Re: Detail files

2006-03-19 Thread nsinit 

Peter Nixon£º



=== 2006-03-18 19:07:46 ===

On Fri 17 Mar 2006 20:57, Lisa Casey wrote:
 Hi,

 Currently my Freeradius server writes new accounting detail files each day.
 In radiusd.conf if I were to change

 detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d

 to

 detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m

 Would it then write one detail file for each month?

Yes


I have viewed the source code of rlm_detail, i really didn't found that which 
code 
is working on rotating the detail files...

thanks

= = = = = = = = = = = = = = = = = = = =

nsinit
2006-03-20


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: PAP Crypt-Password problem

2004-07-11 Thread nsinit 

your radius.conf ?

The correct configuration in radiusd.conf:(PAP+rlm_sql_mysql)

modules {
 ...
pap {
encryption_scheme = crypt
}
 ...
}

authenticate {
...
Auth-Type PAP {
pap
}
...
}

and in radcheck:
Auth-Type := PAP




=nsinit=




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: FreeRADIUS + Oracle

2004-07-11 Thread nsinit 

I have configured freeradius-1.0.0pre3 + oracle8.1.7 for RedHat8.0, maybe i can give 
some tips:

1. install oracle8.1.7 for linux correctly

2. down freeradius-1.0.0pre3
su - 
tar xzf freeradius-1.0.0pre3
ORACLE_HOME=/home/oracle/product/8.1.7/
export ORACLE_HOME
cd freeradius-1.0.0-pre3
./configure
make
make install

3. create radius database
... create database radius ...
cp path_to_db_oracle.sql/db_oracle.sql 
ORACLE_HOME/db_oracle.sql
cd ORACLE_HOME
chown oracle.dba db_oracle.sql
su - oracle
lsnctrl start   
sqlplus system/[EMAIL PROTECTED]
@db_oracle

4. vi /etc/ld.so.conf, Add the following:
/usr/local/lib  
/home/oracle/product/8.1.7/lib

   run ldconfig

5. run radiusd in debug mode
src/main/radiusd -X 

   
PPlz, if anybody have an experience in setting up freeradius+oracle auth and 
accounting, please give the links to docs, or config examples.
I can't google anything usefull.



=nsinit=




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Acct-Start-Time and radclient ??

2004-07-02 Thread nsinit 
Hi,

I set the following attribute when using the radtest to send accounting-requet 
packets:
echo Acct-Start-Time = \2002-06-23 18:33:23\

but the radclient display:
Sending Accounting-Request of id 3 to 127.0.0.1:1813
.
Acct-Start-Time = 2002
.


I don't know why this happend, maybe anyone can tell me?   And how can i do it 
in the right way using radtest?
I want to the NAS simulator send the Acct-Start-Time but not the radius_xlat it (%S).


THX!




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: Sniff radius

2004-06-30 Thread nsinit 

Thx for your help!

Hi Nsinit, 

you can get it on ADM's ftp.
adm.freelsd.net/ADM

regards
Thomas MARCHESSEAU




Hello World! 

[EMAIL PROTECTED]
2004-07-01




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: Sniff radius

2004-06-29 Thread nsinit 

yeah i found it yesterday afet the post , thx anyway .
i use radiussniff too.

Hi, can you tell me where i can download radiussniff?
I have searched it at google/freshmeat.net/sourceforge.net,
but get nothing.

thx.




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Problem Getting Free Radius Work with MySql

2004-06-28 Thread nsinit 
Hi






mysql select * from radcheck ; 
++--+---+++
| id | UserName | Attribute | op | Value  |
++--+---+++
|  5 | asghar   | Password  | == | asghar |
++--+---+++

table radcheck for check item list, so you should put Auth-Type := Local here


mysql select * from radreply ; 
++--+---++---+
| id | UserName | Attribute | op | Value |
++--+---++---+
|  3 | asghar   | Auth-Type | := | Local |
++--+---++---+


table radreply for reply item list 


 --
A clue in the debug output is the following line  rad_check_password:
 Found Auth-Type System . If you look at Mysql radreply tables i have
specifically tried to
specify Auth-Type to be Local and not System .  

I have walked through the code of rad_check_password(),  maybe it is a default?
i am not sure...



Hello World! 

[EMAIL PROTECTED]
2004-06-28




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

mysql authorize failover?

2004-06-28 Thread nsinit 
Hi,
I just want to configure my freeradius server for a authorize failover, but i 
failed.
I want:
authorize username in database radius1, if failure, continue authorize 
username in database radius2,
but module_authorize not entry into instance sql2:(

freeradius0.9.2 + rlm_sql_mysql + rlm_pap  + rlm_always

radiusd.conf:

modules {
$INCLUDE${confdir}/sql1.conf- for a radius_db: 
radius1  and User: user1
$INCLUDE${confidir}/sql2.conf   - for a 
radius_db: radius2  and User: user2
always handled {
rcode = handled
}
}


authorize {
redundant {
sql1
sql2
handled
}


when use:
./radauth user1 pass
all is ok.

but when use:
./radauth user2 pass

modcall[authorize]: module sql2 returns notfound for request 0
modcall: group redundant returns notfound for request 0
modcall: group authorize returns notfound for request 0


I have read doc/configurable_failover, and search and read all posts on the 
maillist,
I am not a english native speaker, i really cann't   understand something,  maybe 
somebody 
can help me in this case? a example is ok. thx!




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: mysql authorize failover?

2004-06-28 Thread nsinit 
Hi

I am sorry for this post, i  have solved it just before.

as the following:

modules {
pap {
encryption_scheme = crypt
}

$INCLUDE${confdir}/sql1.conf- for a radius_db: 
radius1  and User: user1
$INCLUDE${confidir}/sql2.conf   - for a 
radius_db: radius2  and User: user2
}

authenticate {
Auth-Type PAP {
pap
}
}

authorize {
redundant {
sql1 {
notfound = 1
}
sql2
}





- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_sqlcounter query parameter

2004-06-17 Thread nsinit 





Hello it is possible to define the query parameter 
in sqlcounter.conf?

%k = 
%b = 

I just want to specify the date where the 
AcctSessionTime will be compute(SUM). 




I think i will be ok.

I have modified the accounting_stop_query in sql.conf, instead of 
'%S' for a static datetime value such as "2004-06-17 11:51:39",
it works well. you can refer to radius_xlat() .

rlm_expr question

2004-06-15 Thread nsinit 

Can i return the same VALUE_PAIR in the access-accept packet as the access-request 
packet?
For example, Call-Refrence = 2 in access-request packet, and then return 
Call-Refrence = 2 in the access-accept packet.  I am using the rlm_expr, but failed.

(freeradius0.9.2 + rlm_pap + rlm_expr + rlm_sql_mysql + rlm_sqlcounter)

1.
[EMAIL PROTECTED] main]# ./radauth ylei ylei
Sending Access-Request of id 239 to 10.1.16.250:1812
User-Name = ylei
User-Password = ylei
NAS-IP-Address = 127.0.0.1
Call-Refrence = 2   -- our own Attribute
NAS-Port = 6
rad_recv: Access-Accept packet from host 10.1.16.250:1812 id=239,length=62
Reply-Message = 2
Call-Refrence-Ack = %{expr: %{Call-Refrence}} -- our own Attribute
Session-Timeout = 6000


2. dictionary file

VENDOR  SZHTP   
ATTRIBUTE   Call-Refrence   0   Integer VENDOR
ATTRIBUTE   Call-Refrence-Ack   1   String  VENDOR  // 
String: same as Reply-Message
..


refering to /usr/local/share/freeradius/dictionary:

ATTRIBUTE   Reply-Message   18  String  



3. radreply table:
id  UserNameAttribute   op  Value
1   yleiReply-Message   :=  %{expr: 
%{Call-Refrence}}
2   yleiCall-Refrence-Ack   :=  %{expr: 
%{Call-Refrence}}   
3   yleiCall-Refrence   :=  %{expr: 
%{Call-Refrence}}

Can anyone tell me why i cann't get what i want?

PS:
WHERE is the function expr_xlat() in rlm_expr.c called?? I will debug for the 
above if i konw.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: rlm_expr question

2004-06-15 Thread nsinit 
Hi





  You have to put the Value in back-quotes: `%{expr: %{Call-Refrence}`


I have tried it, but it didn't work.

1. radreply table:
id  UserNameAttribute   op  Value
1   yleiReply-Message   :=  `%{expr: 
%{Call-Refrence}}` -- back-quotes
2   yleiCall-Refrence-Ack   :=  `%{expr: 
%{Call-Refrence}}` 
3   yleiCall-Refrence   :=  `%{expr: 
%{Call-Refrence}}`

2.
[EMAIL PROTECTED] main]# ./radauth ylei ylei
Sending Access-Request of id 239 to 10.1.16.250:1812
User-Name = ylei
User-Password = ylei
NAS-IP-Address = 127.0.0.1
Call-Refrence = 2
NAS-Port = 6
rad_recv: Access-Accept packet from host 10.1.16.250:1812 id=239,length=62
Reply-Message = `2`   -- back-quotes
Call-Refrence-Ack = `%{expr: %{Call-Refrence}}`   -- back-quotes
Session-Timeout = 6000

I don't understand why Reply-Message works well but Call-Refrence-AckCall-Refrence 
doesn't work at all.

PS:
WHERE is the function expr_xlat() in rlm_expr.c called?? I will debug for the 
above if i konw.






Hello World! 

[EMAIL PROTECTED]
2004-06-16




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: radrelay sample??

2004-06-15 Thread nsinit 


I am sorry for this post, just before i have read the doc/radrelay.

sorry again.

Hi 
   I want to use radrelay to replicate accounting data to my freeradius server,
but failed.






Hello World! 

[EMAIL PROTECTED]
2004-06-16




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

rlm_sqlcounter Max-Daily-Session??

2004-06-14 Thread nsinit 

Hi,
I have configured a freeradius server(freeradius0.9.2 + rlm_pap + 
rlm_sql_mysql + rlm_sqlcounter) , sqlcounter work well.but i am puzzled that:
Where is  Max-Daily-Session  defined in certain dictionary file ?
I cann't find it under dictionary directory  greping it. Thx!





- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: rlm_sqlcounter Max-Daily-Session??

2004-06-14 Thread nsinit 



it doesnt hurt you if you cannot find it, what will hurt you is there is
wrong using it as an attribute.

As well as i know, we have to include a dictionary.XXX file in the 
/usr/share/freeradius/dictionary if we want to use our custom 
Vendor-Specific-Attribute, right? 



Hello World! 

[EMAIL PROTECTED]
2004-06-14




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: rlm_sqlcounter Max-Daily-Session??

2004-06-14 Thread nsinit 
Hi




hi, are you referring in sqlcounter dailycounter in sqlcounter.conf? Do   
 
u want to configure the daily counter? 


Yeah, it works well. and so what?  Maybe i have basical misunderstanding for 
the attributedictionary. Can anyone point it to me?Thx in advance.



Hello World! 

[EMAIL PROTECTED]
2004-06-15




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: building faked accounting request??

2004-06-09 Thread nsinit 
Hi

what a surprise!

can we avoid it? in my option, it's not normal. i am puzzled.
please guide me... thx.


nsinit [EMAIL PROTECTED] wrote:
 so i can send various of accounting start request with different NAS-IP-Address, 
 all these 
 accounting data inserted into the backend database successfully.
 
  So accounting request can be faked?

  Yes.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





Hello World! 

[EMAIL PROTECTED]
2004-06-10




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radrelay sample??

2004-06-09 Thread nsinit 
Hi
I want to use radrelay to replicate accounting data to my freeradius server,
but failed.

[EMAIL PROTECTED] szhtp] more /tmp/accounting-request
Acct-Status-Type = start
User-Name = ylei

[EMAIL PROTECTED] main]./radrelay -a /tmp -i 127.0.0.1 -n ylei accounting-request -f 
-xx
in loop()
slots initialized done
in read_one()
line: Acct-Status-Type = start
STATE_BUSY1
Not date line
line: User-Name = ylei
STATE_BUSY1
Not date line
get nothing from detailfile
in read_one()
get nothing from detailfile
.


I have added some codes in radrelay.c for generating the above output

I have started my freeradius server  in debug mode, but cann't receive any radius 
request,
Someone can tell me what's wrong with this?or give me a sample of detailfile?

THX!







- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: radrelay sample??

2004-06-09 Thread nsinit 
Hi


I had a problem with radrelay in 0.9.3 not forwarding accounting  
 
messages coming into the server because they didn't meet someone's (the 
person who wrote radrelay) idea of standard. 

Do you means that radrelay refuse forwarding the accounting request when using 
exec-program (radrelay) on pre-proxy?

Can you tell me what idea of standard that radrelay are obeying in details?
I am not so familiar with the radreply source code. 

THX.


After modifying the radrelay source code to just pass the accounting 
packets without dropping any, radrelay works perfectly. I'm not sure if 
this is the problem you are seeing, though.

In details? thx.




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





Hello World! 

[EMAIL PROTECTED]
2004-06-10




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

building faked accounting request??

2004-06-08 Thread nsinit 

HI,
i have build a system based on freeradius0.9.2+rlm_sql_mysql(pap), 
i have modified the accounting_start_query in the sql.conf as the following:
accounting_start_query = INSERT INTO ${acct_table1} (UserName, NASIPAddress) 
values \
('%{SQL-User-Name}','%{NAS-IP-Address}')

   i have modified the radtest to send the accounting 
request(Acct-Status-Type=start) £¬
so i can send various of accounting start request with different NAS-IP-Address, all 
these 
accounting data inserted into the backend database successfully.

So accounting request can be faked?

forget about my poor english, please. correct me if there are any basic 
mistake above.
thx.




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: MySQL problem

2004-06-08 Thread nsinit 
Szabó_György,ÄúºÃ£¡

i have meeted the same problem recently, i don't know what's wrong.

i just modify the sql query and ignore it cause of i have to use my own special sql 
query.

=== 2004-06-09 02:01:05 ÄúÔÚÀ´ÐÅÖÐдµÀ£º===

Hi.
The radius.log contains the following lines:

Info: rlm_sql (sql): received Acct On/Off packet
Error: rlm_sql (sql): Couldn't update SQL accounting for Acct On/Off packet - 
You have an error in your SQL syntax near 'WHERE AcctSessionTime=0 AND 
AcctStopTime=0 AND NASIPAddress= '192.168.1.4' AND A' at line 1

What is the problem ?
I'm generate the database with db_mysql.sql 

-- 
technik :-)
ICQ: 270532579
AIM: gyuriszabo

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


= = = = = = = = = = = = = = = = = = = =


ÖÂ
Àñ£¡
 
 
nsinit
[EMAIL PROTECTED]
2004-06-09




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: freeradius rfc2882 ?

2004-06-06 Thread nsinit 

THX Alan.

None the less, the
   feature is still deployed in a number of products.

can you give me some points about those products?

i am working with a project based on freeradius 0.9.2,  i have to implement the
password change feature described in the rfc2882, so you can give me some advice?
thanks very much! 








- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

freeradius rfc2882 ?

2004-06-04 Thread nsinit 

Hi 
somebody can tell me that whether or not rfc1882 implemented in 
freeradius0.9.2 or later realease?
i have to write a radius client  sending a request to my freeradius server for 
changing
the user's password stored in the backend database. thx.


described as the following:(rfc2882)
  

5.1.  Password Change

   Remotely requested password change operations were described and
   proposed, but rejected by the working group.  None the less, the
   feature is still deployed in a number of products.

   Message types:

- Password Request
- Password Ack or Reject






- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html