re: [Fwd: Re: (RADIATOR) Adding an attribute Post Handler]
Hello Hugh - I will be happy to send you the name of our company, which has indeed purchased this copy of radiator. Can you please send me the name of the registered company who published the book you own on manners? If you can't find it, I'll be happy to send one of those too. bja Brian Acosta i-55 internet services original message follows- From: Hugh Irvine To: Cliff Daniel [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: (RADIATOR) Adding an attribute Post Handler Date: Jan 23, 2003 11:24 PM, CST Hello Cliff - Could you please send me the name of the registered company that has purchased this copy of Radiator? regards Hugh On Friday, Jan 24, 2003, at 06:06 Australia/Melbourne, Cliff Daniel wrote: How would one go about adding an attribute in the Handler section. Say this for example: Handler Called-Station-Id=123456$ RewriteUsername s/^([^@]+).*/$1/ AddAttribute Customer-Identity=Widget Co AuthBy Widget /Handler This way when I use the Realm DEFAULT that writes all accounting records to a database it would include a column Customer-Identity which is easier to produce reports on. This is possible? I know the AddAttribute only works pre-handlers. Cliff === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. ---BeginMessage--- Hello Cliff - Could you please send me the name of the registered company that has purchased this copy of Radiator? regards Hugh On Friday, Jan 24, 2003, at 06:06 Australia/Melbourne, Cliff Daniel wrote: How would one go about adding an attribute in the Handler section. Say this for example: Handler Called-Station-Id=123456$ RewriteUsername s/^([^@]+).*/$1/ AddAttribute Customer-Identity=Widget Co AuthBy Widget /Handler This way when I use the Realm DEFAULT that writes all accounting records to a database it would include a column Customer-Identity which is easier to produce reports on. This is possible? I know the AddAttribute only works pre-handlers. Cliff === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. ---End Message---
RE: (RADIATOR) Accounting Question
Is there a way to do this with 2 arguments EG Handler NAS-IP-Address = XXX.XXX.XXX.XXX Something = Something -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Hugh Irvine Sent: Friday, 24 January 2003 4:08 PM To: Chris Kay Cc: [EMAIL PROTECTED] Subject: Re: (RADIATOR) Accounting Question Hello Chris - The simplest way to do this is with Handlers: Handler NAS-IP-Address = XXX.XXX.XXX.XXX . /Handler Handler . . /Handler Note that you should not mix Realms and Handlers in the same configuration file. regards Hugh On Friday, Jan 24, 2003, at 13:12 Australia/Melbourne, Chris Kay wrote: Question I have is this I am wanting to know if there is a hook or something that could be made to ignore account from a certain NAS-IP With a supplier I have accounting records coming from the NAS and a Proxy, I would just like to keep the accounting records from the Proxy.. So if IP address does not equal XXX.XXX.XXX.XXX I would like it to ignore accounting records only Can this be done - Chris Kay (Systems Development) Techex Communications Website: www.techex.com.au Email: [EMAIL PROTECTED] Telephone: 1300 88 111 2 - Fax: 1300 882 221 - === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
on good manners and profitting from open source.... (was re: [Fwd: Re: (RADIATOR) Adding an attribute Post Handler])
Hi, FWIW, and not trying to start a flame war here, I'd like to comment on this message. Brian, I didn't read a book on good manners, although I think _I_ am not especially bad mannered. I _do_ know a lot about internet mailing lists, especially technical support mailing lists. Either for paid, unpaid, open, or close source software (and then some...). I _do_ know quite something about netiquette and e-mail... and know that it is considered unpolite (or bad manners) to send messages to a tech support mailing list without browsing the archives before, so as to know the standards of interaction in the list. I've been using Radiator, configuring it for large customers, developing systems that use it, and giving support about it for two and a half year. I am subscribed to the list since before we bought it, I just searched through my radiator list folder and found a couple dozens of messages from Hugh asking someone which company had paid for the copy of Radiator, so it's customary of the list and, hence, I wouldn't consider it bad manners. OTOH, regarding the way in which Radiator is sold, distributed and supported, I can only state that I envy OSC for being able to profit (or at least survive, I don't know a thing about how healthy the company is) in such a clever way from open software, and I envy Hugh and Mike for working there. Radiator is open source or free source (with free as in freedom, not for $0) since it's distributed with full source code, very well documented and the code is quite clean and understandable (I even fiddled with it and modified a couple of things, and I'm quite far from being a perl wizard). The price is quite reasonable and includes perpetual software updates and free mailing list support. The documentation is great and the free (as in for $0) support customers receive on the mailing list is way better than ANY customer support I'v ever seen in the industry, paid or unpaid, for paid or unpaid software or hadware... go find out how much big companies (Oracle, Informix, Microsoft) charge for support contracts, and then (if you have the resources), pay for it and see if it is half as good as the mailing list support Hugh and Mike provide. More than once I found a problem on the software, or asked for a feature and I had a patch with the bug-fix or the feature in my mailbox in less than a day (considering I'm in the other side of the world and Mike and Hugh sleep while I work and vice-versa). First time we bought Radiator, as we had to give personalized 7x24 support to a large ISP for it, we bought the unlimited e-mail support contract, just in case. Anyway, for any problem or doubt I had, I started (as usual) with the mailing list... the net result was that I never, ever, had to use the paid support, since the free support is top noch. Now, Radiator is distributed with FULL-SOURCE, no encrypted parts (except in the free demo), no serialization and no shit that would upset a legit customer. Nothing, except legality, ethics and shame, prevents me from downloaded my licensed unpersonalized copy and re-sell it, re-distribute it or pirate it in any way. Nothing but good faith prevents me from using my 2-7 servers copy in 2,000 servers. So what anti-piracy scheme does OSC use? they plain check that the domain for the e-mail address of someone asking questions who doesn't seem to be testing the free demo, corresponds to one of the copies the sold at one time in the past. If they can't match it, they simply ask the user... let's say Radiator's anti- piracy mechanism only disables the free e-mail list support. If the automatic check fails, you can enable it with a simple mail message (the software itself, however, is free from anti-piracy nonsense). El 24 Jan 2003 a las 5:08, [EMAIL PROTECTED] escribió: Hello Hugh - I will be happy to send you the name of our company, which has indeed purchased this copy of radiator. Can you please send me the name of the registered company who published the book you own on manners? If you can't find it, I'll be happy to send one of those too. bja Brian Acosta i-55 internet services -- Mariano Absatz El Baby -- This message transmitted on 100% recycled electrons. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
re: [Fwd: Re: (RADIATOR) Adding an attribute Post Handler]
At 02:08 AM 1/24/03 -0600, you wrote: Hello Hugh - I will be happy to send you the name of our company, which has indeed purchased this copy of radiator. Can you please send me the name of the registered company who published the book you own on manners? If you can't find it, I'll be happy to send one of those too. bja Brian Acosta i-55 internet services Whoa Brian!!! You are seriously out of line here. The request is quite reasonable as Radiator (and support) are a for sale product. The same request was made of me when I first asked question on the setup and configuration of Radiator and posed absolutely no problem. I have been administering a Radiator installation for approx. 18 months now and have found this list and Hugh's help and suggestions to ALWAYS be courteous and on target. The one minor bug that I found was patched in 12 hours. This is amazing considering the time zone differences between Australia and here (Oregon USA). Please take a deep breathe, and get a grip. Regards, David Miller System Administrator Newport Internet [EMAIL PROTECTED] original message follows- From: Hugh Irvine To: Cliff Daniel [EMAIL PROTECTED], [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: (RADIATOR) Adding an attribute Post Handler Date: Jan 23, 2003 11:24 PM, CST Hello Cliff - Could you please send me the name of the registered company that has purchased this copy of Radiator? regards Hugh On Friday, Jan 24, 2003, at 06:06 Australia/Melbourne, Cliff Daniel wrote: How would one go about adding an attribute in the Handler section. Say this for example: Handler Called-Station-Id=123456$ RewriteUsername s/^([^@]+).*/$1/ AddAttribute Customer-Identity=Widget Co AuthBy Widget /Handler This way when I use the Realm DEFAULT that writes all accounting records to a database it would include a column Customer-Identity which is easier to produce reports on. This is possible? I know the AddAttribute only works pre-handlers. Cliff === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. x-flowed Content-Type: message/rfc822; name=Re: (RADIATOR) Adding an attribute \Post Handler\ Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename=Re: (RADIATOR) Adding an attribute \Post Handler\ Return-Path: [EMAIL PROTECTED] Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by ohno.cluestore.net (8.11.6/8.11.6) with ESMTP id h0O5tcd23851 for [EMAIL PROTECTED]; Thu, 23 Jan 2003 22:55:39 -0700 Received: from open.com.au (acc3-ppp28.hob.dialup.connect.net.au [210.10.221.28]) by entoo.connect.com.au (Postfix) with ESMTP id 020299BD1F; Fri, 24 Jan 2003 16:50:43 +1100 (EST) Date: Fri, 24 Jan 2003 16:24:53 +1100 Subject: Re: (RADIATOR) Adding an attribute Post Handler Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v548) Cc: [EMAIL PROTECTED] To: Cliff Daniel [EMAIL PROTECTED], [EMAIL PROTECTED] From: Hugh Irvine [EMAIL PROTECTED] In-Reply-To: [EMAIL PROTECTED] Message-Id: [EMAIL PROTECTED] Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.548) Hello Cliff - Could you please send me the name of the registered company that has purchased this copy of Radiator? regards Hugh On Friday, Jan 24, 2003, at 06:06 Australia/Melbourne, Cliff Daniel wrote: How would one go about adding an attribute in the Handler section. Say this for example: Handler Called-Station-Id=123456$ RewriteUsername s/^([^@]+).*/$1/ AddAttribute Customer-Identity=Widget Co AuthBy Widget /Handler This way when I use the Realm DEFAULT that writes all accounting records to a database it would include a column Customer-Identity which is easier to produce reports on. This is possible? I know the AddAttribute only works pre-handlers. Cliff === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR)
Hi All,
I am trying to configure my radiator radius server in order to check an ldap
entry and verify an attribute of that server.
I want to check if the attribute authmethod value is ace or none. In
case of ace, I want the server to reject the authentication request.
The configuration of the server is below:
AuthBy LDAP2
Host192.168.70.134
Port389
AuthDN cn=Directory Manager
# AuthPasswordyourADadminpasswordhere
AuthPasswordqwerty123
BaseDN ou=area3,o=davinci,st=Madrid,c=es
UsernameAttr uid
PasswordAttr userPassword
AuthAttrDef authmethod,NO-ACE-Server,check
/AuthBy
.
I have added to the user config file the line :
DEFAULT NO-ACE-Server = none.
I have added to the Check items in the dictionary file the following line:
ATTRIBUTE NO-ACE-Server 90480019string
When I tried to access, with the user = Albertoj which authmethod value =
ace, I would like to get an accept-request response from the radius but I
got the following debug:
Code: Access-Request
Identifier: 2
Authentic:1043434427
Attributes:
User-Name = albertoj
User-Password =
oPW204169111f23=1642629224182179
Fri Jan 24 19:53:47 2003: DEBUG: Handling request with Handler 'Realm='
Fri Jan 24 19:53:47 2003: DEBUG: Deleting session for albertoj,
192.168.70.11
Fri Jan 24 19:53:47 2003: DEBUG: Handling with Radius::AuthLDAP2:
Fri Jan 24 19:53:47 2003: INFO: Connecting to 192.168.70.134, port 389
Fri Jan 24 19:53:47 2003: INFO: Attempting to bind with cn=Directory
Manager,
erty123 (server 192.168.70.134:389)
Fri Jan 24 19:53:47 2003: DEBUG: LDAP got result for cn=Alberto
Juarez,ou=area
o=davinci,st=Madrid,c=es
Fri Jan 24 19:53:47 2003: DEBUG: LDAP got userPassword:
{SSHA}VpP5xc7VlLwrp0mF
5kaCC6eGPuPU8wq34ffw==
Fri Jan 24 19:53:47 2003: DEBUG: LDAP got authmethod: ace
Fri Jan 24 19:53:47 2003: DEBUG: Radius::AuthLDAP2 looks for match with
albert
Fri Jan 24 19:53:47 2003: DEBUG: Radius::AuthLDAP2 REJECT: Check item
NO-ACE-S
ver expression 'ace' does not match '' in request
Fri Jan 24 19:53:47 2003: INFO: Connecting to 192.168.70.134, port 389
Fri Jan 24 19:53:47 2003: INFO: Attempting to bind with cn=Directory
Manager,
erty123 (server 192.168.70.134:389)
Fri Jan 24 19:53:47 2003: DEBUG: No entries for DEFAULT found in LDAP
database
Fri Jan 24 19:53:47 2003: INFO: Access rejected for albertoj: Check item
NO-AC
Server expression 'ace' does not match '' in request
Fri Jan 24 19:53:47 2003: DEBUG: Packet dump:
*** Sending to 192.168.70.116 port 1221
Code: Access-Reject
Identifier: 2
Authentic:1043434427
Attributes:
Reply-Message = Request Denied
Is there anything I am missing?
Any documentation about the LDAP documentation checks?
Regards,
Enrique
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
