I have an accounting data file (1 GB) that I am
pushing off to a server running freeradius 1,0 w
pgsql-voip. It has been three days but the data is
still not done populating the tables. I see it
progressing, but the speed is horrible.
Anyone knows how I can make this fast ?
-apu
Tune postgresql to not commit data syncronized or the operating system or both.
Remove any indexes on the table you are poppulating.
Thordur
-Original Message-
From: Apu islam [mailto:[EMAIL PROTECTED]
Sent: 14. september 2005 05:57
To: FreeRadius users mailing list
Subject:
Alan DeKok wrote:
den [EMAIL PROTECTED] wrote:
But I want freeRADIUS to look for passwords in /etc/shadow. Can somebody
help me?
It does this in the default config. See the unix module.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Apu islam wrote:
I have an accounting data file (1 GB) that I am
pushing off to a server running freeradius 1,0 w
pgsql-voip. It has been three days but the data is
still not done populating the tables. I see it
progressing, but the speed is horrible.
Anyone knows how I can make this fast
Here is my whole ldap definition :
ldap {
server = ldap..xxx
# identity = cn=admin,o=My Org,c=UA
# password = mypass
basedn =
filter = (%{User-Name})
# base_filter =
freeradius crashes in 1.0.5 with:
in radius.conf:
passwd nwfiles {
filename = /etc/raddb/gug
format = ~User-Category:*User-Name
}
/etc/raddb/gug
##
newgroup:*Norbert Wegener TCGID=Z1EC
Hi to all,
I have a freeradius 1.0.4 (upgrade to 1.0.5 is nearly coming...) with
ntlm_auth on a Windows 2000 PDC. With the standard authentication with
ntlm calls there is no problem. Now my question is that: is possible to
assign some ip pools based on the user-group on the PDC? A quick
thanks - that works - i can confirm that for the list
tariq
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
Nicolas Baradakis
Sent: 13 September 2005 18:08
To: FreeRadius users mailing list
Subject: Re: custom variable in config files
Tariq Rashid
I apologise if this has been asked before.
I have just come across radreport (from the FreeBSD ports) which is
okay. What other tools are there for freeradius log monitoring and
reporting?
-John
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
All,
Using an example ip address of 213.137.69.38, this converts to d5 89 45 26
(hex).
Is it OK to split the above hex into 8 bits so that it can fit into the
vp-strvalue format or is there another way ?
i.e. strvalue[0] = d5
strvalue[1] = 89
strvalue[2] = 45
strvalue[3] = 26
hi,
i have problems using chap with my radius server(FreeRADIUS Version
1.0.4). please help me out..
my users file on radius server:
simha Auth-Type := CHAP , CHAP-Password == hello
on the packet from radclient:
User-Name = simha , CHAP-Password =
40c567281480e959747ddd9ea7589015 ,
On Wed, 14 Sep 2005, Jean-Francois Gobin wrote:
Here is my whole ldap definition :
ldap {
server = ldap..xxx
# identity = cn=admin,o=My Org,c=UA
# password = mypass
basedn =
This should be an actual DN of your tree.
I wonder if it is correct to discard a packet based on the presence of an
attribute witch use is not defined by any standard. I've read the
aboba-radext-fixes and I see that FR is calculating Message-Authenticator
in Accounting packets this way. But there is no RFC about it... RFC2869
Iandc Davies wrote:
Using an example ip address of 213.137.69.38, this converts to d5 89 45 26
(hex).
Is it OK to split the above hex into 8 bits so that it can fit into the
vp-strvalue format or is there another way ?
The IP addresses are usually stored in vp-lvalue. I note the easiest
So ...
From the preceding, preceding mail, you should have seen that %{User-Name}
is equal to something like uid=P0..., o=nrb, c=be ... which is what I
want to have checked against the LDAP.
For now, when I implement your suggestion, I just come out with
checking for dn=o=nrb,c=be,
Hi all,
Excuse me if i sound boring but am trying to use
freeradius(1.0.1-1) to collect terminating VOIP traffic
from an AS5300. I keep getting this error in my radius.log
=
Wed Sep 14 13:53:20 2005 : Error: rlm_sql (pgsql-voip):
Couldn't update SQL accounting STOP record - ERROR:
The IP addresses are usually stored in vp-lvalue. I note the easiest
way to assign values is to use the function pairparsevalue() in
src/lib/valuepair.c
--
Nicolas Baradakis
Just looked at pairparsevalue(), and it seems that the string
213.137.69.38 is kept in vp-strvalue
but it is also
All,
In the standard header there is a code, Identifier, length and
authenticator fields.
For the length, is that the sum of all the vp-lengths + 20 for the
standard header.
My reason for this question is that I'm trying to rationalise an example
I've got. I.e. how do you get 164
See below:
Alan DeKok wrote:
See www.freeradius.org for download information.
This version has a LOT of fixes over 1.0.4, including security
fixes. We suggest everyone upgrade to 1.0.4.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Does version
On Wednesday 14 September 2005 14:12, John Oxley wrote:
I apologise if this has been asked before.
I have just come across radreport (from the FreeBSD ports) which is
okay. What other tools are there for freeradius log monitoring and
reporting?
The most flexible way to do reporting is to
M.McNeil [EMAIL PROTECTED] wrote:
Does version 1.0.5 address/resolve the issues with EAP/LEAP
authentication when using FreeRadius with Cisco wireless gear ? i.e.
Cisco's WLSE and wireless access points.
No. You still need another patch. That patch breaks LEAP for every
other acces
den [EMAIL PROTECTED] wrote:
I know, about unix module. But I need some examples related to 802.1x.
But you didn't say so in your first message.
Next time, try asking questions about what you want to do, not about
specific details of how to do it. The responses will be more helpful.
And
Claudio [EMAIL PROTECTED] wrote:
I have a freeradius 1.0.4 (upgrade to 1.0.5 is nearly coming...) with
ntlm_auth on a Windows 2000 PDC. With the standard authentication with
ntlm calls there is no problem. Now my question is that: is possible to
assign some ip pools based on the user-group
I have just come across radreport (from the FreeBSD ports) which is
okay. What other tools are there for freeradius log monitoring and
reporting?
There are some available, but they're not linked to from anywhere.
Try google freeradius report, or something like that.
Alan DeKo.
-
List
Paolo Rotela [EMAIL PROTECTED] wrote:
I wonder if it is correct to discard a packet based on the presence of an
attribute witch use is not defined by any standard.
No. FreeRADIUS doesn't do that.
The Message-Authenticator attribute *is* defined, but not well.
I've read the
Iandc Davies [EMAIL PROTECTED] wrote:
Just looked at pairparsevalue(), and it seems that the string
213.137.69.38 is kept in vp-strvalue
but it is also converted into a uint32_t d5 89 45 26 and stored in
vp-lvalue.
It that right ?
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe?
Iandc Davies [EMAIL PROTECTED]wrote:
My reason for this question is that I'm trying to rationalise an example
I've got. I.e. how do you get 164
Please read the RFC's, and src/lib/radius.c, function rad_send().
Attributes:
NAS-IP-Address=d5 89 45 26
4
Hi all,
I am trying to use freeradius(1.0.1-1 on FC3) to
collect AAA records from a CISCOAS5300. I keep getting
this error in my radius.log and my cisco also reports most
of radius timeout. A ping test give 10ms on my network.
Any suggestions would be of great help. Thank you.
===
Wed
I'm back at trying to get freeradius working under Tru64. This time using
1.0.5.
I have an older cvs version working, but I can't remember what I did to make
it work. :-( The working version I have is marked 1.1.0-pre0 built on Feb
17, 2005.
First, in src/main/radiusd.c I have commented out
Hi All,
Can anyone recommend a good source for documentation for FreeRadius. I'm
trying to understand the processes that occur between Chillispot,
FreeRadius and MySql. In particular I need to understand how the Counter
works and how to use the counter in MySQL.
Regards,
Sean
-
List
Ing. Paolo Rotela
Jefe Técnico
Blue Telecom
- Original Message -
From: Paolo Rotela [EMAIL PROTECTED]
To: Freeradius Users freeradius-users@lists.freeradius.org
Sent: Wednesday, September 14, 2005 10:20 AM
Subject: Re: FreeRadius Proxying and Message-Authenticator
I wonder if it is
Hi
all,
How can I setup EAP
support on freeradius?
Regards,
smime.p7s
Description: S/MIME cryptographic signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
From: Alan DeKok [EMAIL PROTECTED]
Paolo Rotela [EMAIL PROTECTED] wrote:
I wonder if it is correct to discard a packet based on the presence of an
attribute witch use is not defined by any standard.
No. FreeRADIUS doesn't do that.
The Message-Authenticator attribute *is* defined, but
;-)
Nope, I'm really logging with P06227. The system formulates it
uid=P06227,o=nrb,c=be to the radius. And that's what I want to be
forwarded to the ldap server.
On Wed, 14 Sep 2005, Alan DeKok wrote:
Jean-Francois Gobin [EMAIL PROTECTED] wrote:
For now, when I implement your
Fixed the problem, didn't realise the CRL has to be appended to the CA
certificate.
Cheers
On Wed, 2005-09-14 at 08:31 +1000, Ben Walding wrote:
We need to see the log from FreeRADIUS (radiusd -X)
There are a couple of reasons that all certs will be rejected
* CA is not designated a CRL
Jean-Francois Gobin [EMAIL PROTECTED] wrote:
Nope, I'm really logging with P06227.
Then you shouldn't see uid=uid in the LDAP query.
The system formulates it uid=P06227,o=nrb,c=be to the radius.
The system? What system?
And that's what I want to be forwarded to the ldap server.
So
Sean [EMAIL PROTECTED] wrote:
Can anyone recommend a good source for documentation for FreeRadius.
The files that come with it, and the web pages?
There really isn't any secret treasure trove of documentation that
you get told about only if you ask for it.
I'm trying to understand the
Norbert Wegener [EMAIL PROTECTED] wrote:
freeradius crashes in 1.0.5 with:
Does it work in 1.0.4?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
dilip simha [EMAIL PROTECTED] wrote:
i have problems using chap with my radius server(FreeRADIUS Version
1.0.4). please help me out..
my users file on radius server:
simha Auth-Type := CHAP , CHAP-Password == hello
This is wrong. Use User-Password := ..., not CHAP-Password == ...
Hi,
How can I setup EAP support on freeradius?
which _type_ of EAP? I would advice you look at radius configuration
files - especially the section that says 'eap'
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Callis [EMAIL PROTECTED] wrote:
Couldn't update SQL accounting STOP record - ERROR:
duplicate key violates unique constraint
stoptelephonycombo
Since there is no such constraint in the default FreeRADIUS
configuration, I can only conclude it's something you added locally.
Alan DeKok
-
Paolo Rotela [EMAIL PROTECTED] wrote:
Where is it defined? RFC 2869 only talks about how to handle it in Access-*
packets, and particularily the handling with respect to EAP. It doesn't say
that you MUST or MAY discard an Accounting-* packet with a missing or bad
Message-Authenticator.
I included them previously.
You can see in them that the system sends me what I want. But the
FreeRadius doesn't use it like that in the LDAP query.
On Wed, 14 Sep 2005, Alan DeKok wrote:
Jean-Francois Gobin [EMAIL PROTECTED] wrote:
Nope, I'm really logging with P06227.
Then you
Jean-Francois Gobin [EMAIL PROTECTED] wrote:
I included them previously.
Before you edited your config.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Is it possible to replace clients.conf with an SQL table? I assume that
is what the NAS table is for in the schema, but I have seen no mention
of it being used, or any documentation, for it on the web.
If it is possible could you please provide me with an example setup.
Cheers, Ben
-
List
Ilia Chipitsine wrote:
When that module will become non-experimental ? It has not been changing
for years, maybe it can become regular module in 1.1.0 ?
The module rlm_python is still experimental. There are known issues
with this module.
http://bugs.freeradius.org/show_bug.cgi?id=227
in
Ilia Chipitsine [EMAIL PROTECTED] wrote:
if existing rlm_python is buggy why not to use better version ?
Because the primary FreeRADIUS developers don't use python.
Please use the updated module yourself, and if it works for you,
email the list and say so.
If no one says that the new
OS: FreeBSD4.11 p10
Freeradius: 1.0.5 from 1.0.4
- compilation OK.. but still to patch rlm_rewrite just like 1.0.4
- starting radiusd seems fine
- but when trying to authenticate.. then it will core dumped.. as below
debug log..
Ready to process requests.
rad_recv: Access-Request packet
Nope. I posted the config later, that's all.
On Wed, 14 Sep 2005, Alan DeKok wrote:
Jean-Francois Gobin [EMAIL PROTECTED] wrote:
I included them previously.
Before you edited your config.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
49 matches
Mail list logo
