[EMAIL PROTECTED] wrote:
>
> Eddie Stassen <[EMAIL PROTECTED]> wrote:
> > I would like to know if there is a way of proxying users only if certain
> > conditions are met iow 'check items' for proxied requests. In my
> > application I need to proxy certain realms only if for example
> > NAS-Port-
On Fri, 24 Aug 2001, Dan Perik wrote:
>
> I think I know what he means, because I'd like to do the same thing here. That
> is, limit someone's dialin time to 1 hour (or whatever) per day. So today he can
> log in for one hour. Once that hour's up, he has to wait until tomorrow. He'll
> get an
I think I know what he means, because I'd like to do the same thing here. That
is, limit someone's dialin time to 1 hour (or whatever) per day. So today he can
log in for one hour. Once that hour's up, he has to wait until tomorrow. He'll
get another hour tomorrow. And so on. Is that possible
Michael Chernyakhovsky <[EMAIL PROTECTED]> wrote:
> I have
> #define UT_NAMESIZE 8
> in /usr/include/utmp.h
> But in system-wide wtmp file all names looks good. Why?
>
> May be /usr/bin/last add '\0' after last symbol of username before
> printing? So we can have 8 significant chars in userna
It's look like a bug...
radwho shows whole 8 chars in username.
but radlast - 7 chars only.
This is not system 'last` bug.
The same user, wtmp'ed via system (login-logout locally)
looks with whole 8 chars in his username.
Is something wrong in rlm_unix?
I have
#define UT_NAMESIZE 8
in /usr
[EMAIL PROTECTED] (Miquel van Smoorenburg) wrote:
> > It means that the request is a new one, and different from the first
> >on.
> >
> > The RFC's specifically allow for this.
>
> They do? Where does it say that?. And at least for
> accounting packets the vector is _supposed_ to change since
In article <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> wrote:
> Qinxue Chen <[EMAIL PROTECTED]> wrote:
>> The problem seems to be that the new request has the same request ID,
>> request code, source IP, source port, but different vectors (what's this?)
>
> It means that the request is a new one,
What's error mean:
Error: Dropping conflicting authentication packet from client
All packets being rejected from NAS.
I had to kill and restart radiusd.
Mike.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
> No. Read the RFC. Understand how Authentication-Vector is
> used. Your
> case1 is correct, your case2 is handled.
>
> The reason there is a problem is old requests are for some reason not
> being cleared. That's all there is, don't try and make it
> more complex,
> it's a bug in the c
Qinxue Chen <[EMAIL PROTECTED]> wrote:
> But in the software, the new requests are dropped. Yesterday I modified the
> code (radiusd.c) a little. The whole else block for the error part was got
> rid of. That means the new request would be added and processed.
That will work for you, and is a g
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
>
> Qinxue Chen <[EMAIL PROTECTED]> wrote:
> > The problem seems to be that the new request has the same
> request ID,
> > request code, source IP, source port, but different vectors
> (what's this?)
>
> It means that the request is a n
At 10:19 AM 8/23/2001 -0700, you wrote:
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> >
> > Qinxue Chen <[EMAIL PROTECTED]> wrote:
> > > The problem seems to be that the new request has the same
> > request ID,
> > > request code, source IP, source port, but different vectors
> > (wha
Eddie Stassen <[EMAIL PROTECTED]> wrote:
> I would like to know if there is a way of proxying users only if certain
> conditions are met iow 'check items' for proxied requests. In my
> application I need to proxy certain realms only if for example
> NAS-Port-Type==Async. Any suggestions?
Yes.
Didn't see this hit the list yesterday. Sending again.
Thank you Chris, it's working perfectly.
A question regarding attributes and ldap. I cannot put all my attributes
in LDAP because one of my vendors doesn't work when it receives cisco av
pair AND ascend data filter. I noticed the follow
I would like to know if there is a way of proxying users only if certain
conditions are met iow 'check items' for proxied requests. In my
application I need to proxy certain realms only if for example
NAS-Port-Type==Async. Any suggestions?
Thanks,
Eddie
-
List info/subscribe/unsubscribe? See
> Michael Chernyakhovsky <[EMAIL PROTECTED]> wrote:
> > How I can trap unauthorized access?
> > I want to write to syslog something like
> > "Autorization failed for user 'username'"
Make sure your syslog's for such are not readable for users,
as many bad logins either are, or include their pass
daniel malmkvist <[EMAIL PROTECTED]> wrote:
> In a reqular acct-status-type = stop (2), everything works fine, looks
> like this:
...
> When sending the same attributes to the server except changing
> acct-status-type= 3, i get the following:
>
> radius_xlat: 'UPDATE radacct SET FramedIPAddres
Michael Chernyakhovsky <[EMAIL PROTECTED]> wrote:
> How I can trap unauthorized access?
> I want to write to syslog something like
> "Autorization failed for user 'username'"
You can do that, sort of, but it's not commented well, and it won't
work right.
Hmm... give me a day or so, and I'll
Qinxue Chen <[EMAIL PROTECTED]> wrote:
> The problem seems to be that the new request has the same request ID,
> request code, source IP, source port, but different vectors (what's this?)
It means that the request is a new one, and different from the first
on.
The RFC's specifically allow
Spike Ilacqua <[EMAIL PROTECTED]> wrote:
> > If it works in debug, has issues in regular, check the permissions needed
> > to read the auth files.
>
> I'm seeing basically the same thing, but I don't believe it's a
> permision problem. The server does work in regular mode, it's only
> after abou
Hi, I have just set up freeradius and trying to get the accountingdata
to be stored in MySQL. Now I have a problem with interim accountion
updates, my SQL database doesn't update.
In a reqular acct-status-type = stop (2), everything works fine, looks
like this:
radius_xlat: 'UPDATE radacct S
Hi,
Not 100% surewhat you want to do, but if you mean you want to set the time a
user can log in: yes it is possible, with Login-Time.
You need to specify this in the first line of your entry for the user in the
users file as follows:
usernameAuth-Type := local, Password == "password",
22 matches
Mail list logo
