Re: Detail files
Peter Nixon£º === 2006-03-18 19:07:46 === On Fri 17 Mar 2006 20:57, Lisa Casey wrote: Hi, Currently my Freeradius server writes new accounting detail files each day. In radiusd.conf if I were to change detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d to detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m Would it then write one detail file for each month? Yes I have viewed the source code of rlm_detail, i really didn't found that which code is working on rotating the detail files... thanks = = = = = = = = = = = = = = = = = = = = nsinit 2006-03-20 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PAP Crypt-Password problem
your radius.conf ? The correct configuration in radiusd.conf:(PAP+rlm_sql_mysql) modules { ... pap { encryption_scheme = crypt } ... } authenticate { ... Auth-Type PAP { pap } ... } and in radcheck: Auth-Type := PAP =nsinit= - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRADIUS + Oracle
I have configured freeradius-1.0.0pre3 + oracle8.1.7 for RedHat8.0, maybe i can give some tips: 1. install oracle8.1.7 for linux correctly 2. down freeradius-1.0.0pre3 su - tar xzf freeradius-1.0.0pre3 ORACLE_HOME=/home/oracle/product/8.1.7/ export ORACLE_HOME cd freeradius-1.0.0-pre3 ./configure make make install 3. create radius database ... create database radius ... cp path_to_db_oracle.sql/db_oracle.sql ORACLE_HOME/db_oracle.sql cd ORACLE_HOME chown oracle.dba db_oracle.sql su - oracle lsnctrl start sqlplus system/[EMAIL PROTECTED] @db_oracle 4. vi /etc/ld.so.conf, Add the following: /usr/local/lib /home/oracle/product/8.1.7/lib run ldconfig 5. run radiusd in debug mode src/main/radiusd -X PPlz, if anybody have an experience in setting up freeradius+oracle auth and accounting, please give the links to docs, or config examples. I can't google anything usefull. =nsinit= - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Acct-Start-Time and radclient ??
Hi, I set the following attribute when using the radtest to send accounting-requet packets: echo Acct-Start-Time = \2002-06-23 18:33:23\ but the radclient display: Sending Accounting-Request of id 3 to 127.0.0.1:1813 . Acct-Start-Time = 2002 . I don't know why this happend, maybe anyone can tell me? And how can i do it in the right way using radtest? I want to the NAS simulator send the Acct-Start-Time but not the radius_xlat it (%S). THX! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: Sniff radius
Thx for your help! Hi Nsinit, you can get it on ADM's ftp. adm.freelsd.net/ADM regards Thomas MARCHESSEAU Hello World! [EMAIL PROTECTED] 2004-07-01 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: Sniff radius
yeah i found it yesterday afet the post , thx anyway . i use radiussniff too. Hi, can you tell me where i can download radiussniff? I have searched it at google/freshmeat.net/sourceforge.net, but get nothing. thx. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem Getting Free Radius Work with MySql
Hi mysql select * from radcheck ; ++--+---+++ | id | UserName | Attribute | op | Value | ++--+---+++ | 5 | asghar | Password | == | asghar | ++--+---+++ table radcheck for check item list, so you should put Auth-Type := Local here mysql select * from radreply ; ++--+---++---+ | id | UserName | Attribute | op | Value | ++--+---++---+ | 3 | asghar | Auth-Type | := | Local | ++--+---++---+ table radreply for reply item list -- A clue in the debug output is the following line rad_check_password: Found Auth-Type System . If you look at Mysql radreply tables i have specifically tried to specify Auth-Type to be Local and not System . I have walked through the code of rad_check_password(), maybe it is a default? i am not sure... Hello World! [EMAIL PROTECTED] 2004-06-28 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
mysql authorize failover?
Hi, I just want to configure my freeradius server for a authorize failover, but i failed. I want: authorize username in database radius1, if failure, continue authorize username in database radius2, but module_authorize not entry into instance sql2:( freeradius0.9.2 + rlm_sql_mysql + rlm_pap + rlm_always radiusd.conf: modules { $INCLUDE${confdir}/sql1.conf- for a radius_db: radius1 and User: user1 $INCLUDE${confidir}/sql2.conf - for a radius_db: radius2 and User: user2 always handled { rcode = handled } } authorize { redundant { sql1 sql2 handled } when use: ./radauth user1 pass all is ok. but when use: ./radauth user2 pass modcall[authorize]: module sql2 returns notfound for request 0 modcall: group redundant returns notfound for request 0 modcall: group authorize returns notfound for request 0 I have read doc/configurable_failover, and search and read all posts on the maillist, I am not a english native speaker, i really cann't understand something, maybe somebody can help me in this case? a example is ok. thx! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: mysql authorize failover?
Hi I am sorry for this post, i have solved it just before. as the following: modules { pap { encryption_scheme = crypt } $INCLUDE${confdir}/sql1.conf- for a radius_db: radius1 and User: user1 $INCLUDE${confidir}/sql2.conf - for a radius_db: radius2 and User: user2 } authenticate { Auth-Type PAP { pap } } authorize { redundant { sql1 { notfound = 1 } sql2 } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_sqlcounter query parameter
Hello it is possible to define the query parameter in sqlcounter.conf? %k = %b = I just want to specify the date where the AcctSessionTime will be compute(SUM). I think i will be ok. I have modified the accounting_stop_query in sql.conf, instead of '%S' for a static datetime value such as "2004-06-17 11:51:39", it works well. you can refer to radius_xlat() .
rlm_expr question
Can i return the same VALUE_PAIR in the access-accept packet as the access-request packet? For example, Call-Refrence = 2 in access-request packet, and then return Call-Refrence = 2 in the access-accept packet. I am using the rlm_expr, but failed. (freeradius0.9.2 + rlm_pap + rlm_expr + rlm_sql_mysql + rlm_sqlcounter) 1. [EMAIL PROTECTED] main]# ./radauth ylei ylei Sending Access-Request of id 239 to 10.1.16.250:1812 User-Name = ylei User-Password = ylei NAS-IP-Address = 127.0.0.1 Call-Refrence = 2 -- our own Attribute NAS-Port = 6 rad_recv: Access-Accept packet from host 10.1.16.250:1812 id=239,length=62 Reply-Message = 2 Call-Refrence-Ack = %{expr: %{Call-Refrence}} -- our own Attribute Session-Timeout = 6000 2. dictionary file VENDOR SZHTP ATTRIBUTE Call-Refrence 0 Integer VENDOR ATTRIBUTE Call-Refrence-Ack 1 String VENDOR // String: same as Reply-Message .. refering to /usr/local/share/freeradius/dictionary: ATTRIBUTE Reply-Message 18 String 3. radreply table: id UserNameAttribute op Value 1 yleiReply-Message := %{expr: %{Call-Refrence}} 2 yleiCall-Refrence-Ack := %{expr: %{Call-Refrence}} 3 yleiCall-Refrence := %{expr: %{Call-Refrence}} Can anyone tell me why i cann't get what i want? PS: WHERE is the function expr_xlat() in rlm_expr.c called?? I will debug for the above if i konw. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: rlm_expr question
Hi You have to put the Value in back-quotes: `%{expr: %{Call-Refrence}` I have tried it, but it didn't work. 1. radreply table: id UserNameAttribute op Value 1 yleiReply-Message := `%{expr: %{Call-Refrence}}` -- back-quotes 2 yleiCall-Refrence-Ack := `%{expr: %{Call-Refrence}}` 3 yleiCall-Refrence := `%{expr: %{Call-Refrence}}` 2. [EMAIL PROTECTED] main]# ./radauth ylei ylei Sending Access-Request of id 239 to 10.1.16.250:1812 User-Name = ylei User-Password = ylei NAS-IP-Address = 127.0.0.1 Call-Refrence = 2 NAS-Port = 6 rad_recv: Access-Accept packet from host 10.1.16.250:1812 id=239,length=62 Reply-Message = `2` -- back-quotes Call-Refrence-Ack = `%{expr: %{Call-Refrence}}` -- back-quotes Session-Timeout = 6000 I don't understand why Reply-Message works well but Call-Refrence-AckCall-Refrence doesn't work at all. PS: WHERE is the function expr_xlat() in rlm_expr.c called?? I will debug for the above if i konw. Hello World! [EMAIL PROTECTED] 2004-06-16 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: radrelay sample??
I am sorry for this post, just before i have read the doc/radrelay. sorry again. Hi I want to use radrelay to replicate accounting data to my freeradius server, but failed. Hello World! [EMAIL PROTECTED] 2004-06-16 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_sqlcounter Max-Daily-Session??
Hi, I have configured a freeradius server(freeradius0.9.2 + rlm_pap + rlm_sql_mysql + rlm_sqlcounter) , sqlcounter work well.but i am puzzled that: Where is Max-Daily-Session defined in certain dictionary file ? I cann't find it under dictionary directory greping it. Thx! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: rlm_sqlcounter Max-Daily-Session??
it doesnt hurt you if you cannot find it, what will hurt you is there is wrong using it as an attribute. As well as i know, we have to include a dictionary.XXX file in the /usr/share/freeradius/dictionary if we want to use our custom Vendor-Specific-Attribute, right? Hello World! [EMAIL PROTECTED] 2004-06-14 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_sqlcounter Max-Daily-Session??
Hi hi, are you referring in sqlcounter dailycounter in sqlcounter.conf? Do u want to configure the daily counter? Yeah, it works well. and so what? Maybe i have basical misunderstanding for the attributedictionary. Can anyone point it to me?Thx in advance. Hello World! [EMAIL PROTECTED] 2004-06-15 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: building faked accounting request??
Hi what a surprise! can we avoid it? in my option, it's not normal. i am puzzled. please guide me... thx. nsinit [EMAIL PROTECTED] wrote: so i can send various of accounting start request with different NAS-IP-Address, all these accounting data inserted into the backend database successfully. So accounting request can be faked? Yes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Hello World! [EMAIL PROTECTED] 2004-06-10 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radrelay sample??
Hi I want to use radrelay to replicate accounting data to my freeradius server, but failed. [EMAIL PROTECTED] szhtp] more /tmp/accounting-request Acct-Status-Type = start User-Name = ylei [EMAIL PROTECTED] main]./radrelay -a /tmp -i 127.0.0.1 -n ylei accounting-request -f -xx in loop() slots initialized done in read_one() line: Acct-Status-Type = start STATE_BUSY1 Not date line line: User-Name = ylei STATE_BUSY1 Not date line get nothing from detailfile in read_one() get nothing from detailfile . I have added some codes in radrelay.c for generating the above output I have started my freeradius server in debug mode, but cann't receive any radius request, Someone can tell me what's wrong with this?or give me a sample of detailfile? THX! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: radrelay sample??
Hi I had a problem with radrelay in 0.9.3 not forwarding accounting messages coming into the server because they didn't meet someone's (the person who wrote radrelay) idea of standard. Do you means that radrelay refuse forwarding the accounting request when using exec-program (radrelay) on pre-proxy? Can you tell me what idea of standard that radrelay are obeying in details? I am not so familiar with the radreply source code. THX. After modifying the radrelay source code to just pass the accounting packets without dropping any, radrelay works perfectly. I'm not sure if this is the problem you are seeing, though. In details? thx. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Hello World! [EMAIL PROTECTED] 2004-06-10 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
building faked accounting request??
HI, i have build a system based on freeradius0.9.2+rlm_sql_mysql(pap), i have modified the accounting_start_query in the sql.conf as the following: accounting_start_query = INSERT INTO ${acct_table1} (UserName, NASIPAddress) values \ ('%{SQL-User-Name}','%{NAS-IP-Address}') i have modified the radtest to send the accounting request(Acct-Status-Type=start) £¬ so i can send various of accounting start request with different NAS-IP-Address, all these accounting data inserted into the backend database successfully. So accounting request can be faked? forget about my poor english, please. correct me if there are any basic mistake above. thx. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MySQL problem
Szabó_György,ÄúºÃ£¡ i have meeted the same problem recently, i don't know what's wrong. i just modify the sql query and ignore it cause of i have to use my own special sql query. === 2004-06-09 02:01:05 ÄúÔÚÀ´ÐÅÖÐдµÀ£º=== Hi. The radius.log contains the following lines: Info: rlm_sql (sql): received Acct On/Off packet Error: rlm_sql (sql): Couldn't update SQL accounting for Acct On/Off packet - You have an error in your SQL syntax near 'WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '192.168.1.4' AND A' at line 1 What is the problem ? I'm generate the database with db_mysql.sql -- technik :-) ICQ: 270532579 AIM: gyuriszabo - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html = = = = = = = = = = = = = = = = = = = = Ö Àñ£¡ nsinit [EMAIL PROTECTED] 2004-06-09 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: freeradius rfc2882 ?
THX Alan. None the less, the feature is still deployed in a number of products. can you give me some points about those products? i am working with a project based on freeradius 0.9.2, i have to implement the password change feature described in the rfc2882, so you can give me some advice? thanks very much! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius rfc2882 ?
Hi somebody can tell me that whether or not rfc1882 implemented in freeradius0.9.2 or later realease? i have to write a radius client sending a request to my freeradius server for changing the user's password stored in the backend database. thx. described as the following:(rfc2882) 5.1. Password Change Remotely requested password change operations were described and proposed, but rejected by the working group. None the less, the feature is still deployed in a number of products. Message types: - Password Request - Password Ack or Reject - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html