Dear Radius users, I am having a difficult time setting up freeradius (v0.4) on a Debian Testing system to work with SQL. Using the test program, radtest, I get no notification whatsoever that it is making a connection to the server. However, when I disable the SQL module and just use the 'users' file, I get authentication messages.
I have attached a gz file of my configuration.
When configured for SQL use, here is the output of 'radiusd -X':
intrepid:~# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: //etc/raddb/clients.conf
Config: including file: //etc/raddb/snmp.conf
Config: including file: //etc/raddb/sql.conf
main: prefix = "/"
main: localstatedir = "//var"
main: logdir = "/var/log/radiusd-freeradius"
main: libdir = "/usr/lib/freeradius"
main: radacctdir = "/var/log/radiusd-freeradius/radacct"
main: hostname_lookups = no
read_config_files: reading dictionary
read_config_files: reading clients
read_config_files: reading realms
read_config_files: reading naslist
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "//var/run/radiusd/radiusd.pid"
main: bind_address = 127.0.0.1 IP address [127.0.0.1]
main: user = "root"
main: group = "root"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: proxy_requests = no
main: debug_level = 0
read_config_files: entering modules setup
Module: Library search path is /usr/lib/freeradius
Module: Loaded System
unix: cache = no
unix: passwd = "/etc/passwd"
unix: shadow = "(null)"
unix: group = "/etc/group"
unix: radwtmp = "/var/log/radiusd-freeradius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded SQL
sql: driver = "rlm_sql_mysql"
sql: server = "localhost"
sql: port = ""
sql: login = "radius"
sql: password = "******"
sql: radius_db = "radius"
sql: acct_table = "radacct"
sql: acct_table2 = "radacct"
sql: authcheck_table = "radcheck"
sql: authreply_table = "radreply"
sql: groupcheck_table = "radgroupcheck"
sql: groupreply_table = "radgroupreply"
sql: usergroup_table = "usergroup"
sql: nas_table = "nas"
sql: dict_table = "dictionary"
sql: sqltrace = off
sql: sqltracefile = "/var/log/radiusd-freeradius/sqltrace.sql"
sql: deletestalesessions = yes
sql: num_sql_socks = 32
sql: sql_user_name = "%{User-Name}"
sql: authorize_check_query = "SELECT id,UserName,Attribute,Value FROM
radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id"
sql: authorize_reply_query = "SELECT id,UserName,Attribute,Value FROM
radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id"
sql: authorize_group_check_query = "SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value
FROM radgroupcheck,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id"
sql: authorize_group_reply_query = "SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value
FROM radgroupreply,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id"
sql: authenticate_query = "SELECT Value,Attribute FROM radcheck WHERE
UserName = '%{User-Name}' AND ( Attribute = 'Password' OR Attribute = 'Crypt-Password'
) ORDER BY Attribute DESC"
sql: accounting_onoff_query = "UPDATE radacct SET AcctStopTime='%S',
AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime),
AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay = %{Acct-Delay-Time} WHERE
AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND
AcctStartTime <= '%S'"
sql: accounting_update_query = "UPDATE radacct SET FramedIPAddress =
'%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName =
'%{SQL-User-Name}' AND NASIPAddress= '%{NAS-IP-Address}'"
sql: accounting_start_query = "INSERT into radacct (RadAcctId, AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime,
AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop,
AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId,
AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay,
AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port-Id}',
'%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0',
'0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}',
'%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0')"
sql: accounting_start_query_alt = "UPDATE radacct SET AcctStartTime = '%S',
AcctStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start = '%{Connect-Info}' WHERE
AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND
NASIPAddress = '%{NAS-IP-Address}'"
sql: accounting_stop_query = "UPDATE radacct SET AcctStopTime = '%S',
AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets = '%{Acct-Input-Octets}',
AcctOutputOctets = '%{Acct-Output-Octets}', AcctTerminateCause =
'%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}', ConnectInfo_stop =
'%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName =
'%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}'"
sql: accounting_stop_query_alt = "INSERT into radacct (RadAcctId,
AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start,
ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress,
AcctStartDelay, AcctStopDelay) values('', '%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}',
'%{NAS-Port-Id}', '%{NAS-Port-Type}', '0', '%S', '%{Acct-Session-Time}',
'%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}',
'%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}',
'%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}',
'%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}')"
sql: connect_failure_retry_delay = 60
rlm_sql: Driver rlm_sql_mysql loaded and linked
rlm_sql: Attempting to connect to radius@localhost:/radius
rlm_sql: Connected new DB handle, #0
rlm_sql: Connected new DB handle, #1
rlm_sql: Connected new DB handle, #2
rlm_sql: Connected new DB handle, #3
rlm_sql: Connected new DB handle, #4
rlm_sql: Connected new DB handle, #5
rlm_sql: Connected new DB handle, #6
rlm_sql: Connected new DB handle, #7
rlm_sql: Connected new DB handle, #8
rlm_sql: Connected new DB handle, #9
rlm_sql: Connected new DB handle, #10
rlm_sql: Connected new DB handle, #11
rlm_sql: Connected new DB handle, #12
rlm_sql: Connected new DB handle, #13
rlm_sql: Connected new DB handle, #14
rlm_sql: Connected new DB handle, #15
rlm_sql: Connected new DB handle, #16
rlm_sql: Connected new DB handle, #17
rlm_sql: Connected new DB handle, #18
rlm_sql: Connected new DB handle, #19
rlm_sql: Connected new DB handle, #20
rlm_sql: Connected new DB handle, #21
rlm_sql: Connected new DB handle, #22
rlm_sql: Connected new DB handle, #23
rlm_sql: Connected new DB handle, #24
rlm_sql: Connected new DB handle, #25
rlm_sql: Connected new DB handle, #26
rlm_sql: Connected new DB handle, #27
rlm_sql: Connected new DB handle, #28
rlm_sql: Connected new DB handle, #29
rlm_sql: Connected new DB handle, #30
rlm_sql: Connected new DB handle, #31
Module: Instantiated sql (sql)
Module: Loaded preprocess
preprocess: huntgroups = "//etc/raddb/huntgroups"
preprocess: hints = "//etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "//etc/raddb/users"
files: acctusersfile = "//etc/raddb/acct_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded detail
detail: detailfile =
"/var/log/radiusd-freeradius/radacct/%{Client-IP-Address}/detail"
detail: detailperm = 384
detail: dirperm = 493
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/var/log/radiusd-freeradius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
main: smux_password = "public"
main: snmp_write_access = no
SMUX connect try 1
SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
SMUX open progname: radiusd
SMUX open password: public
SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
SMUX register priority: -1
SMUX register operation: 1
SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
SMUX register priority: -1
SMUX register operation: 1
Listening on IP address 127.0.0.1, ports 1812/udp and 1813/udp.
Ready to process requests.
MASTER: exit on signal (2)
intrepid:~# exit
exit
Here is the output of using radtest, while the above logging is taking
place:
Sending Access-Request of id 207 to 127.0.0.1:1812
User-Name = "ahank"
Password = "\013\255\270\240\332\247\321\021\257]t\355)\371\033w"
NAS-IP-Address = intrepid
NAS-Port-Id = "10"
Sending Access-Request of id 207 to 127.0.0.1
User-Name = "ahank"
Password = "\013\255\270\240\332\247\321\021\257]t\355)\371\033w"
NAS-IP-Address = intrepid
NAS-Port-Id = "10"
[ ... ]
radclient: no response from server
Thanks for any advice,
hank
--
Adam Henry <[EMAIL PROTECTED]>
Marinar Communications Group
Phn: 440.354.1458 x24
Mob: 440.742.0011
raddb.tgz
Description: Binary data
