Hi Alan; I have dialup connection detail file having the information for each connected session,a hard disk was corrupted so when the radius tried to write directly to Oracle database it could because of the HD failure. Now I have file per each day including all information about the session was connected each day and want to load it to DB. Is there any tools that can be Used to write the contents of files to database directly the same way it is Automated through freeradius.
> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:freeradius-> > > [EMAIL PROTECTED] On Behalf Of freeradius-users-> > > > > [EMAIL PROTECTED] > Sent: Thursday, November 10, 2005 8:40 AM > To: freeradius-users@lists.freeradius.org > Subject: Freeradius-Users Digest, Vol 7, Issue 31 > Send Freeradius-Users mailing list submissions to > freeradius-users@lists.freeradius.org > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.freeradius.org/mailman/listinfo/freeradius-users > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > You can reach the person managing the list at > [EMAIL PROTECTED] > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Freeradius-Users digest..." > Today's Topics: > 1. Re: FreeBSD anyone? (Alan DeKok) > 2. Re: Failed attempts log (Alan DeKok) > 3. Re: Failed attempts log (Nicolas Baradakis) > 4. Re: JRadius (Raoul Demour) > 5. Re: Proxy not sending out packets (was Re: Proxying a PEAP > request to an IAS server) (Dan Newcombe) > 6. Re: Problem with loading files from free radius (Alan DeKok) > 7. Re: simultaneous use, checkrad, and MPP attempts (Alan DeKok) > 8. Re: simultaneous use, checkrad, and MPP attempts (Kevin Bonner) > 9. authenticate against bytes in and out with sqlcounter > (Martin Potgieter) > 10. Problem with loading files from free radius (Eyas Sarabi) ---------------------------------------------------------------------- Message: 1 Date: Wed, 09 Nov 2005 13:00:27 -0500 From: "Alan DeKok" <[EMAIL PROTECTED]> Subject: Re: FreeBSD anyone? To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <[EMAIL PROTECTED]> christian meutes <[EMAIL PROTECTED]> wrote: > Can you point me to the explanation, i cant find it? http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/man/man5/rlm_sql_log.5? rev=1.2&content-type=text/x-cvsweb-markup Alan DeKok. ------------------------------ Message: 2 Date: Wed, 09 Nov 2005 13:01:48 -0500 From: "Alan DeKok" <[EMAIL PROTECTED]> Subject: Re: Failed attempts log To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <[EMAIL PROTECTED]> "Thierry Hoferlin" <[EMAIL PROTECTED]> wrote: > Is there a way to log failed authentification records to SQL ? Not really, no. Alan DeKok. ------------------------------ Message: 3 Date: Wed, 9 Nov 2005 19:08:55 +0100 From: Nicolas Baradakis <[EMAIL PROTECTED]> Subject: Re: Failed attempts log To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii Thierry Hoferlin wrote: > I've configured a freeradius 1.0.5 with MSSQL authentification. > It works fine. > > Is there a way to log failed authentification records to SQL ? Please don't post HTML on the list. Search the archives for detailed instructions, but the general idea is to use the module "sql" in section "post-auth". http://freeradius.org/radiusd/doc/Post-Auth-Type -- Nicolas Baradakis ------------------------------ Message: 4 Date: Wed, 9 Nov 2005 10:12:06 -0800 (PST) From: Raoul Demour <[EMAIL PROTECTED]> Subject: Re: JRadius To: freeradius-users@lists.freeradius.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=iso-8859-1 Hello thanks for all the answers! > Regarding EAP-SIM, JRadius has no specific support > for it. What is it > you are trying to do? What I have understood: FreeRADIUS is able to authenticate using EAP-SIM. But you need to set the attributes: EAP-SIM-Rand1 EAP-SIM-SRES1 EAP-SIM-KC1 EAP-SIM-Rand2 EAP-SIM-SRES2 EAP-SIM-KC2 EAP-SIM-Rand3 EAP-SIM-SRES3 EAP-SIM-KC3 (do you really need to set all the 9 attributes? or just one rand, one SRES and one Kc is enough?) I dont have access to GSM network and I dont know Ki (share secret). But to check if the system is correctly set up, I would like to give manually the attributes (on the serveur). (In a way I cheat...). Or to reproduce the generation of Rand, SRES and Kc (using my own algorithm) and on the supplicant I simulate SIM card... With JRadius it is possible to create object like Attr_UserPassword (according to the given example of JRadius). After what, it is used to set the attribut UserPassord for FreeRADIUS. So I think it would not be too complicate to create new attribute like: Attr_EAP_SIM_Rand, Attr_EAP-SIM-SRES, Attr_EAP-SIM-KC. In a way, I would like to use JRadius to avoid writing a module which will set the nine above attributes. My explanation may be not realy clear because I still learning how the thing work (for exemple, I suppose that the algorith to generate Rand, SRES and Kc is mobil operator specific, but I'm not complitly sure of the fact) Raoul __________________________________ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs ------------------------------ Message: 5 Date: Wed, 09 Nov 2005 13:16:12 -0500 From: Dan Newcombe <[EMAIL PROTECTED]> Subject: Re: Proxy not sending out packets (was Re: Proxying a PEAP request to an IAS server) To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Alan DeKok wrote: >Dan Newcombe <[EMAIL PROTECTED]> wrote: > > >>One thing I've noticed is on the non-PEAP packets, the src address of >>the packet going to the IAS box is 172.28.240.73, whereas on the PEAP >>packets, it is 127.0.0.1, >> >> > > That's bad. That's the source of the problem, then. > > I have *no* idea why that would be happening. What's so magic about >PEAP packets? > > I'll take a look at the source and see if anything pops out/. >You're using 1.0.5, right? > > Yes...I'm on 1.0.5. Glad to know I'm not crazy - wonder if my wife will believe me though :) Thanks, -Dan ------------------------------ Message: 6 Date: Wed, 09 Nov 2005 16:04:30 -0500 From: "Alan DeKok" <[EMAIL PROTECTED]> Subject: Re: Problem with loading files from free radius To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <[EMAIL PROTECTED]> Eyas Sarabi <[EMAIL PROTECTED]> wrote: > I faced a major problem, My Hard disk was corrupted and the free radius > wasn't being able to write to database, I still have the files generated by > free radius and I want to load them to the database .Is there any tool that > can load the generated files to oracle database ? What files? Alan DeKok. ------------------------------ Message: 7 Date: Wed, 09 Nov 2005 16:06:06 -0500 From: "Alan DeKok" <[EMAIL PROTECTED]> Subject: Re: simultaneous use, checkrad, and MPP attempts To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <[EMAIL PROTECTED]> Christopher Carver <[EMAIL PROTECTED]> wrote: > The proxy'ing radius servers and NAS's of the other company from whom we > lease equipment are unavailable to checkrad. By default shouldn't it be > allowing these people on? It depends what you want. The current behavior is to disallow logins, as you found out. It should really be configurable. > Any idea why this isn't behaving how I expect? Is there a more > appropriate way I can ensure that users connecting via NAS's and > proxy'ing radius servers we lease will never be rejected because of > multiple logins? No, juest edit the code. Alan DeKok. ------------------------------ Message: 8 Date: Wed, 9 Nov 2005 16:20:38 -0500 From: Kevin Bonner <[EMAIL PROTECTED]> Subject: Re: simultaneous use, checkrad, and MPP attempts To: freeradius-users@lists.freeradius.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" On Wednesday 09 November 2005 00:35, Christopher Carver wrote: > The proxy'ing radius servers and NAS's of the other company from whom we > lease equipment are unavailable to checkrad. By default shouldn't it be > allowing these people on? I looked at the code and it seemed as though > it should. I set the nastype to other in clients.conf for these entries > and I still see MPP attempts. Finally, I looked at the source of > checkrad. I modified the line for "other" nastypes to always return 0, > which should be interpreted as no multiple login. The numbers you see > to the left are line numbers Chris, Look at the code again. In session.c, the rad_check_ts function is what calls checkrad. If the nastype is empty or "other", checkrad is _never_ called, and the function returns 1 (meaning the user is logged in). We did this simult use bypass by using a nastype called visp, which returns 0 in checkrad. See freeradius bug#166 for a checkrad patch we've been using here which cleans up the code a bit and makes it easier to add new types. Any comments/problems can be posted to the bug. -Kevin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : https://list.xs4all.nl/pipermail/freeradius-users/attachments/20051109/ad52b 4b3/attachment-0001.bin ------------------------------ Message: 9 Date: Thu, 10 Nov 2005 00:28:20 +0200 From: Martin Potgieter <[EMAIL PROTECTED]> Subject: authenticate against bytes in and out with sqlcounter To: freeradius-users@lists.freeradius.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed hello, I am using freeradius 1.0.5 and trying to get to a point where I can deny access to a user when he has "used" more than a specific amount of bandwidth in a month (from the 1st to the last day of the month). rlm_sqlcounter seems to be what I need. I have configured it as I think it should be but when I go into debug mode the values seem to get changed at a point. Here is my sqlcounter.conf file: +++++++++++++++++++++++++++++++++++++++++++++++++++++++ sqlcounter monthlycounter { counter-name = Max-Bytes check-name = Max-Bytes sqlmod-inst = sql key = User-Name reset = monthly Reply-Message = "You have reached your bandwidth cap for this Month" query = "SELECT sum(AcctOutputOctets) + sum(AcctInputOctets) FROM radacct where UserName = '%{%k}'" } +++++++++++++++++++++++++++++++++++++++++++++++++++++++ In my radiusd.conf my authorize section is as follows: +++++++++++++++++++++++++++++++++++++++++++++++++++++++ authorize { preprocess chap mschap suffix sql monthlycounter } +++++++++++++++++++++++++++++++++++++++++++++++++++++++ When I am in debug mode I get the following: +++++++++++++++++++++++++++++++++++++++++++++++++++++++ Thu Nov 10 00:17:41 2005 : Debug: rlm_sql (sql): Reserving sql socket id: 4 Thu Nov 10 00:17:41 2005 : Debug: rlm_sql_mysql: query: SELECT sum(AcctOutputOctets) + sum(AcctInputOctets) FROM radacct where UserName = '[EMAIL PROTECTED]' Thu Nov 10 00:17:41 2005 : Debug: rlm_sql (sql): - sql_xlat finished Thu Nov 10 00:17:41 2005 : Debug: rlm_sql (sql): Released sql socket id: 4 Thu Nov 10 00:17:41 2005 : Debug: radius_xlat: '9628587663' Thu Nov 10 00:17:41 2005 : Debug: rlm_sqlcounter: (Check item - counter) is greater than zero Thu Nov 10 00:17:41 2005 : Debug: rlm_sqlcounter: Authorized user [EMAIL PROTECTED], check_item=-1073741824, counter=2147483647 Thu Nov 10 00:17:41 2005 : Debug: rlm_sqlcounter: Sent Reply-Item for user [EMAIL PROTECTED], Type=Session-Timeout, value=1 Thu Nov 10 00:17:41 2005 : Debug: modsingle[authorize]: returned from monthlycounter (rlm_sqlcounter) for request 2 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ Why the altered negative number in the check_item? Is the radius_xlat doing something? Do I need to put in Max-Bytes in one of the dictionary files? The example in experimental.conf did not mention anything about adding attributes so I assumed not. Also the "counter=2147483647" is not the value I have in the database for that user... I am missing something here :-) Thanks for any help Martin ------------------------------ Message: 10 Date: Thu, 10 Nov 2005 08:24:16 +0300 From: Eyas Sarabi <[EMAIL PROTECTED]> Subject: Problem with loading files from free radius To: freeradius-users@lists.freeradius.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="us-ascii" Hi All; I faced a major problem, My Hard disk was corrupted and the free radius wasn't being able to write to database, I still have the files generated by free radius and I want to load them to the database .Is there any tool that can load the generated files to oracle database ? Regards, Eyas -------------- next part -------------- An HTML attachment was scrubbed... URL: https://list.xs4all.nl/pipermail/freeradius-users/attachments/20051110/cbc29 384/attachment.html ------------------------------ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html End of Freeradius-Users Digest, Vol 7, Issue 31 *********************************************** - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html