Hi, I'd like to test this solution but I'm having trouble locating the SNMP_util.pm (SNMP_Session.pm?) module that it needs. Is this supposed to be part of the Radiator package or some other package? There's an SNMP::Util on CPAN but I doubt that's what I'm after.
Using Radiator version 4.5 at the moment. Regards, Kiernan iiNet -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Hugh Irvine Sent: Friday, April 23, 2010 2:44 PM To: Ivan Brawley Cc: [email protected] Subject: Re: [RADIATOR] Issue with FarmSize and Monitor in version 4.6 Hello Ivan - Thanks for your mail. This is a known issue and there is a hook to deal with it in "goodies/hooks.txt". Here is the item from Radiator 4.6 for your convenience: ---------------------------------------------------------------------- When using FarmSize n to enable multiple children, clauses like Monitor and SNMPAgent incorrectly share their Port with the parent process. This hook runs in each child and closes the Monitor and SNMPAgent ports and reopens them on a different port number. Requires Radiator 4.4 plus patches (September 22, 2009). Add Identifier's to both clauses together with appropriate Port's (%O is the child number) and a FarmChildHook: ..... FarmSize 2 FarmChildHook file:"%D/etc/scripts/child-hook.pl" <Monitor> Identifier MyMonitor Port 907%O </Monitor> <SNMPAgent> Identifier MySNMPAgent Port 908%O ROCommunity blahblah </SNMPAgent> ...... Here is the hook code: # child-hook.pl # Hugh Irvine, Open System Consultants, 20090922 sub { my $monitor = Radius::Configurable::find('Monitor', 'MyMonitor'); if (defined $monitor) { $monitor->destroy(); $monitor->activate(); } my $snmpagent = Radius::Configurable::find('SNMPAgent', 'MySNMPAgent'); if (defined $snmpagent) { $snmpagent->reinitialize(); $snmpagent->activate(); } return; } Here is the result: -bash-3.2$ netstat -na Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State ..... tcp 0 0 0.0.0.0:9070 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:9071 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:9072 0.0.0.0:* LISTEN ..... udp 0 0 0.0.0.0:9080 0.0.0.0:* udp 0 0 0.0.0.0:9081 0.0.0.0:* udp 0 0 0.0.0.0:9082 0.0.0.0:* ---------------------------------------------------------------------- hope that helps regards Hugh On 23 Apr 2010, at 11:05, Ivan Brawley wrote: > Greetings, > > I have found a rather interesting issue with using Monitor module with > FarmSize set to a number greater then 1. > > With FarmSize, Radiator does the right thing in spawning multiple children > processes. And with Monitor configured, the parent is the process that is > listening on the Monitor port. > > However, when you connect to the Monitor port, the parent will palm the > handling of the connection to one of the children. > > Which then means that Monitor connection will ever see traffic for that child > and not the others. > > We are using the Monitor feature of Radiator for our internal tools to watch > people when they log onto our services. > > The config looks something like this: > > Trace 1 > FarmSize 3 > ..... > <Monitor> > Port 9048 > Username XXXXX > Password XXXXX > TraceOnly > </Monitor> > > Anyone else noticed this? Did you find a fix or write your own Monitor module > that could be shared? > > I have a few ideas on how to fix this but I'm interested in other people's > thoughts to it too. > > Thanks. > > ivan. > -- > Ivan Brawley > Systems Engineer > Internode. > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator NB: Have you read the reference manual ("doc/ref.html")? Have you searched the mailing list archive (www.open.com.au/archives/radiator)? Have you had a quick look on Google (www.google.com)? Have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening? -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. Includes support for reliable RADIUS transport (RadSec), and DIAMETER translation agent. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. - CATool: Private Certificate Authority for Unix and Unix-like systems. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
