Hi,
Can Bug 517 (Patch for radwho to correct time output and IP
address outpu) be included in the next release? I've used the supplied
patch and find it works quite well. Would be nice not to have to repatch
on the next release.
Thanks, Tuc
-
List
Submit a *useful* patch, and it will go in. Until then, please
continue to profit from a project that sucks. A project to which
you've contributed nothing. The sheer hypocrisy of that position should
be evident to everyone.
So does this mean that bug 517, which includes code
Tuc at T-B-O-H.NET wrote:
What are some possible causes in 2.0.4 for the radacct (MySQL) and
radutmp (That feeds radwho) to get out of sync. It seems almost 100% of the
time, radwho/radutmp isn't showing the user, while radacct has no
acctstoptime.
radutmp requires specific
Tuc at T-B-O-H.NET wrote:
Ok, thanks. I have to do more work to see if radutmp EVER had a
record for the user or not. My initial thought was that when the user logged
off and an accounting stop record was sent, that it updated the radutmp
file,
and then SOMETHING happened
Tuc at T-B-O-H.NET wrote:
Can Bug 517 (Patch for radwho to correct time output and IP
address outpu) be included in the next release? I've used the supplied
patch and find it works quite well. Would be nice not to have to repatch
on the next release.
Done.
Many
Hi,
What are some possible causes in 2.0.4 for the radacct (MySQL) and
radutmp (That feeds radwho) to get out of sync. It seems almost 100% of the
time, radwho/radutmp isn't showing the user, while radacct has no acctstoptime.
Thanks, Tuc
-
List
Arran Cudbard-Bell wrote:
But it also kinda limits the usefulness of the feature. Couldn't you
place it in the hands of the server admins to decide which hosts can
query and which can't? Another configuration item in clients?
grumble
It's possible. I guess.
I think the
Tuc at T-B-O-H.NET wrote:
Maybe a quicker solution would be to enable libwrap for it?
I understand the changes to the code to support libwrap aren't too much,
and it can even be made optional via the ./configure .
Ugh. The IP configuration / filter in the server already does
Copy the configs to a test machine. Run radsniff on the production
machine to grab packets. Play them back on the test machine. Run
radiusd -X on the test machine.
Ok, wasn't aware of the functionality. I don't see a radsneeze,
so I'm guessing you pipe them back in via echoing it
Hi,
Can Bug 517 (Patch for radwho to correct time output and IP address
outpu)
be included in the next release? I've used the supplied patch and find it
works quite well.
Thanks, Tuc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
I haven't been given authorization to do a radiusd -X yet, but
I'm seeing something in my logs that I don't get . User is logging in
from multiple times, so I put on Simultaneous-Use and it goes against
the radutmp. So I test it by hand and I get in radius.log
Wed Jun 11 17:30:45
Tuc
Tuc,
Did you check you don't have anything for this user in
radgroupcheck/radgroupreply?
The debug log from freeradius might prove helpful.
On Fri, May 23, 2008 at 2:47 AM, Tuc at T-B-O-H.NET [EMAIL PROTECTED] wrote:
Hi,
I've run this on FR2.0.3
Hi,
I'm having to write my own validation and accounting for a device,
and I need to understand a little about the flow. Is there a good reference
for this? I don't have to support much, basically user/pass authentication,
updating accounting, timeout, logoff.
I understand that
I'm having to write my own validation and accounting for a device,
Don't. Please. There are a number of RADIUS libraries available,
including freeradius-client, on freeradius.org. It's supported, it
works, and it's in use by a number of products.
I have no issue using a
Hi,
I've noticed on the default FR 2.0.4 MySQL counter.conf file, for the
sqlcounter noresetcounter , there isn't a count-attribute of
Acct-Session-Time or a reply-name of something like Session-Timeout.
The dailycounter and monthlycounter both have a reply-name . Is this
for a reason,
Hi,
I've run this on FR2.0.3 and 2.0.4, MySQL and Postgresql, and
I seem to see a pattern. I'm not sure if its the correct behaviour or
not.
Using counters, I add Max-All-Session := 123 into my database
for a user. when I run radtest, I get :
setup# radtest hotspot ICANSEE
Hi,
For the following :
accounting_onoff_query = \
UPDATE ${acct_table1} \
SET \
acctstoptime = '%S', \
acctsessiontime= unix_timestamp('%S') - \
unix_timestamp(acctstarttime), \
Hi,
For the following :
accounting_onoff_query = \
UPDATE ${acct_table1} \
SET \
acctstoptime = '%S', \
acctsessiontime= unix_timestamp('%S') - \
unix_timestamp(acctstarttime),
ISP
Dana 18/5/2008, Tuc at T-B-O-H.NET [EMAIL PROTECTED] pi?e:
Hi,
For the following :
accounting_onoff_query = \
UPDATE ${acct_table1} \
SET \
acctstoptime = '%S', \
acctsessiontime= unix_timestamp('%S
? If there is a big difference than you are not getting
all accounting Stop packets. You should run a script that removes stale
entries (those open for longer than x hours) from radacct.
Ivan Kalik
Kalik Informatika ISP
Dana 16/5/2008, Tuc at T-B-O-H.NET [EMAIL PROTECTED] pi?e:
Hi,
I'm looking
Hi,
Is there a procedure to follow to ask for a new feature to be added?
I seem to have some sort of anomoly that sqltrace is active in my server
even though its not in debug mode. Thats not a big deal.
What I would like, though, is in src/modules/rlm_sql/sql.c for a
I seem to have some sort of anomoly that sqltrace is active in my server
even though its not in debug mode. Thats not a big deal.
no. that'll be right. sqltrace is nothing directly to do with server
debug mode - its a debug mode of the sql module - its enabled and disabled
in sql.conf
Tuc at T-B-O-H.NET [EMAIL PROTECTED] writes:
Is there a procedure to follow to ask for a new feature to be added?
AFAIK:
- develop a patch
- create a bug report requesting the new feature
- attach the patch to the report
Only issue with that is sql.c is written
Tuc at T-B-O-H.NET wrote:
I seem to have some sort of anomoly that sqltrace is active in my server
even though its not in debug mode. Thats not a big deal.
no. that'll be right. sqltrace is nothing directly to do with server
debug mode - its a debug mode of the sql module - its
Dana 16/5/2008, Tuc at T-B-O-H.NET [EMAIL PROTECTED] pi?e:
Hi Ivan,
We have many Chillispot systems, but as I mentioned before,
combined, at the time it was approximately 14.
I was hoping that there would be some way to have checkrad do
that for us, but since DD-WRT runs
Hi,
This isn't specific to FreeRadius, so if its not for
this group, please let me know.
I'm looking into the Accounting-Request packet for
the following :
*** DUMP OF RADIUS PACKET (Net::Radius::Packet=HASH(0x834ac1c))
Code: Accounting-Request
Identifier: 1
Authentic:
Hi,
I'm looking to implement the Simultaneous-User Value in radcheck.
(FR 2.0.3) I'm having the issue that, for whatever reason (I'd blame the
network in a heartbeat, not FR at all), the accounting for a logged in user
never gets from a NULL acctstoptime to one filled in.
At
happening or not happening..
Tuc
Liran.
On Tue, May 13, 2008 at 3:20 AM, Tuc at T-B-O-H.NET [EMAIL PROTECTED] wrote:
Hi,
I've got a new install, and I have it working fine with plain text
files. I'm trying to go this time to Postgresql (Don't ask
Hi,
Hey Tuc,
Regarding your issue, check the radiusd.conf file, in the modules{}
section
for
the pap module settings, you probably have it set to encryption_scheme =
crypt, if so, change it to clear.
No, its the standard :
pap {
Tuc at T-B-O-H.NET wrote:
No, its the standard :
pap {
auto_header = no
}
It looks like you have something else in the system adding a
Crypt-Password for the user... before the SQL module is called. Check
the unix module. It WILL say
Hi,
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = tuc, looking up realm NULL
rlm_realm: No such realm NULL
++[suffix] returns noop
rlm_eap: No EAP-Message, not doing
Hi,
I've got a new install, and I have it working fine with plain text
files. I'm trying to go this time to Postgresql (Don't ask) and I'm
just not having a good time of it. I don't get why its doing the following
(2.0.4 with Postgresql 8.1.11) :
Ready to process requests.
hi,
are you sure that there isnt a legacy secret entry in clients.conf
file?
Nope...
[EMAIL PROTECTED] sbin]# more /usr/local/etc/raddb/clients.conf
#**
Hi,
It still leaves one item open. I can't seem to get radclient to
be able to take the NAS-IP-Address and then the secret for that
NAS-IP-Address.
It seems no matter what, it wants to use the secret for the localhost. Is
this how its supposed to work, or is there a bug
Hi,
Tech calls in and say that he can't get an appliance working in the
field.
I ask him what secret he's using and the IP address of the appliance. I
want to
be able to be locally logged onto the radius server and use
radtest/radclient/rad
to be able to query radius
, Tuc at T-B-O-H.NET [EMAIL PROTECTED] pi?e:
Hi,
Tech calls in and say that he can't get an appliance working in the
field.
I ask him what secret he's using and the IP address of the appliance. I
want to
be able to be locally logged onto the radius server and use
radtest
ethernet interface).
And I'm also assuming you have configured the nas table in sql.conf
Regards,
Liran Tal.
On Wed, Apr 30, 2008 at 11:41 PM, Tuc at T-B-O-H.NET [EMAIL PROTECTED]
wrote=
:
Hi,
Running FreeRadius 2.0.3 built from source on Centos 5.1 with
a Mysql 5.0.45
Hi,
Running FreeRadius 2.0.3 built from source on Centos 5.1 with
a Mysql 5.0.45 back end.
We've been doing testing on our setup for MONTHS (First FR1,
now FR2) and its been flawless. Today we went to put our first unit into
production and am having issues.
We are
per NAS = Secret per NAS
IP address.
Ivan Kalik
Kalik Informatika ISP
Dana 11/4/2008, Tuc at T-B-O-H.NET [EMAIL PROTECTED] pi?e:
Hi,
If I choose DNS name, and I don't fully qualify it,
does it follow the standard BIND rules of using the domain
setting, or going down the search
Hi,
I had actually kept this email in my queue to implement
someday. Today is someday. But I have a question.
The config file contains IP addresses, which the nas.sql
doesn't. How do I sync up the format of the clients.conf with
the nas.sql?
client nas_shortname {
Informatika ISP
Dana 10/4/2008, Tuc at T-B-O-H.NET [EMAIL PROTECTED] pi?e:
Is anyone doing anything like this already?
They usually use equipment that sends a NAS identifier.
Hi,
Sorry for a second followup, but I just looked over
the radacct file and don't see anywhere that NAS
into nasname field.
Ivan Kalik
Kalik Informatika ISP
Dana 11/4/2008, Tuc at T-B-O-H.NET [EMAIL PROTECTED] pi?e:
Hi,
I had actually kept this email in my queue to implement
someday. Today is someday. But I have a question.
The config file contains IP addresses, which
Hi,
Looking to restrict a user to only be able to log in
and re-log in to the initial NAS they first ever logged onto.
(Hotspot) Looking at the radacct file where it looks like
the check-items normally go against, I'm not seeing anything I
can use as an identifier. The nasipaddress is
Tuc at T-B-O-H.NET wrote:
Looking to restrict a user to only be able to log in
and re-log in to the initial NAS they first ever logged onto.
(Hotspot) Looking at the radacct file where it looks like
the check-items normally go against, I'm not seeing anything I
can use
Is anyone doing anything like this already?
They usually use equipment that sends a NAS identifier.
Hi,
Sorry for a second followup, but I just looked over
the radacct file and don't see anywhere that NAS-Identifier would
be stored. Or are you saying that I need to still use
Hi,
I'm using the sqlcounter noresetcounter which sets the reset to
never. When it sends back the reply, it ends up looking like :
Your maximum never usage time has been reached
Is there a way to change it short of just changing the line :
snprintf(msg, sizeof(msg), Your
Hi,
I can't seem to find any reference to making the
contents of the clients.conf accessible via SQL. We are
constantly making edits, and having to constantly reload
the server doesn't make sense.
Pointers to where I missed putting it into
MySQL, or if anyone knows how to would
47 matches
Mail list logo
