[EMAIL PROTECTED] wrote:
People might be able to do more if they had configs and debug output (-X)
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See h
kevin wrote:
> How can I return Reject-Packet without default attributes?
> It seems that the default attributes in the users file are returned
> regardless of Accept or Reject.
> I don't want to give a hint to hacker who can try a lot of rejects.
> Is there a way? Somebody suggested Exec-Program-
>
>
>> [EMAIL PROTECTED] wrote:
>>> Greetings. I am using freeradius and want to do the following:
>>> 1. proxy authentication to a secondary server for two-factor
>>> authentication
>>> 2. if the user is authenticated via the home server, add attributes
>>> via
>>> definitions from the local fr
Richard Cotrina <[EMAIL PROTECTED]> wrote:
> (gdb) display mysql_sock
> 1: mysql_sock = (rlm_sql_mysql_sock *) 0x5f6c7173
That's bad. That's very bad. It's the ASCII string "sql_",
interpreted as a pointer on an x86 machine. No wonder it crashes.
The short answer is that there appears to b
On Wed, 24 Aug 2005, Alan DeKok wrote:
> > Program received signal SIGSEGV, Segmentation fault.
> > 0x483b7a48 in sql_init_socket (sqlsocket=0x8092720, config=0x8096300)
> > at sql_mysql.c:71
> > 71 memset(mysql_sock, 0, sizeof(*mysql_sock));
>
> What is the value of mysql_sock
"Lohfink, Chris N" <[EMAIL PROTECTED]> wrote:
> The program just hangs there where im assuming its doing something
> with tls' rsa keys?
I don't think so.
> before i used --disable-shared it went down in same spot while
> looking for the tls shared libraries so im unsure if it has to do
> with
How can I return Reject-Packet without default attributes?
It seems that the default attributes in the users file are returned
regardless of Accept or Reject.
I don't want to give a hint to hacker who can try a lot of rejects.
Is there a way? Somebody suggested Exec-Program-Wait = "reject.sh"
sean wrote:
> I'm sorry but I don't understand your answer. Can you explain the
> debug of an accounting packet?
Found a nice explanation here:
http://support.intel.com/support/si/library/bi0409.htm
In addition to the authentication and authorization process, an extension of
the RADIUS protocol
"Richard Cotrina" <[EMAIL PROTECTED]> wrote:
> Program received signal SIGSEGV, Segmentation fault.
> 0x483b7a48 in sql_init_socket (sqlsocket=0x8092720, config=0x8096300)
> at sql_mysql.c:71
> 71 memset(mysql_sock, 0, sizeof(*mysql_sock));
What is the value of mysql_sock?
Is
> You've included everything but the information requested in doc/bugs.
>
> My bet is that this is bug #98
>
> http://bugs.freeradius.org/show_bug.cgi?id=98
>
> Alan DeKok.
Alan :
What I have found when using rlm_sql_mysql in FreeBSD ( and probably other
OS ) is that radiusd segfault happen
Hi Thor,
Once again thanks for your help.
I'm sorry but I don't understand your answer. Can you explain the debug
of an accounting packet? Do you mean something like an Ethereal trace?
How do I do a tcp dump on the Radius server.
Regards,
Sean
-
List info/subscribe/unsubscribe? See http://ww
You may need to add some extra configuration to your hints file:
# Wireless XP devices prefix the user name with host/
DEFAULT Prefix == "host/"
Hint = "Wireless-Workstation"
As far as I understand it, that will chop the host/ off for certain
types of processing. I'm sure Alan w
sean wrote:
> The NAS is a Linksys WRT-54G running DD-WRT firmware. I have made no
> changes to the NAS configuration and up to a while ago the radacct
> file
> was being updated. I suspect that the problem is either in
> radiued.conf,
> sql.conf or the MySQL access rights. I have noticed that by i
Hi Thor,
Thanks for the reply.
The NAS is a Linksys WRT-54G running DD-WRT firmware. I have made no
changes to the NAS configuration and up to a while ago the radacct file
was being updated. I suspect that the problem is either in radiued.conf,
sql.conf or the MySQL access rights. I have noticed
Hi Guys.
I have FreeRadius 1.0.4 all of a sudden crash end exit.
I have enabled core dumps but cannot find the core file anywhere.
Where's the core file supposed to be written ?
Thanx
Paul
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Matt morris wrote:
> Hello list,
>
> This has probably been asked a lot times before, but I just couldn't
> get the attributes values from accounting request packets with my
> perl script. I am trying to do some database queries when I received
> stop accounting request packets, here are the releva
Alan DeKok wrote:
>> with "tcpdump -s 1500 -w raw.txt port 1813 and udp".
"-s 0" instead of "-s 1500" would be better, radius packets are not
restricted to 1500 bytes.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide
Hello list,
This has probably been asked a lot times before, but I just couldn't get the
attributes values from accounting request packets with my perl script. I am
trying to do some database queries when I received stop accounting request
packets, here are the relevant sections of my radiusd.
Hello,
Im tring to get eap/ttls working on ubuntu(5.04) but when i istalled from
apt-get im missing the shared libraries so i just decided to try compiling
myself. After some work i got it with
./configure --without-rlm_x99_token --disable-shared --sysconfdir=/etc/ && make
&& make install
I
Thanks Thor, I will see that
option or to work with an Active Directory.
Best reggards,
Carlos Martínez-Troncoso Cera
Coordinador de Servicios Internet/Intranet
Universidad del Norte
Barranquilla, Colombia
Tel: 57 5 3509367
Thor Spruyt wrote:
Carlos Martínez-Troncoso Cera wrote:
Thanks for your answer Alan.
An option could be to use an MS Active Directory instead Iplanet LDAP?
Carlos Martínez-Troncoso Cera
Coordinador de Servicios Internet/Intranet
Universidad del Norte
Barranquilla, Colombia
Tel: 57 5 3509367
Alan DeKok wrote:
=?ISO-8859-1?Q?Carlos_Mart=EDnez-Tro
Wesley Spadola <[EMAIL PROTECTED]> wrote:
> Because we do not want accounting data terribly out of sync, we are
> shifting the accounting data over from our live machine to a test
> machine in increments of a few minutes, and I'm logging such data with
> "tcpdump -s 1500 -w raw.txt port 1813 and ud
Carlos Martínez-Troncoso Cera wrote:
> Hello.
>
> We are trying to use FreeRadius with PEAP and LDAP.
You might consider TTLS with PAP instead of PEAP with MS-CHAP-V2
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.
sean wrote:
> Hi ALL,
>
> I have made no progress in resolving the radaccct problem.
> Radius is loading with no error messages and I've gone over the
> radiusd.conf and sql.conf a million times.
>
> below is the output from Radius when a client logs in.
Now a debug trace of an Access-Request pack
There is probably something pretty simple I'm forgetting, but please
bear with me. :)
We're in the process of migrating our Cistron server to FreeRADIUS.
We are currently testing FreeRADIUS 1.1.0 CVS HEAD because of our need
to accept and log MAX TNT TAOS v11 Ascend-* 16bit attributes. We are
=?ISO-8859-1?Q?Carlos_Mart=EDnez-Troncoso_Cera?= <[EMAIL PROTECTED]> wrote:
> I was looking how Sun ONE stores the passwords, it uses SSHA (Salted
> Secure Hashing Algoritm),
> I think this is the problem, because I suposse it looks for NT-LM
> Hashing passwords, what can I do and where can I fin
Gerret Apelt wrote:
> I am now trying to have FreeRadius also assign IP Address and Netmask to a
> subset of the user accounts, and that's where I'm getting stuck.
[...]
> This issue goes away as soon as I delete rows with id 1343 and 1344 below:
>
> mysql> select id, username, attribute, value,
More info. I've tried to see different between Debian 3.0 (where
freeradius is working) and Debian 3.1. Excerpt from "perl -V" on 3.0,
where FR *works*:
Linker and Libraries:
ld='gcc', ldflags =' -L/usr/local/lib'
libpth=/usr/local/lib /lib /usr/lib
libs=-lnsl -lndbm -ldb -ldl -lm -l
Hello.
We are trying to use FreeRadius with PEAP and LDAP.
Our access point is a 3Com 8750, is talking with a FreeRadius 1.0.4,
Freeradius talks with LDAP
(Sun One Messaging Server 5.1) and our PEAP clients are Windows XP and 2000.
First we configured FreeRadius with LDAP, it works well, then
Hi,
If I understand you properly you are trying to authenticate users by
their mobile phone number.If that's right you need Kannel. You can
download the latest version from http://www.kannel.org There is a bit of
a learning curve but once you have authenticated the user you can pass
them off to y
Hi all --
Debian Sarge
2.4.27-2-386 kernel
freeRadius (dpkg version 1.0.2-4)
MySQL Server (dpkg version 4.1.11a-4)
I have been using FreeRadius successfully for half a year.
All my setup does is authenticate dialup connections. Radius auth requests
come in from a NAS, and once authentication has
System pocztowy Galtex S.A. informuje, iz Twoja wiadomosc zostala dostarczona
Wiadomosc wygenerowana automatycznie przez system pocztowy uzytkownika belskia
Prosze na ta wiadomosc nie odpowiadac.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
"Iandc Davies" <[EMAIL PROTECTED]> wrote:
> For the attributes, I'm getting a bit stuck as these are VSA AVP's.
> I think I've managed to id the functions that I need ( paircreate() and
> pairadd() ) but unsure how they are used.
See the source in the server for some examples.
> I've stated wha
Ok, the hole day i tried to get it to work but this time when i install the certificate as a machine zertifikate the radius authentifikation log ends up with this log below.The Certificates where generated with openssl and all works fine as User certificates but not as computer zertificate. I set
marc racal <[EMAIL PROTECTED]> wrote:
> i meant the logs under this directory
> /var/log/freeradius/radacct/some-ip-address/. this format is due to
> the configuration which is found in the the radiusd.conf file, set as:
>
> detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
>
> thus,
Nicolas Baradakis пишет:
Valeriy V. Peshkoff wrote:
In file included from ../include/libradius.h:38,
from dict.c:42:
/usr/include/sys/socket.h:243: error: redefinition of `struct
sockaddr_storage'
It seems to me the bug is either in autoconf or in FreeBSD headers.
I
Valeriy V. Peshkoff wrote:
>>> In file included from ../include/libradius.h:38,
>>>from dict.c:42:
>>> /usr/include/sys/socket.h:243: error: redefinition of `struct
>>> sockaddr_storage'
>>
>> It seems to me the bug is either in autoconf or in FreeBSD headers.
>> I don't know what
Well, thank you for the correction.
Actually a radius server IS involved in authentication process of mobile
terminals, no operator could live without it.
Nevertheless after further investigation I found out that a radius server
wouldn't help me in my scenario without a connection to the operato
Hi all,
I'm trying to construct a simple program that will allow me to take some
information from another source (possibly a pointer to a structure passed
in)
and populate the RADIUS_PACKET template. A separate process will then be
used to send this message over UDP to the radius server.
The info
Nicolas Baradakis пишет:
Valeriy V. Peshkoff wrote:
I'm still unable to compile CVS version of freeradius on Freebsd
[...]
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5
-Wall -D_GNU_SOURCE -g -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align
-Wwrite-string
hi - is it possible for freeradius to match the domains/realms for proxying
purposes only (ie not rewrite the User-Name):
in the users file:
# following is used to map subdomains of *.easynet.co.uk
# to be proxied according to the realm easynet.co.uk
DEFAULT User-Name =~
Hi ALL,
I have made no progress in resolving the radaccct problem.
Radius is loading with no error messages and I've gone over the
radiusd.conf and sql.conf a million times.
below is the output from Radius when a client logs in.
rad_recv: Access-Request packet from host 82.141.232.132:51214, id
On Mon, Aug 22, 2005 at 05:15:53PM +0800, Rohaizam Abu Bakar wrote:
> Dear all,
> but one case as below, i received a long "Acct-Session-Id" ... and cannot fit
> into mysql... and problem to update Stop record...
> should I change column size from char32 to reasonable value ?
> Acct-Session-Id
BugBuster wrote:
> I compiled with '--disable-shared' but on Debian Linux
> FreeRADIUS does not work with MySQL.
On Debian, compile FreeRADIUS with the command dpkg-buildpackage.
This will prior check whether all the necessary packages are installed
on your system.
$ cd freeradius-1.0.4
$ fak
i would like to filter off interim accoutning packets from specific domains
to a different proxy target - as follows...
# interim/status/alive accounting records are actually sent to the
processing domain
DEFAULT User-Name =~ "@.*\.abc\.co\.uk$", Acct-Status-Type == Alive,
Proxy-T
Hi Alan.
I compiled with '--disable-shared' but on Debian Linux
FreeRADIUS does not work with MySQL.
So I recompiled on Red Hat Enterprise 3 using the same
configuration command:
./configure --prefix=/usr/local/freeradius \
--with-logdir=/usr/local/freeradius/logs\
--with
Valeriy V. Peshkoff wrote:
> I'm still unable to compile CVS version of freeradius on Freebsd
[...]
> gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5
> -Wall -D_GNU_SOURCE -g -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align
> -Wwrite-strings -Wstrict-prototypes -Wmissing-pr
On 8/24/05, Alan DeKok <[EMAIL PROTECTED]> wrote:
> marc racal <[EMAIL PROTECTED]> wrote:
> > > What log file? There are many.
> >
> > radacct details logs.
>
> Thanks for keeping your answer as short and as cryptic as possible.
> It really gives people incentive to answer you.
>
> 1) The
Hi,
I'm trying to get FR 1.0.4 to work with new Debian stable distro (3.1).
I need rlm_perl so I run ./configure with --with-experimental-modules
and compiled it from source (latest .tgz downloaded from freeradius.org):
# tar zxvf freeradius-1.0.4.tar.gz
# chown -R root. freeradius-1.0.4
# cd fre
At 12:49 23/08/05, you wrote:
Hi, thanks for your email!
Ok, i tried it out but i have some problems. If i use the DWORT String you
sent me it has no efekkt. I found an other DWORT Key which Sounds
"AuthMode" and with this DWORT he only tries to authentificate with the
machine account. Maybe
Hi!
I'm still unable to compile CVS version of freeradius on Freebsd
Configure it like that
./configure --prefix=/usr/local/radius
Only this seems bad to me
.
checking net/if.h usability... no
checking net/if.h presence... yes
configure: WARNING: net/if.h: present but cannot be compiled
confi
51 matches
Mail list logo