so:
sql sql_instance1 {
...
}
sql sql_instance2 {
...
}
And then you can use a specific instance in radiusd.conf, like
so:
authorize {
...
sql_instance1
...
}
accounting {
...
sql_instance1
sql_instance2
...
}
--
Groeten, Regards, Salutations,
Thor
- Original Message -
From: "Patricio Marin" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, February 23, 2005 8:39 PM
Subject: NAS table replaces clients.conf?
> Hi, I made a fresh install of FreeRadius 1.0.2 and I was wondering if
> the NAS mysql table is a replacement for the clients.conf fil
- Original Message -
From: "Eric Gregory" <[EMAIL PROTECTED]>
> Using Freeradius 1.1 and would like to customize the radpostauth table
> in MYSQL, I'd like it to not record the plain text passwords on
> successful authentications is the most important and also I'd like to
> see failed l
Hi,
I was wondering when rlm_perl will become stable.
What needs to be done in order to get it there?
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See
stgresql: affected rows =
rlm_sql (sql): Read entry
nasname=127.0.0.1,shortname=localhost,secret=testing123
rlm_sql (sql): Adding client 127.0.0.1 (localhost) to clients list
rlm_sql (sql): Released sql socket id: 4
Module: Instantiated sql (sql)
...
Works for me...
--
Groeten, Regards, Salutatio
See http://bugs.freeradius.org/show_bug.cgi?id=189
- Original Message -
From: "Kevin Bonner" <[EMAIL PROTECTED]>
To:
Sent: Saturday, February 19, 2005 2:23 AM
Subject: Re: Append realm to username but sorted by dnis
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/
Please send PLAIN TEXT mails!
http://www.freeradius.org/mod_auth_radius/
- Original Message -
From: chiam kuosiang
To: freeradius-users@lists.freeradius.org
Sent: Friday, February 18, 2005 6:51 PM
Subject: How to authenticate user who browse the internet with
mod_auth_radius
Hi all,
Curr
nake116 nake116 wrote:
I have confuse about to set freeradius with
1.EAP-TLS
2.use Postgresql Database
I don't know the right way to set config file
You could start with
http://www.google.com/search?q=Freeradius+EAP-TLS+Postgresql
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475
after which to
terminate the session
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
.
Yes, that's probably not what you want because it's mainly for debugging
your queries and would cause to much overhead.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info
- 1 to log all requests to a single logfile
- 1 to log requests from a particular NAS to a single logfile
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubs
Drew Weaver wrote:
Basically I just need like.
format = "[%{User-Name}/%{Password}]"
format = "[%{User-Name}/%{User-Password}]"
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethot
Michael Mitchell wrote:
Thor Spruyt wrote:
PAP can work with unencrypted passwords in the backend.
CHAP cannot.
I think you mean the other way around ;-)
Not exactly the other way around, but I didn't explain correctly.
CHAP *requires* clear text passwords in the backend. PAP can work with
e
Joel Eddy wrote:
Would it work it I created and seperate group for them and used
encrypted passwords
in MySql to authenticate them?
PAP can work with unencrypted passwords in the backend.
CHAP cannot.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W
he same on every page,
which makes navigation a lot easier.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Kostas Kalevras wrote:
And you 're right, the link to the web cvs interface should appear in
the freeradius site.
It's on the http://www.freeradius.org/development.html page.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-
h
section:
In radiusd.conf:
...
post-auth {
sql
Post-Auth-Type Reject {
}
}
...
In proxy.conf:
proxy server {
...
post_proxy_authorize = yes
}
...
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.te
Jagan wrote:
How to configure the postgresql(pgsql) with freeredius
Please tell me
Strange that you figured out how to join the maillist, but you can't figure
out where the postgresql.conf file is situated an how you can include it in
radiusd.conf
--
Groeten, Regards, Salutations,
Thor Spr
Ayman Alashquar wrote:
So if I neglect the other records it would be a safe calculation for
the usage ?
No! If the first packet from the NAS doesn't make it to your server or can't
be handled by your server, then you'll need the non-zero packets!
--
Groeten, Regards, Salutations
Since there's always a lack of documentation, I have taken the time to try
to do something about it, so maybe these are usefull and could go into
1.0.2?
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesgui
with
Acct-Delay-Time=0 only?
I would say it doesn't really matter, as long as you have at least one of
them, you have all necessary session data.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenet
2nd time: please send PLAIN TEXT mail!
You only need that 1 line, since the users are in a database.
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
- Original Message -
From: Alex
To
Please use PLAIN TEXT mail!
You should have the following line in the "users" file:
DEFAULTAuth-Type := Local
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
- Origin
.
post-auth {
sql
}
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
M.V. Jaga Mohan wrote:
how to configure radiusd.conf and postgresql.conf file
so that it will do the authentication from the
database ?
Uncomment the "sql" entries in radiusd.conf
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-
Please send PLAIN TEXT mail!
Look in /doc/configurable_failover
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
- Original Message -
From: Junior Gillespie
To: freeradius-users
Please send PLAIN TEXT mails!
Look at the allowed_characters configuration in sql.conf
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
- Original Message -
From: vicente barrientos
To
complete proxy.conf and debugging output while doing 2 auth
attempts.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hotspot
service op
course, editing the source code is also possible, but I doubt you want to
do that.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telene
= radius
authhost = LOCAL
accthost = LOCAL
}
realm domain.com {
type = radius
authhost = LOCAL
accthost = LOCAL
}
Should be ok
Run the proxyserver with -X to see what it's doing.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel
Please send plain text mail.
DHCP is based on ARP, so there should be a DHCP
server on the client's LAN (which can be the router for example).
Optionally, that DHCP server can relay the requests
to another DHCP server (which can be on the same machine as your radius
server)
--Regards,
T
rashad wrote:
But where I must do configuration changes for Exec-Program-Wait?
See doc/README
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek
Please send plain text mail.
This can be done with Exec-Program-Wait =
"/path/to/your/script" in the reply items.
The script can then output extra attributes which
will be added to the reply.
--Regards,
Thor SpruytE: [EMAIL PROTECTED]W: www.thor-spruyt.comM: +32 (0)475 67 22
65Bestel nu
.
but how to simulate a REAL NAS with a pc ??
radtest can be used as client (but can't do failover automatically)
The proxyserver will play the NAS and will failover between the 2
homeservers.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw ex
d very clean to me.
run radiusd with -X to what happens
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hotspot
service op www.tele
See doc/Post-Auth-Type
- Original Message -
From:
rashad
To: freeradius-users@lists.freeradius.org
Sent: Wednesday, January 12, 2005 7:32
AM
Subject: post-auth section of
radiusd.conf
Hi people.
Can anyone give an additional information about
how po
your real NAS to configure a second radius server
as fallback.
If the primary goes down, the NAS will then query the fallback.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huy
Brian Ertel wrote:
Does anyone know of any known issues with freeradius and Fedora Core ?
Runs out of the box on Fedora Core 1
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth
perimental.conf
There's a sample perl module in src/modules/rlm_perl/example.pl
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telene
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
perl != myperl
perl = name of the module
myperl = name of the module instance
Yes. The name of the instance is "myperl", not "perl".
For authorize it works, but for authenticate I get that error.
Th
Brian Ertel wrote:
Sure, but where do I view the debug output?
http://www.freeradius.org/faq/#4.11
http://www.freeradius.org/faq/#4.12
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt
d to the client
unchanged.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hotspot
service op www.telenet.be/hotspots
-
List
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
Module: Instantiated perl (myperl)
radiusd.conf[1796] Unknown Auth-Type "perl" in authenticate section.
Any idea what's wrong here?
perl != myperl
perl = name of the module
myperl = name of the module insta
ones = 32
perl: start_clones = 5
perl: min_spare_clones = 3
perl: max_spare_clones = 3
perl: cleanup_delay = 5
perl: max_request_per_clone = 0
Module: Instantiated perl (myperl)
radiusd.conf[1796] Unknown Auth-Type "perl" in authenticate section.
Any idea what's wrong here?
--
Regar
a "recommendation", not an RFC!
The Wispr dictionary has been included in the freeradius distribution, but
that's it and probably nothing more will ever be done.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaa
client nas.dynds.org {
secret=testing123
{
Try this:
client nas.dyndns.org {
shortname = mynas
secret = testing123
nastype = other
}
Is it possible to declare the client by FQDN or not ?
Yes.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Brian Ertel wrote:
users:Also at default with the exception of an added =
DEFAULT Auth-Type == System
Fall-Through = 1
DEFAULT Auth-Type := System
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw
ckets received from a homeserver: detail
instance in the post-proxy section
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hotspot
se
Nick Marino wrote:
- Original Message -
From: "Thor Spruyt" <[EMAIL PROTECTED]>
To:
Sent: Thursday, January 06, 2005 1:23 PM
Subject: Re: [radius] Re: WISPr Attributes and freeradius
Nick Marino wrote:
From: "Thor Spruyt" <[EMAIL PROTECTED]>
So it&
subscribe? See
http://www.freeradius.org/list/users.html
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hotspot
service op www.telenet.be/hot
ADAM WANNINGER wrote:
I am at home because of the snow day. I will try to keep up on
e-mail.
If you need me, call me on my cell. 608-201-9092.
I doubt I'll need you :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaa
Nick Marino wrote:
From: "Thor Spruyt" <[EMAIL PROTECTED]>
So it's not specified how it should be implemented.
Well the X in the description above was supposed to mean Auth reply ,
What's your point?
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M:
Please send plain text mail!
http://www.google.com/search?hl=nl&q=freeradius+leap+howto&lr
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt - Liesbeth
Huysmans) via www.salesguide.be
O
and delivers an explanation why in the
Reply-Message attribute
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hotspot
service op
, so I'm sure that the user is not able to login
anymore no matter what the NAS would have decided.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.b
: rlm_sql: Unknown attritbute Frame-Protocol
Error: rlm_sql (sql): Error getting data from database
As it says: UNKNOWN ATTRIBUTE (read carefully and watch a missing "d")
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Op
Maybe a database would be easier and faster than radutmp
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt - Liesbeth
Huysmans) via www.salesguide.be
Ontdek de Telenet Hotspot service op
Try this...
In acct_users:
DEFAULT Acct-Status-Type ==
Stop Exec-Program = "logger
received_stop_packet"
Then send a acct stop packet to the server and
check your syslog.
--Regards,
Thor SpruytE: [EMAIL PROTECTED]W: www.thor-spruyt.comM: +32 (0)475 67 22
65Bestel nu uw exemplaar va
ers, which will then in turn still be relaying to the homeserver
twice
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hot
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
It's a pitty, but radrelay can't be used for proxied packets.
Reason is that if the packets are relayed to the backup server, the
backup doesn't know it has already been proxied and will thus proxy
it ag
s with freeradius.
It's a pitty, but radrelay can't be used for proxied packets.
Reason is that if the packets are relayed to the backup server, the backup
doesn't know it has already been proxied and will thus proxy it again.
The homeserver should only receive the packet once of co
need to be installed:
libtool-libs-1.5-8
libtool-1.5-8
Then it works with just
$ ./configure
$ make
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek
Paul Hampson wrote:
On Fri, Dec 31, 2004 at 01:33:45AM +0100, Thor Spruyt wrote:
I downloaded lastest nightly build and the libltdl isssue is still
there.
Can you use the system libltdl? I hadn't realised this issue
still existed, but I build with the system libltdl, not the
one in FreeR
Jeremy Lawrence wrote:
On Fri, 31 Dec 2004 01:33:45 +0100, Thor Spruyt
<[EMAIL PROTECTED]> wrote:
Hi,
I downloaded lastest nightly build and the libltdl isssue is still
there.
I think you need the development files, did you install from a rpm
that had the word devel in it?
[EMAIL PRO
w.h presence... yes
checking for shadow.h... yes
checking for getspnam... yes
checking for getusershell... yes
checking for getspnam in -lshadow... no
checking for fgetpwent... yes
checking for fgetspent... yes
checking for fgetgrent... yes
configure: creating ./config.status
config.status: creating Make
Thor Spruyt wrote:
Dustin Doris wrote:
Hmm, forgot about that. You only want to do this for certain realms?
I will try that too
It worked! Here is what I put in preproxy_users
DEFAULT Realm == "test.com"
Called-Station-Id := `%{WISPr-Location-ID}`
This works great, thanx!
I
Dustin Doris wrote:
Hmm, forgot about that. You only want to do this for certain realms?
I will try that too
It worked! Here is what I put in preproxy_users
DEFAULT Realm == "test.com"
Called-Station-Id := `%{WISPr-Location-ID}`
This works great, thanx!
--
Regards,
Tho
for request 0
modcall: group pre-proxy returns ok for request 0
Sending Access-Request of id 0 to 172.20.1.249:1812
User-Name = "test"
User-Password = "test"
WISPr-Location-ID = "33"
NAS-IP-Address = 127.0.0.1
Proxy-State = 0x3432
dictionary file is including the wispr dictionary
$INCLUDE dictionary.wispr
Sure, that's ok.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontde
Thor Spruyt wrote:
It seems like when I define an attr_filter module instance in the
preproxy section,
that the module is only run for auth packets, but not for acct
packets.
Never mind, it seems to work :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Hi,
It seems like when I define an attr_filter module instance in the preproxy
section,
that the module is only run for auth packets, but not for acct packets.
How can I have the module run for acct packets also?
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475
lled-Station-Id := $Wispr-Location-Id,
Called-Station-Id := ${Wispr-Location-Id},
Called-Station-Id := %Wispr-Location-Id,
Called-Station-Id := %{Wispr-Location-Id},
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar v
Hi,
Can someone help me out how to do the following?
Before proxying to a specific realm, I want to replace the value of one
attribute with the value of another attribute, no matter what it contains.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Edgars wrote:
Thu Dec 30 10:45:10 2004 : Info: Starting - reading configuration
files ... Hangup
Run in debug mode (-X)!
I agree it would be better to print the reason to stop to STDERR also :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw
s.conf[1]: Line is
not in 'attribute = value' format
Wed Dec 29 04:44:44 2004 : Error: Errors reading
radiusd.conf
You have new mail in /var/spool/mail/root
[EMAIL PROTECTED] freeradius-1.0.1]#
Well: seems like in /usr/local/etc/raddb/clients.conf, you have a line that
is not in 'att
prabhan wrote:
Hello,
Where does freeradius store the accounting records ?
By default in the log directory (/var/log/radiusd/radacct/...)
Otherwise wherever you tell it to log them (by configuration in
radiusd.conf)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0
home/bin/acct.pl"
DEFAULT Acct-Status-Type == Stop
Exec-Program = "/opt/radhome/bin/acct.pl"
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.sa
, the Accounting-Start should be used for this purpose, since
an authentication doesn't neccessarily mean a session!
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huy
(not the
libraries, which you only need at freeradius compile time)!
For example, on Fedora the mysql client is provided by the mysql- rpm.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter S
ADAM WANNINGER wrote:
I'm home sick today. Please call 608-868-9570 for urgent issues.
LOL
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontd
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
I have noticed that the preproxy_users file is not used anywhere in
radiusd.conf
It's part of the "files" module.
If I understand correctly, that means one would create a module instance
like
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
I have noticed that the preproxy_users file is not used anywhere in
radiusd.conf
It's part of the "files" module.
Oh ok :)
I'd like to replace much of this in 1.1.x and following with the new
policy
updates about this if you want me you
to.
Also, I'd add a commented out example for preproxy_users in radiusd.conf is
you want me to.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt - Lie
Thor Spruyt wrote:
Michael Griego wrote:
You might want to take a look at the new policy module Alan has been
working on. You could possibly set up different instances of the
rlm_attr_filter for each realm and then use the policy module to
control which instance gets called based on which realm
.
raddb/policy.txt is Chinese to me :(
Then still, there's the problem of how to remove an attribute before
proxying?
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans
Hi,
Maybe I have overlooked, but I can't seem to find documentation on how to
remove or modify attributes per realm before proxying.
If someone can point me out where I have to look, that would be great.
I'm willing to write some documentation after I have managed to do this.
--
Reg
quest packet will appear as
environment variables in the external script.
If the script exits with 0, then the user is Accepted, otherwise, the user
is Rejected.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (W
s real IP instead of localhost IP (which
resolved to 127.0.0.1)
If you use 127.0.0.1 instead of localhost, it should work. Otherwise, check
you DNS configuration!
If you use another IP to the same machine, you might have to tell your DB to
allow such connections.
--
Regards,
Thor Spruyt
E:
the processing and return a code for
"accept" or "denied".
You can use Exec-Program-Wait for that.
In the users file, you'll need this:
DEFAULTAuth-Type := Accept
Exec-Program-Wait = "/path/to/your/script"
--
Regards,
Thor Spru
Santiago Balaguer García wrote:
Could you explain me what attribute I must add?
As accounting section, do you refer to proxy.conf file?
acct_users
There's a description in the file
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaa
other hints?
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt - Liesbeth
Huysmans) via www.salesguide.be
Ontdek de Telenet Hotspot service op www.telenet.be/hotspots
-
List info/subs
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
Why do the databases need to be the same on the proxy?
What's a backup database worth if it doesn't contain the same as the
primary?
But you already have two databases, one on each home server. The
desi
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
I had both proxyradius servers configured to store all accounting in
their own database, so by using radrelay, the databases should be
the same, even if one proxyradius server is down for half an hour.
Why do the database
Alan DeKok wrote:
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
Now, when the NAS sends an acct packet to PA, the following happens:
- PA proxies the packet to HA and stores in detail file
- radrelay on PA relays the packet to PB
That last step is the problem. Don't run radrela
= testing123
}
realm NULL {
type= radius
authhost= HA-ip:1912
accthost= HA-ip:1913
secret = testing123
}
More configs and/or debug output can be provided if needed :)
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruy
Vaclav Mikolasek wrote:
I know I can edit "users" file, but I donn't want to keep they
passwords unciphered.
Using an sql database backend might help you.
You can store passwords in Mysql for example with encrypt('password')
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
have an error in your SQL query. Try running in debug mode (-X) to
see more details about the error. Also, truning sql traces might be helpful.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter S
Neil Craig wrote:
How do you go about setting a tunnel up? Just like a VPN connection
between NAS and Server?
Yes indeed, you can use whatever tunnel which can handle dynamic IPs at the
NAS side.
What kind of tunnel and how to accomplish that is outside the scope of this
list.
--
Regards,
Thor
ccept
requests from all those IPs, which isn't a good idea because your server
could than easily be disturbed by DOS attacks.
You can overcome the problem of dynamic IPs by using tunnels however.
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Be
don't understand if why you would want this. It would mean you can
only use a NAS on the same subnet, which is a bit restrictive, isn't it?
--
Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter S
101 - 200 of 380 matches
Mail list logo