satish patel said:
>i have no wireless accesspoint or anything i want to create it on my
>linux box gateway and it working like NAS i hope u got my question
Sounds like you need something like Mikrotik's RouterOS with Hotspot. See
www.mikrotik.com. The Mikrotik box can then talk to FreeRadius
Emmanuel Dreyfus said:
> On Wed, Aug 08, 2007 at 10:14:45AM -0400, Alan DeKok wrote:
> > The deprecated feature *will* be going away. It's not necessary, and
> > it's wrong.
>
> Agreed, but it could be quite useful as a migration path, couldn't it?
If this was a minor version update, I might a
Clive Gould said:
> I have installed freeradius 1.1.7 and get the appended message when I try
> to use it as a proxy between a Linux/Moodle/PHP radius client and a
> Windows IAS server. The shared secrets are definitely the same.
[snip]
> Received Access-Accept packet from client 10.200.0.2 port
[EMAIL PROTECTED] said:
> how about updating the NAS list from SQL via, for example, an SNMP write
> command
> or a special RADIUS command packet. both of these could have security
> protection
> to prevent DoS (eg the SNMP write from only certain locations (firewalled)
> and
> has password too of
Chris Bell said:
: RE: rlm_sql bug in 64-bit architecture ?
>
> I would love to know what the:
>
> Invalid operator for item Expiration: reverting to '=='
>
> I get them like so:
>
> Invalid operator for item User-name: reverting to '=='
>
> All three of my server logs are filled with them and
Nicolas said:
> In the USERS file or Pre_Proxy_Users file ?
I believe that would be the preproxy_users.
BTW, I made a typo, that second DEFAULT should be for .49, not .48.
> Thanks !
>
>
> Nicolas.
-- hugh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[EMAIL PROTECTED] said
> If [ NAS-IP-Address =~ 192.168.48.* ]
> Calling-Station-Id = Dev
> else
>if [ NAS-IP-Address =~ 192.168.49.* ]
>Calling-station-id = Prod
>else
>Calling-station-id = Any
>fi
> fi
You might try:
DEFAULT NAS-IP-Address =~ "^192\.168\.48\."
While we are on the subject of schemas (schemi?) ...
Would it be worth adding some indexing to the basic sqlippool table? At the
moment, only the 'id' is indexed, by virtue of being the primary key.
I should imagine that even a medium sized provider could end up with quite
large radippool tables
Alan DeKok said:
> Sent: Monday, July 23, 2007 9:03 AM
> To: FreeRadius users mailing list
> Subject: Re: 2.0 mysql.sql
>
> Peter Nixon wrote:
> > ok. Its fixed. I am beginning to think that for 2.0, maybe we should
> just
> > make EVERYTHING lowercase for ALL database backends. It would be one
>
Once again FR "just works". :-)
I decided to try LDAP for my clear text PAP authentication against an Active
Directory (so I can get rid of PAM/winbind). Having read so many horror
stories from people trying to do this, I expected it to be problematic.
It took exactly 5 minutes to get it working
[EMAIL PROTECTED] said:
> BTW word supplicant has nothing to do with word supplement (addition) but
> means someone supplying a request (application) for addmission.
>From the Latin root "supplicare", "to kneel down".
I rather like the Kernerman definition of "a person begging humbly and
earnestl
Cregester said:
> fact that it keeps inserting the computer name in front of the username.
> For
> example MYCOMPUTER\Bob. This is a problem because I just want usernames to
> authenticate no matter what computer they access from. Bob should be able
> to
> authenticate from a number of PCs.
Not su
Doug Hardie said:
> While that may not be all of the issues, debug mode uses a lot of
> disk I/O. You might be getting delays accessing mail files from
> this. You need to figure out why it doesn't run as a service. I
> have been using it in service mode for years with no problems.
Yup, that
This is a long shot, but if anyone has the time to read this, I'd appreciate
any suggestions!
I'm running FR 1.x on the same RHEL4 box that handles POP3/IMAP proxying
(using 'perdition') and authenticated SMTP (using sendmail). I'm in the
process of migrating from Funk/Juniper, so my other RAD
Peter - a couple of things about the MySQL stuff:
1) I just noticed that the ./docs/examples/mysql.sql schema in the 2.0 HEAD
doesn't look right:
#
# Table structure for table 'radippool'
#
CREATE TABLE radippool (
idint(11) unsigned NOT NULL auto_increment,
pool_name
Lisa Casey said:
> I correct the error in the users file and get no more complaints
> regarding
> radiusd.conf
>
> Why?
I've noticed this as well. I've always assumed it's a knock-on effect from
the error in the users file. Same way missing a quote or a semi colon in
something like perl can ca
I finally thought to look in the changelog
http://www.mikrotik.com/download/CHANGELOG_beta
> What's new in 3.0beta10:
[blah blah]
> *) added radius client to send Accounting-On packet on startup;
[blah]
-- hugh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.htm
[EMAIL PROTECTED] said:
> >, but if anyone on this list has a Beta 3 setup :-D
>
> Good old SETUP - missing or bug:
> http://forum.mikrotik.com/viewtopic.php?f=1&t=16963
OK, I'll rephrase that ... "if anyone on this list has a 3.0beta10 install
they can test with". :)
> Ivan Kalik
> Kalik Infor
I got a response from Mikrotik on this thread:
http://forum.mikrotik.com/viewtopic.php?f=1&t=17171
. saying that "I think that following attribute is added at 3.0beta10."
Unfortunately I don't have a spare Mtik at the moment I can test the v3 Beta
OS on. I have a new one on order, so I should b
Peter Nixon quoth:
> On Tue 17 Jul 2007, Hugh Messenger wrote:
> > Can we add sqlippool to the ./modules/stable list?
>
> It is in the stable list for 2.0 but its up to Alan whether we put it in
> for 1.1.7
It's been pretty darn stable for me in 1.1.6. And now we
Mufasa said:
> could you point me at the right doc plz? I must be missing it some how...
The Wiki is usually a good place to start:
http://wiki.freeradius.org/Rlm_sqlcounter
Also the comments in the 'modules' section for sqlcounter in radiusd.conf.
-- hugh
-
List info/subscribe/unsubscrib
I said:
> Peter Nixon said:
> > Good eyes. Hopefully it should work now.
>
> Erm ... nope ...
Ignore me. It works:
radius_xlat: 'BEGIN'
radius_xlat: 'radiustest'
rlm_sql (sql): sql_set_user escaped user --> 'radiustest'
radius_xlat: 'UPDATE radippool SET NASIPAddress = '', pool_key = 0,
Ca
> You are correct the Chillispot does not send ON/OFF packets. I am going
> to
> write a mail to their list and request that they add this feature. You
> should request the same from Mikrotik .
Just did. :)
http://forum.mikrotik.com/viewtopic.php?f=1&t=17171
As that post says, I never realized
Peter Nixon said:
> Good eyes. Hopefully it should work now.
Erm ... nope ...
[EMAIL PROTECTED] radiusd]# pwd
/usr/local/src/freeradius/radiusd
[EMAIL PROTECTED] radiusd]# cvs update
[blah]
[EMAIL PROTECTED] radiusd]# ls -l src/modules/rlm_sqlippool/rlm_sqlippool.c
-rw-r--r-- 1 root root 25416
> I don't know if it makes any difference, but whereas I see this whenever
> rlm_sql does something:
>
> rlm_sql (sql): sql_set_user escaped user --> '3notchmuseum'
>
> ... I don't see anything to that effect when rlm_sqlippool does its stuff.
BTW, something I noticed in the code, although it ca
Peter Nixon [mailto:[EMAIL PROTECTED] said:
> I have applied Alan's patch to the 1.1.x branch. Can you test and see
> if %{SQL-User-Name} works in rlm_sqlippool for MySQL now?
Doesn't seem to. I updated cvs:
-rw-r--r-- 1 root root 25278 Jul 17 10:30 rlm_sqlippool.c
... and did the usual make,
Alan DeKok said:
> Whoops. I've committed a fix.
THANKYOU! I thought I was losing my mind yesterday. So it's a pleasant
surprise to find out it wasn't something silly I was doing (for a change)!
> Alan DeKok.
-- hugh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/l
Peter . as per your postgres 1.1.7 sqlippool queries, I changed the MySQL
ones to use %{SQL-User-Name} instead of %{User-Name} . only it doesn't seem
to pick up a value, so the UserName is coming up blank in the radippool
table.
Example:
sqlippool_expand: 'UPDATE radippool SET expiry_time
I seem to recall having this problem when I first ran 1.1.6. The
postauth_query is:
postauth_query = "INSERT into ${postauth_table} (id, user, pass,
reply, date) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', NOW())"
. but MySQL barfs about a
I just had my first aborted attempt at running 1.1.7 on one of my live
servers.
Main problem is it just refuses to pick up the .
DEFAULT Auth-Type = pam
Fall-Through = 1
. in my users file, which is pretty much my entire users file, the only
other entry is the standard PPP defa
[EMAIL PROTECTED] said:
> Dana 16/7/2007, "Nataniel Klug" <[EMAIL PROTECTED]> piše:
>
> >Hello all,
> >
> >I have a question: when a nas restart without sending client logout
> >to the freeradius server the clients stay connected in radacct table
> >(AcctStopTime=0). What can I do to solve
Jeff said:
> USRConnectSpeed = '%{USR-Connect-Speed}' \
Did you actually add a USRConnectSpeed column to the radacct table? There
isn't one by default.
-- hugh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok said:
> Hugh Messenger wrote:
> > Does 1.1.7 use the newer %{%{foo}:-0} or the older %{foo:-0} format?
>
> It uses the old format.
OK, the reason I asked was that the sql.conf in the 1.1.7 from the day I
posted that question had the new format, but that appears to hav
Does 1.1.7 use the newer %{%{foo}:-0} or the older %{foo:-0} format?
Or is it biformatual?
-- hugh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Peter Nixon said:
> Yep. The problem I have with this change though is that what are the other
> vendor disconnect keys? If you read the RFC it doesn't specify a specific
> key (Alan has been holding ongoing discussions about this on the ietf-
> radext
> list), just that there should be enough info
Arran said:
> Peter said:
> > Maybe we should call the DB colum disconnect-key or something similar...
> >
> >
> Sounds good :)
I'll third that. Maybe even VendorDisconnectKey, which pretty much sums it
up.
Peter - would you be changing that today, to make the 1.1.7 release? I have
a few hour
"jose a. zúñiga" said
> I need a tutorial in order to connect freeradius and mysql
It kind of depends on what you want to do with the MySQL:
Authenticate?
Handle per-user check/return attributes?
Handle per-group check/return attributes?
Accounting?
Dynamic IP assignment?
Whatever your requireme
Peter Nixon said:
> Yep. This was something I added a couple of years ago because I realised
> that
> my report database was spending half of its time recalculating the the
> Session Time every time the report was rerun. Its much more efficient to
> do
> it once, and then just set the delay time t
Something I noticed whilst comparing the postgres and mysql rlm_sql configs
is that when postgres sets an AcctStartTime or AcctStopTime, it figures in
the delay time, whereas the mysql queries don't.
For example, in accounting_stop_query, postgres has:
AcctStopTime = (now() - '%{Acct-Delay-
Ryan Kramer said:
> JRadius simulator will do MSCHAPv2 very well...
>
> http://jradius.org/wiki/index.php/JRadiusSimulator
Oooh!! I want to have JRadiusSimulators babies! I've seen it recommended
several times on this list, but I hadn't gotten round to trying it till now.
Very useful. Doesn't d
Peter Nixon said:
> On Fri 13 Jul 2007, Hugh Messenger wrote:
> If someone has time to test this before I do, please shoot me a mail with
> tested working queries for MySQL...
I'm testing today, I'll get back to you.
BTW, one thing that always confused me about the stored pr
> There is and easier and more correct
> way to fix your problem simply by fixing the mysql query to work the same
> way the existing postgresql query does. The next version of FreeRADIUS
> will have this _bug_ fixed.
So I presume all we need to do to the 1.1.x MySQL is the "shift gigawords
left a
Irina said
> I need to apply it according to this document
> http://www.netexpertise.eu/en/FreeRadius/DailyAcct.html
>
> Could someone reply with simple yes/no answers? I am going to do it on a
> life server. Please.
Firstly, I strongly recommend you set up a test copy of FR with its own te
Phil Mayers said:
> On Thu, 2007-07-12 at 11:46 -0500, Hugh Messenger wrote:
> > Has anyone ever come across a RADIUS test client which supports
> > MSCHAP?
>
> If you mean plain MS-CHAP, you can do it with radclient. Since, with
> plain MS-CHAP, the NAS generates the c
Has anyone ever come across a RADIUS test client which supports MSCHAP?
Remote working is a wonderful thing, but it does mean I'm several hundred
miles from my nearest NAS and wireless client. This obviously makes certain
aspects of RADIUS testing a bit tricky.
-- hugh
-
List info/
Alan DeKok said:
>Robert E. Toense wrote:
>> Yes, I could use ntlm_auth and probably get it working, but this is
>> supposed to be LDAP-based, not SAMBA. The LDAP could move to a
>> different environment. Use of standards is important to us.
Robert ... unfortunately, Microsoft doesn't take sta
Peter Nixon said:
> > I take that back. It seems like a good idea, but that will break things
> > for ISPs who have multiple NAS in failover or OSPF groups and therefore
> > can happily assign the same IP to the same user even if they are
> connected
> > to a different physical NAS.
>
> I changed m
Joel Eddy said:
> KEY Departmet (Department)
Departmet?
-- hugh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Irina said:
> There are users that use a lot of bandwidth. Seems, NAS wraps
> Acct-Input-Octets and Acct-Output-Octets at 4 GB. We have few users that
> may have their bandwidth reset to 0 within hour. When next Interim-
> Updates
> is sent, we don't have a proper number.
>
> Do I miss somethin
Dennis Skinner quoth:
> Hugh Messenger wrote:
> > Santiago Balaguer García said:
> >> DEFAULT Acct-Status-Type == Start
> >> Exec-Program-Wait = "/usr/local/start.sh"
> >> DEFULT Acct-Status-Type == Stop
> >> Exec-Program-Wait = "
Santiago Balaguer García said:
>DEFAULT Acct-Status-Type == Start
>Exec-Program-Wait = "/usr/local/start.sh"
>DEFULT Acct-Status-Type == Stop
> Exec-Program-Wait = "/usr/lcal/stop.sh"
Not sure what other problems you might have, but you probably should have
'local' not 'lcal' in that scrip
On Behalf Of Dave said:
> Yes accounting is working well from the NAS
Are you sure the NAS is sending 'interim update' accounting packets, not
just start/stop?
Here's my understanding of how it works (I'm sure Peter will correct me if
I'm wrong!):
On an access request, sqlippool will first check
Alan DeKok <[EMAIL PROTECTED]>
>
> Dave wrote:
> > Im still having trouble with this problem, I switched the pool key to
> > NAS port, the expiry time is 24 hours, and it seems after 24 hours, it
> > wipes all the existing entries from the database,
>
> That would seem to fit the 24-hour expiry
[Changed the subject back again. I have a bad habit of forgetting to change
it from the digest subject when I respond. Time to switch lists, I guess.]
Peter Nixon <[EMAIL PROTECTED]> said:
> > if ("%{control:Pool-Name}") {
> > if ("%{control:Huntgroup-Name" == "dialup") {
> >
Peter Nixon <[EMAIL PROTECTED]> said:
> And different pool names in each instance
Yup, although obviously the Pool-Name is set up independently of the
sqlippool instances. I have some unlang at the start of 'authorize' section
that sets the Pool-Name based on a mix of NAS IP and Calling-Stat
Peter Nixon <[EMAIL PROTECTED]> said:
> On Wed 04 Jul 2007, Hugh Messenger wrote:
> > I have a problem with the pool-key in rlm_sqlippool.
>
> You can run two copies of the module. As long as you don't have the same
> pool
> name in both, just assign your p
> I have a problem with the pool-key in rlm_sqlippool.
PS, I'm using 2.0.0pre1. Or at least I will be. My dialups currently talk
to my original Funk RADIUS, and I have a live FreeRadius 1.1.7 for wireless
(which uses Calling-Station-Id as the pool-key). But once 2.0.0 is ready
for prime time,
I have a problem with the pool-key in rlm_sqlippool.
The pool-key is defined in the 'global' sqlippool.conf thusly:
## Attribute which should be considered unique per NAS
## Using NAS-Port gives behaviour similar to rlm_ippool.
## Using Calling-Station-Id works for NAS that send fixed N
I thought I'd post this in case anyone else has the same requirement. If
you have no need for per-Huntgroup 'radreply' items using rlm_sql, you need
read no further.
The Problem
---
In our provisioning setup, users can belong to multiple 'service type'
groups. So a single user might hav
Alan DeKok <[EMAIL PROTECTED]> wrote
> Hugh Messenger wrote:
> > If I wrap an 'if' statement round something (in this case a query in
> > mysql_dialup.conf), any config items seem to get blown away.
>
> You can't. "if" is a processing d
Alan DeKok <[EMAIL PROTECTED]> said:
> Hugh Messenger wrote:
> >
> > I'm just wondering why some of the major Linux releases are still
> shipping
> > 1.1.3.
>
> There are versions of redhat that still use 1.0.4.
Ouch.
> Redhat either
> doesn
I'm using the latest and greatest 2.0.0 HEAD.
If I wrap an 'if' statement round something (in this case a query in
mysql_dialup.conf), any config items seem to get blown away.
So for instance:
authorize_reply_query = "\
SELECT id, UserName, Attribute, Value, op \
FROM ${authreply
<[EMAIL PROTECTED]> said:
> I am developing a custom module for Debian 4.0 with preinstalled
> FreeRADIUS 1.1.3,
Baki - unless you have some utterly compelling reason to be working on the
Debian distro version, you really should upgrade to at least 1.1.7.
Depending on your schedule, you might even
Dave <[EMAIL PROTECTED]> said:
> I use the sqlippool setup for handling IP pools, and it works well,
> except I want to rid of the expiry time, (maximum timeout=0). right now
> its setting for 24 hours, and then it cleans itself out, and then
> freeradius starts handing out already assigned/used IP
Krzysztof Ol?dzki <[EMAIL PROTECTED]> said:
> On 2007-06-30 17:24, Daniel Bojczuk wrote:
> > Hi again...
> >
> > I have a doubt: Is it possible to use two tables to check the users? I
> > need to do something like this... Freeradius checks if the user is valid
> > on the table 1, if it returns true
Jeff <[EMAIL PROTECTED]> said
>
> Actually the best answer for me if I were alittle stronger in mysql to
> create the import query would be
> a script that I could run to convert the users and import them into the
> radius database
As you noticed, users2mysql is a good place to start. And don't
"Pshem Kowalczyk" <[EMAIL PROTECTED]> said
>
> I would prefer to avoid user files all together. Currently we have
> over 100k customers (heaps of them have 'user-specific' setup, not
> just static ips). Customers change connection properties through a
> web-based interface and we need to speed up
"EXT / GFI REBOLJ Jean-Pierre" <[EMAIL PROTECTED]> said:
[snip]
>ldflag = round_robin
[snip]
> the problem is that I see the Authentication request and response then
> Accounting start on the fisrt back-end server and the accounting stop
> on the second backend server.
That sound
Peter Nixon <[EMAIL PROTECTED]> said:
> On Thu 28 Jun 2007, Hugh Messenger wrote:
> > Peter Nixon <[EMAIL PROTECTED]> said:
> > > On Thu 28 Jun 2007, Alan DeKok wrote:
> > > > Hugh Messenger wrote:
> > > > > With my curre
Forgive me if meta-discussions are frowned upon.
I was just wandering what tools and utilities (not shipped with freeradius)
people find useful in day to day admin and testing.
My vote goes to NTRadPing, a fully featured Windows take on the standard
UN*X radping. Freebie, from http://www.d
Peter Nixon <[EMAIL PROTECTED]> said:
> On Thu 28 Jun 2007, Alan DeKok wrote:
> > Hugh Messenger wrote:
> > > With my current configuration, if sqlippool cannot assign an IP, the
> > > authentication still succeeds.
> >
> > The module returns NO
Arran Cudbard-Bell <[EMAIL PROTECTED]> said:
> Remember to change any value substitutions to the new scheme
>
> %{%{foo}:-%{bar}}
You just answered my rather long winded question about the 'deprecated'
warnings, before I asked it.
I've fixed all occurrences, and all warnings have gone away. I'
Hangjun He <[EMAIL PROTECTED]> said:
> But there are no enough memory on my linux system to install samba.
>
> What should I do?
Install more memory. As Alan said, you have to have Samba to do what you
want to do.
>John
-- hugh
-
List info/subscribe/unsubscribe? See http://www.f
With my current configuration, if sqlippool cannot assign an IP, the
authentication still succeeds.
How can I set things up so if no IP is available, the authentication will
fail with some informative Reply-Message, like the simultaneous use session
control does?
-- hugh
-
List info
The default mysql-dialup.conf queries are generating a lot of these
warnings:
WARNING: Deprecated conditional expansion ":-". See "man unlang" for
details
expand: INSERT INTO radpostauth (id, user, pass, reply, date)
VALUES ('', '%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:
Alan DeKok <[EMAIL PROTECTED]> said:
> Or, Framed-IP-Address. But I don't see that typo in the CVS head.
My apologies, that was a typo in the email, not the config file. I'll do
some more testing and get back to you on this one.
> The lines are wrapped at 80 characters, with '\' at the end.
Alan DeKok <[EMAIL PROTECTED]> said:
> Hugh Messenger wrote:
> ...
> > I like this new unlang.
>
> Thanks. It makes me much more confident in releasing a 2.0 that is
> *much* better than 1.1.
My only suggestion is adding some examples to the man page, and/or in the
Peter Nixon [mailto:[EMAIL PROTECTED] said
> From now on (20 min ago), MySQL should be a fully support dialect for
> rlm_sqlippool so the table is part of the normal schema and the queries
> _should_ work by default. Please send patches for anything that is still
> broken as I don't test against My
Alan Dekok <[EMAIL PROTECTED]> said:
> Hugh Messenger wrote:
> > Any luck fixing this stuff:
> >
> > DEFAULT Called-Station-Id =~ "^([A-z0-9]+_[0-9]+)$", Pool-Name := `%{0}`
> >Framed-IP-Netmask = 255.255.0.0,
> >Fall-Through = 1
&
I said:
> 2) Where can I find the sqlippool schema in 2.0.0?
I went ahead and used the same schema from 1.1.6, seems to be OK. But I'd
still like to know where to find it documented, for next time I need it.
Anyway, there seems to be a few issues in the mysql-ippool-dialup.conf file.
1) In the
I'm slowly getting there with my 2.0.0 install. Couple of sqlippool
questions:
1) The sqlippool.conf file has this at the end:
## Uncomment the appropriate config file for your SQL dialect
# $INCLUDE ${confdir}/sql/mysql-dialup.conf
$INCLUDE ${confdir}/sql/postgresql-ippool-dialup.conf
I'm p
"Flavio Silvestrone" <[EMAIL PROTECTED]> said:
> Subject: Re: "Clear text password not available"
> The version of radius is "freeradius-1.0.1-3".
All together now:
"Upgrade to 1.1.6"
I've kind of lost track of exactly what you are trying to do, but what the
users file is seems to be set up to d
Alan DeKok wrote:
> Hugh Messenger wrote:
> > So far the only errors I'm seeing are these:
> >
> > ==29820== Thread 2:
> > ==29820== Invalid write of size 1
> > ==29820==at 0x4819294: strNcpy (misc.c:187)
> > ==29820==by 0x4CC43F3: sqlippool_
Alan Dekok <[EMAIL PROTECTED]> said
> Yes. For simplicity:
>
> $ script valgrind.log
> $ valgrind radiusd -xxx
> ...
> $
> $ exit
Okie Dokie. I was going to use --log-file witrh valgrind, but 'script'
works. Done.
So far the only errors I'm seeing are these:
==29820== Thread 2:
==29820==
> From: Alan Dekok <[EMAIL PROTECTED]>
> Oh, and "-=" works. With the "users" file, it didn't. And there are
> other corner-case bugs fixed, too.
Any luck fixing this stuff:
DEFAULT Called-Station-Id =~ "^([A-z0-9]+_[0-9]+)$", Pool-Name := `%{0}`
Framed-IP-Netmask = 255.255.0.0,
> From: Alan Dekok <[EMAIL PROTECTED]>
> Run it under valgrind, and re-direct all of the valgrind output to a
> file.
What radiusd switches should I use?
I've never used valgrind before, not sure if it handles daemonized and/pr
threaded services, so I'm not sure if I'd need to run radiusd with
Having been running freeradius in debug mode (with no problems at all) for a
month or so while testing and provisioning, it's time to put it in
production.
Unfortunately, when I run it as a service, it dies after a few hours. No
clues, no errors, no nothing . it just silently dies off. Load i
> I will be out of the office from Wednesday May 30 until Monday
> June 4.
What a coincidence! I'll be out of the office during those dates as well
... hunting down and killing everyone who writes broken autoresponders.
Sorry, I know I shouldn't increase list pollution by letting myself respond
Wolfgang Rosenauer <[EMAIL PROTECTED]> said:
> I ran radiusd -X and saw that freeradius sent an Access-Accept reply to
> the NAS' ip address and source port.
Could you post the entire -X log for an example request?
> Thanks,
> Wolfgang
-- hugh
-
List info/subscribe/unsubscribe? See http:
Alan DeKok <[EMAIL PROTECTED]> said:
> Try putting it in the "hints" section. I think the "users" file
> doesn't do the proper translations, unfortunately.
>
> DEFAULT Calling-Station-Id =~ ...
> Pool-Name = ...
>
> That might work.
Unfortunately not.
It does produce a slightly diff
Hugh Messenger (that's me!) said:
> Alan DeKok said:
>
> > DEFAULT Called-Station-Id =~ "^(\w+_pppoe_\d+)$", Pool-Name :=
> `%{1}`
> >
> > \w && \d may not be supported by the regex library on your system. You
> > may have to use [a-fA
Ala DeKok said:
> DEFAULT Called-Station-Id =~ "^(\w+_pppoe_\d+)$", Pool-Name :=
`%{1}`
>
> \w && \d may not be supported by the regex library on your system. You
> may have to use [a-fA-F] etc. explictely.
I don't seem to be able to get this to work. This is my DEFAULT entry:
DEFAULT
Alan DeKok <[EMAIL PROTECTED]> says:
> $ man users
DOH!!
Mea Maxima Culpa. I swear I read that through twice, and managed to
blind-spot on the =~ both times.
> Alan DeKok.
-- hugh
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Another classic Dumb Question.
Over the next few months I'm going to be setting up a lot of IP pools for
sqlippool. My Pool-Name's are based on the Called-Station-Id.
The way I'm doing it right now is a DEFAULT for each one, like this:
DEFAULT Called-Station-Id == brantley_pppoe_141, Pool-Name
I said:
> Is the rlm_sqlippool in 1.1.6 known to work with MySQL 5?
>
> Actually, I'm fairly sure it's not even getting as far as talking to the
> db. No matter what I try, it just tells me 'missing pool_name'.
Turns out I borked something else in the users file which was breaking the
Pool-Name
George Embrey <[EMAIL PROTECTED]> says:
> Queries to Windows MySQL servers from Linux Systems often fail unless
> the lower_case_table_names parameter is set to 0 in the my.ini file in
> the MySQL directory.
I'm familiar with that issue, and I checked all the table case-ness. The
problem seems t
Is the rlm_sqlippool in 1.1.6 known to work with MySQL 5?
Actually, I'm fairly sure it's not even getting as far as talking to the db.
No matter what I try, it just tells me 'missing pool_name'. Which would
seem to indicate that the Pool-Name checklist attribute isn't getting set.
But If I the
Dear freeradius Alpha Geeks,
Am I loosing my mind or is there a bug in the postauth_query in the MySQL
version of sql.conf?
I'm running freeradius 1.1.6 on RHEL4, and MySQL 5.0.37 on W2k. Don't ask.
Out-of-box, this postauth query ...
postauth_query = "INSERT into ${postauth_table} (i
Phil Mayers <[EMAIL PROTECTED]> wrote:
> Hugh Messenger wrote:
>> Is it possible with freeradius to use SQL to retrieve certain return
>> attributes (in this case rate limiting values for PPPOE sessions),
>> whilst still handling authentication through PAM?
>
&g
ot; requirement), so storing
passwords in MySQL is a non-starter.
-- hugh
--
Hugh Messenger
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
100 matches
Mail list logo