RE: (RADIATOR) Session Timeout Until xx:xx
Title: RE: (RADIATOR) Session Timeout Until xx:xx Hi, For double checking: Here is my users file and the cfg file. And Session-Timeout works this way very well. I will try the same functionality live with SQL database today. fred User-Password = "x", Time = "Al0800-1800" User-Service = Framed-User, Framed-Protocol = PPP, Framed-Netmask = 255.255.255.0, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP # radius.cfg Foreground LogStdout LogDir /var/radius DbDir /usr/local/etc LogFile %L/logfile DictionaryFile %D/dictionary.ascend Trace 4 Secret xxx DupInterval 300 IgnoreAcctSignature Filename %D/users AddToReply Session-Timeout = until 1800 # Log accounting to the detail file in LogDir AcctLogFileName %L/detail > -Original Message- > From: Hugh Irvine [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, December 08, 1999 12:56 AM > To: Ferhat DILMAN; Mike McCauley; [EMAIL PROTECTED]; Ferhat DILMAN; > [EMAIL PROTECTED] > Cc: tom minchin > Subject: RE: (RADIATOR) Session Timeout Until xx:xx > > > > Hello Ferhat - > > On Tue, 07 Dec 1999, Ferhat DILMAN wrote: > > >%_Thanks for it. It is now working. > > > > By the way, in the documentation, it says Session-Timeout = > "until 1800". > > > > It did not work with quotes. It worked without "" > > > > Curious - it works with "" here. Could you send us more > details, including your > configuration file (w/o secrets) so we can see what is happening? > > thanks > > Hugh > > -- > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, > NT, Rhapsody
RE: (RADIATOR) Session Timeout Until xx:xx
Hello Ferhat - On Tue, 07 Dec 1999, Ferhat DILMAN wrote: > >%_Thanks for it. It is now working. > > By the way, in the documentation, it says Session-Timeout = "until 1800". > > It did not work with quotes. It worked without "" > Curious - it works with "" here. Could you send us more details, including your configuration file (w/o secrets) so we can see what is happening? thanks Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Session Timeout Until xx:xx
Title: RE: (RADIATOR) Session Timeout Until xx:xx Thanks for it. It is now working. By the way, in the documentation, it says Session-Timeout = "until 1800". It did not work with quotes. It worked without "" Thanks, cool functionality :) Ferhat > -Original Message- > From: Mike McCauley [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, December 07, 1999 7:49 PM > To: [EMAIL PROTECTED]; Ferhat DILMAN; [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED]; tom minchin > Subject: Re: (RADIATOR) Session Timeout Until xx:xx > > > Hello Ferhat, > > On Dec 7, 11:41am, Hugh Irvine wrote: > > Subject: RE: (RADIATOR) Session Timeout Until xx:xx > > > > Hello Ferhat - > > > > On Tue, 07 Dec 1999, Ferhat DILMAN wrote: > > > >%_Hi, > > > > > > I have tested Session-Timeout="until 1800" parameter and > does not work. > > > > > > > Thanks for pointing this out - as it happens, a user reply item of > > > > Session-Timeout="until 1800" > > > > does in fact work. However, due to an oversight, it doesn't > work in an > > AddToReply. Our apologies for this and Mike will post a fix shortly. > > Hugh is right. The special handling of Session-Timeout for "until" was > not being done if it was in a DefaultReply and AddToReply. > > I have uploaded a fixed version of AuthGeneric.pm > > Thanks for reporting this. > Cheers. > > -- > Mike McCauley [EMAIL PROTECTED] > Open System Consultants Pty. Ltd Unix, Perl, > Motif, C++, WWW > 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au > Phone +61 3 9598-0985 Fax +61 3 9598-0955 > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, > NT, Rhapsody
Re: (RADIATOR) Session Timeout Until xx:xx
Hello Ferhat, On Dec 7, 11:41am, Hugh Irvine wrote: > Subject: RE: (RADIATOR) Session Timeout Until xx:xx > > Hello Ferhat - > > On Tue, 07 Dec 1999, Ferhat DILMAN wrote: > > >%_Hi, > > > > I have tested Session-Timeout="until 1800" parameter and does not work. > > > > Thanks for pointing this out - as it happens, a user reply item of > > Session-Timeout="until 1800" > > does in fact work. However, due to an oversight, it doesn't work in an > AddToReply. Our apologies for this and Mike will post a fix shortly. Hugh is right. The special handling of Session-Timeout for "until" was not being done if it was in a DefaultReply and AddToReply. I have uploaded a fixed version of AuthGeneric.pm Thanks for reporting this. Cheers. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Session Timeout Until xx:xx
Hello Ferhat - On Tue, 07 Dec 1999, Ferhat DILMAN wrote: > >%_Hi, > > I have tested Session-Timeout="until 1800" parameter and does not work. > Thanks for pointing this out - as it happens, a user reply item of Session-Timeout="until 1800" does in fact work. However, due to an oversight, it doesn't work in an AddToReply. Our apologies for this and Mike will post a fix shortly. > The config is: Ascend TNT, Radiator 2.14.1 with new AuthGeneric.pm module on > Debian Linux and here is the user file and the config file and the logfile. > > I have radiator main server and i have created a proxy. Main server sends > the requests to this server. By the way, main server is still in 2.13 > version. Does it matter? > > Anybody tested this new parameter? > > P.S. I have added the Ascend attribute into the dictionary: > ATTRIBUTE Session-Timeout 27 integer > You mention in your other email that Ascend uses ATTRIBUTE Ascend-Maximum-Time 194 integer does this mean that Ascends do not honour the standard Session-Timeout? You might also check what version on Ascend software you are running and whether other versions behave differently? thanks Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Session Timeout Until xx:xx
Using the same basic setup (Ascend TNT, Radiator 2.14.1, new AuthGeneric.pm. Difference is that I run it on BSDI 4.0.1) it works. Here is what I did (suggestions thanks to Hugh) First I set up special files for timed users, disconnect non pay users, vacation users, etc. Here is my radius.cfg: Identifier System Filename /etc/master.passwd Match ^([^:]*):([^:]*) # This clause handles all users from all realms by looking them up # in the users file at /usr/local/etc/raddb/users AuthByPolicy ContinueWhileAccept AcceptIfMissing Filename %D/dnp-users AcceptIfMissing Filename %D/vacation-users AcceptIfMissing Filename %D/time-users Filename %D/users AcctLogFileName %L/detail Now in my /usr/local/etc/raddb directory I have the following files: users dnp-users vacation-users timed-users The timed-users file looks like this: # File for timed users # Format for data entry: # Time = "A10800-1700", Auth-Type = System # Service-Type = Framed-User, # Framed-Protocol = PPP # timetest Password = "timetest", Time = "Al1139-1145", Auth-Type = System Session-Timeout = until 1145, Service-Type = Framed-User, Framed-Protocol = PPP (the timetest user was a test...it worked) HTH, T. > > === > > Archive at http://www.thesite.com.au/~radiator/ > > To unsubscribe, email '[EMAIL PROTECTED]' with === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Session Timeout Until xx:xx
Hi Tom, On Dec 7, 9:19am, tom minchin wrote: > Subject: Re: (RADIATOR) Session Timeout Until xx:xx > On Mon, Dec 06, 1999 at 04:04:57PM +0200, Ferhat DILMAN wrote: . > > Yeah, the Ascends like Ascend-Maximum-Time, so use that instead. Unfortunately > unless the code is cleverer than it looks to me (not unlikely) you'll have > to butcher the code slightly so that it uses the Ascend attribute rather > than the standard RADIUS one. Should be a simple search and replace. Does that mean that Ascend does not honour Session-Timeout? Cheers. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Session Timeout Until xx:xx
On Mon, Dec 06, 1999 at 04:04:57PM +0200, Ferhat DILMAN wrote: > Hi, > > I have tested Session-Timeout="until 1800" parameter and does not work. > > The config is: Ascend TNT, Radiator 2.14.1 with new AuthGeneric.pm module on > Debian Linux and here is the user file and the config file and the logfile. > > I have radiator main server and i have created a proxy. Main server sends > the requests to this server. By the way, main server is still in 2.13 > version. Does it matter? > Yeah, the Ascends like Ascend-Maximum-Time, so use that instead. Unfortunately unless the code is cleverer than it looks to me (not unlikely) you'll have to butcher the code slightly so that it uses the Ascend attribute rather than the standard RADIUS one. Should be a simple search and replace. [EMAIL PROTECTED] === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Session Timeout Until xx:xx
Title: RE: (RADIATOR) Session Timeout Until xx:xx And when I look into Ascend manual, it gives: ATTRIBUTE Ascend-Maximum-Time 194 integer attribute where there is no Session-Timeout field. > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On > Behalf Of Hugh Irvine > Sent: Wednesday, December 01, 1999 12:26 AM > To: Ferhat DILMAN; [EMAIL PROTECTED] > Subject: Re: (RADIATOR) Session Timeout Until xx:xx > > > > Hello Ferhat - > > On Tue, 30 Nov 1999, Ferhat DILMAN wrote: > > >%_Hi, > > The module AuthGeneric in 2.1.14 patch area states that: > > 28/9/99 New version of AuthGeneric supports a new format > for Session-Timeout > > reply items:. > > If you have for example: Session-Timeout="until 1800" Then the > > Session-Timeout in the reply will be calculated as the > number of seconds up > > until the time of day specified > > > > However, I am puzzled since I don't understand how to use > this extra string > > in AuthBy SQL module. Is it possible to use a parameter in > AuthGeneric > > inside AuthSQL ? > > AuthSQL (and all other Authxxx modules) inherits from (is built on) > AuthGeneric, so anything in AuthGeneric is also usable in AuthSQL. > > Keep in mind also that Session-Timeout is a standard reply > item and as such can > be sent in any Access-Accept packet. You should have a look > at Section 13 in > the manual - Check and Reply Items. These can be used in a > variety of places in > Radiator: as Handler check items, as AuthBy reply items, and > as check and reply > items in user definitions. > > You could use Session-Timeout in an AuthBy SQL like this: > > > > DBSource ... > DBAuth ... > DBUsername ... > ... > AddToReply Session-Timeout = "until 1800" > ... > > > > and of course there are lots of other possibilities... > > hth > > Hugh > > > -- > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, > NT, Rhapsody > > === > Archive at http://www.thesite.com.au/~radiator/ > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Session Timeout Until xx:xx
Title: RE: (RADIATOR) Session Timeout Until xx:xx Hi, I have tested Session-Timeout="until 1800" parameter and does not work. The config is: Ascend TNT, Radiator 2.14.1 with new AuthGeneric.pm module on Debian Linux and here is the user file and the config file and the logfile. I have radiator main server and i have created a proxy. Main server sends the requests to this server. By the way, main server is still in 2.13 version. Does it matter? Anybody tested this new parameter? P.S. I have added the Ascend attribute into the dictionary: ATTRIBUTE Session-Timeout 27 integer radius.cfg sample test file: Foreground LogStdout LogDir /var/radius DbDir /usr/local/etc LogFile %L/logfile DictionaryFile %D/dictionary.ascend Trace 5 Secret XXX DupInterval 300 IgnoreAcctSignature Filename %D/users DefaultReply User-Service = Framed-User,\ Framed-Protocol = PPP,\ Framed-Netmask = 255.255.255.0,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP AddToReply Session-Timeout = "until 1555" AcctLogFileName %L/detail users file: fred User-Password = "", Time = "Al0800-1555" logfile: Mon Dec 6 15:50:15 1999: DEBUG: Reading users file /usr/local/etc/users Mon Dec 6 15:50:15 1999: INFO: Server started Mon Dec 6 15:50:50 1999: DEBUG: Packet dump: *** Received from 212.133.133.5 port 49464 Packet length = 114 01 13 00 72 b7 43 50 8b 91 90 8e 7d 42 b2 3b 6e b6 95 c1 76 01 06 66 72 65 64 02 12 0d 3b 5a 3d 83 ba bf 8d c5 2e c9 73 1e fb 02 6f 20 11 32 31 32 2e 31 33 33 2e 31 33 33 2e 32 30 32 05 06 00 00 00 c1 3d 06 00 00 00 00 06 06 00 00 00 02 07 06 00 00 00 01 18 02 1f 10 30 30 39 30 32 31 36 34 35 39 32 34 35 33 2c 0b 32 38 31 35 38 38 31 39 33 Code: Access-Request Identifier: 19 Authentic: <183>CP<139><145><144><142>}B<178>;n<182><149><193>v Attributes: User-Name = "fred" Password = "<13>;Z=<131><186><191><141><197>.<201>s<30><251><2>o" NAS-Identifier = "212.133.133.202" NAS-Port = 193 NAS-Port-Type = Async User-Service = Framed-User Framed-Protocol = PPP State = "" Caller-Id = "00902164592453" Acct-Session-Id = "281588193" Mon Dec 6 15:50:50 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT' Mon Dec 6 15:50:50 1999: DEBUG: Deleting session for fred, 212.133.133.202, 193 Mon Dec 6 15:50:50 1999: DEBUG: Handling with Radius::AuthFILE Mon Dec 6 15:50:50 1999: DEBUG: Radius::AuthFILE looks for match with fred Mon Dec 6 15:50:50 1999: DEBUG: Radius::AuthFILE ACCEPT: Mon Dec 6 15:50:50 1999: DEBUG: Access accepted for fred Mon Dec 6 15:50:50 1999: DEBUG: Packet dump: *** Sending to 212.133.133.5 port 49464 Code: Access-Accept Identifier: 19 Authentic: <183>CP<139><145><144><142>}B<178>;n<182><149><193>v Attributes: User-Service = Framed-User Framed-Protocol = PPP Framed-Netmask = 255.255.255.0 Framed-Routing = None Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Session-Timeout = until 1555 Mon Dec 6 15:50:51 1999: DEBUG: Packet dump: *** Received from 212.133.133.5 port 49464 Packet length = 158 04 14 00 9e 69 ad fb ae 68 de f7 c4 8e 53 b0 d9 61 76 a0 10 01 06 66 72 65 64 20 11 32 31 32 2e 31 33 33 2e 31 33 33 2e 32 30 32 05 06 00 00 00 c1 3d 06 00 00 00 00 28 06 00 00 00 01 29 06 00 00 00 00 2c 0b 32 38 31 35 38 38 31 39 33 2d 06 00 00 00 01 bb 06 00 00 05 c3 bc 06 00 00 00 00 33 06 00 00 00 01 32 0a 30 30 30 30 30 35 63 33 78 06 00 00 00 0d 79 06 00 00 00 05 7a 06 00 00 00 01 1f 10 30 30 39 30 32 31 36 34 35 39 32 34 35 33 07 06 00 00 01 06 08 06 d4 85 88 14 Code: Accounting-Request Identifier: 20 Authentic: i<173><251><174>h<222><247><196><142>S<176><217>av<160><16> Attributes: User-Name = "fred" NAS-Identifier = "212.133.133.202" NAS-Port = 193 NAS-Port-Type = Async Acct-Status-Type = Start Acct-Delay-Time = 0 Acct-Session-Id = "281588193" Acct-Authentic = RADIUS Ascend-Multilink-ID = 1475 Ascend-Num-In-Multilink = 0 Acct-Link-Count = "<0><0><0><1>" Acct-Multi-Session-Id = "05c3" Ascend-Modem-PortNo = 13 Ascend-Modem-SlotNo = 5 Ascend-Modem-ShelfNo = 1 Caller-Id = "0090216459245
Re: (RADIATOR) Session Timeout Until xx:xx
Hello Ferhat - On Tue, 30 Nov 1999, Ferhat DILMAN wrote: > >%_Hi, > The module AuthGeneric in 2.1.14 patch area states that: > 28/9/99 New version of AuthGeneric supports a new format for Session-Timeout > reply items:. > If you have for example: Session-Timeout="until 1800" Then the > Session-Timeout in the reply will be calculated as the number of seconds up > until the time of day specified > > However, I am puzzled since I don't understand how to use this extra string > in AuthBy SQL module. Is it possible to use a parameter in AuthGeneric > inside AuthSQL ? AuthSQL (and all other Authxxx modules) inherits from (is built on) AuthGeneric, so anything in AuthGeneric is also usable in AuthSQL. Keep in mind also that Session-Timeout is a standard reply item and as such can be sent in any Access-Accept packet. You should have a look at Section 13 in the manual - Check and Reply Items. These can be used in a variety of places in Radiator: as Handler check items, as AuthBy reply items, and as check and reply items in user definitions. You could use Session-Timeout in an AuthBy SQL like this: DBSource ... DBAuth ... DBUsername ... ... AddToReply Session-Timeout = "until 1800" ... and of course there are lots of other possibilities... hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
