This may be the case now, but pretty sure we went down this road YEARS ago and
even with BindAddress, packets were still being sourced from the main IP
address. In the mailing list archives this argument may exist. I vaguely
remember being told by Hugh that it was not possible in Perl at the tim
In my experience this is not the case. It will LISTEN on those addresses for
sure. But it’s return packets are always sourced from the primary IP address of
the outgoing interface. DSR will work, but the clients will receive a response
from an IP address that is not of the configure RADIUS serve
DSR load balancing assumes the real servers know about the load balanced VIP
and is generally configured on a loopback.
The problem with this I think is that Radiator responds with a source address
of where the packet leaves. (at least that’s been my experience). Most clients
will probably igno
RR: Unknown object 'AuthBy' in
/usr/local/radius/radius.cfg line 129
Can't locate object method "new" via package "Radius::AuthNTLM" at
Radius/Configurable.pm line 450, line 136.
--
Robert Blayzor
INOC, LLC
rblay...@inoc.net
http://www.inoc.net/~rblay
.9 built for i386-freebsd-64int
--
Robert Blayzor
INOC, LLC
rblay...@inoc.net
http://www.inoc.net/~rblayzor/
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
On 1/5/04 1:49 PM, "Frank Danielson" <[EMAIL PROTECTED]> wrote:
> How about using-
>
> kill '1',$$
>
> or if you are in a hurry-
>
> kill '9',$$
Actually if you are in that much a hurry why bother with kill when you can
just exit();
almost anything is possible! ;-)
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10FE 5748 CFE9
Any sufficiently advanced bug is indistinguishable from a feature. -
Kulawiec
===
Archive at http://www.o
ome M$ product that doesn't
feel they need to abide by the rules..
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10FE 5748 CFE9
Quality assurance: A way to ensure you never deliver shoddy goods
accide
;CLID')': You have an error in your SQL syntax near '}
> }4',1,'No such user','DNIS','CLID')' at line 1
> S
Tell Radiator what characters are valid in Usernames and you won't see
this...
ie: UsernameCharset [EMAIL PROTECTED]
Or
quot;timeout" seconds. Which is crazy... I'm
just wondering if there is a way around this because it's causing a crazy
amount of dupe accounting requests in our RADIUS accounting logs... =/
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerpr
7;s are sending requests every second until
the requests are ack'd. Seems overly aggressive to me.
If this can be tweaked, where, and what settings should I use? Ideally I'm
looking for 3 seconds between requests with 3-5 retries until it should go
to the next server.
Thanks in adv
On 10/2/03 1:01 PM, "Robert Blayzor" <[EMAIL PROTECTED]> wrote:
> I have a Radiator farm setup which I'm trying to AuthBy ROUNDROBIN to... It
> doesn't appear that CachePasswords works for this AuthBy. Looking at my
> trace, auths are always sent to the clie
at also, and the requests are still being sent to the
servers and not getting hit in the cache.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10FE 5748 CFE9
Any sufficiently advanced bug is indisti
ctEmptyPassword
NoDefault
SessionDatabase NoneDB
Shouldn't CachePasswords be supported in this AuthBy? It is in AuthBy
RADIUS...
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF
http://rt.perl.org/rt2//Ticket/Display.html?id=18038
Do we know if Radiator-3.7 is effected by this bug in PERL 5.8.0 ?
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10FE 5748 CFE9
Satisfaction Guaranteed
55:17 2003: NOTICE: Server started: Radiator 3.7 on foo
Once this happens it seems like it's still answering connections on port
9048, but then accepts no commands.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 6875
se, but send back
an instant NAK to the NAS...
I assume some PreHandlerHook (or PreClientHook) would be needed, but is
there an example how to? ie: Say I have a list of usernames in a file that
I want to discard on..
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~
%m/%d/%Y %H:%M:%S
AcctSQLStatement EXEC sp_RadiusAcct %2
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
Exclusive: We're the only ones who have the documentation.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubsc
AcctSQLStatement" can
insert it however I need it. (see above). Since stored procedurs use
argument lists instead of direct insert column/value pairs.
Given above, I need to get TimeStamp into the format above to pass it in
the argument list.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED
)
So lets say I'm using MSSQL...
DateFormat %m/%d/%Y %X
AcctSQLStatementEXEC sp_acctinsert '%{Acct-S
ession-Id}','%{Acct-Status-Type}','%{User-Name}','%{TimeStamp}'
Should insert the TimeStamp as '9/11/2003 21:21:21' ??
rver and your RADIUS server's times are sync'd. (and current
date/time is what you want) You can do this several ways depending on your
backend, ie:
MSSQL - getdate()
Or PgSQL - timestamp 'now'
More..
INSERT INTO tbl_radacct (recdate) values (timestamp 'now'
On 9/11/03 2:42 PM, "tracker" <[EMAIL PROTECTED]> wrote:
> Using this method, how do you enforce that only Accounting Stop records
> will be stored locally?
Add the "AccountingStopsOnly" directive in your AuthBy SQL section.
--
Robert Blayzor, BOFH
INOC,
older again the last few hrs.
Yep, same thing here. I've seen posts duplicated over the last couple of
days...
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10FE 5748 CFE9
Hackers have kernel
oxy-Acct
DBSourcedbi:MySQL:server=BLAH
DBUsername radius
DBAuth foo
AuthSelect
AccountingTable
AcctSQLStatementINSERT INTO blah ...
At least that's what's worked for me ...
--
Robert Blayzor, B
this:
sub {
${$_[0]}->delete_attr('NAS-Port-Type');
${$_[0]}->add_attr('NAS-Port-Type', 'VPN');
}
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10F
equired to achieve this ??
None that I'm aware of. I know that at least on the AS5300's they send a
termination reason in with every stop record. Just search the RADIUS
dictionary for "terminate" it's in there.. Once you find that attribute you
can deal with it in you
ith the data from there is totally up to you. With Radiator you can
specify the exact accounting query to your backend with as many or as little
RADIUS attribs as you want
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 68
on this. If you have entries in the config that use files for
logs, etc, the two processes could step on each other causing a major
problem.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
PGP: http://www.inoc.net/~dev/
Key fingerprint = A445 7D1E 3D4F A4EF 6875 21BB 1BAA 10FE 574
I just found this in the FreeBSD ports. Check port for "portfwd". If
you're using Linux, you should be able to find the source and compile it
to get it to work. If you're using NT, well, what can I say.. Have fun!
;-)
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
P
apper/wrapper" available out there for many free *nix platforms like
Linux and FreeBSD, I just can't put my finger on what the name was
called.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
Printed on 100% recyclable phosphor.
> -Original Message-
> From: [EMAIL PROTECT
st
time.
The main thing I would look at in your case is to make sure that the
secrets match in your httpd.conf and in your Radiator configuration for
the client.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
State-of-the-art: What we could do with enough money.
===
Archive at http://www
Sounds like you do not have a default gateway set, or your subnet mask
is wrong.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
If the automobile had followed the same development cycle as the
computer, a Rolls-Royce would today cost $100, get a million miles per
gallon, and explode once a
Right. We figured that out also, with all the attribs, after fussing
around with the oct which was not needed as the bit shifting is much
faster anyway. Thanks.
my $i_id = ($i_port & 0xf800) >> 27 ."/". ($i_port & 0x0700)
>> 24 ."/".
est: 0
Output from PERL (any other program or right from perl -e):
[shell:~] perl -e 'print oct("0b01011000")."\n";'
1408
What gives?
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
Advanced design:
Upper management doesn't understand it.
);}
Output the following code right from PERL works fine too:
perl -e 'print sprintf("%s/%s/%s.%s", map(oct("0b$_"), unpack("B32",
pack("N", 671088873)) =~ /(.{5})(.{3})(.{8})(.*)/)) ."\n";'
5/0/0.233
Any ideas? I really need to get this to w
Attribute number 105 (vendor 1147499380)
is not defined in your dictionary
Sun Jun 2 20:32:38 2002: ERR: Attribute number 99 (vendor 1399813490)
is not defined in your dictionary
Sun Jun 2 20:32:38 2002: ERR: Attribute number 99 (vendor 1399813490)
is not defined in your dictionary
--
Robert Bla
sappear.
DBSourcedbi:Sybase:server=SQL
DBUsername
DBAuth
Identifier SQL-AuthLog1
FailureQueryEXEC sp_RadiusAuthLog
'%{GlobalVar:ServerID}','%n','%{Class}','%N','%{Called-Station-I
d a different log database.
As well as the generic parameters described in Section 6.48 , AuthLog
SQL understands the following parameters:
Please advise.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
If the automobile had followed the same development cycle as the
computer, a Rolls-Royc
up with two requests, and for accounting, logs them
both.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
USER ERROR: replace user and press any key to continue.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] On Behalf Of babar Hameed
> S
I'm doing it wrong.
Perhaps you want "AND PASS='%P'" ???
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
I'm curious to know if it's possible to do either of the following:
1) Change the format of what is included in the PasswordLogFile
Or
2) Omit the PASSED password entries and log only the FAIL's
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
"Document code? Why do
ferent client connections to RADIUS. Then
again, this may not solve your problem as you haven't provided enough
information about your NAS.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
Artificial Intelligence: Making computers behave like they do in the
movies.
> -Ori
-Station-Id}','%{Calling-Station-Id}','%c
','%{NAS-Port}','%{NAS-Po
rt-Type}','%{Service-Type}','%{Framed-Protocol}','%{Framed-IP-Address}',
'%{Connect-Info}','%{Acct
-Terminate-Cause}','
e the integer value. I know I was able to do this with
SBR in the past. When it comes to large data warehousing of accounting
records, it makes the most sense. Either case, I was just curious as if
this could be done in one way or another It would make a nice
feature.
--
Robert Blayzor, BOFH
I
27;, '1138', '63'
Instead "Stop", value would be integer 2.
NAS-Port-Type, Framed-Protocol, etc, all are integers and use much less
space to store than their text meanings.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
Earth is 98% full...please delete anyone
<136>!F<7>4]<210><163><160>Y<30><255><204><21>*<27>
Attributes:
Framed-IP-Address = 255.255.255.254
Service-Type = Framed-User
MS-MPPE-Encryption-Policy = Encryption-Required
MS-MPPE-Encryption-Types = En
session so long as
one of the attributes matches..
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
Logic: The art of being wrong with confidence...
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]&
would perform in a very active RADIUS server environment.
The one quirk I've always noticed is that if the connection breaks
between FreeTDS and your MSSQL server, FreeTDS mod seems to bomb out the
whole PERL script running. Any work arounds or suggestions?
--
Robert Blayzor, BOFH
INOC,
48 matches
Mail list logo