.
Craig Campbell
craig.campb...@ccraft.ca
CampbellCraft Consulting Inc
2 Kenny Court
Whitby, Ontario
Canada
L1R 2L8
905 922-2789
__ Information from ESET Smart Security, version of virus signature
database
to 127.0.0.1 port 59607
Waking up in 4.9 seconds.
Cleaning up request 0 ID 163 with timestamp +8
Ready to process requests.
Craig Campbell
craig.campb...@ccraft.ca
CampbellCraft Consulting Inc
2 Kenny Court
Whitby
Freeradius 2.1.8
I am trying to replace the functionality (from sites/enabled/default) of,
ldap_server_1 {
notfound = return
}
with a redundant set of servers. I cannot have
redundant-load-balance {
ldap_server_1 {
them would be very difficult.
It's after 1am here, so I hope this won't seem obvious in the morning.
Any hints would be greatly appreciated.
Thanks so much,
-craig
Craig Campbell
craig.campb...@ccraft.ca
: Craig Campbell
To: FreeRadius users mailing list
Sent: Friday, November 12, 2010 6:24 AM
Subject: Output from Exec-Program-Wait in users file
Hi,
am migrating from an ancient radius install to FreeRADIUS Version 2.1.8
The system uses a custom authentication binary which we
Just wondering when 2.1.11 might be released?
I am seeing an issue in 2.1.10 very similar to FR 2.1.9 Frequent SegFault,
didn't happen with FR 2.1.8
(http://freeradius.1045715.n5.nabble.com/FR-2-1-9-Frequent-SegFault-didn-t-happen-with-FR-2-1-8-td2787291.html).
I am hoping that the cause might
Hi Hollman,
I too have failed to grasp the nuances of the 'new' exec mechanisms. In
the end I admitted defeat, and stuck to the 'old way' - which I fear may
become deprecated at some point. In any case, here is what I have done and
have working at this point.
1. Restore all the config
It sounds like the original request I need to add the time spend for a
particular Flow to a Logfile wants to track the 'login time' in milliseconds.
I suppose one could track the time from receiving the original request to
sending the authentication - or receiving the accounting packet after
Sound like a configuration (a job for : ) realms.
Each location would be a different realm, so the seemingly overlapping
username manger would in fact be a unique manager@realm-X.
Thoughts?
-craig
On Wednesday, March 16, 2011, Richard Thornton rtho...@yahoo.com wrote:
I am just learning about
Hi Craig,
Craig here too...
I am not very knacky with PERL, but I can tell you what you need to know.
1. in the file file users you will need a line like,
DEFAULT Auth-Type := Accept
Exec-Program-Wait = /usr/local/sbin/auth -X -U -- %{User-Name}
%{User-Password}
Alan,
I've read the documents indicated repeatedly. (And again just now.)
I have not yet been able to port the 'deprecated' method of
EXEC-PROGRAM-WAIT=/usr/local/bin/auth -A parameter
to the new method.
I guess I'm missing how to bind the program using the new method to the
entries
Craig,
I THINK you my want to name the exec module specifically... from memory I
THINK the syntax may be something like..
exec my_personal_auth_program {
program = /path/to/program/exec-program-wait -- I know I need to change this
wait = yes
input_pairs = request
output_pairs = reply
}
Alan,
re:Do you have a *specific* question about the documentation? I'm
unwilling to re-post it here, as that is not helpful.
Perhaps we (the craigs) are thinking about it from the wrong (old) angle?
What I am missing is how to connect the entries in the users file to the
specific
Bounty
On 21/03/11 15:04, Craig Campbell wrote:
Alan,
I've read the documents indicated repeatedly. (And again just now.)
I have not yet been able to port the 'deprecated' method of
EXEC-PROGRAM-WAIT=/usr/local/bin/auth -A parameter
Why do you say it's deprecated?
to the new method
Send it to Alan - he wrote the thing! :)
The rest of us are just hacks!
:)
-the other craig
- Original Message -
From: Leander S. i...@netocean.de
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Monday, March 21, 2011 2:05 PM
Subject: Re: $75.00 USD
Again, perl is not my specialty, but spawn a background watchdog process that
sleeps 40 seconds than kills the parent if it is still alive.
Similarly, have the parent kill the child (watchdog) just before it exits if
it completes its task.
-the other craig
- Original Message -
Hi.
FreeRadius 2.1.6 running in Redhat Linux AS5.3
We are upgrading from ancient radius servers to current, and discovered the
radrelay program no longer exists.
Despite my best efforts, I have failed to configure relaying correctly. I
think I am including below the required changes. I hope
Here is some more of the log file - I didn't realize what to look for.. (I
did a string search for proxy below this point - nothing.. same for
192.168.1.126 and radius-b strings.)
Thanks,
-craig
Listening on proxy address * port 1814
Waking up in 0.9 seconds.
rad_recv: Accounting-Request
? (No detail_relay file required?)
Thanks,
-craig
- Original Message -
From: Ivan Kalik t...@kalik.net
To: Craig Campbell cr...@ccraft.ca
Sent: Monday, August 31, 2009 5:12 PM
Subject: Re: Simple Accounting 'radrelay' functionality - Version 2.1.6
OK. This expands:
[detail] /var/log/radius
I suspect you'll need to treat it like two unique servers, and create two
(2) copy-acct-to-home-server instances (or double up the entries in the
one).
Unless I'm mistaken, you'll also need two detail files for the relaying of
the information.
- Original Message -
From: Dánial Olsen
: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Thursday, September 10, 2009 4:16 AM
Subject: Re: Checkrad / Simultaneous-Use clarification please
Craig Campbell wrote:
We currently have users that log in both with and without
Due to multiple issues using radutmp, on the advice of this list, I am
converting to mysql to track users and enable Simultaneous-Use controls.
1) radutmp (code) assumed only 1 user per port (our device allows several
users per NAS port). So, (by default) radutmp only showed the LAST user
I am runnning 2.1.6 on Redhat Linux (Red Hat Enterprise Linux Server release
5.3 (Tikanga)).
This server relays all records to an identical server radius-b and radius-c
Similarly radius-b relays its records back to radius-a (except those from
radius-a)
radius-c is just for testing.
All
Update:
strace suggests all the child processes are doing the same thing,
[r...@radius-a raddb]# strace -p 30893
Process 30893 attached - interrupt to quit
futex(0x3acf752554, FUTEX_WAIT_PRIVATE, 2, NULL unfinished ...
Hope this helps,
-craig
- Original Message -
From: Craig
What is the NAS-Port value? I don't THINK radutmp can handle multiple
sessions sharing a port.
-craig
- Original Message -
From: Gerardo Contreras gcontre...@netx.com.mx
To: freeradius-users@lists.freeradius.org
Sent: Friday, October 09, 2009 1:00 PM
Subject: Problems with radutmp
Did you set up the database?
If not, check out /usr/local/etc/raddb/sql/mysql/admin.sql (assuming you are
intending to use mysql.)
Good luck,
-craig
- Original Message -
From: Alisson
To: FreeRadius users mailing list
Sent: Friday, October 09, 2009 2:53 PM
Subject: Re:
Also check out http://wiki.freeradius.org/SQL_HOWTO
- Original Message -
From: Alisson
To: FreeRadius users mailing list
Sent: Friday, October 09, 2009 2:53 PM
Subject: Re: errors There are no DB handles to use and Discarding conflicting
packet from client
somebody have
} })
Is this bad?
Is there a better alternative?
Thanks so much!
-craig
- Original Message -
From: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Friday, October 09, 2009 4:17 PM
Subject: Re: over 30 radiusd processes
Craig
select
username, acctsessionid, nasportid, nasporttype, acctstarttime from radacct
where acctstoptime is NULL ;'
I hope I haven't overlooked anything.
Good Luck!
-craig
- Original Message -
From: Gerardo Contreras gcontre...@netx.com.mx
To: Craig Campbell cr...@ccraft.ca
Sent: Friday
: over 30 radiusd processes
Craig Campbell wrote:
Yes, two(2) binaries and one (1) shell script are called via exec as
follows from the file,
Could you NOT CC me on messages to the list? I subscribe, and I read
the messages.
And fix your mailer. I saw a *large* number of duplicates
users mailing list freeradius-users@lists.freeradius.org
Sent: Tuesday, October 13, 2009 1:55 AM
Subject: Re: over 30 radiusd processes
Craig Campbell wrote:
Up to 65 processes now
Any ideas how to stop this from happening?
Which version are you running?
Alan DeKok.
-
List info/subscribe
Subject: Re: over 30 radiusd processes
I had a same problem when one of our databases was terrible slow...
Is there anything in radius.log ?
Alan DeKok wrote:
Craig Campbell wrote:
Freeradius 2.1.6
Running on Redhat AS5 Update 3
with mysql-devel rpms added to enable mysql support.
Compiled
, and be doing what I desire.
but I want the config to be CLEAN.
All I really want is to run a script when an accounting STOP record is
received. Am I doing it wrong?
Thanks,
-craig
Craig Campbell
craig.campb
anyone determined how to disable threads?
Thanks,
-craig
Craig Campbell
craig.campb...@ccraft.ca
CampbellCraft Consulting Inc
2 Kenny Court
Whitby, Ontario
Canada
L1R 2L8
905 922-2789
So I cannot have multi processes without having threads as well?
- Original Message -
From: Ivan Kalik t...@kalik.net
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Friday, October 16, 2009 7:57 AM
Subject: Re: How to disable threads in 2.1.7
I am
AM
Subject: Re: How to disable threads in 2.1.7
Craig Campbell wrote:
So I cannot have multi processes without having threads as well?
What does that mean?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__ Information from ESET Smart
@lists.freeradius.org
Sent: Friday, October 16, 2009 8:52 AM
Subject: Re: How to disable threads in 2.1.7
Craig Campbell wrote:
I was hoping to build a version that could fork children, but not spawn
threads.
Not possible.
You could run lots of copies with a single thread bound to different UDP
I've continued to try an investigate the root cause of this, and the last
run behaved slightly differently - the parent process seems to have
terminated, and there are more messages in the radius log.
There were four (4) hung processes left over.
I have attached the radius.log file below, as
I think you may be 'jumping the gun' a wee bit.
The system currently has over 13,000 active sessions.
There were some odd accounting packets, but the vast majority were valid.
These could be configuration errors or hack attempts (investigating).
Questions:
1) Could bad accounting packets
What type of system are you on?
Did you run ./configure first? Make clean?
I built 2.1.7 and had no similar issues. (Readhat AS5 Update 3)
- Original Message -
From: kachin Agarwal
To: freeradius-users@lists.freeradius.org
Sent: Thursday, October 22, 2009 7:30 AM
Subject:
You still haven't mentioned (as far as I can see) what your system IS?
It could be you need to add some semi-optional package to it?
As far back as I can check, this file should be in /usr/include (Redhat AS3
Update 4, Fedora 7) so it looks like your OS might have something missing.
The name
Craig Campbell
craig.campb...@ccraft.ca
CampbellCraft Consulting Inc
2 Kenny Court
Whitby, Ontario
Canada
L1R 2L8
905 922-2789
__ Information from ESET Smart Security, version of virus signature
database 4546
To: freeradius-users@lists.freeradius.org
Sent: Wednesday, November 04, 2009 11:43 AM
Subject: Re: Unexpected Exiting normally 2.1.8?
Craig Campbell cr...@ccraft.ca wrote:
I'm running an unreleased 'development? version of freeradius (2.1.8?).
me too, I get exactly what you are getting. If you
Re: Do I need a second site-enable/copy-acct-to-home-server1 file that
reads from a different detail file?
As far as I can tell (and have done) - Yes, you do.
Cheers,
-craig
- Original Message -
From: Patric patri...@gmail.com
To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Sent: Friday, November 06, 2009 5:04 PM
Subject: Re: Unexpected Exiting normally 2.1.8?
Craig Campbell wrote:
I was able to get some bisect runs (I think). However, I am
encountering a different error in these.
If radiusd is run in multithreaded mode
: Re: Unexpected Exiting normally 2.1.8?
Craig Campbell wrote:
Still running tests with bisect.
successful runs take some time to identify (a day).
Please let me know if the bug is identified, otherwise I'll keep
plugging away.
Thanks. Once we know the commit, the fix should hopefully be easy
freeradius-users@lists.freeradius.org
Sent: Wednesday, November 18, 2009 12:31 PM
Subject: Re: Unexpected Exiting normally 2.1.8?
Craig Campbell wrote:
Ok,
I hope this is helpful. Below please find the git bisect log.
There were a number of iterations with make errors which I then
skipped. I
normally 2.1.8?
Craig Campbell wrote:
Once you have another version (reverted), I can test again...
I am really unfamiliar with git, so I may need a hint as to getting the
correct version for testing.
I've reverted the problem commit. It doesn't fix the PostgreSQL
issue, and it causes
2.1.8?
Craig Campbell wrote:
Thanks Alan,
I re -acquired the source, but there seems to be a (minor I think)
error.
$git clone git://git.freeradius.org/freeradius-server.git
$cd freeradius-server
$git fetch origin stable:stable
$git pull
No. See http
misleading info.
Thanks,
-craig
- Original Message -
From: Alexander Clouter a...@digriz.org.uk
To: freeradius-users@lists.freeradius.org
Sent: Monday, November 23, 2009 8:13 AM
Subject: Re: Unexpected Exiting normally 2.1.8?
Hi,
Craig Campbell cr...@ccraft.ca wrote:
I re
could actually
verify it is good.
Thanks,
-craig
- Original Message -
From: Craig Campbell cr...@ccraft.ca
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Tuesday, November 24, 2009 7:28 AM
Subject: Re: Unexpected Exiting normally 2.1.8?
Thanks
Here are the results from the latest gdb,
[[r...@radius-a ~]# gdb radiusd
GNU gdb Fedora (6.8-27.el5)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
With the info you need (I hope)...
[r...@radius-a ~]# gdb radiusd
GNU gdb Fedora (6.8-27.el5)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There
Ok, here is (I think) the debug you wanted.
-craig
[r...@radius-a ~]# gdb radiusd
GNU gdb Fedora (6.8-27.el5)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
http://gnu.org/licenses/gpl.html
This is free software: you are free to change and
Acct-Unique-Session-Id = 038113f04620fe75
Timestamp = 1262620425
Request-Authenticator = Verified
I'm not certain what additional info would be helpful at this point.
Thanks,
-craig
Craig Campbell
I'm running 2.1.8 and while I have some of those messages in my logs (~70),
the radiusd process seems totally fine.
Cheers,
-craig
- Original Message -
From: Alan DeKok al...@deployingradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Monday,
list freeradius-users@lists.freeradius.org
Sent: Tuesday, January 05, 2010 10:13 AM
Subject: Re: Radiusd process exited without notice
Craig Campbell wrote:
I'm running 2.1.8 and while I have some of those messages in my logs
(~70), the radiusd process seems totally fine.
Hmm
Has anyone checked for
Acct-Terminate-Cause = User-Error
with the packets in question?
We are seeing some of the Info: [sql] stop packet with zero session
length. messages logged (but only so far during 1 specific minute of the
day) and
they ALL have Acct-Terminate-Cause = User-Error.
If I am understanding your needs, this script does NOT perform user
authentication.
In that case, I THINK you want to trigger based upon accounting records
being sent to radius.
To do this, you need to use the ../etc/raddb/acct_users file.
Here is an example that we have been using for a
) = 0
14258 close(2) = 0
14258 exit_group(0) = ?
Any ideas why the zombies occur ?
Thanks
Stephan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Craig Campbell
craig.campb...@ccraft.ca
60 matches
Mail list logo