Re: 2.2.2 release date
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Why are you so keen for 2.2.2 release? The delay is down to an issue which needs identifying and testing. people who download the HEAD of 2.2.x and test help at this point. alan - -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iHkEAREIADkFAlJSacUyHEFsYW4gQnV4ZXkgKEFsYW4gQnV4ZXkpIDxhLmwubS5i dXhleUBsYm9yby5hYy51az4ACgkQobRdvRSkLC4+9gCfalIHe8vJaMdqi9rN+Zpq wHZ5pvMAn3u6blRvzJA4bkIcR3IIAWbLXhrI =Bu4r -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Managing Data Volume Control More Than 4GB FR CoovaChilli
Hi List Members i have been reading archives and tying to understand for some days now, but unsuccessful. i am currently working to extend data volume control up to 10GB, which is requirement for the organization. Is anyone able to manage more then 4GB using CoovaChilli Freeradius? Since there is no one piece of information available on the net. Until now, i am unclear about the components needs to be fine tune. i understand that FR has 32 bit integers but it is not the limitation to manage more than 4GB, if NAS supports the Gigaword attributes. It seems that my sql_counter or MySQL it self is the problem. *NOTE: It is working setup up to 4GB, if i assigne 6GB to a user, counter rolls up on 4GB* 1.) I came across a post where guys are tell that sqlcounter module uses 32-bit integers in it's source code. Should it be change to 64-bit integers? 2.) CoovaChilli has built in support for gigaword attributes, which is enable. 3.) is it possible by rlm_sql or rlm_perl must be used 4.) Counter rolls up on 4GB. sqlcounter gigawordcounter { counter-name = Total-Max-Octets check-name = Acct-Input-Gigawords reply-name = Acct-Input-Gigawords sqlmod-inst = sql key = User-Name reset = never counter-type = data check-unit = KibiOctets query = SELECT SUM(acctinputoctets) + SUM(acctoutputoctets) FROM radacct WHERE username='%{%k}' } Thanks / Regards - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Managing Data Volume Control More Than 4GB FR CoovaChilli
On 8 Oct 2013, at 10:10, Russell Mike radius@gmail.com wrote: Hi List Members i have been reading archives and tying to understand for some days now, but unsuccessful. i am currently working to extend data volume control up to 10GB, which is requirement for the organization. Is anyone able to manage more then 4GB using CoovaChilli Freeradius? Since there is no one piece of information available on the net. Until now, i am unclear about the components needs to be fine tune. i understand that FR has 32 bit integers but it is not the limitation to manage more than 4GB, if NAS supports the Gigaword attributes. It seems that my sql_counter or MySQL it self is the problem. NOTE: It is working setup up to 4GB, if i assigne 6GB to a user, counter rolls up on 4GB 1.) I came across a post where guys are tell that sqlcounter module uses 32-bit integers in it's source code. Should it be change to 64-bit integers? Yes. I've just done this in 3.0.x and master branches. Check and reply attributes will now be treated as unsigned 64bit integers. There's no downside to this and the change should be fully backwards compatible. 2.) CoovaChilli has built in support for gigaword attributes, which is enable. Ok. 3.) is it possible by rlm_sql or rlm_perl must be used Well yes, rlm_sql needs to be used. The default queries will correctly convert Acct-Input-Octets and Acct-Input-Gigawords into a proper 64bit value which is stored in the database. 4.) Counter rolls up on 4GB. You'll need to create a local 64bit attribute to use as the check and reply items Something like: ATTRIBUTE Acct-Input-Octets64 3005integer64 ATTRIBUTE Acct-Output-Octets643006integer64 And specify their value in bytes. It might actually be an idea to add those to the internal dictionary to make it a bit easier. -Arran Arran Cudbard-Bell a.cudba...@freeradius.org FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Managing Data Volume Control More Than 4GB FR CoovaChilli
It might actually be an idea to add those to the internal dictionary to make it a bit easier. Just to clarify there are two reasons why your current config isn't working: 1. rlm_sql stores the value as a proper 64bit integer, not in the two 32bit chunks represented by Acct-Input-Gigawords and Acct-Input-Octets. When this value is pulled out into rlm_sqlcounter the value is truncated because internally it only deals with 32bit unsigned ints. I've now fixed this. 2. You're comparing gigawords to bytes, with no conversion, so even with the updated module you'll find the user is rejected way way too early. You also invented counter-type and check-unit config pairs. The server isn't magic, just because it doesn't error out, doesn't mean it knows about those config pairs or will use values assigned to them. Arran Cudbard-Bell a.cudba...@freeradius.org FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Version 3.0.0 has been released
Congratulations! Thank you again for all of the countless hours you spend on improving the best and most flexible RADIUS server. One question though - is there a typo in the V2 upgrade link below? When I click on it I get a 404 error.. Upgrading instructions are available here: https://github.com/FreeRADIUS/freeradius-server/blob/release_branch_3.0.0/raddb/README.rst - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: 2.2.2 release date
Alan, We run 2.2.1. About couple of weeks ago, radius started to have out of memory issue. I made some configuration changes so radius would periodically clean up memory. Still in midday when load is high, radius would quit. I do have a cron to check radiusd and restart it if it dies. I'd like to upgrade to 2.2.2 to see if the memory issue improves. Thanks, Yu Wang -Original Message- From: Alan Buxey [mailto:a.l.m.bu...@lboro.ac.uk] Sent: Monday, October 07, 2013 3:59 AM To: FreeRadius users mailing list; Wang, Yu Subject: Re: 2.2.2 release date -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Why are you so keen for 2.2.2 release? The delay is down to an issue which needs identifying and testing. people who download the HEAD of 2.2.x and test help at this point. alan - -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -BEGIN PGP SIGNATURE- Version: APG v1.0.8 iHkEAREIADkFAlJSacUyHEFsYW4gQnV4ZXkgKEFsYW4gQnV4ZXkpIDxhLmwubS5i dXhleUBsYm9yby5hYy51az4ACgkQobRdvRSkLC4+9gCfalIHe8vJaMdqi9rN+Zpq wHZ5pvMAn3u6blRvzJA4bkIcR3IIAWbLXhrI =Bu4r -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Managing Data Volume Control More Than 4GB FR CoovaChilli
Dear Arran C. Bell, Thank you very much, i am extremely grateful for your advise and guidelines for troubleshoot also. i am currently experimenting a different rlm_sqlcounter using CoovaChilli dictionary All-In-MB. In result, i can store short number in db. This counter would reset at 2TB with same 32bit number. i have actually tested up to 6GB. it just works!!!. Next test is in progress to logout user when 7GB downloaded. i really appreciated your input and TIME. i will try your proposed solution as well after All-In-MB has tested. After the successful practical of both solutions. i would like to document this topic on one page for archives, so that it can help others. i may need your support incase i came across some challenges during the test of your solution. Thanks once again !!! Regards --RM On Tue, Oct 8, 2013 at 12:16 PM, Arran Cudbard-Bell a.cudba...@freeradius.org wrote: It might actually be an idea to add those to the internal dictionary to make it a bit easier. Just to clarify there are two reasons why your current config isn't working: 1. rlm_sql stores the value as a proper 64bit integer, not in the two 32bit chunks represented by Acct-Input-Gigawords and Acct-Input-Octets. When this value is pulled out into rlm_sqlcounter the value is truncated because internally it only deals with 32bit unsigned ints. I've now fixed this. 2. You're comparing gigawords to bytes, with no conversion, so even with the updated module you'll find the user is rejected way way too early. You also invented counter-type and check-unit config pairs. The server isn't magic, just because it doesn't error out, doesn't mean it knows about those config pairs or will use values assigned to them. Arran Cudbard-Bell a.cudba...@freeradius.org FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Version 3.0.0 has been released
Neal wrote: When I click on it I get a 404 error.. Upgrading instructions are available here: https://github.com/FreeRADIUS/freeradius- server/blob/release_branch_3.0.0/raddb/README.rst That link would have changed when the release was officially renamed from release_branch_3.0.0 to v3.0.x, so use: https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/README.rst Basically it is just a link into a web view of the git repository, so you could also just pull the source and you'd have it. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Version 3.0.0 has been released
Congratulations! Thank you again for all of the countless hours you spend on improving the best and most flexible RADIUS server. One question though - is there a typo in the V2 upgrade link below? When I click on it I get a 404 error.. Upgrading instructions are available here: https://github.com/FreeRADIUS/freeradius- server/blob/release_branch_3.0.0/raddb/README.rst That's because the branch has been renamed. The file you want is: https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/README.rst :-) Stefan -- This e-mail and any attachments may contain confidential, copyright and or privileged material, and are for the use of the intended addressee only. If you are not the intended addressee or an authorised recipient of the addressee please notify us of receipt by returning the e-mail and do not use, copy, retain, distribute or disclose the information in or attached to the e-mail. Any opinions expressed within this e-mail are those of the individual and not necessarily of Diamond Light Source Ltd. Diamond Light Source Ltd. cannot guarantee that this e-mail or any attachments are free from viruses and we cannot accept liability for any damage which you may sustain as a result of software viruses which may be transmitted in or with the message. Diamond Light Source Limited (company no. 4375679). Registered in England and Wales with its registered office at Diamond House, Harwell Science and Innovation Campus, Didcot, Oxfordshire, OX11 0DE, United Kingdom - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Version 3.0.0 has been released
On 8 Oct 2013, at 14:09, Garber, Neal neal.gar...@iberdrolausa.com wrote: Congratulations! Thank you again for all of the countless hours you spend on improving the best and most flexible RADIUS server. One question though - is there a typo in the V2 upgrade link below? When I click on it I get a 404 error.. Upgrading instructions are available here: https://github.com/FreeRADIUS/freeradius-server/blob/release_branch_3.0.0/raddb/README.rst Ok, no more renaming branches for me :( Upgrade instructions are here: https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/README.rst Arran Cudbard-Bell a.cudba...@freeradius.org FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Managing Data Volume Control More Than 4GB FR CoovaChilli
On 8 Oct 2013, at 15:40, Russell Mike radius@gmail.com wrote: Dear Arran C. Bell, Thank you very much, i am extremely grateful for your advise and guidelines for troubleshoot also. i am currently experimenting a different rlm_sqlcounter using CoovaChilli dictionary All-In-MB. In result, i can store short number in db. This counter would reset at 2TB with same 32bit number. i have actually tested up to 6GB. it just works!!!. Next test is in progress to logout user when 7GB downloaded. i really appreciated your input and TIME. i will try your proposed solution as well after All-In-MB has tested. After the successful practical of both solutions. i would like to document this topic on one page for archives, so that it can help others. i may need your support incase i came across some challenges during the test of your solution. wiki.freeradius.org is the place to do that :) Thanks once again !!! No problem, glad I could help. -Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius 3 and DHCP
Hello, i had running version of freeradius 2.1.10 (from ubuntu ppa) with workable EAP-TTLS configuration. Today when i noticed that version 3 is out i decided to upgrade to it and also test the built-in dhcp server. All was goin well until i enabled dhcp (EAP-TTLS was working and authentication to mysql), when i run freeradius -X, i get Segmentation Fault when it reaches dhcp listner. It is the same if i use default dhcp site (one provided with source) or if i follow guide on freeRadius wiki ( http://wiki.freeradius.org/guide/dhcp-for-static-ip-allocation) I built package from source as described in instruction for debian. Here is return of my freeradius -xv: Tue Oct 8 15:07:55 2013 : Info: freeradius: FreeRADIUS Version 3.0.0, for host x86_64-pc-linux-gnu, built on Oct 8 2013 at 10:44:53 Tue Oct 8 15:07:55 2013 : Debug: Server was built with: Tue Oct 8 15:07:55 2013 : Debug: accounting Tue Oct 8 15:07:55 2013 : Debug: authentication Tue Oct 8 15:07:55 2013 : Debug: ascend binary attributes Tue Oct 8 15:07:55 2013 : Debug: coa Tue Oct 8 15:07:55 2013 : Debug: control-socket Tue Oct 8 15:07:55 2013 : Debug: detail Tue Oct 8 15:07:55 2013 : Debug: dhcp Tue Oct 8 15:07:55 2013 : Debug: dynamic clients Tue Oct 8 15:07:55 2013 : Debug: proxy Tue Oct 8 15:07:55 2013 : Debug: regex-posix Tue Oct 8 15:07:55 2013 : Debug: session-management Tue Oct 8 15:07:55 2013 : Debug: stats Tue Oct 8 15:07:55 2013 : Debug: tcp Tue Oct 8 15:07:55 2013 : Debug: threads Tue Oct 8 15:07:55 2013 : Debug: tls Tue Oct 8 15:07:55 2013 : Debug: unlang Tue Oct 8 15:07:55 2013 : Debug: vmps Tue Oct 8 15:07:55 2013 : Debug: Server core libs: Tue Oct 8 15:07:55 2013 : Debug: talloc : 2.0.* Tue Oct 8 15:07:55 2013 : Debug: ssl: OpenSSL 1.0.1 14 Mar 2012 I have pasted debug from freeradius -X on pastebin so it doesn't clutter too much here: http://pastebin.com/raw.php?i=u9mM3avv Any help is appreciated. Regards, Rok - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Changing User Profile after depletion of set Volume
Dear pple, I have looked for this and failed to get it, i have users with set volume limits and they get knocked off once they hit the limit, however ; i want to have this taken to the next level, i.e once the limit is hit, the user's profile be changed and they can only get to certain website /URL/IPs . How can i achieve this? Eric M- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius 3 and DHCP
On 08/10/13 17:01, Rok Kosir wrote: authentication to mysql), when i run freeradius -X, i get Segmentation Fault when it reaches dhcp listner. See doc/bugs. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Changing User Profile after depletion of set Volume
On 08/10/13 17:40, Mulindwa wrote: Dear pple, I have looked for this and failed to get it, i have users with set volume limits and they get knocked off once they hit the limit, however ; i want to have this taken to the next level, i.e once the limit is hit, the user's profile be changed and they can only get to certain website /URL/IPs . How can i achieve this? 1. See if your NAS supports these features - filter by URL/IP. If it doesn't, you can't do anything. 2. If the NAS supports the features, see how you can trigger them on a user or session. It's possible you can apply the filters with a CoA packet, in which case you could generate the CoA directly inside FreeRADIUS - see the examples that come with the server. 3. If you have to trigger the features some other way (poke via CLI, SNMP, HTTP/REST/SOAP API) then write a script to apply the filter to the session and use the FreeRADIUS exec module to trigger it. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius 3 and DHCP
On 8 Oct 2013, at 17:44, Phil Mayers p.may...@imperial.ac.uk wrote: On 08/10/13 17:01, Rok Kosir wrote: authentication to mysql), when i run freeradius -X, i get Segmentation Fault when it reaches dhcp listner. See doc/bugs. and skip to section 2. :) Arran Cudbard-Bell a.cudba...@freeradius.org FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Changing User Profile after depletion of set Volume
Thanks Phil, What am looking at is this, 1. User is assigned a profile with 2GB 2. Once profile of 2GB is depleted, he is assigned another profile of say 100MB 3. Once that one is depleted he is assigned another profile. Eric M On Tuesday, October 8, 2013 7:59 PM, Phil Mayers p.may...@imperial.ac.uk wrote: On 08/10/13 17:40, Mulindwa wrote: Dear pple, I have looked for this and failed to get it, i have users with set volume limits and they get knocked off once they hit the limit, however ; i want to have this taken to the next level, i.e once the limit is hit, the user's profile be changed and they can only get to certain website /URL/IPs . How can i achieve this? 1. See if your NAS supports these features - filter by URL/IP. If it doesn't, you can't do anything. 2. If the NAS supports the features, see how you can trigger them on a user or session. It's possible you can apply the filters with a CoA packet, in which case you could generate the CoA directly inside FreeRADIUS - see the examples that come with the server. 3. If you have to trigger the features some other way (poke via CLI, SNMP, HTTP/REST/SOAP API) then write a script to apply the filter to the session and use the FreeRADIUS exec module to trigger it. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html