Re: deployingradius.com down?
On 7 May 2008, at 14:15, Matt Ashfield wrote: I can’t seem to get to deployingradius.com website. Anyone know if this is down? looks like it: http://downforeveryoneorjustme.com/deployingradius.com cheers, pedro -- you don't code php. you merely edit it until it works. - merlyn Information in this email including any attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received it in error, please notify the sender by return e-mail and delete it from your system. You should not reproduce, distribute, store, retransmit, use or disclose its contents to anyone. Please note we reserve the right to monitor all e-mail communication through our internal and external networks. SKY and the SKY marks are trade marks of British Sky Broadcasting Group plc and are used under licence. British Sky Broadcasting Limited (Registration No. 2906991), Sky Interactive Limited (Registration No. 3554332), Sky-In-Home Service Limited (Registration No. 2067075) and Sky Subscribers Services Limited (Registration No. 2340150) are direct or indirect subsidiaries of British Sky Broadcasting Group plc (Registration No. 2247735). All of the companies mentioned in this paragraph are incorporated in England and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: php resource application
On 20 Mar 2008, at 17:19, Charnjit Sidhu wrote: Hi, I need what is called a Authen/Radius.pm file. for my application authentication, does anyone know where I can get one of these from, this is to allow my perl script to run Authen::Radius http://search.cpan.org/dist/RadiusPerl/ cheers, pedro -- you don't code php. you merely edit it until it works. - merlyn Information in this email including any attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received it in error, please notify the sender by return e-mail and delete it from your system. You should not reproduce, distribute, store, retransmit, use or disclose its contents to anyone. Please note we reserve the right to monitor all e-mail communication through our internal and external networks. SKY and the SKY marks are trade marks of British Sky Broadcasting Group plc and are used under licence. British Sky Broadcasting Limited (Registration No. 2906991), Sky Interactive Limited (Registration No. 3554332), Sky-In-Home Service Limited (Registration No. 2067075) and Sky Subscribers Services Limited (Registration No. 2340150) are direct or indirect subsidiaries of British Sky Broadcasting Group plc (Registration No. 2247735). All of the c! ompanies mentioned in this paragraph are incorporated in England and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Version 2.0.0 has been released
hi, congratulations, and thank you very much for all the work you put on freeradius. cheers, pedro -- you don't code php. you merely edit it until it works. - merlyn Information in this email including any attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received it in error, please notify the sender by return e-mail and delete it from your system. You should not reproduce, distribute, store, retransmit, use or disclose its contents to anyone. Please note we reserve the right to monitor all e-mail communication through our internal and external networks. SKY and the SKY marks are trade marks of British Sky Broadcasting Group plc and are used under licence. British Sky Broadcasting Limited (Registration No. 2906991), Sky Interactive Limited (Registration No. 3554332), Sky-In-Home Service Limited (Registration No. 2067075) and Sky Subscribers Services Limited (Registration No. 2340150) are direct or indirect subsidiaries of British Sky Broadcasting Group plc (Registration No. 2247735). All of the c! ompanies mentioned in this paragraph are incorporated in England and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
strange thing happening with rlm_perl
hi,
i'm using fr 1.1.2 and perl 5.8.4, and wrote a simple perl script to
return 2 random lns's for a given huntgroup.
$ uname -a
Linux radius1_staging 2.6.8-x4100-1 #1 SMP Wed Jun 7 08:58:42 BST
2006 x86_64 GNU/Linux
this is what i have in users, right at the top:
#
[EMAIL PROTECTED] Huntgroup-Name == testhuntgroup
Framed-Protocol = PPP,
Service-Type = Dialout-Framed-User
DEFAULT Auth-Type = Perl
Fall-Through = 1
DEFAULT Huntgroup-Name == othergroup, Suffix == @foo
...
#
i have radiusd.conf setup as per http://wiki.freeradius.org/Rlm_perl
and the following group in authorize:
group {
ldap {
fail = return
notfound = return
}
files {
ok = 1
}
perl {
ok =1
}
auth_log
ok = return
}
my perl simply slurps a file with the several lns parameters and
returns 2 randomly chosen ones through %RAD_REPLY:
sub authorize {
# boring file reading and random op...
my ( $ip1, $password1, $pref1 ) = @{ $lns[$lns1] };
$RAD_REPLY{'Tunnel-Server-Endpoint:1'} = $ip1;
$RAD_REPLY{'Tunnel-Type:1'} = L2TP;
$RAD_REPLY{'Tunnel-Medium-Type:1'} = IP;
$RAD_REPLY{'Tunnel-Password:1'} = $password1;
$RAD_REPLY{'Tunnel-Assignment-Id:1'}= 1;
$RAD_REPLY{'Tunnel-Preference:1'} = $pref1;
my ( $ip2, $password2, $pref2 ) = @{ $lns[$lns2] };
$RAD_REPLY{'Tunnel-Server-Endpoint:2'} = $ip2;
$RAD_REPLY{'Tunnel-Type:2'} = L2TP;
$RAD_REPLY{'Tunnel-Medium-Type:2'} = IP;
$RAD_REPLY{'Tunnel-Password:2'} = $password2;
$RAD_REPLY{'Tunnel-Assignment-Id:2'}= 2;
$RAD_REPLY{'Tunnel-Preference:2'} = $pref2;
return RLM_MODULE_UPDATED;
}
what i'm seeing in the respose are mixed av pairs, and the connection
fails (i assume because the data for each tunnel is incomplete). here
is what i see in the logs and the response sent:
rlm_perl: Added pair Tunnel-Assignment-Id = 2
rlm_perl: Added pair Tunnel-Medium-Type = IP
rlm_perl: Added pair Tunnel-Type = L2TP
rlm_perl: Added pair Tunnel-Server-Endpoint = x.x.x.x
rlm_perl: Added pair Tunnel-Password = foo
rlm_perl: Added pair Tunnel-Assignment-Id = 1
rlm_perl: Added pair Service-Type = Dialout-Framed-User
rlm_perl: Added pair Tunnel-Medium-Type = IP
rlm_perl: Added pair Tunnel-Server-Endpoint = y.y.y.y
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Tunnel-Type = L2TP
rlm_perl: Added pair Tunnel-Preference = 1
rlm_perl: Added pair Tunnel-Password = bar
rlm_perl: Added pair Tunnel-Preference = 50
here it seems to be ignoring the :1 and :2 for each tunnel. this then
results in the following reply, with values from borh tunnels mixed:
Sending Access-Accept of id 234 to t.t.t.t port 9208
Framed-Protocol = PPP
Service-Type = Dialout-Framed-User
Tunnel-Assignment-Id:2 = 2
Tunnel-Medium-Type:1 = IP
Tunnel-Type:1 = L2TP
Tunnel-Server-Endpoint:2 = x.x.x.x
Tunnel-Password:2 = foo
Tunnel-Preference:2 = 1
am i doing something wrong, and if so, what? any help much appreciated.
thanks in advance,
pedro
--
This email and any attachments may be confidential and/or legally privileged.
If you have received this e-mail and you are not a named addressee, please
inform the sender of this email by sending a return email to the address above
and then delete the e-mail and your response from your system. If you are not a
named addressee you must not use, disclose, distribute, copy, print or rely on
this e-mail. Any views or opinions presented are solely those of the author.
Any statements made, or intentions expressed in this communication may not
necessarily reflect the view of Easynet. No content herein will bind Easynet or
any associated company unless confirmed by the execution of a formal contract
by Easynet. Any figures or amounts given in this email are quotations only and
are subject to change. Although Easynet routinely screens for viruses,
addressees should scan this e-mail and any attachments for viruses. Easynet
makes no representation or warranty as to the absence of virus!
es in this e-mail or any attachments. Please note that to ensure regulatory
compliance and for the protection of our customers and business, we may monitor
and read e-mails sent to and from our server(s).
Easynet Limited a company incorporated and existing under the laws of England
and Wales, with company number 2954343 and having its registered office at
44-46 Whitfield Street London, W1T 2RJ.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
modules' instantiation failing (files)
hi all,
i need to send different lns configuration in a round-robin fashion.
in order to do this, i added the following to modules:
files rra {
userfile = ${confdir}/users.rr1
acctusersfile = ${confdir}/acct_users
preproxy_usersfile = ${confdir}/preproxy_users
compat = no
}
files rrb {
userfile = ${confdir}/users.rr2
acctusersfile = ${confdir}/acct_users
preproxy_usersfile = ${confdir}/preproxy_users
compat = no
}
and then in authorize:
redundant-load-balance {
rra
rrb
ok = 1
}
freeradius is picking the right module, alternating between them on
each request. the problem is in the instantiation of the modules,
where i'm getting the following:
Module: Instantiated files (rra)
files: usersfile = /etc/freeradius-dev/users
files: acctusersfile = /etc/freeradius-dev/acct_users
files: preproxy_usersfile = /etc/freeradius-dev/preproxy_users
files: compat = no
Module: Instantiated files (rrb)
files: usersfile = /etc/freeradius-dev/users
files: acctusersfile = /etc/freeradius-dev/acct_users
files: preproxy_usersfile = /etc/freeradius-dev/preproxy_users
files: compat = no
as you can see, it's not reading the files i told it to read.
confirmed with strace, just to be on the safe side:
write(1, Module: Instantiated files (rra)..., 34Module:
Instantiated files (rra)) = 34
write(1, files: usersfile = \/etc/freera..., 48 files: usersfile
= /etc/freeradius-dev/users) = 48
write(1, files: acctusersfile = \/etc/fr..., 57 files:
acctusersfile = /etc/freeradius-dev/acct_users) = 57
write(1, files: preproxy_usersfile = \/e..., 66 files:
preproxy_usersfile = /etc/freeradius-dev/preproxy_users) = 66
write(1, files: compat = \no\\n, 22 files: compat = no) = 22
open(/etc/freeradius-dev/users, O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0640, st_size=1880, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x2a973c3000
read(6, # Simplify the Tunneling rules t..., 4096) = 1880
read(6, , 4096) = 0
read(6, , 4096) = 0
close(6)= 0
munmap(0x2a973c3000, 4096) = 0
open(/etc/freeradius-dev/acct_users, O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0640, st_size=532, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x2a973c3000
read(6, #\n#\t$Id: acct_users,v 1.4 2003/0..., 4096) = 532
read(6, , 4096) = 0
read(6, , 4096) = 0
close(6)= 0
munmap(0x2a973c3000, 4096) = 0
open(/etc/freeradius-dev/preproxy_users, O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0640, st_size=1039, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x2a973c3000
read(6, #\n# Configuration file for the ..., 4096) = 1039
read(6, , 4096) = 0
close(6)= 0
munmap(0x2a973c3000, 4096) = 0
write(1, Module: Instantiated files (rrb)..., 34Module:
Instantiated files (rrb)) = 34
write(1, files: usersfile = \/etc/freera..., 48 files: usersfile
= /etc/freeradius-dev/users) = 48
write(1, files: acctusersfile = \/etc/fr..., 57 files:
acctusersfile = /etc/freeradius-dev/acct_users) = 57
write(1, files: preproxy_usersfile = \/e..., 66 files:
preproxy_usersfile = /etc/freeradius-dev/preproxy_users) = 66
write(1, files: compat = \no\\n, 22 files: compat = no) = 22
open(/etc/freeradius-dev/users, O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0640, st_size=1880, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x2a973c3000
read(6, # Simplify the Tunneling rules t..., 4096) = 1880
read(6, , 4096) = 0
read(6, , 4096) = 0
close(6)= 0
munmap(0x2a973c3000, 4096) = 0
open(/etc/freeradius-dev/acct_users, O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0640, st_size=532, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x2a973c3000
read(6, #\n#\t$Id: acct_users,v 1.4 2003/0..., 4096) = 532
read(6, , 4096) = 0
read(6, , 4096) = 0
close(6)= 0
munmap(0x2a973c3000, 4096) = 0
open(/etc/freeradius-dev/preproxy_users, O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0640, st_size=1039, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x2a973c3000
read(6, #\n# Configuration file for the ..., 4096) = 1039
read(6, , 4096) = 0
close(6)= 0
munmap(0x2a973c3000, 4096) = 0
i couldn't find any
Re: modules' instantiation failing (files)
On 2 Apr 2007, at 13:38, Alan DeKok wrote:
Pedro Figueiredo wrote:
i need to send different lns configuration in a round-robin fashion.
in order to do this, i added the following to modules:
files rra {
userfile = ${confdir}/users.rr1
It's usersfile, with an s. users + file.
Alan DeKok.
oh. now i'm as red as a big red nose (although, in my defense, 1
other people looked into this as well and also couldn't spot it).
one suggestion for the future, though: can freeradius complain when
it finds an unknown keyword?
thank you very much for your help.
pedro
--
This email and any attachments may be confidential and/or legally privileged.
If you have received this e-mail and you are not a named addressee, please
inform the sender of this email by sending a return email to the address above
and then delete the e-mail and your response from your system. If you are not a
named addressee you must not use, disclose, distribute, copy, print or rely on
this e-mail. Any views or opinions presented are solely those of the author.
Any statements made, or intentions expressed in this communication may not
necessarily reflect the view of Easynet. No content herein will bind Easynet or
any associated company unless confirmed by the execution of a formal contract
by Easynet. Any figures or amounts given in this email are quotations only and
are subject to change. Although Easynet routinely screens for viruses,
addressees should scan this e-mail and any attachments for viruses. Easynet
makes no representation or warranty as to the absence of virus!
es in this e-mail or any attachments. Please note that to ensure regulatory
compliance and for the protection of our customers and business, we may monitor
and read e-mails sent to and from our server(s).
Easynet Limited a company incorporated and existing under the laws of England
and Wales, with company number 2954343 and having its registered office at
44-46 Whitfield Street London, W1T 2RJ.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: modules' instantiation failing (files)
On 2 Apr 2007, at 14:51, Pedro Figueiredo wrote:
On 2 Apr 2007, at 13:38, Alan DeKok wrote:
Pedro Figueiredo wrote:
i need to send different lns configuration in a round-robin fashion.
in order to do this, i added the following to modules:
files rra {
userfile = ${confdir}/users.rr1
It's usersfile, with an s. users + file.
Alan DeKok.
oh. now i'm as red as a big red nose (although, in my defense, 1
other people looked into this as well and also couldn't spot it).
ok, there's something really weird going on now. this is my config:
files {
usersfile = ${confdir}/users
acctusersfile = ${confdir}/acct_users
preproxy_usersfile = ${confdir}/preproxy_users
# If you want to use the old Cistron 'users' file
# with FreeRADIUS, you should change the next line
# to 'compat = cistron'. You can the copy your
'users'
# file from Cistron.
compat = no
}
files wcpefiles {
usersfile = ${confdir}/wcpeusers
acctusersfile = ${confdir}/acct_users
compat = no
}
files rra {
usersfile = ${confdir}/users.rr1
acctusersfile = ${confdir}/acct_users
preproxy_usersfile = ${confdir}/preproxy_users
compat = no
}
files rrb {
usersfile = ${confdir}/users.rr2
acctusersfile = ${confdir}/acct_users
preproxy_usersfile = ${confdir}/preproxy_users
compat = no
}
and here's what's happening:
Module: Loaded files
files: usersfile = /etc/freeradius-dev/users
files: acctusersfile = /etc/freeradius-dev/acct_users
files: preproxy_usersfile = /etc/freeradius-dev/preproxy_users
files: compat = no
Module: Instantiated files (files)
files: usersfile = /etc/freeradius-dev/users.rr1
files: acctusersfile = /etc/freeradius-dev/acct_users
files: preproxy_usersfile = /etc/freeradius-dev/preproxy_users
files: compat = no
Module: Instantiated files (rra)
files: usersfile = /etc/freeradius-dev/users.rr2
files: acctusersfile = /etc/freeradius-dev/acct_users
files: preproxy_usersfile = /etc/freeradius-dev/preproxy_users
files: compat = no
Module: Instantiated files (rrb)
files: usersfile = /etc/freeradius-dev/wcpeusers
files: acctusersfile = /etc/freeradius-dev/acct_users
files: preproxy_usersfile = /etc/freeradius-dev/preproxy_users
files: compat = no
Module: Instantiated files (wcpefiles)
as you can see, it's off by one. any suggestions or ideas on why it's
doing this?
cheers,
pedro
This email and any attachments may be confidential and/or legally privileged.
If you have received this e-mail and you are not a named addressee, please
inform the sender of this email by sending a return email to the address above
and then delete the e-mail and your response from your system. If you are not a
named addressee you must not use, disclose, distribute, copy, print or rely on
this e-mail. Any views or opinions presented are solely those of the author.
Any statements made, or intentions expressed in this communication may not
necessarily reflect the view of Easynet. No content herein will bind Easynet or
any associated company unless confirmed by the execution of a formal contract
by Easynet. Any figures or amounts given in this email are quotations only and
are subject to change. Although Easynet routinely screens for viruses,
addressees should scan this e-mail and any attachments for viruses. Easynet
makes no representation or warranty as to the absence of virus!
es in this e-mail or any attachments. Please note that to ensure regulatory
compliance and for the protection of our customers and business, we may monitor
and read e-mails sent to and from our server(s).
Easynet Limited a company incorporated and existing under the laws of England
and Wales, with company number 2954343 and having its registered office at
44-46 Whitfield Street London, W1T 2RJ.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
