Thanks for that Claudiu - I'll have to see what I can do :)
Handling the sighup would be a big deal. I am adding my NAS via a php script
so I can easily ask it to give the server a kick once i've added a NAS.
It may be that I can live with an hourly cron job - will have to see. In
theory there co
Hi Santiago,
Tuesday, July 31, 2007, 11:21:36 AM, you wrote:
> I have one question to this, you suposed that RADIUS and DataBase
> services are in the same machine, what happens if these services are
> in severa or there are replicate servers?
Most probably you will have the radius and the datab
Then pipe the susdo command though ssh...
-Peter
On Tue 31 Jul 2007, Santiago Balaguer García wrote:
> I have one question to this, you suposed that RADIUS and DataBase services
> are in the same machine, what happens if these services are in severa or
> there are replicate servers?
>
> >My advic
I have one question to this, you suposed that RADIUS and DataBase services are in the same machine, what happens if these services are in severa or there are replicate servers?
>My advice is to create a database trigger on INSERTs, UPDATEs,>DELETEs.>For example, my postgresql trigger written in p
007, 7:11:02 PM
Subject: Out of Office AutoReply: Re[2]: Adding a NAS via SQL
===8<==Original message text===
danke für ihre mail, aber ich bin bis einschliesslich 19.08.2007 nicht im
büro. wenden Sie sich bei dringenden anfragen bitte an
[EMAIL PROTECTED]
i'm out o
Hi Paul,
Saturday, July 28, 2007, 6:08:23 PM, you wrote:
> I however just tried hitting radiusd with a SIGHUP and it really
> didn't like it Output attached, I just got a segfault when I hit it with
> the next radius request.
Currently, I'm able to run a SIGHUPed freeradius 20070420 snaps
On 2007-07-30 17:06, Dennis Skinner wrote:
> Krzysztof Olędzki wrote:
>> I'm not sure it this is a good idea. What if you need to change for
>> example a shared secret?
>
> Poke it with radclient from a host that is not in the client table?
Like 127.15.16.18? Good idea. So maybe a magic-client s
Krzysztof Olędzki wrote:
> I'm not sure it this is a good idea. What if you need to change for
> example a shared secret?
Poke it with radclient from a host that is not in the client table?
--
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
-
List info/subscribe/
On 2007-07-30 15:54, Stefan Winter wrote:
> Hi,
>
>> It is an issue that has been discussed previously and FreeRADIUS is
>> unlikely to ever do an SQL SELECT of the nas table for every inbound
>> packet. What may be possible is to reload the nas list at certain intervals
>> (from cron is the easie
On Mon 30 Jul 2007, Stefan Winter wrote:
> Hi,
>
> > It is an issue that has been discussed previously and FreeRADIUS is
> > unlikely to ever do an SQL SELECT of the nas table for every inbound
> > packet. What may be possible is to reload the nas list at certain
> > intervals (from cron is the eas
Hi,
> It is an issue that has been discussed previously and FreeRADIUS is
> unlikely to ever do an SQL SELECT of the nas table for every inbound
> packet. What may be possible is to reload the nas list at certain intervals
> (from cron is the easiest) but until/unless HUP handling is improved that
On 2007-07-29 19:13, Arran Cudbard-Bell wrote:
> Hugh Messenger wrote:
>> [EMAIL PROTECTED] said:
>>
>>> how about updating the NAS list from SQL via, for example, an SNMP write
>>> command
>>> or a special RADIUS command packet. both of these could have security
>>> protection
>>> to prevent Do
Hugh Messenger wrote:
> [EMAIL PROTECTED] said:
>
>> how about updating the NAS list from SQL via, for example, an SNMP write
>> command
>> or a special RADIUS command packet. both of these could have security
>> protection
>> to prevent DoS (eg the SNMP write from only certain locations (firewa
[EMAIL PROTECTED] said:
> how about updating the NAS list from SQL via, for example, an SNMP write
> command
> or a special RADIUS command packet. both of these could have security
> protection
> to prevent DoS (eg the SNMP write from only certain locations (firewalled)
> and
> has password too of
Hi,
> It is an issue that has been discussed previously and FreeRADIUS is unlikely
> to ever do an SQL SELECT of the nas table for every inbound packet. What may
> be possible is to reload the nas list at certain intervals (from cron is the
> easiest) but until/unless HUP handling is improved t
Yeah. That would be one way, but its kind of like saying we are going to
introduce a new feature to a BMW that makes it dangerous at speeds over
100km so don't drive it on an autobahn...
It is an issue that has been discussed previously and FreeRADIUS is unlikely
to ever do an SQL SELECT of the
Thanks for your help guys.
I guess a way to prevent the DoS is through the correct use of a firewall?
Kind regards,
Paul.
On 7/28/07, Peter Nixon <[EMAIL PROTECTED]> wrote:
>
> On Sat 28 Jul 2007, Paul Lambert wrote:
> > Hi,
> >
> > I have now taken a look through the archives and I can't see a
On Sat 28 Jul 2007, Paul Lambert wrote:
> Hi,
>
> I have now taken a look through the archives and I can't see a clean
> solution for reloading the nas without restarting. I assume this is what
> you were suggesting I do via cron?
Yep.. The short answer is that FreeRADIUS does not currently reload
Paul Lambert wrote:
> I have now taken a look through the archives and I can't see a clean
> solution for reloading the nas without restarting. I assume this is what
> you were suggesting I do via cron?
Yes.
Unfortunately, *no* application daemon I've looked at handles HUP very
well. Almost
Hi,
I have now taken a look through the archives and I can't see a clean
solution for reloading the nas without restarting. I assume this is what you
were suggesting I do via cron?
Paul.
On 7/28/07, Paul Lambert <[EMAIL PROTECTED]> wrote:
>
> Peter,
>
> Please accept my apologies for wasting y
Peter,
Please accept my apologies for wasting your time.
Paul
On 7/28/07, Peter Nixon <[EMAIL PROTECTED]> wrote:
>
> Paul
>
> All of these questions have been discussed MANY times on the list. Please
> check the archives..
>
> Peter
>
> On Sat 28 Jul 2007, Paul Lambert wrote:
> > Thanks,
> >
> >
Paul
All of these questions have been discussed MANY times on the list. Please
check the archives..
Peter
On Sat 28 Jul 2007, Paul Lambert wrote:
> Thanks,
>
> I thought I might have been going crazy!!!
>
> I however just tried hitting radiusd with a SIGHUP and it really didn't
> like it Ou
Thanks,
I thought I might have been going crazy!!!
I however just tried hitting radiusd with a SIGHUP and it really didn't like
it Output attached, I just got a segfault when I hit it with the next
radius request.
Is there a cleaner way to make it re-read the nas list?
TIA
Paul.
On 7/28/07
On Fri 27 Jul 2007, Paul Lambert wrote:
> Hi all,
>
> I think I might be being a little dense but when I add a NAS to my SQL
> database, it doesn't appear to be enabled until I restart my radius
> server.
Yep. Thats to way it's designed to protect against DoS attacks, otherwise
every inbound pack
OK,
I was using 2.0.0 pre1, so decided to go back to 1.1.7.
I have attached the output of radiusd -X.
>From this output, I can see the radius server is reading the NAS table in my
MySQL database on startup, but not again after that.
The order of events:
I started radiusd -X with the entry for
Ram, ty for the response,
It doesn't seem to be having an effect until I restart the server.
I know I have set this up in the past with no issues, is there anything
obvious I could be missing?
I will take a look again and if I am still having problems post the server
debug etc.
Paul.
On 7/27
On 7/27/07, Paul Lambert <[EMAIL PROTECTED]> wrote:
>
> Hi all,
>
> I think I might be being a little dense but when I add a NAS to my SQL
> database, it doesn't appear to be enabled until I restart my radius server.
>
> Is there a way to automatically activate a new NAS device that I add to
> the
Hi all,
I think I might be being a little dense but when I add a NAS to my SQL
database, it doesn't appear to be enabled until I restart my radius server.
Is there a way to automatically activate a new NAS device that I add to the
SQL database?
Kind regards,
Paul.
-
List info/subscribe/unsubscr
28 matches
Mail list logo