(RADIATOR) PMWHO killing radiator?

1999-12-29 Thread admin

I have a problem where my radiator stops responding sometimes a 
few times a day (at least every few days).  Luckily, I have a backup 
radius and a paging program that calls me when this happens, but 
it is still annoying.  When I attempt to start my radiator back up, I 
run my shell script that kills any currently running copies and 
starts a fresh one.  The fresh one comes up and indicates that it 
could not bind to the port.  I then run:
ps auwwx | grep telnet

and find the telnet session to my 3com modem bank that is 
hanging around and kill that pid.  After that, radiator can get going 
normally again.  I suspect that pmwho is checking the double 
logins and happened to grab port 1645 to make that connection to 
the modem bank.  Has anyone else had something like this?  I'm 
going to take out all the "NasType" listings in the config file and 
see if that helps.  I'd still like to fix it for good though.

Thanks,
John Kicklighter
Internet 2xtreme

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



RE: [platypus-users] Re: (RADIATOR) Expiration date passed!

1999-12-31 Thread admin

After being awakened by my pager telling me that my radius was 
down just after midnight on 12/31 in the AM and reading this, I'm 
going back to bed.  This fixed the problem.  An early Y2K bug bite.

Thanks for posting this to the RADIATOR list.

John Kicklighter
Internet 2xtreme

From:   Granville Barker <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Copies to:  [EMAIL PROTECTED]
Subject:RE: [platypus-users] Re: (RADIATOR) Expiration date passed!
Date sent:  Thu, 30 Dec 1999 23:32:12 -0600

> After working with John, I determined that Radiator is using the
> MasterAccounts view as well as the SubAccounts view in some cases to
> authenticate users.  Anyone running Radiator with Platypus may need the
> attached SQL Script to head off any Y2K issues.
> 
> --
> Granville Barker
> Platypus Support
> 
> 



===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) Simultaneous-Use Broken?

2000-01-07 Thread admin

I'm having a problem with the new version of radiator
such that it is rejecting more than one usage of the same
username in a handler even though there are no limits
on how many of this particular username can login.  I have
had this configuration working for over a year now, but
the new version of radiator seems to have broken my
configuration allowing this username to login more than
one time.  Below is the trace4 output as well as a snipping
of my config file that deals with this handler.  I may have
missed a new option that I need to put in, but it sure feels
like a bug.

Thanks,
John Kicklighter
Internet 2xtreme
http://www.2xtreme.net/


*** Received from 127.0.0.1 port 1452    
Code:   Access-Request
Identifier: 30
Authentic:  1234567890123456
Attributes:
User-Name = "test"
User-Service = Framed-User
Client-Id = 203.63.154.1  
NAS-Port = 1234
NAS-Port-Type = Async
User-Password = 
"c<19><223><15>.<210><180><128><178><26>,<214><133><234><170><157>"

Fri Jan  7 18:03:00 2000: DEBUG: Rewrote user name to test
Fri Jan  7 18:03:00 2000: DEBUG: Rewrote user name to test
Fri Jan  7 18:03:00 2000: DEBUG: Check if Handler Realm=interx.net should be used to 
handle this request
Fri Jan  7 18:03:00 2000: DEBUG: Check if Handler User-Name=test should be used to 
handle this request  
Fri Jan  7 18:03:00 2000: DEBUG: Handling request with Handler 'User-Name=test'
Fri Jan  7 18:03:00 2000: DEBUG:  Deleting session for test, 203.63.154.1, 1234
Fri Jan  7 18:03:00 2000: DEBUG: do query is: delete from RADONLINE where 
NASIDENTIFIER='203.63.154.1' and NASPORT=1234

Fri Jan  7 18:03:00 2000: DEBUG: Handling with Radius::AuthEMERALD
Fri Jan  7 18:03:00 2000: DEBUG: Handling with Radius::AuthEMERALD
Fri Jan  7 18:03:00 2000: DEBUG: Query is: select DateAdd(Day, ma.extension, 
maExpireDate),
DateAdd(Day, sa.extension, saExpireDate), sa.AccountID, sa.AccountType,
sa.password, sa.login, sa.shell, sa.TimeLeft, sa.LoginLimit  
from masteraccounts ma, subaccounts sa 
where (sa.login = 'test' or sa.shell = 'test')
and ma.customerid = sa.customerid 
and sa.active <> 0 and ma.active <> 0

Fri Jan  7 18:03:00 2000: DEBUG: Select results: Dec 31 2030 12:00:00:000AM, Jan  1 
2037 12:00:00:000AM, 5784, PPP, dilbert, test,  , ,
Fri Jan  7 18:03:00 2000: DEBUG: Query is: select ra.RadAttributeID, Data, Value, Type 
from RadConfigs rc, RadAttributes ra
where ra.RadAttributeID = rc.RadAttributeID and rc.AccountID=5784

Fri Jan  7 18:03:00 2000: DEBUG: Query is: select ra.RadAttributeID, Data, Value, Type
from RadATConfigs rc, RadAttributes ra
where ra.RadAttributeID = rc.RadAttributeID
and rc.AccountType='PPP'

Fri Jan  7 18:03:00 2000: DEBUG: Radius::AuthEMERALD looks for match with test
Fri Jan  7 18:03:00 2000: DEBUG: Expiration date converted to: 1924934400
Fri Jan  7 18:03:00 2000: DEBUG: Expiration date converted to: 2114409600
Fri Jan  7 18:03:00 2000: DEBUG: Query is: select NASIDENTIFIER, NASPORT, 
ACCTSESSIONID from RADONLINE where USERNAME='test'

Fri Jan  7 18:03:00 2000: DEBUG: Checking if user is still online: unknown, test, 
209.63.222.36, 8, 01030646
Fri Jan  7 18:03:00 2000: DEBUG: Radius::AuthEMERALD REJECT: Simultaneous-Use of 1 
exceeded
Fri Jan  7 18:03:00 2000: DEBUG: Query is: select DateAdd(Day, ma.extension, 
maExpireDate),
DateAdd(Day, sa.extension, saExpireDate), sa.AccountID, sa.AccountType,
sa.password, sa.login, sa.shell, sa.TimeLeft, sa.LoginLimit  
from masteraccounts ma, subaccounts sa 
where (sa.login = 'DEFAULT' or sa.shell = 'DEFAULT')
and ma.customerid = sa.customerid 
and sa.active <> 0 and ma.active <> 0

Fri Jan  7 18:03:00 2000: INFO: Access rejected for test: Simultaneous-Use of 1 
exceeded
Fri Jan  7 18:03:00 2000: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1452 
Code:   Access-Reject
Identifier: 30
Authentic:  1234567890123456
Attributes:
Port-Message = "Request Denied"


==

# Allow Multiple Logins for the Test account

PasswordLogFileName /var/log/radiusd/logins/%m%d%Y-password.log


DBSourcedbi:Sybase:dbaseiface
DBUsername  dblogin
DBAuth  dbpassword

AccountingTable Calls
AcctColumnDef   UserName,User-Name
AcctColumnDef   CallDate,Timestamp,integer-date
AcctColumnDef   AcctStatusType,Acct-Status-Type,integer
AcctColumnDef   AcctDelayTime,Acct-Delay-Time,integer
AcctColumnDef   AcctInputOctets,Acct-Input-Octets,integer
AcctColumnDef   AcctOutputOctets,Acct-Output-Octets,integer
AcctColumnDef   AcctSessionId,Acct-Session-Id
AcctColumnDef   AcctSessionTime,Acct-Session-Time,integer  
AcctColumnDef   NASIdentifier,Client-Id
AcctColumnDef   NASPort,NAS-Port,integer
AcctColumnDef   FramedAddress

No Subject

2000-02-02 Thread admin

Return-Path: <[EMAIL PROTECTED]>
Received: from oscar.open.com.au (oscar.open.com.au [203.63.154.1])
	by tiberius (8.9.3/8.9.3) with SMTP id JAA11324
	for <[EMAIL PROTECTED]>; Sat, 8 Jan 2000 09:52:01 -0500 (EST)
Received: (from majordom@localhost) by oscar.open.com.au (8.6.12/8.6.12) id NAA29481 for radiator-list; Sat, 8 Jan 2000 13:40:18 +1100
Received: (from uucp@localhost) by oscar.open.com.au (8.6.12/8.6.12) id NAA29470 for [EMAIL PROTECTED]; Sat, 8 Jan 2000 13:40:13 +1100
>Received: from latte.2xtreme.net (latte.2xtreme.net [209.63.222.34]) by perki.connect.com.au with SMTP id NAA01377
  (8.8.8/IDA-1.7 for <[EMAIL PROTECTED]>); Sat, 8 Jan 2000 13:28:28 +1100 (EST)
Message-ID: <[EMAIL PROTECTED]>
Received: from latte.2xtreme.net (latte.2xtreme.net [209.63.222.34]) by perki.connect.com.au with SMTP id NAA01377
  (8.8.8/IDA-1.7 for <[EMAIL PROTECTED]>); Sat, 8 Jan 2000 13:28:28 +1100 (EST)
Received: (qmail 4737 invoked from network); 8 Jan 2000 02:29:50 -
Received: from java.2xtreme.net (HELO java) (209.63.220.3)
  by latte.2xtreme.net with SMTP; 8 Jan 2000 02:29:50 -
Date: Fri, 7 Jan 2000 18:32:58 -0800
MIME-Version: 1.0
Content-transfer-encoding: 7BIT
Subject: (RADIATOR) Simultaneous-Use Broken?
X-mailer: Pegasus Mail for Win32 (v3.01b)
Content-Type: text/plain; charset=US-ASCII
Sender: [EMAIL PROTECTED]
Precedence: bulk


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) Testing MaxSessions with radpwtst - MaxSessions not working - very simpleconfig.

2001-01-15 Thread admin

Hello,

I'm stumped, I've looked, I've read, I've tried, and I am stumped. 
I'm evaluating radiator and I have had absolutely no success getting 
MaxSessions to function. Below is my config and debug information. 

I am testing this config with the radpwtst tool and the following 
arguments:
partisan:/usr/local/radiator# radpwtst -user admin -password admin 
Called-Station-Id=1234 -s 127.0.0.1 -nostop

I would expect, with my config and the command above, the second 
time the command is issued radiator would deny my login because of the 
"-nostop" argument and not having received a stop argument for the 
previous login. This does not appear to be the case. 

I have noticed one thing. If I I set MaxSessions 1 to MaxSession 0 
then it will deny the login. Below is the debug output from 2 tests with 
the above command.

I don't mean to grovel but... please help :)

-Jared

My config:

radius.cfg:
Foreground
LogStdout
DbDir   .
LogDir  .


Secret   mysecret



MaxSessions 1


Filename /usr/local/radiator/users




users file:
#one line, very simple
admin   User-Password = "admin"

Debug Output:

partisan:/usr/local/radiator# ./radiusd -log_stdout -trace 4
Mon Jan 15 15:43:57 2001: DEBUG: Reading users file 
/usr/local/radiator/users
This Radiator license will expire on 2001-03-01
This Radiator license will stop operating after 1000 requests
To purchase an unlimited full source version of Radiator, see
http://www.open.com.au/radiator/ordering.html

Mon Jan 15 15:43:57 2001: INFO: Server started: Radiator 2.17.1 on 
partisan (DEM
O)
Mon Jan 15 15:44:23 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1035 
Code:   Access-Request
Identifier: 68
Authentic:  1234567890123456
Attributes:
User-Name = "admin"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
User-Password = 
"<152><239>2<196><193>\<4><246><188>8<9><160><216>}x<153
>"
Called-Station-Id = "1234"

Mon Jan 15 15:44:23 2001: DEBUG: Handling request with Handler 'Realm='
Mon Jan 15 15:44:23 2001: DEBUG:  Deleting session for admin, 
203.63.154.1, 1234
Mon Jan 15 15:44:23 2001: DEBUG: Handling with Radius::AuthFILE
Mon Jan 15 15:44:23 2001: DEBUG: Radius::AuthFILE looks for match with 
admin
Mon Jan 15 15:44:23 2001: DEBUG: Radius::AuthFILE ACCEPT:
Mon Jan 15 15:44:23 2001: DEBUG: Access accepted for admin
Mon Jan 15 15:44:23 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1035 
Code:   Access-Accept
Identifier: 68
Authentic:  1234567890123456
Attributes:

Mon Jan 15 15:44:23 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1035 
Code:   Accounting-Request
Identifier: 69
Authentic:  <170><241><201>S{3<210><132>{1<254>w3<147>6<235>
Attributes:
User-Name = "admin"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "1234"
Acct-Status-Type = Start
Called-Station-Id = "1234"

Mon Jan 15 15:44:23 2001: DEBUG: Handling request with Handler 'Realm='
Mon Jan 15 15:44:23 2001: DEBUG:  Adding session for admin, 203.63.154.1, 
1234
Mon Jan 15 15:44:23 2001: DEBUG: Handling with Radius::AuthFILE
Mon Jan 15 15:44:23 2001: DEBUG: Accounting accepted
Mon Jan 15 15:44:23 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1035 
Code:   Accounting-Response
Identifier: 69
Authentic:  <170><241><201>S{3<210><132>{1<254>w3<147>6<235>
Attributes:

Mon Jan 15 15:44:28 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1035 
Code:   Access-Request
Identifier: 73
Authentic:  1234567890123456
Attributes:
User-Name = "admin"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
    NAS-Port = 1234
NAS-Port-Type = Async
User-Password = 
"<152><239>2<196><193>\<4><246><188>8<9><160><216>}x<153
>"
Called-Station-Id = "1234"

Mon Jan 15 15:44:28 2001: DEBUG: Handling request with Handler 'Realm='
Mon Jan 15 15:44:28 2001: DEBUG:  Deleting session for admin, 
203.63.154.1, 1234
Mon Jan 15 15:44:28 2001: DEBUG: Handling with Radius::AuthFILE
Mon Jan 15 15:44:28 2001: DEBUG: Radius::AuthFILE looks for match with 
admin
Mon Jan 15 15:44:28 2001: DEBUG: Radius::AuthFILE ACCEPT:
Mon Jan 15 15:44:28 2001: DEBUG: Access accepted for admin
Mon Jan 15 15:44:28 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1035 
Code:   Access-Accept
Ident

(RADIATOR) question

2001-06-26 Thread admin



I need to reduce my Ascend-Data-Filter from length 
28 to 26 Any ideas how? 
 
 
Thanks
 
Eric


(RADIATOR) radiator stuck again

1999-02-07 Thread admin

For 3 days in a row, I have had a stuck radius.  It always sticks 
with a blank username shown in the password log.  This time it had 
a blank in the username and password fields.  I didn't quite figure 
out how to run that strace feature on an existing process, so I 
simply restarted radiator to get things going again.  Any progress 
on testing and possibly fixing that problem?  Has anybody else 
seen this problem before?

Thanks,
John Kicklighter
Internet 2xtreme

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) PM3 Dictionary

1999-02-17 Thread admin

I'm getting this in my trace4 output from my PM3s.  The attribute is 
not defined in the dictionary.livingston that I can find.  What do I 
need to add to my dictionary to get it to be quiet?

Thanks,
John Kicklighter
Internet 2xtreme

ERR: Attribute number 2 (vendor 307) is not defined

Code:   Accounting-Request
Identifier: 36
Authentic:  
H{E+<202><156><173><138><10><213><173><150>ZD;<201>
Attributes:
Acct-Session-Id = "0362"
User-Name = "myuser
Client-Id = 555.555.555.555
NAS-Port = 8
NAS-Port-Type = Async
Acct-Status-Type = Stop
Acct-Session-Time = 1  
Acct-Authentic = RADIUS
Connect-Info = "49333 LAPM/V42BIS"
Acct-Input-Octets = 10
Acct-Output-Octets = 8
Acct-Terminate-Cause = ACCT_TERM_USER_REQUEST
User-Service = Framed-User
Framed-Protocol = PPP
Framed-Address = 666.666.666.666
Acct-Delay-Time = 0



===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) PM3 Dictionary

1999-02-17 Thread admin

I put that in and I get:

Livingston = "User Request - PPP Term Req"

Look familiar?

John Kicklighter
Internet 2xtreme

From:   "Mike McCauley" <[EMAIL PROTECTED]>
Date sent:  Wed, 17 Feb 1999 17:28:44 -0500
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject:Re: (RADIATOR) PM3 Dictionary

> Well, we have this in a newer dictionary:
> 
> # Vendor-specific attributes for Livingston
> VENDORATTR  307 Livingston2   string
> 
> But just what it means I dont know. Anyone else?
> 
> 
> On Feb 16,  9:10pm, [EMAIL PROTECTED] wrote:
> > Subject: (RADIATOR) PM3 Dictionary
> > I'm getting this in my trace4 output from my PM3s.  The attribute is
> > not defined in the dictionary.livingston that I can find.  What do I
> > need to add to my dictionary to get it to be quiet?
> >
> > Thanks,
> > John Kicklighter
> > Internet 2xtreme
> >
> > ERR: Attribute number 2 (vendor 307) is not defined
> >
> > Code:   Accounting-Request
> > Identifier: 36
> > Authentic:
> > H{E+<202><156><173><138><10><213><173><150>ZD;<201>
> > Attributes:
> > Acct-Session-Id = "0362"
> > User-Name = "myuser
> > Client-Id = 555.555.555.555
> > NAS-Port = 8
> > NAS-Port-Type = Async
> > Acct-Status-Type = Stop
> > Acct-Session-Time = 1
> > Acct-Authentic = RADIUS
> > Connect-Info = "49333 LAPM/V42BIS"
> > Acct-Input-Octets = 10
> > Acct-Output-Octets = 8
> > Acct-Terminate-Cause = ACCT_TERM_USER_REQUEST
> > User-Service = Framed-User
> > Framed-Protocol = PPP
> > Framed-Address = 666.666.666.666
> > Acct-Delay-Time = 0
> >
> >
> >
> > ===
> > To unsubscribe, email '[EMAIL PROTECTED]' with
> > 'unsubscribe radiator' in the body of the message.
> >-- End of excerpt from [EMAIL PROTECTED]
> 
> 
> 
> -- 
> Mike McCauley[EMAIL PROTECTED]
> Open System Consultants Pty. Ltd Unix, Motif, C++, WWW
> 24 Bateman St Hampton, VIC 3188 AustraliaConsulting and development
> Phone, Fax: +61 3 9598-0985  http://www.open.com.au
> 
> Radiator: the most portable, flexible and configurable RADIUS server 
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
> Platypus, Freeside, external, etc etc etc on Unix, Win95, NT, Rhapsody
> 



===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) SNMP HiPer

1999-02-23 Thread admin

The TotalControl chassis should still have the same SNMP 
managment card that came out in the old Netserver days.  I've 
never tried to use the pmwho on it though.  I've not found any 
problems running without the verification.  I have mostly 3com 
banks (some hiper and some netserver) and a couple of PM3s that 
I added recently.  I do use the verification on the PM3s though.  
Just to be safe.

John Kicklighter
Internet 2xtreme

From:   "Mike McCauley" <[EMAIL PROTECTED]>
Date sent:  Tue, 23 Feb 1999 08:44:56 -0500
To: [EMAIL PROTECTED]
Subject:(RADIATOR) SNMP HiPer

> Does anyone know how to check if a user is online by SNMP on HiPer ARC's? We
> would like to add sim-use checking for HiPer, but we understand that pmwho does
> not work with them.
> 
> 
> -- 
> Mike McCauley[EMAIL PROTECTED]
> Open System Consultants Pty. Ltd Unix, Motif, C++, WWW
> 24 Bateman St Hampton, VIC 3188 AustraliaConsulting and development
> Phone, Fax: +61 3 9598-0985  http://www.open.com.au
> 
> Radiator: the most portable, flexible and configurable RADIUS server 
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
> Platypus, Freeside, external, etc etc etc on Unix, Win95, NT, Rhapsody
> ===
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
> 



===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) ContinueWhileAccept question

1999-03-01 Thread admin

In the following situation, would this be fault tolerant if the Emerald 
SQL database were down?  The object is to have 
ContinueWhileAccept and ContinueWhileIgnore set at the same 
time.  This way, if we have any problems, our customers don't get 
denied service.


ContinueWhileAccept

#  Apply some pre-database "Time" Checks

 AcceptIfMissing


# If the "Time" check item passed, check Database

...


# If the database didn't reject them or it ignored, let them in






Thanks,
John Kicklighter
Internet 2xtreme

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) Distributing a users file

1999-03-05 Thread admin

I've got my radiators all ironed out and running well.  Now, I need to 
find a way to distribute a users file between them.  I have one 
running on linux and the other running on NT.  I was going to put 
something together to run on linux's crontab and simply FTP the 
file every day.  Has anyone else found a good way to distribute 
their users files through out their radiators?  If not, can someone 
tell me where I can find the module "Net::FTP"?  This would be 
helpful in creating this distribution program.  I was unable to find it 
at CPAN.

Thanks,
John Kicklighter
Internet 2xtreme

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) SQL unreachable makes radiator freeze

1999-03-06 Thread admin

I've designed my config file to work even if the database goes down.
I don't want our users to suffer if we have a database outage, so I've tried
to make it so that  goes into effect if the request to the
database is ignored.  When I rebooted our database, radiator just sits there
doing nothing and not replying to auth/acct requests.  When the database
comes back up, it begins to function again.  Is there anything I can do to
make this work better?  I was observing this on my linux box.  I've included 
a copy of the config file from my NT box (it runs the same config except
for NT specific options).

John Kicklighter
Internet 2xtreme


= Radiator v2.13 w/patched handler.pm ==
LogStdout
LogDir  .
DbDir   .
Trace 4
AuthPort 1645
AcctPort 1646
DictionaryFile /programs/radiator/dictionary.2xtreme
RewriteUsername tr/-A-Za-z0-9\.\@//cd
RewriteUsername tr/A-Z/a-z/


Secret 
DupInterval 0
NasType Livingston


# Allow Multiple Logins for the Test account



DBSourcedbi:ODBC:Platypus2
DBUsername  
DBAuth  

AccountingTable Calls
AcctColumnDef   UserName,User-Name
AcctColumnDef   CallDate,Timestamp,integer-date
AcctColumnDef   AcctStatusType,Acct-Status-Type,integer
AcctColumnDef   AcctDelayTime,Acct-Delay-Time,integer  
AcctColumnDef   AcctInputOctets,Acct-Input-Octets,integer
AcctColumnDef   AcctOutputOctets,Acct-Output-Octets,integer
AcctColumnDef   AcctSessionId,Acct-Session-Id
AcctColumnDef   AcctSessionTime,Acct-Session-Time,integer
AcctColumnDef   AcctTerminateCause,Acct_Terminate-Cause  
AcctColumnDef   NASIdentifier,Client-Id
AcctColumnDef   NASPort,NAS-Port,integer
AcctColumnDef   FramedAddress,Framed-Address

AddToReply Idle-Timeout = "1200"




MaxSessions 1 
AuthByPolicy ContinueWhileIgnore
PasswordLogFileName %L/logins/%m%d%Y-password.log
AcctLogFileName %L/logs/%m%d%Y.log


AuthByPolicy ContinueWhileAccept

# Apply some pre-database "Time" checks

Filename /ftpusers/radiator/users
AcceptIfMissing



DBSourcedbi:ODBC:Platypus2
DBUsername  
DBAuth  

AccountingTable Calls
AcctColumnDef   UserName,User-Name
AcctColumnDef   CallDate,Timestamp,integer-date
AcctColumnDef   AcctStatusType,Acct-Status-Type,integer
AcctColumnDef   AcctDelayTime,Acct-Delay-Time,integer
AcctColumnDef   AcctInputOctets,Acct-Input-Octets,integer
AcctColumnDef   AcctOutputOctets,Acct-Output-Octets,integer
AcctColumnDef   AcctSessionId,Acct-Session-Id
AcctColumnDef   AcctSessionTime,Acct-Session-Time,integer
AcctColumnDef   AcctTerminateCause,Acct_Terminate-Cause
AcctColumnDef   NASIdentifier,Client-Id
AcctColumnDef   NASPort,NAS-Port,integer
AcctColumnDef   FramedAddress,Framed-Address

AddToReply Idle-Timeout = "1200"









DBSourcedbi:ODBC:
DBUsername   
DBAuth  

AddQuery insert into RADONLINE (USERNAME, NASIDENTIFIER, NASPORT, 
ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values 
('%n', '%N', %{NAS-Port}, '%{Acct-Session-Id}', %{Timestamp}, '%{Framed-Address}', 
'%{NAS-Port-Type}', '%{User-Service}')



===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) password log file & "Time" lockout

1999-03-13 Thread admin

I noticed a small bug in the password logging area.  When a user's 
"Time" check item does not pass, it still says "PASS" in the 
password log file even though it sends back a reject to the NAS.  I 
noticed this using radpwtst.

On a related note, is it possible to log the password log to an SQL 
database?  I have 2 radiators on seperate machines (NT & Linux) 
and I want to see all of the login attempts (good or bad) from both 
machines in a central log file as they are shown in the current 
password logfile.  This is very helpfull for my technical support staff 
in troubleshooting login problems.

Thanks,
John Kicklighter
Internet 2xtreme

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) What happens when the database server goes away?

1999-03-19 Thread admin

Have you gotten any answers on this?  I've had similar problems.  
When my mssql is not reachable or is down for some reason, 
radiator just hangs there not going to the next authby, which 
happens to be .  I have ContinueWhileIgnore set 
for the handler.  The thought behind doing it this way is that we 
won't deny service to our customers when our database is down.

We have our radiators running on an NT4 as well as RedHat linux 
5.0.  Both behave the same in the face of an mssql failure.

I've asked Mike for help on this, but he wants the log trace 4 
output.  I can't give him this since my main concern when our 
database is down is to get it going again, not figuring out why 
radiator won't go on to the next authby.  I don't run trace4 for long 
periods of time because it slows down radiator and generates a lot 
of output in a very short amount of time.

I've tested my handler setup on another linux 5.0 system with 
radiator on it.  The test worked properly when I intentionally set the 
password to the database incorrect.  It saw the failure and went on 
to authby test and did great, but if the database is just not there, it 
has problems with this.

Thanks,
John Kicklighter
Internet 2xtreme

Date sent:  Fri, 19 Mar 1999 10:24:39 +1300 (NZDT)
From:   Andrew Ruthven <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject:(RADIATOR) What happens when the database server goes away?

> Hi guys,
> 
> I currently have Radiator setup using Auth::Emerald to authenticate
> against a MS-SQL server.  Radiator is running on a Linux box and I'm using
> DBD::Sybase and the free Sybase drivers.
> 
> If the MS-SQL server goes away (say, for example, we unplug the machine
> from the network) how long will it take before Radiator times out and goes
> on to the next AuthBy?
> 
> We tested this, and after waiting a couple of minutes without it dropping
> to the next AuthBy we plugged the server back into the network.  Can
> anybody recommend any timeouts we can tweek?
> 
> (I'm tempted to modify the code so that if the SQL Server times out
> Radiator waits 10 minutes before trying it again...)
> 
> Cheers!
> 
> Andrew Ruthven
> Actrix Networks Limited
> At Work: [EMAIL PROTECTED]
> At Home: [EMAIL PROTECTED]
> 
> 
> ===
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
> 



===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



No Subject

1999-03-23 Thread admin

hello,

Could someone shed some light on the meaning of the following

Duplicate request id 52 received from xxx.xxx.xxx.xxx: ignored

I keep getting this message in my logfile every so often.


thanks.


===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) USR Attribute

1999-03-25 Thread admin

Hello,

I keep getting this error message in my logfile:

Thu Mar 25 12:19:35 1999: ERR: Attribute number 39020 (vendor 429) is not defined in 
your d
ictionary

I am assuming that the dictionary I am using does not define this attribute. Does 
anyone 
know what line(s) to add to my dictionary file to take care of this problem! 

Vendor 429 is 3com/
USR BTW. Moreover, is it a critical problem or should I learn to live with it.


Thank you in advance.


P.S. Mike, Thanks for that default maximum session you added. 


-Radwan Khalil
-True Communicatons Corp.

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) radpwtst error

1999-03-31 Thread admin

While running radpwtst:

./radpwtst -secret  -user "[EMAIL PROTECTED]" -pass hello -s host.2xtreme.net
sending Access-Request...
Can't call method "identifier" without a package or object reference at ./radpwtst 
line 485.

What do you think the problem is?

John Kicklighter
Internet 2xtreme

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) Getting Accounting Information

1999-04-02 Thread admin

I'm selling Internet accounts to other ISPs for their end users that 
live in our area.  I've got them setup using realms for thier users.  I 
simply proxy the request to their radius servers.  I want a way to 
send them a copy of the accounting records and save a copy of the 
accounting information for me to charge them as well.  I'm not sure 
what would be the best way to go and how to do it:

1)  Save the accounting in a flat file.
   or
2)  Send the accounting to my platypus database

Any comments or suggestions?

Thanks,
John Kicklighter
Internet 2xtreme

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) error while starting radiator

1999-04-02 Thread admin

Message String: ct_connect(): network packet layer: internal net 
library error: Net-Library operation terminated due to disconnect
 at Radius/SqlDb.pm line 97

What does it mean?  I was adding some logging information to a 
realm and this came up afterword.

John Kicklighter
Internet 2xtreme

===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) RewriteUserName help needed

1999-06-08 Thread admin

At the advice of Mike, I have started to put a realm name on the 
end of some of my usernames.  This is being done in the  
clause.  I have this working correctly where it puts 
"@host.2xtreme.net" on the end of any usename appearing from 
that client.  The problem I'm having now is that when this username 
gets recognized by the  clause, it send the whole 
'[EMAIL PROTECTED]' in to my platypus SQL looking for a 
match.  Naturally, I have not entered the realm name into my 
customers user fields in platypus and it does not find a match.  I'm 
thinking that I need to do another RewriteUsername that will strip 
off the whole realm name once it is received by the  
clause before it sends it to my platypus SQL for authentication.

Another issue with adding realm names at the end of each 
username with the  clause, multiple logins cannot be 
enforced between POPs since each POP has it's own realm name. 
 If the same username logs attempts to login to the same POP 
twice, that should work though.  If I could strip off the realm name 
before any  clauses in the realm, this would solve both 
problems I believe.  Since I'm not very good at regular expressions 
in perl, can someone show me how to truncate a username based 
on the '@' ?

Thanks,
John Kicklighter
Internet 2xtreme

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) AddToReply working?

1999-06-08 Thread admin

Thanks Tom for the answer earlier, that did the trick.

On another topic, I'm not sure if all my AddToReply messages are 
going out to the remote client.  Here is what I have setup:

AddToReply Idle-Timeout = "1200"
AddToReply Session-Timeout = "28800"
AddToReply Framed-Compression = "Van-Jacobson-TCP-IP"
AddToReply Framed-MTU = 1500
AddToReply Framed-Routing = None
AddToReply Framed-Netmask = 255.255.255.255

And here is what the trace output shows:

*** Sending to xxx.xxx.xxx.xxx port 50218 
Code:   Access-Accept
Identifier: 143
Authentic:  <252><217>l]-<230><254><217><132><3>
Attributes:
User-Service = 2
Framed-Protocol = 1
Framed-Netmask = 255.255.255.255

Do you think they are going out, but not showing up or are they not 
being sent?  I can't see them on the remote end since that is not 
my server.  

The logins are working, but these are the attributes that were 
requested by the remote end.  They run a managed modem pool 
for us.

Thanks,
John Kicklighter
Internet 2xtreme

Date sent:  Wed, 9 Jun 1999 13:14:36 +1000
From:   tom minchin <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Copies to:  [EMAIL PROTECTED]
Subject:Re: (RADIATOR) RewriteUserName help needed

> On Tue, Jun 08, 1999 at 07:37:36PM -0700, [EMAIL PROTECTED] wrote:
> > Another issue with adding realm names at the end of each 
> > username with the  clause, multiple logins cannot be 
> > enforced between POPs since each POP has it's own realm name. 
> >  If the same username logs attempts to login to the same POP 
> > twice, that should work though.  If I could strip off the realm name 
> > before any  clauses in the realm, this would solve both 
> > problems I believe.  Since I'm not very good at regular expressions 
> > in perl, can someone show me how to truncate a username based 
> > on the '@' ?
> > 
> 
> There's an example in the manual: RewriteUsername s/^([^@]+).*/$1/
> 
> [EMAIL PROTECTED]
> 



===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) Compiled version of radpwtst?

1999-08-04 Thread admin

I'm attempting to find a program like the radpwtst that is compiled 
so that when it runs, it does not take up a lot of cpu/memory.  
Normally, this is not a big deal, but I'm going to be putting this on 
my network monitoring machine to do a sample RADIUS login on 
both my radius servers every 3 minutes.  I'm using a version of 
netsaint which allows for me to make my own test items.  It 
handles the running of the test items and paging if there is not a 
successful return from the test item.  If you need a good network 
monitoring application, this one is free and is much better than any 
I've had in the past.  If the login does not come back successfully, 
it will page me and let me know.  The network monitoring machine 
is an old 486/33 with 16MB ram running linux, so it doen't like to 
crunch through the interpreter every time to run the perl version of 
radpwtst.  If you know of something, let me know.

Thanks,
John Kicklighter
Internet 2xtreme

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) how to assign static IP addresses

1999-11-11 Thread Admin




Having never used a RADIUS server before, I'm pleased to have 
found Radiator so easy to get up and running. I'm hoping one of you can help me 
with a simple query.
 
We have a Bay Networks Versalar RAC 8000 which currently uses 
Bay's proprietary ACP protocol to communicate with an NT Server. ACP performs 
two functions for us at the moment: authentication from native NT user accounts, 
and it also reads a simple text file which lets me assign static IP addresses to 
specific dial-in users. It's this second task I need help with.
 
Radiator is installed, tested, and using a config based on the 
provided /goodies/nt.cfg is succesfully authenticating dial-in users. The only 
thing stopping me from making the switch from ACP to RADIUS is how best to 
assign static IPs.
 
From my reading of the reference manual, I need to AuthBy 
FILE, but I can't get my head around exactly how to do this when I -also- want 
the passwords to remain in NT (AuthBy NT). Can someone help by showing me the 
minimum change required to my nt.cfg (see below) and also the minimum amount of 
information I need to define in a USERS file, to make this possible. I guess I'm 
after a USERS file which only states two things: "go look in NT for the 
password", and for certain users "here's a static 
IP".
 
Thanks in advance.
 
Chris Core
GPM Internet
 
 
/// nt.cfg ///
 
ForegroundLogStdoutLogDir  
.DbDir   
.
 
 Secret  
***
 DupInterval 
0
 
   Domain 
  DomainController
  DefaultReply 
Service-Type=Framed-User,Framed-Protocol=PPP 
 
 AcctLogFileName 
./detail
 
 


Re: (RADIATOR) how to assign static IP addresses

1999-11-11 Thread Admin

Thanks David. Our NAS is now using Radiator and all of the dial-ins are
humming along.

One thing that I've broken along the way is inbound telnet sessions, which I
use from another office to manage the NAS. I assume this is because the
default in my nt.cfg specifies that Radiator tells the NAS all incoming
users are to use PPP. My telnet sessions work to the point of successful
authentication and then telnet drops out altogether. I guess this is
telnet's way of saying it doesn't talk PPP :)

Here's my updated nt.cfg:

---
Foreground
LogStdout
LogDir  .
DbDir   .


   Secret  *
   DupInterval 0



 
   Filename ./rac1
 
   AcctLogFileName ./detail
   PasswordLogFileName ./password



 
Identifier System
Domain 
DomainController
DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
 

--

and here's a snippet of my rac1 (user file) where I've tried to allow the
username gpm_cc access via telnet:

-

gpm_cc  Auth-Type = System
  Service-Type = Login-User,
  Login-Service = Telnet



But gpm_cc can't use telnet. Any ideas?

Regards,

Chris Core
GPM Internet



-Original Message-
From: David Lloyd <[EMAIL PROTECTED]>
To: Admin <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Friday, November 12, 1999 3:17 AM
Subject: Re: (RADIATOR) how to assign static IP addresses


>>>From my reading of the reference manual, I need to AuthBy FILE, but I
>>can't get my head around exactly how to do this when I -also- want the
>>passwords to remain in NT (AuthBy NT). Can someone help by showing me
>>the minimum change required to my nt.cfg (see below) and also the
>>minimum amount of information I need to define in a USERS file, to make
>>this possible. I guess I'm after a USERS file which only states two
>>things: "go look in NT for the password", and for certain users "here's
>>a static IP".
>
>That's not too hard.  I'll paraphrase from tha manual (Section 6.13.5):
>
># This is where all your normal reals stuff goes
>
>
> 
>...
> 
>
>
># The only purpose of this realm is to define
>#   the System identifier for use with Auth-Type
>
>
> 
> Identifier System
> ...
> 
>
>
>Then in your file, you have this:
>
>User Auth-Type = System
> 
>
>DEFAULT Auth-Type = System
> 
>
>
>===
>David M. Lloyd  mailto:[EMAIL PROTECTED]
>
>Administrator   Phone: (608) 663-
>Internet Express, Inc.  http://www.inxpress.net
>802 W. Broadway, Suite # 101
>Madison, WI. 53713-1866
>===
>
>
>===
>Archive at http://www.thesite.com.au/~radiator/
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) Rewrite rules

2002-04-04 Thread Radiator Admin


This will remove begining & trailing whitespace

RewriteUsername s/^\s+// 
RewriteUsername s/\s+$//


- Original Message - 
From: "Paul Black" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, April 02, 2002 4:41 AM
Subject: (RADIATOR) Rewrite rules


> I'm still trying to make my rewrite rules do exactly what I want.
> What rule would I need to string leading white space from the
> username?
> 
> Also what does the first rule shown below do?
> 
> Regards.  Paul
> 
> >>
> >>  RewriteUsername s/^([^@]+).*/$1/
> >>  RewriteUsername tr/A-Z/a-z/
> 
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
> 

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) Post Processing hook

2002-04-21 Thread Shoalnet Admin

Hi All,

Being lazy here Before I dream up something I thought some-one might 
have invented 'the wheel' aleady. We are currently transitioning all of our 
user base from usernames without realms to usernames with realms.  I would 
like to send an email in a post processing hook to the user when they logon 
to give them a polite reminder of the changes they need to make. Obviously 
I still want to allow them to have a successful logon but hopefully the 
email generated each time will start to get annoying after a while and they 
will look into changing their setups. We are using Auth by SQL with mysql 
at present.

I have one more question. This move to users with realms has bought about 
an issue with Free BSD ppp daemon. Apparently it doesn't accept more 
than  16 characters in the username. Anyone have a work around or come 
across this? The easiest solution at the moment is to give them a new 
account which will be < 16 characters with a realm.

Thanks in advance for any help I receive and btw thanks for a great product!

Brad Lilly

Shoalnet/Fastrac admin

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) PostAuthHook

2002-07-30 Thread Radius Admin



I am trying to implement a 
PostAuthHook.
 
I have added the following line in my configuration 
file 
 

 
    
 
    blah
    blah
 
    PostAuthHook 
file:"%D/SetActive.txt"
    

 
When I start Radiator I get the following error: 
ERR: Unknown keyword 'PostAuthHook' in
 
I am not using Handler's as described in the 
hooks.txt file. Have I defined it in the wrong place?
 
Thanks
 


(RADIATOR) DATE

2002-07-30 Thread auth admin

We have made our custom windows app to access RADUSERS table, the 
fields 
VALIDFROM and VALIDTO are integer types. What is the formula to convert 
these fields to a valid DATE Type, so we can automatically manage valid 
dates of the accounts we create.

chris
-- 
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) Accounting Keep Alives

2002-08-04 Thread Radius Admin



How do I send Accounting Keep Alives to a NAS? How 
is this implemented in Radiator?
 
Thanks
 


(RADIATOR) Expiration

2002-08-12 Thread Radius Admin



I am trying to update an EXPIRATION field which is 
a date field in my users database.
 
I am trying to use the following 
statement.
 
AcctSQLStatement update USERS set 
EXPIRATION=%t+7776000 where...
 
Is there anyway for me to format the value of 
"%t+7776000" to a format which is acceptable to mysql date format.
 
Thanks
 


Re: (RADIATOR) Expiration

2002-08-13 Thread Radius Admin
Title: Message



Dave,
 
I am now using this:
 
AcctSQLStatement update USERS set 
EXPIRATION='%Y-%m-%d' where .
 
I would like the month to be 3 months from the 
current date. ie. +3. How do I do this?
 
Thanks
 

  - Original Message - 
  From: 
  Dave 
  Kitabjian 
  To: Radius Admin ; [EMAIL PROTECTED] 
  Sent: Tuesday, August 13, 2002 2:30 
  AM
  Subject: RE: (RADIATOR) Expiration
  
  There are a whole mess of date formatting options in the 
  manual:
   
      http://www.open.com.au/radiator/ref.html#pgfId=290952
   
  Let 
  me know how you make out!
   
  Dave
   
  TABLE 2. DateFormat 
  special characters 
  


  
Specifier
  
Is replaced at run-time 
by:

  
%%
  
The percent 
character

  
%a
  
Day of the week, 
abbreviated

  
%A
  
Day of the week

  
%b
  
Month, of the year, 
abbreviated

  
%B
  
Month of the year

  
%c
  
ctime format: e.g. Sat Nov 19 
21:05:57 1994

  
%d
  
Numeric day of the month DD, 
with a leading 0 if necessary.

  
%e
  
Numeric day of the month, no 
leading 0.

  
%D
  
MM/DD/YY

  
%h
  
Month of year, 
  abbreviated

  
%H
  
Hour, 24 hour clock, leading 
0

  
%I
  
Hour, 12 hour clock, leading 
0

  
%j
  
Day of the year

  
%k
  
Hour

  
%l
  
Hour, 12 hour clock

  
%m
  
Month number (starting with 
Jan = 1)

  
%M
  
Minute, leading 0

  
%n
  
NEWLINE character

  
%o
  
Ornate day of month e.g. 
"1st", "2nd", "25th", ...

  
%p
  
`AM' or `PM'

  
%r
  
Time format: 09:05:57 
  PM

  
%R
  
Time format: 21:05

  
%S
  
Seconds, leading 0

  
%t
  
TAB character

  
%T
  
time format: 
21:05:57

  
%U
  
Week number, Sunday as first 
day of week

  
%w
  
Day of the week, numerically, 
Sunday == 0

  
%W
  
Week number, Monday as first 
day of week

  
%x
  
Date format: 
11/19/94

  
%X
  
Time format: 
21:05:57

  
%y
  
Year (2 digits)

  
%Y
  
Year (4 digits)

  
%Z
  
Timezone in ascii. eg: 
  PST
  
    
-Original Message-From: Radius Admin 
[mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 11:32 
AMTo: [EMAIL PROTECTED]Subject: (RADIATOR) 
Expiration
I am trying to update an EXPIRATION field which 
is a date field in my users database.
 
I am trying to use the following 
statement.
 
AcctSQLStatement update USERS set 
EXPIRATION=%t+7776000 where...
 
Is there anyway for me to format the value of 
"%t+7776000" to a format which is acceptable to mysql date 
format.
 
Thanks
 


Re: (RADIATOR) Calculating Session-Timeout based on Expiration?

2002-11-16 Thread Radius Admin
Brian,

You can try something like this as well.



AuthSQLStatement update USERS set TIMELEFT=%t+86400 where LOGIN=0

AuthSelect select PASSWORD, TIMELEFT-%t as TIMELEFT

AcctSQLStatement update USERS set LOGIN=LOGIN+1



Regards



- Original Message - 
From: "Hugh Irvine" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, November 16, 2002 5:05 AM
Subject: Re: (RADIATOR) Calculating Session-Timeout based on Expiration?


> 
> Hello Brian -
> 
> I think you will need to write a Hook to do this.
> 
> There are some example hooks in the file "goodies/hooks.txt".
> 
> regards
> 
> Hugh
> 
> 
> On Saturday, Nov 16, 2002, at 07:58 Australia/Melbourne, Brian wrote:
> 
> >
> > I know that Radiator can calculate the Session-Timeout, as an offset 
> > from the
> > Time setting, using the "until Time" syntax.  Does such an option 
> > exist for
> > Expiration as well?
> >
> > For example, I want to set the Expiration to a unix timestamp, so I get
> > granularity.  I want the Session-Timeout passed back to the NAS to be 
> > the
> > difference between NOW and Expiration.  Is this possible?
> >
> > Brian
> >
> > -- 
> > ---
> > Brian Feeny, CCIE #8036e: [EMAIL PROTECTED]
> > Network Engineerp: 318.222.2638x109 
> > ShreveNet Inc.f: 318.221.6612
> >  
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on [EMAIL PROTECTED]
> > To unsubscribe, email '[EMAIL PROTECTED]' with
> > 'unsubscribe radiator' in the body of the message.
> >
> >
> 
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
> 

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



(RADIATOR) Empty Requests

2001-07-27 Thread NextGen Admin
Title: Empty Requests






Hi,


I have the following setup:


Radiator 2.18.1

MS SQL Server 2000

Lucent PM3s and PM2


Since a couple of months we are regularly seeing the following warning message, which I have no idea from where its coming.

WARNING: Could not find a handler for : request is ignored


Any idea? 


Best Regards, 

Joseph Cilia
Managing Director
NextGen.net Limited
--
Mobile: (+356) 947 2319
Tel: (+356) 419109
Fax: (+356) 438948
ICQ: 9415615
E-mail: [EMAIL PROTECTED]
URL: 
-- 





(RADIATOR) check user's shell

1999-02-05 Thread Novagate Systems Admin


A few years ago when we first set up RADIUS we performed a relatively
simple hack to check the users shell when authenticating via the unix
password routine (master.passwd file BSD).  The majority of our users are
checked via the unix system.  Basically users with /hold, /nopay,
/disconnected, and /usr/contrib/bin/pine (email only account)  would be
rejected and sent an appropriate reply, for /nopay, "Due to lack of payment
this account has been disconnected...", for /...pine, "This account is for
email only.", etc.  This capability is a hack to radiusd.c in 1.16 and I
can elaborate further if necessary. (per recent discussions on the list, I
understand reply messages will be in a future radiator release.  We do
have a fair number of clients that get these messages and it would
definately increase our support call rate if users no longer knew why
their logon attempt was rejected.  FYI, clients that do receive these
reject messages include macppp users, winsock script users, and just about
anyone using a logon script.)

Anyway, we very much need this functionality in radiator.  I suppose it
could be done with group checks and replies (in the next release?) however
I would like to be able to check against the shell for legacy and other
reasons.

If this can be accomplished without hacking the source I would be very
happy.  However, if necessary, I am willing to take the steps to maintain
legacy compatibility and modify the source.

Thanks for any info!

-Dave Munroe
 Novagate


===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) Archive?

1999-02-12 Thread Novagate Systems Admin

I just submitted the radiator list to http://www.mail-archive.com/ about a
week ago.  As to before that, anyone else?

-Dave Munroe
 Novagate

On Thu, 11 Feb 1999, Brian Baggett wrote:

> Is there an archive of this list anywhere?
> 
> Thanks,
> 
> Brian
> 
> 
> ===
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
> 


===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) Recommendations for ISP Billing System

1999-02-18 Thread Novagate Systems Admin

Check out http://www.data-point.com/products/isp/

IMHO, it is by far the best package out there.  From an interface point of
view it is easily the best.  And moving from Quickbooks is a snap, just
click on the fields you want to convert.  Also, the revisions are constant
so if there's a feature you need it will probably end up in the next
version (although it does just about everything, including manage a
WuakeII server!). I've seen some packages that haven't been upgraded in
months and as we know, our businesses are not that static :-) 

-Dave


On Thu, 18 Feb 1999, Internet 2xtreme wrote:

> We too came up the same path that you did.  We started out with just 
> plain quickbooks.  Once we cleared 1200 customers, that was not 
> usable any more.  Then we went with a billing program offered by our 
> Credit Card processing company called webbiller.  That was not good at 
> all.  After a year of that, we finally got going on platypus.  We love it.  
> We looked at emerald, but felt that was a work in progress.  We also 
> looked at the literature on rodopi and ISPgold.  Platypus looked better, 
> so we got it.  It wasn't until a year after having platypus that we got 
> radiator.  That was a nice complement to platypus.  We know of one 
> other ISP in our area using platypus as well.
> 
> John Kicklighter
> Internet 2xtreme
> 
> From: "Leigh Sandy" <[EMAIL PROTECTED]>
> To:   <[EMAIL PROTECTED]>
> Subject:  (RADIATOR) Recommendations for ISP Billing System
> Date sent:Thu, 18 Feb 1999 16:54:18 -0500
> 
> > We are in the process of evaluating a billing system for our office.  We currently 
>have about 2000 dial-up customers and are transitioning from Livingston Radius to 
>Radiator.  Our current billing system is QuickBooks Pro and it is really a pain.  Any 
>comments on Rodopi?  Platypus?  Emerald?  Do 
> any of them build the server with all the software preinstalled and configured?  We 
>need something that won't take much of our time to configure.
> > 
> > Leigh
> >   - Original Message - 
> >   From: Kevin Wormington 
> >   To: [EMAIL PROTECTED] 
> >   Sent: Thursday, February 18, 1999 11:30 AM
> >   Subject: (RADIATOR) SQL with failover to flat file
> > 
> > 
> >   Hi all,
> >
> >   I am using v2.13 with a modified AuthPLATYPUS going against MSSQL 6.5.  I would 
>like to set radiator up to try authenticating from AuthPLATYPUS and if the SQL server 
>is down then attempt authenticating from a flat users file, this would allow my 
>remote radius servers to authenticate if there 
> was an sql server failure or a leased-line was down.  Is this possible and would 
>there be a delay on each auth if the sql server were down or would it get marked as 
>down until it came back up?
> >
> >   Thanks,
> > 
> >   Kevin
> >   Sofnet, Inc.
> > 
> 
> 
> 
> ===
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
> 


===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) Recommendations for ISP Billing System

1999-02-18 Thread Novagate Systems Admin

Yes, it uses Filemaker Pro.  FMP has hooks to query a SQL database but not
act as an SQL database.  As it is now Optigold has a RADIUS import feature
that imports parsed RADIUS detail files.  Optigold already works with a 
number of user management packages and even exports RADIUS users files. 
I'm not exactly sure how the integration would work but i've copied this
to the Optigold ISP list for further comment :-)  Of course you also have
all the features of FMP like built in web integration, cross platform
operation, etc. 

For all you Optigold ISP users out there, Radiator is definately one of
the best (if not the best) RADIUS servers around.  Check it out at
http://www.open.com.au/radiator/

-Dave

On Fri, 19 Feb 1999, Mike McCauley wrote:

> On Feb 18,  8:26pm, Novagate Systems Admin wrote:
> > Subject: Re: (RADIATOR) Recommendations for ISP Billing System
> > Check out http://www.data-point.com/products/isp/
> >
> > IMHO, it is by far the best package out there.  From an interface point of
> > view it is easily the best.  And moving from Quickbooks is a snap, just
> > click on the fields you want to convert.  Also, the revisions are constant
> > so if there's a feature you need it will probably end up in the next
> > version (although it does just about everything, including manage a
> > WuakeII server!). I've seen some packages that haven't been upgraded in
> > months and as we know, our businesses are not that static :-)
> 
> Looks very nice.
> Any idea what sort of database is behind it?
> Could Radiator get to it?
> 
> 
> -- 
> Mike McCauley[EMAIL PROTECTED]
> Open System Consultants Pty. Ltd Unix, Motif, C++, WWW
> 24 Bateman St Hampton, VIC 3188 AustraliaConsulting and development
> Phone, Fax: +61 3 9598-0985  http://www.open.com.au
> 
> Radiator: the most portable, flexible and configurable RADIUS server 
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
> Platypus, Freeside, external, etc etc etc on Unix, Win95, NT, Rhapsody
> 



===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) User-Name encrypted

2002-02-21 Thread Ronan Eckelberry, Network/Systems Admin

That's rightI knew it was a config change, but I couldn't remember
what it was.  Missed it when looking through all the old backup configs...

-Ronan
- Original Message -
From: "Fabio Nitti (TEI)" <[EMAIL PROTECTED]>
To: "Ronan Eckelberry" <[EMAIL PROTECTED]>; "Hugh Irvine"
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Thursday, 21 February, 2002 04:17
Subject: RE: (RADIATOR) User-Name encrypted


Hi all
I solved my problem!
I changed the configuration on Cisco System as5300 in the section "Interface
Group-async1"
I modified the parameter "async mode"
old config: async mode dedicated
new config: async mode interactive

The Nas pass correct user-name now.
thanks a lot
bye




-Original Message-
From: Fabio Nitti (TEI) [mailto:[EMAIL PROTECTED]]
Sent: mercoledì 20 febbraio 2002 11.38
To: [EMAIL PROTECTED]
Subject: (RADIATOR) User-Name encrypted


Hi All,
I've a problem whit my system Radiator 2.17.1
It receives access-request from dialin throught the Nas
with user-name encrypted
I don't know where is the problem because I did all test with radpwtst GUI
and I verified the correct configuration
The NAS is a Cisco 5300
It doesn't work fine for regular users when I do a dialin connection with
modem and a correct user

The Nas pass a User-name encrypted
This is my logfile
Thanks a lots

*** Received from 113.254.2.2 port 1645 
Code:   Access-Request
Identifier: 12
Authentic:  <30>K<223><238><0><201><17><143><239><161><152>/L<211>%d
Attributes:
NAS-IP-Address = 113.254.2.2
NAS-Port = 19
NAS-Port-Type = Async
User-Name = "}#@!}!} }
$}"}&} } } } }%}&} } }*P}'}"}(}"}-}#}&}1}$}&N}3})}#} PZocV/r~<2>"
Called-Station-Id = "672908919"
Calling-Station-Id = "672588404"
User-Password = "3/<149>|{+-]<141>e@Eq<218><131><140>"

Tue Feb 19 20:15:48 2002: DEBUG: Check if Handler Request-Type =
Accounting-Request, Acct-Status-Type = Stop, User-Name = waptim@tilab should
be used to handle this request
Tue Feb 19 20:15:48 2002: DEBUG: Check if Handler Request-Type =
Accounting-Request, Acct-Status-Type = Stop, User-Name = waptim@cuori should
be used to handle this request
Tue Feb 19 20:15:48 2002: DEBUG: Check if Handler Request-Type =
Accounting-Request, Acct-Status-Type = Stop should be used to handle this
request
Tue Feb 19 20:15:48 2002: DEBUG: Check if Handler Request-Type =
Accounting-Request, Acct-Status-Type = Start should be used to handle this
request
Tue Feb 19 20:15:48 2002: DEBUG: Check if Handler Realm = ia should be used
to handle this request
Tue Feb 19 20:15:48 2002: DEBUG: Check if Handler Realm = tilab should be
used to handle this request
Tue Feb 19 20:15:48 2002: DEBUG: Check if Handler Realm = cuori should be
used to handle this request
Tue Feb 19 20:15:48 2002: DEBUG: Check if Handler  should be used to handle
this request
Tue Feb 19 20:15:48 2002: DEBUG: Handling request with Handler ''
Tue Feb 19 20:15:48 2002: DEBUG:  Deleting session for }#@!}!} }
$}"}&} } } } }%}&} } }*P}'}"}(}"}-}#}&}1}$}&N}3})}#} PZocV/r~, 113.254.2.2,
19
Tue Feb 19 20:15:48 2002: DEBUG: Running command:
/export/home/IVLR/R2.0/bin/ivlr_Authenticator.exe
/export/home/IVLR/R2.0/bin/conf/Authenticator.ini
Tue Feb 19 20:15:53 2002: INFO: Access rejected for }#@!}!} }
$}"}&} } } } }%}&} } }*P}'}"}(}"}-}#}&}1}$}&N}3})}#} PZocV/r~:
Tue Feb 19 20:15:53 2002: DEBUG: Packet dump:
*** Sending to 113.254.2.2 port 1645 
Code:   Access-Reject
Identifier: 12
Authentic:  <30>K<223><238><0><201><17><143><239><161><152>/L<211>%d
Attributes:
Reply-Message = "Request Denied"




Fabio Nitti
===
Research & development Consultant
ANS s.p.a.
c/o
TEI Ericsson Italy
Intelligence Network & Fixed
Mobile Convergence
DT/DW
System Specialist Engineer
Via Anagnina 203 Rome
C.A.P. 00040
tel. +39 0672583246 ECN 839 73246
fax +39 06 72583127
e-mail [EMAIL PROTECTED]


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



Re: (RADIATOR) AcctSQLStatement

2002-02-24 Thread Ronan Eckelberry, Network/Systems Admin

I have it in the AuthBy SQL Clause.  I don't see it executing in a trace
though.  Maybe I am typing something wrong.  Here is a snip from the config:


  Description Default Realm for authenticating users
  RejectHasReason
  RewriteUsername s/^([^@]+).*/$1/
  SessionDatabase RADONLINE
  AuthByPolicy ContinueWhileReject


Identifier SUBSCRIBERS
DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
DBUsername x
DBAuth x
DefaultSimultaneousUse 1
Description Database to use to authenticate users
FailureBackoffTime 5
Timeout 10
AuthSelect select PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN from
SUBSCRIBERS where USERNAME='%n' AND ACTIVE='Y'
# AuthSelect select PASSWORD from SUBSCRIBERS where USERNAME='%n'
AuthColumnDef 0,User-Password,check
AuthColumnDef 1,Port-Limit,reply
AuthColumnDef 2,Framed-IP-Address,reply
AuthColumnDef 3,Simultaneous-Use,check
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer-date
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef SERVICETYPE,Service-Type,integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AddToReply Service-Type="Framed-User", \
Framed-Protocol="PPP", \
Framed-IP-Netmask = 255.255.255.255




Identifier LIMITED_20HRS
DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
DBUsername x
DBAuth x
DefaultSimultaneousUse 1
Description Database to use to authenticate 20 Hour users
FailureBackoffTime 5
Timeout 10
AuthSelect select
PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN,TIMELEFT from LIMITED_20HRS where
USERNAME='%n' AND ACTIVE='Y'
AuthColumnDef 0,User-Password,check
AuthColumnDef 1,Port-Limit,reply
AuthColumnDef 2,Framed-IP-Address,reply
AuthColumnDef 3,Simultaneous-Use,check
AuthColumnDef 4,Session-Timeout,reply
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer-date
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef SERVICETYPE,Service-Type,integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctSQLStatement update LIMITED_20HRS set
TIMELEFT=TIMELEFT-'%{Acct-Session-Time}' where USERNAME='%n'
AddToReply Service-Type="Framed-User", \
Framed-Protocol="PPP", \
Framed-IP-Netmask = 255.255.255.255




Identifier LIMITED_30HRS
DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
DBUsername x
DBAuth x
DefaultSimultaneousUse 1
Description Database to use to authenticate 30 Hour users
FailureBackoffTime 5
Timeout 10
AuthSelect select
PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN,TIMELEFT from LIMITED_30HRS where
USERNAME='%n' AND ACTIVE='Y'
AuthColumnDef 0,User-Password,check
AuthColumnDef 1,Port-Limit,reply
AuthColumnDef 2,Framed-IP-Address,reply
AuthColumnDef 3,Simultaneous-Use,check
AuthColumnDef 4,Session-Timeo

Re: (RADIATOR) AcctSQLStatement

2002-02-24 Thread Ronan Eckelberry, Network/Systems Admin

Cool.  thanx for the info Hugh.  One other question thoughwould I
still get the same result if I changed the AuthByPolicy to
ContinueUntilAccept?

-Ronan

- Original Message -
From: "Hugh Irvine" <[EMAIL PROTECTED]>
To: "Ronan Eckelberry, Network/Systems Admin" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Sunday, 24 February, 2002 20:05
Subject: Re: (RADIATOR) AcctSQLStatement


>
> Hello Ronan -
>
> The problem you have is due to the way you have set up your configuration
> file. You have an AuthByPolicy of ContinueWhileReject, so all accounting
> packets are are being processed by the first AuthBy SQL clause.
>
> In your situation you would be better off using Handlers like this:
>
> # define AuthBy clauses
>
> 
> Identifier SUBSCRIBERS
> .
> AddToReply Class = SUBSCRIBERS
> 
>
> 
> Identifier LIMITED_20HRS
> .
> AddToReply Class = LIMITED_20HRS
> 
>
> 
> Identifier LIMITED_30HRS
> .
> AddToReply Class = LIMITED_30HRS
> 
>
> # define Handlers
>
> 
> ..
> AuthBy SUBSCRIBERS
> .
> 
>
> 
> ..
> AuthBy LIMITED_20HRS
> .
> 
>
> 
> ..
> AuthBy LIMITED_30HRS
> .
> 
>
> 
> ..
> AuthByPolicy ContinueWhileReject
> AuthBy SUBSCRIBERS
> AuthBy LIMITED_20HRS
> AuthBy LIMITED_30HRS
> .
> 
>
>
> regards
>
> Hugh
>
>
> On Mon, 25 Feb 2002 11:17, Ronan Eckelberry, Network/Systems Admin wrote:
> > I have it in the AuthBy SQL Clause.  I don't see it executing in a
> > trace though.  Maybe I am typing something wrong.  Here is a snip from
the
> > config:
> >
> > 
> >   Description Default Realm for authenticating users
> >   RejectHasReason
> >   RewriteUsername s/^([^@]+).*/$1/
> >   SessionDatabase RADONLINE
> >   AuthByPolicy ContinueWhileReject
> >
> > 
> > Identifier SUBSCRIBERS
> > DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
> > DBUsername x
> > DBAuth x
> > DefaultSimultaneousUse 1
> > Description Database to use to authenticate users
> > FailureBackoffTime 5
> > Timeout 10
> > AuthSelect select PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN
from
> > SUBSCRIBERS where USERNAME='%n' AND ACTIVE='Y'
> > # AuthSelect select PASSWORD from SUBSCRIBERS where USERNAME='%n'
> > AuthColumnDef 0,User-Password,check
> > AuthColumnDef 1,Port-Limit,reply
> > AuthColumnDef 2,Framed-IP-Address,reply
> > AuthColumnDef 3,Simultaneous-Use,check
> > AccountingTable ACCOUNTING
> > AcctColumnDef USERNAME,User-Name
> > AcctColumnDef TIME_STAMP,Timestamp,integer-date
> > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> > AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> > AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> > AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> > AcctColumnDef NASPORT,NAS-Port,integer
> > AcctColumnDef NASPORTTYPE,NAS-Port-Type,integer
> > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> > AcctColumnDef SERVICETYPE,Service-Type,integer
> > AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> > AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> > AddToReply Service-Type="Framed-User", \
> > Framed-Protocol="PPP", \
> > Framed-IP-Netmask = 255.255.255.255
> >
> > 
> >
> > 
> > Identifier LIMITED_20HRS
> > DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
> > DBUsername x
> > DBAuth x
> > DefaultSimultaneousUse 1
> > Description Database to use to authenticate 20 Hour
users
> > FailureBackoffTime 5
> > Timeout 10
> > AuthSelect select
> > PASSWORD,PORTLIMIT,STATICIP,SIMLOGIN,TIMELEFT from LIMITED_20HRS where
> > USERNAME='%n' AND ACTIVE='Y'

Re: (RADIATOR) RewriteUsername

2002-02-28 Thread Ronan Eckelberry, Network/Systems Admin



    Try naming the realm 
DEFAULT.  It looks at anything after the @ to determine the realm 
name.  So, if a customer logs in as [EMAIL PROTECTED], it is going to look for a realm 
called .  By default, if Radiator finds no matches, it 
will try to use .
 
-Ronan
 

  - Original Message - 
  From: 
  Barry 
  Andersson 
  To: [EMAIL PROTECTED] 
  Sent: Thursday, 28 February, 2002 
  19:36
  Subject: (RADIATOR) RewriteUsername
  
  Hi,
   
  I have RewriteUsername s/^([^@]+).*/$1/  in my 
  radius.cfg file however domains don't appear to be stripped from users who 
  inadvertently login with their email address. I'm getting errors in the 
  logfile such as "Could not find a handler for username@domainname: request is 
  ignored"
   
  Below is the appropriate section from my 
  radius.cfg
   
  Regards
   
  Barry Andersson
   
   
  
  
  UseGetspnamf
  Identifier System
  
  
  RewriteUsername s/^([^@]+).*/$1/
  MaxSessions 1
  
  Filename ./users
  
  AcctLogFileName /var/log/radius/detail
   
  
  
  AcctResult ACCEPT