Re: A question about port 1646

Andreas Meyer Tue, 16 Nov 2004 04:44:22 -0800

"Alan DeKok" <[EMAIL PROTECTED]> wrote:

> Andreas Meyer <[EMAIL PROTECTED]> wrote:
> > I wanted to use ports 1812 and 1813. If I set port=0 in radiusd.conf, 
> > radacct
> > wants to connect to 1646 although I edited /etc/services to use 1813 for
> > radius-acct.
> 
>   I suggest finding out why that's happening.  It does NOT happen in a
> normal configuration, so something's wrong with your system.
> 
> >  Same when I set port=1812, radacct wants to connect to 1646.
> 
>   FreeRADIUS just doesn't work that way.  If you set "port = 1812",
> then it listens for authentication on port 1812, and accounting on
> port 1813.


Did some tests again. I set port = 0 in radiusd.conf and /etc/services
looks like this:

radius          1812/tcp        # RADIUS
radius          1812/udp        # RADIUS
radius-acct     1813/tcp        # RADIUS Accounting
radius-acct     1813/udp        # RADIUS Accounting

In /var/log/messages with radlogin I get:
Nov 16 12:55:30 gamma radlogin[12894]: rc_map2id: can't find tty /dev/pts/1 in 
map database
Nov 16 12:55:35 gamma radlogin[12894]: authentication OK, username andreas, 
service Login-User
Nov 16 12:55:35 gamma radacct[12916]: rc_map2id: can't find tty /dev/pts/1 in 
map database
Nov 16 12:56:05 gamma radacct[12916]: rc_send_server: no reply from RADIUS 
server localhost:1646
Nov 16 12:56:05 gamma radacct[12916]: accounting FAILED, type Start, username 
andreas, service Login-User
Nov 16 12:56:05 gamma radacct[13030]: rc_map2id: can't find tty /dev/pts/1 in 
map database

No "listen" directive involved in radiusd.conf.

# netstat -pantu |grep radius
udp        0      0 0.0.0.0:1812            0.0.0.0:*                           
12854/radiusd
udp        0      0 0.0.0.0:1813            0.0.0.0:*                           
12854/radiusd
udp        0      0 0.0.0.0:1814            0.0.0.0:*                           
12854/radiusd


I then set port = 1812 in radiusd.conf and the same /etc/services.
No "listen" directive involved in radiusd.conf.

Nov 16 13:06:49 gamma radlogin[15588]: authentication OK, username andreas, 
service Login-User
Nov 16 13:07:19 gamma radacct[15614]: rc_send_server: no reply from RADIUS 
server localhost:1646
Nov 16 13:07:19 gamma radacct[15614]: accounting FAILED, type Start, username 
andreas, service Login-User
Nov 16 13:07:49 gamma radacct[15732]: rc_send_server: no reply from RADIUS 
server localhost:1646
Nov 16 13:07:49 gamma radacct[15732]: accounting FAILED, type Start, username 
andreas, service Login-User
Nov 16 13:09:19 gamma radacct[16075]: rc_send_server: no reply from RADIUS 
server localhost:1646
Nov 16 13:09:19 gamma radacct[16075]: accounting FAILED, type Stop, username 
andreas, service Login-User

# netstat -pantu |grep radius
udp        0      0 0.0.0.0:1812            0.0.0.0:*                           
14641/radiusd
udp        0      0 0.0.0.0:1813            0.0.0.0:*                           
14641/radiusd
udp        0      0 0.0.0.0:1814            0.0.0.0:*                           
14641/radiusd


I then set port = 1645 in radiusd.conf

# netstat -pantu |grep radius
udp        0      0 0.0.0.0:1645            0.0.0.0:*                           
21010/radiusd
udp        0      0 0.0.0.0:1646            0.0.0.0:*                           
21010/radiusd
udp        0      0 0.0.0.0:1647            0.0.0.0:*                           
21010/radiusd

and with radlogin I get:

Nov 16 13:33:18 gamma radlogin[21938]: authentication OK, username andreas, 
service Login-User
Nov 16 13:33:18 gamma radacct[21960]: accounting OK, type Start, username 
andreas, service Login-User
Nov 16 13:33:18 gamma radacct[21966]: accounting OK, type Start, username 
andreas, service Login-User
Nov 16 13:34:18 gamma radacct[22199]: accounting OK, type Stop, username 
andreas, service Login-User



I found another strange behaviour. Configured freeradius with "./configure"
"make" and su "make install".
Logging is done in /var/log/radius and raddb is in /usr/local/etc.

when I start "radiusd -X" I get the following:

gamma:/var/log # /usr/local/sbin/radiusd -X
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /etc/raddb/proxy.conf
/usr/local/etc/raddb/radiusd.conf[429]: Unable to open file 
"/etc/raddb/proxy.conf": No such file or directory
Errors reading radiusd.conf

In radiusd.conf I have:

prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct

#  Location of config and logfiles.
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd

...
proxy_requests  = yes
$INCLUDE  ${confdir}/proxy.conf

Very confusing!

So I copied the whole directory /usr/local/raddb over to /etc.
Nevertheless configuration must be done in /usr/local/etc/raddb.


>   Unless.. did you set "port = 1812" AND leave the "listen" directive
> in there?  That might explain why the server is listening on 1646: you
> told it to listen on that port.
> 
>   Please ensure that you haven't configured the server to listen on
> port 1646.  You say you don't want to have it listen on 1646, so make
> SURE it's not listening on 1646.

In the above tests there was never a "listen" directive involved.


Thanks for your patience! This radiusthing is a beast.

-- 
   Andreas Meyer
   
"We only do well the things we like doing." - Colette

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: A question about port 1646

Reply via email to