Cisco
>VPN Server, it will be enough with knowing the password of other defined
>group's to obtain an address from a group to which I don't really
>belong. I.e., if Sale's user know password of Development group, will
>can rece
On Tue, 2008-09-09 at 21:57 +0100, [EMAIL PROTECTED] wrote:
>
> congrats! - GIT is far nicer than some of the older methods of
> source retrieval.
I've heard that, but I didn't really get far enough to tell. I had to go
through the process of figuring out which packages were needed, that
they a
On Tue, 2008-09-09 at 15:17 -0400, John Dennis wrote:
>
> I'm inclined to think for those people who wish to build from upstream
> they are better off using the autotools configure script included in
> the freeradius source distribution and not use rpm mechanisms
Yes, but there are still packag
>Good it's sent in the reply to the nas! Thx
>But the sqlcounter i setup was supposed to reset every hours , but
>apparently doesn't...
>Where can i take a look to find out why?
Check the sql query definition and value of reset in counter.conf.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscr
On Tue, 2008-09-09 at 15:24 -0400, John Dennis wrote:
> Wildcards passed to commands must always be quoted or escaped
Well, no, not always any more. If I did something like "cd /root" first,
then the yum commands work just fine. It's a bash feature that if the
wildcard doesn't actually match anyt
Add Pool-Name as check item with operator := to ldap.attrmap. Map it to
something like radiusPool. Add radiusPool to user profile in ldap. Add
value pool1 for radiusPool to those with attribute = 1 ...
Ivan Kalik
Kalik Informatika ISP
Dana 9/9/2008, "Osvaldo Campos M. - Administrador Red STI"
<[
Hi...
Thanks for your answer Leonardo but, if I define the groups in the Cisco
VPN Server, it will be enough with knowing the password of other defined
group's to obtain an address from a group to which I don't really
belong. I.e., if Sale's user know password of Development group, will
can r
Hi,
> Nah! We've all done things like this more times than we care to admit.
> Welcome to the club, your turn to bring refreshments next time :-)
hey! you cant skip *your* turn! ;-)
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> OK, I got this done. It configures and makes on my system (CentOS
congrats! - GIT is far nicer than some of the older methods of
source retrieval.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> But if libfoo.h actually exists in the source tree (as in the case of
> ltdl.h), then it's not so blindingly obvious that the problem is a
> missing -devel package rather than a configuration/compilation issue.
but you chose to use the system stuff in the configure stage
rather than the sup
Yes. Create multiple sql instances. List the name of the instance you
want to use in place of "sql" in appropriate sections (authorize,
accounting, post-auth, etc.).
Ivan Kalik
Kalik Informatika ISP
Dana 9/9/2008, "Nataniel Klug" <[EMAIL PROTECTED]> piše:
>Thanks Ivan.
>
>Another question: is t
hello again!! =)
when i run "make client.pem", according the file certs/README, have this
error:
[EMAIL PROTECTED] certs]# make client.pem
openssl req -new -out client.csr -keyout client.key -config ./client.cnf
Generating a 2048 bit RSA private key
..
John Dennis wrote:
> I know the freeradius source tree and source tarball contains rpm spec
> files and some suse and redhat specific info but I wonder if that is the
> right place for that information, the distribution in question will have
> up to date spec files specific to their distributions,
Greg Woods wrote:
> I tried to use a non-default prefix, and it craps out on "make install"
> because one of the sql-related files refuses to install in a directory
> name that didn't end with /usr/local/lib .
That's libtool insanity. It drives me crazy.
> I was able to work around
> this by
Greg Woods wrote:
On Tue, 2008-09-09 at 19:43 +0100, John Horne wrote:
Does something a bit more generic like 'yum list *td*' show you a list
of installed and available packages? It works for me on CentOS 5.2,
AAAUGH! I got it figured out. I was in the freeradius-server directory
whe
Greg Woods wrote:
On Tue, 2008-09-09 at 16:53 +0100, [EMAIL PROTECTED] wrote:
yep, you havent got all the required development packages installed.
libtool-ltdl-devel
libtool-ltdl
Thanks, that was it. However, I discovered what I think is a bug in yum
in the process. I tried "yum list
ok, ready!
my problem now is the certificates. when I create, the problem is dont can
created the user certificate, reading the howto of wiki in the page (
http://freeradius.org/doc/EAPTLS.pdf ).
i have this:
[EMAIL PROTECTED] certs]# make client.pem
openssl ca -batch -keyfile server.key -cert
I tried to use a non-default prefix, and it craps out on "make install"
because one of the sql-related files refuses to install in a directory
name that didn't end with /usr/local/lib . I was able to work around
this by using a --prefix like "/local/freeradius-git/usr/local" instead
of just "/loca
On Tue, 2008-09-09 at 19:43 +0100, John Horne wrote:
> Does something a bit more generic like 'yum list *td*' show you a list
> of installed and available packages? It works for me on CentOS 5.2,
AAAUGH! I got it figured out. I was in the freeradius-server directory
when I tried this, so it turn
On Tue, 2008-09-09 at 11:24 -0600, Greg Woods wrote:
> On Tue, 2008-09-09 at 16:53 +0100, [EMAIL PROTECTED] wrote:
>
> > yep, you havent got all the required development packages installed.
> >
> > libtool-ltdl-devel
> > libtool-ltdl
>
> Thanks, that was it. However, I discovered what I think is
Good it's sent in the reply to the nas! Thx
But the sqlcounter i setup was supposed to reset every hours , but
apparently doesn't...
Where can i take a look to find out why?
Is it supposed to update the database to reset counters (which seems a
bad solution to me) or does freeradius maintain separa
On Tue, 2008-09-09 at 19:50 +0200, Alan DeKok wrote:
> Please checkout and build git.freeradius.org.
OK, I got this done. It configures and makes on my system (CentOS
release 5.2 (Final) -- x86_64) with no problems. Now on to some fun with
dynamic clients.
--Greg
-
List info/subscribe/unsu
Yes I know... (
Last few weeks I'm trying to build test system for 2.x.x version. I want
to test DHCP functions.
All systems we have are already in use and I don't have enough "space"
to do some testings :)
Alan DeKok wrote:
Marinko Tarlac wrote:
1.1.7 also requires ltdl
The
On Tue, 2008-09-09 at 18:54 +0100, [EMAIL PROTECTED] wrote:
> generally, its blindingly obvious when you see something like
>
> Error - libfoo.h missing
>
> you think, hmmm, i dont have an include.
But if libfoo.h actually exists in the source tree (as in the case of
ltdl.h), then it's not so b
On Tue, 2008-09-09 at 19:50 +0200, Alan DeKok wrote:
> Please checkout and build git.freeradius.org.
If I get time to do this before 2.1.1 comes out, I'll give it a shot,
but there are no git packages for CentOS and I've never used it before,
so I'll have to install git on my Fedora 9 worksta
Hi,
> Marinko Tarlac wrote:
> > 1.1.7 also requires ltdl
>
> The only changes made to 1.1.x from now on will be security related.
>
> i.e. no new features. no build fixes, etc.
I dont think it was a build fix request - more a comment
that 1.1.7 needs ltdl on some platforms due to the way
tha
Greg Woods wrote:
> After this I ran into the previously-noted issue compiling radmin. In
> Makefile.inc, define LIBREADLINE as "-lreadline -lncurses".
Which is also fixed in git.freeradius.org.
> But I now have 2.1.0 compiled so I can work on setting up dynamic
> clients, which is a feature we
Marinko Tarlac wrote:
> 1.1.7 also requires ltdl
The only changes made to 1.1.x from now on will be security related.
i.e. no new features. no build fixes, etc.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, 2008-09-09 at 16:53 +0100, [EMAIL PROTECTED] wrote:
> yep, you havent got all the required development packages installed.
>
> libtool-ltdl-devel
> libtool-ltdl
Thanks, that was it. However, I discovered what I think is a bug in yum
in the process. I tried "yum list *ltdl*" and this fail
Thanks Ivan.
Another question: is there any way to have one database for each virtual
server?
[EMAIL PROTECTED] escreveu:
Can't I change the way it's look into MySQL table? Even this comming
with User-Name I can't look for the value in another field? This is a
MySQL query, not the way it came
1.1.7 also requires ltdl
(CentOS 5.x)
Alan DeKok wrote:
Greg Woods wrote:
I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
report for a similar system here on the list, but this is not the same
error. That one was an error compiling radmin, this is an error
compiling
Thanks for your answer, but I can't use LDAP groups in this case because
I haven'ts groups defined in LDAP according to LDAP "attribute". For
example, I haven't a group "Sales" in LDAP with only users with the
value "attribute=1".
And I need to assign addresses according to the value "attribu
Alan DeKok wrote:
Greg Woods wrote:
I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
report for a similar system here on the list, but this is not the same
error. That one was an error compiling radmin, this is an error
compiling the server:
...
/local/src/freeradius-ser
Greg Woods wrote:
> I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
> report for a similar system here on the list, but this is not the same
> error. That one was an error compiling radmin, this is an error
> compiling the server:
...
> /local/src/freeradius-server-2.1.0/src
Hi,
> I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
> report for a similar system here on the list, but this is not the same
> error. That one was an error compiling radmin, this is an error
> compiling the server:
>
> gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS
I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
report for a similar system here on the list, but this is not the same
error. That one was an error compiling radmin, this is an error
compiling the server:
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOUR
Hi,
I have been using freeradius 1.0.5 for captive portal authentication
in our internal network. I use mysql as backend for radius and using
sqlcounter to check monthly usage.
I was trying out freeradius version 2.1.0 and found out that check
attribute values from radcheck table being replaced
and install the new version and the probe, probe with radtest and I get
this:
Sending Access-Request of id 236 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "testing123"
NAS-IP-Address = 10.30.1.104
NAS-Port = 1812
rad_recv: Access-Accept packet from h
>ERROR: Failed to open socket: cannot bind socket: Address already in use
>/usr/local/etc/raddb/radiusd.conf[236]: Error binding to port for
>0.0.0.0port 1812
>
>
>
>
>
>
>Why is this wrong?
>
>I triyin with user root
>
Is radiusd already running? You need to stop it and restart it with
radiusd -X
>Can't I change the way it's look into MySQL table? Even this comming
>with User-Name I can't look for the value in another field? This is a
>MySQL query, not the way it came... i hope... :)
>
You have three options:
- fill your database with (useless) data and try to change rlm_sql code
and quer
Alan DeKok wrote:
Phil Mayers wrote:
if (condition) {
call debug 2
}
Nah.
radmin> debug file /var/log/radius/bob.log
radmin> debug condition '(User-Name == "bob")'
...
radmin> debug condition
That's better. Very powerful, and very clean.
Nice!
-
List info/subscribe/unsubscribe? See
Phil Mayers wrote:
> if (condition) {
> call debug 2
> }
Nah.
radmin> debug file /var/log/radius/bob.log
radmin> debug condition '(User-Name == "bob")'
...
radmin> debug condition
That's better. Very powerful, and very clean.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://ww
If I understood what you need ...
Using Cisco VPN Client, you can define "Groups" in the Cisco
Concentrator ...
Configuration -> User Management -> Groups
... and assign an "Address Pool" to each group. According the Group used
in the Cisco VPN Client, the user will receive an IP addresses f
Can't I change the way it's look into MySQL table? Even this comming
with User-Name I can't look for the value in another field? This is a
MySQL query, not the way it came... i hope... :)
[EMAIL PROTECTED] escreveu:
Well, you don't have much say in this because NAS sends it that way:
rad_recv
Phil Mayers wrote:
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
Didn't you alter the parser slightly to allow just:
...
%{debug:2}
...
Err, yes. But that's horrible syntax, and I don't think it will stay.
It's not a horrible syntax it's useful syntax, especially when being
used
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
Didn't you alter the parser slightly to allow just:
...
%{debug:2}
...
Err, yes. But that's horrible syntax, and I don't think it will stay.
if (condition) {
call debug 2
}
Might also be useful for:
post-auth {
call sql "insert i
Arran Cudbard-Bell wrote:
> Didn't you alter the parser slightly to allow just:
>
>...
>%{debug:2}
>...
Err, yes. But that's horrible syntax, and I don't think it will stay.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Johan Meiring wrote:
> Is the the "availibility of Nas-Identendifier" to the virtual server thing??
No. Maybe in 2.1.2.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> Sent: 09 September 2008 11:16 AM
> To: FreeRadius users mailing list
> Subject: Re: Dynamic Clients with FreeRADIUS
>
>
> It's a bug in 2.1.0 that will be fixed in 2.1.1.
>
Hi,
Is the the "availibility of Nas-Identendifier" to the virtual server thing??
Thanks
Johan Meiring
> Alan De
Yes, that isn't documented there. I've added some text for 2.1.1.
In short, you can do:
...
update control {
Tmp-String-0 = "%{debug:2}"
}
...
Didn't you alter the parser slightly to allow just:
...
%{debug:2}
...
Or did you
It's a bug in 2.1.0 that will be fixed in 2.1.1.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Norbert Wegener wrote:
> It seems to me, the log section contains the same items as in 2.0.5.
The "requests" entry is new. It can send logs to different
destinations based on dynamic expansions.
> So I am not sure how to turn logging on for a specific user when the
> server is running:
Y
Alan DeKok wrote:
..
* Debug logs can now be turned on/off while the server is
running, for a user, group, realm, etc. See the "log" section
of radiusd.conf.
It seems to me, the log section contains the same items as in 2.0.5.
So I am not sure how to turn loggi
Carlos Eduardo Tavares Terra wrote:
> Sorry, but maybe I didn't understand how virtual servers really work.
raddb/sites-available/README
Each virtual server is a RADIUS server, just like in 1.x. The only
difference is that you don't need to run multiple processes to get
multiple server confi
andreiv wrote:
> Hi,
>
> what is there to be done if you want a running instance and a standby
> instance ?
There's no such thing as a "standby" instance. It's either listening
on the RADIUS port, or it's not.
You're better off using a wrapper to watch the server, such as
daemontools, or s
68 matches
Mail list logo