(RADIATOR) Still problems with internal session database: MaxSessions exceeded
Hi all, I've still problems with the internal session database, see the sections in my simple config: Client ulmathome.rz.uni-ulm.de Secret nottotell NasType ascend /Client # NasType is an Ascend MAX TNT, no FingerProg specified # but finger to the MAX is allowed if radiator will use an internal # finger subroutine (noboby knows the algorithm when radiator is # ross checking his internal session database with the real state) AuthBy UNIX Identifier UnixPwd Filename/etc/shadow GroupFilename /etc/group /AuthBy Handler NAS-IP-Address=X.Y.A.B AcctLogFileName %L/%C/detail # here is the limitation to 2 concurrent sessions MaxSessions 2 AuthBy FILE Filename%D/users-file /AuthBy /Handler I installed the patches downloaded at 24. June. Symptoms: Some users can't dial in because radiator erronously decides that the maxsessions are exceeded even if you can check with finger that this user isn't online. See the fragment of my trace file, trace level 3: Jul 1 12:14:19 1999: INFO: Access rejected for usera: MaxSessions exceeded Jul 1 12:14:34 1999: INFO: Access rejected for usera: MaxSessions exceeded Jul 1 12:14:53 1999: INFO: Access rejected for usera: MaxSessions exceeded Jul 1 12:16:07 1999: INFO: Access rejected for usera: MaxSessions exceeded Jul 1 12:16:37 1999: INFO: Access rejected for usera: MaxSessions exceeded Jul 1 12:16:49 1999: INFO: Access rejected for usera: MaxSessions exceeded Any help welcome. Questions: How does radiator validate his internal session database with the reality? How can I trigger radiator to show me his internal session database? Regards Charly -- Karl Gaissmaier Computing Center,University of Ulm,Germany Email:[EMAIL PROTECTED] Network Administration Tel/Fax: ++49 731 50 22499/22471 pgp-key available: http://www.uni-ulm.de/urz/Netzwerk/uuca/keylist.html === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) SNMP and additional access restrictions on IP layer
Hi all, is there a possibility to restrict the snmp access to some noc stations by IP address, similar to the client clause: SNMPAgent xx.yy.zz.aa ReadCommunity notsosecret WriteCommunity handleitsafely /SNMPAgent or the default clause for all other noc stations SNMPAgent ReadCommunity public # WriteCommunity by default not enabled /SNMPAgent anything else is to dangerous! Regards Charly -- Karl Gaissmaier Computing Center,University of Ulm,Germany Email:[EMAIL PROTECTED] Network Administration Tel/Fax: ++49 731 50 22499/22471 pgp-key available: http://www.uni-ulm.de/urz/Netzwerk/uuca/keylist.html === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) 1st time user
Hello I'm just a beginnerI've installed the latest activestate perl with md5 perl-ldap packages under winnt. I've also installed the C sdk and perlldap 1.0 for windowsNT provided by netscape (Installed dlls: api.dll and nsldapssl32v30.dll) Netscape give some samples to check the connexion using perl (monitor.pl). When i launch one of these samples, a message box appears and says:"The dynamic link library Perl.dll could not be found ...) but i haven't got this file and activestate doesn't install it. So i don't understand how all of you are able to run radiator with ldap under winnt. If somebody have an idea please help me. Bye - La messagerie itinérante sans abonnement Francemel - Web : www.francemel.com Minitel : 3615 et 3623 FRANCEMEL Tél : 08 36 69 00 21 ÿ Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) 1st time user
Hello, On Jul 5, 1:20pm, [EMAIL PROTECTED] wrote: Subject: (RADIATOR) 1st time user Hello I'm just a beginnerI've installed the latest activestate perl with md5 perl-ldap packages under winnt. I've also installed the C sdk and perlldap 1.0 for windowsNT provided by netscape (Installed dlls: api.dll and nsldapssl32v30.dll) Netscape give some samples to check the connexion using perl (monitor.pl). When i launch one of these samples, a message box appears and says:"The dynamic link library Perl.dll could not be found ...) I have never tried that. The procedure we used to set up for LDAP here was: Install ActivePerl using PPM, install MD5, then PerLDAP (the Netscape contributed LDAP module). Use AuthBy LDAPSDK in Radiator. Now, I note that the PerLDAP is now not on ActiveState's packages list (it used to be). I dont know why. If you have the Netscape SDK installed, I would expect Radiator to be able to use AuthBy LDAPSDK to connect to your LDAP server. Have you got the netscape SDK and the perl module to go with it installed? If your have installed the "perl-ldap" from ActiveState, you should be using AuthBy LDAP2, instead of AuthBy LDAPSDK. I dont know anything about monitor.pl. Ive never used it. Cheers. but i haven't got this file and activestate doesn't install it. So i don't understand how all of you are able to run radiator with ldap under winnt. If somebody have an idea please help me. Bye - La messagerie itinérante sans abonnement Francemel - Web : www.francemel.com Minitel : 3615 et 3623 FRANCEMEL Tél : 08 36 69 00 21 Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- End of excerpt from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody ÿ Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Radiator as a NT Service
Dirk. First of all, thanx for replying so fast to my message. Regarding the double slashes in the registry entrance that's what they look like when I export them, but in the registry editor they appear like this: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator\Parameters] "Application"="c:\perl\bin\perl.exe c:\radiator\radiusd -config_file c:\radiator\maxnt.cfg" I just don't know were those slashes came from. Regards Michael Gatti Malbanet Serviços On-Line Caxias do Sul - RS - Brasil - Original Message - From: Dirk Jansen [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Segunda-feira, 5 de Julho de 1999 11:57 Subject: RE: (RADIATOR) Radiator as a NT Service | Dear Gentilmen: | | We are starting the tests with radiator here at our ISP. The software was | installed on a Windows NT 4 Server (SP5, IIS4, RRAS - not active) 128 Mb | RAM following the install instruction that are in the "Installation and | Reference Manual for Radiator v. 2.13.1". The software worked very well | when I tested it with "RADPWTST", "Ascend MAX 6000" and "NT - RRAS" | connections. The only problem I have encountered is making radiator start | as a system service. I have already downloaded SRVANY and INSTSRV and | installed them in the "c:\reskit" folder. My radiator path is - | c:\radiator\radiusd , and my perl path is - c:\perl\bin\perl.exe , | following is my .cfg file and the regedt entrence I have created: | | CONFIG FILE: | ### | | Foreground | LogStdout | Trace4 | AuthPort 1645 | AcctPort 1646 | LogDir c:\radiator\malbanet\log | LogFile\%Y%m%d.log | DbDir | DictionaryFile dictionary.nt | | # You will probably want to change this to suit your site. | | Client localhost | | Secret mysecret | DupInterval 0 | | /Client | | Client XXX.YYY.ZZZ.x | | Secret mysecret | DupInterval 0 | | /Client | | Client XXX.YYY.ZZZ.x | | Secret mysecret | DupInterval 0 | | /Client | | Client XXX.YYY.ZZZ.x | | Secret mysecret | DupInterval 0 | | /Client | | Realm DEFAULT | | # Limit all users in this realm to max of 1 session | MaxSessions 1 | | AuthBy NT | /AuthBy | | # Log all accounting into daily log files in LogDir | AcctLogFileName %L\%Y%m%d.act | | /Realm | | | ### | | Here I have exported the radiator key from the registry | | | | | REGEDIT4 | | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator] | "Type"=dword:0010 | "Start"=dword:0002 | "ErrorControl"=dword:0001 | "ImagePath"=hex(2):63,3a,5c,72,65,73,6b,69,74,5c,73,72,76,61,6e,79,2e, | 65,78,65,\ |00 | "DisplayName"="radiator" | "ObjectName"="LocalSystem" | | | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator\Parameters] | "Application"="c:\\perl\\bin\\perl.exe c:\\radiator\\radiusd -config_file | c:\\radiator\\maxnt.cfg" | | Hi Mike, | I wonder about the double slashes in your application registry key, as far | as I know here you should use single slashes e.g. | "Application"="c:\perl\\bin\perl.exe c:\radiator\radiusd -config_file | c:\radiator\maxnt.cfg" | | For further information, see "HOWTO: Create a User-Defined Service" at | http://support.microsoft.com/support/kb/articles/Q137/8/90.asp. | regards, Dirk Jansen | | | | | | | | | | | | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator\Security] | | "Security"=hex:01,00,14,80,c0,00,00,00,cc,00,00,00,14,00,00,00,34,00,00, | 00,02,\ | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator\Enum] | "0"="Root\\LEGACY_RADIATOR\\" | "Count"=dword:0001 | "NextInstance"=dword:0001 | | | | I hope these info help, cause I have read all the manual and didn't | figure it out. | | Best Reagrds | Michael Gatti | Malbanet Servicos Online | Caxias do Sul - RS - Brazil |Bestand: ATT0.html | | === | Archive at http://www.thesite.com.au/~radiator/ | To unsubscribe, email '[EMAIL PROTECTED]' with | 'unsubscribe radiator' in the body of the message. | | === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) DataTraffic
Hi All, We're a new Radiator user, and theres only on thing i'm lacking before it goes live, we've hacked our own auth module requirements, but we have one more need, and i'm wondering if anybody else has already done it ;-) Our old system would update the datatraffic table in our mysql database upon disconnection of each individual user, whereas with radiator, we'll need to ru nthrough once a day, calculate daily usage per user and add it into our seperate datatraffic table which is used for billing. My request: Has anybody written such a beast, preferably in perl, preferably connecting to a Mysql database? TIA PS. Unless theres a way to 'hook' into the accounting stop request, while still processing the original request in the normal manner? Simon Lindsay[EMAIL PROTECTED] Technical Manager Icq. 1485568 The Internet Company Pty. Ltd. http://www.iweb.net.au/~simon InterWeb Connections and Portal.net Ph. (08) 8221 5444 --- Speed with Service Fx. (08) 8221 5450 === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Radiator as a NT Service
Hello Michael. Before Radiator can be run as a service, you should test that the command line entered into the registry will run Radiator properly. You should test this by changing to, say the root directory, then issuing the complete command line and seeing if it works, eg: c: cd \ c:\perl\bin\perl.exe c:\radiator\radiusd -config_file whatever . ONly if Radiator starts and runs properly like that, can you expect it to run as a service. Looking at your config file, I suspect that these lines will cause you problems: DbDir DictionaryFile dictionary.nt Since an NT service has no concept of a current drive or current directory, I suspect that Radiator cannot find the dictionary file with that configuration. You should probably have something like: DbDir c:\radiator DictionaryFile %D\dictionary.nt Hope that helps. Cheers. On Jul 5, 10:16am, Michael Gatti wrote: Subject: (RADIATOR) Radiator as a NT Service Dear Gentilmen: We are starting the tests with radiator here at our ISP. The software was installed on a Windows NT 4 Server (SP5, IIS4, RRAS - not active) 128 Mb RAM following the install instruction that are in the "Installation and Reference Manual for Radiator v. 2.13.1". The software worked very well when I tested it with "RADPWTST", "Ascend MAX 6000" and "NT - RRAS" connections. The only problem I have encountered is making radiator start as a system service. I have already downloaded SRVANY and INSTSRV and installed them in the "c:\reskit" folder. My radiator path is - c:\radiator\radiusd , and my perl path is - c:\perl\bin\perl.exe , following is my .cfg file and the regedt entrence I have created: CONFIG FILE: ### Foreground LogStdout Trace4 AuthPort 1645 AcctPort 1646 LogDir c:\radiator\malbanet\log LogFile\%Y%m%d.log DbDir DictionaryFile dictionary.nt # You will probably want to change this to suit your site. Client localhost Secret mysecret DupInterval 0 /Client Client XXX.YYY.ZZZ.x Secret mysecret DupInterval 0 /Client Client XXX.YYY.ZZZ.x Secret mysecret DupInterval 0 /Client Client XXX.YYY.ZZZ.x Secret mysecret DupInterval 0 /Client Realm DEFAULT # Limit all users in this realm to max of 1 session MaxSessions 1 AuthBy NT /AuthBy # Log all accounting into daily log files in LogDir AcctLogFileName %L\%Y%m%d.act /Realm ### Here I have exported the radiator key from the registry REGEDIT4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator] "Type"=dword:0010 "Start"=dword:0002 "ErrorControl"=dword:0001 "ImagePath"=hex(2):63,3a,5c,72,65,73,6b,69,74,5c,73,72,76,61,6e,79,2e,65,78,65,\ 00 "DisplayName"="radiator" "ObjectName"="LocalSystem" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator\Parameters] "Application"="c:\\perl\\bin\\perl.exe c:\\radiator\\radiusd -config_file c:\\radiator\\maxnt.cfg" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator\Security] "Security"=hex:01,00,14,80,c0,00,00,00,cc,00,00,00,14,00,00,00,34,00,00,00,02,\ 00,20,00,01,00,00,00,02,80,18,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,20,02,00,00,02,00,8c,00,05,00,00,00,00,00,18,00,8d,01,02,00,01,01,00,\ 00,00,00,00,01,00,00,00,00,00,00,00,00,00,00,1c,00,fd,01,02,00,01,02,00,00,\ 00,00,00,05,20,00,00,00,23,02,00,00,00,00,00,00,00,00,1c,00,ff,01,0f,00,01,\ 02,00,00,00,00,00,05,20,00,00,00,20,02,00,00,00,00,00,00,00,00,1c,00,ff,01,\ 0f,00,01,02,00,00,00,00,00,05,20,00,00,00,25,02,00,00,00,00,00,00,00,00,18,\ 00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,25,02,00,00,01,01,00,00,\ 00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\radiator\Enum] "0"="Root\\LEGACY_RADIATOR\\" "Count"=dword:0001 "NextInstance"=dword:0001 I hope these info help, cause I have read all the manual and didn't figure it out. Best Reagrds Michael Gatti Malbanet Serviços Online Caxias do Sul - RS - Brazil [ Attachment (text/x-html): ".prt748Btd" 8641 bytes Character set: iso-8859-1 Encoded with "quoted-printable" ] -- End of excerpt from Michael Gatti -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody ÿ Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.