Alexander Serkin пишет:
Alan DeKok пишет:
Alexander Serkin [EMAIL PROTECTED] wrote:
May be someone could give an advice how to debug the problem while
the server will not be in production?
Attach to it with gdb, and see what it's doing.
Got some debugs on this. The problem does not
Alexander Serkin wrote:
Alexander Serkin wrote:
...
After that the srings Walking/Waking rapidly appear during dead_time
configured in proxy.conf and at the same time the process takes about
50% of CPU on slow netra 1120 (2x440MHz) and up to 99% on Netra-240
(1x1GHz). After dead_time we see:
hi, all:
forgive my poor expression in english. :(
server A as the proxy server, server B as the remote server validating
the user in the access-request proxying by A.
The exact thing that happens for A is this:
1. receive the access-request, check
I have compiled FreeRadius 1.1.3 to work with OpenLDAP 2.2.23 on Fedora
Core 4 .
At 2% of auth requests freeradius is hanging for 5 secs , discarding
duplicate requests and ignoring other requests.
In debug mode it hangs at this line :
rlm_ldap: - authenticate
rlm_ldap: login attempt by user
Sorry, sorry, sorry. It's all my fault.
Proxy server instead of proxy server in proxy.conf.
So it did not retries and set retry_delay to 0 and so on...
--
Sincerely Yours,
Alexander
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hey @all,
trying to build freeradius-1.1.3 rpms for centOS with the description
from http://wiki.freeradius.org/Build#Building_RedHat_packages
ends with the following error:
Executing(%doc): /bin/sh -e /var/tmp/rpm-tmp.73012
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd freeradius-1.1.3
+
Michael Messner wrote:
hey @all,
cp: will not overwrite just-created
`/var/tmp/freeradius-root/usr/share/doc/freeradius-1.1.3/README' with
`README'
error: Bad exit status from /var/tmp/rpm-tmp.73012 (%doc)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.73012 (%doc)
any ideas?
mysql SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupch
eck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'test1' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id;
I have compiled FreeRadius 1.1.3 to work with OpenLDAP 2.2.23 on
Fedora Core 4 .
At 2% of auth requests freeradius is hanging for 5 secs , discarding
duplicate requests and ignoring other requests.
In debug mode it hangs at this line :
rlm_ldap: - authenticate
rlm_ldap: login attempt by
Patric sagte:
Michael Messner wrote:
hey @all,
cp: will not overwrite just-created
`/var/tmp/freeradius-root/usr/share/doc/freeradius-1.1.3/README' with
`README'
error: Bad exit status from /var/tmp/rpm-tmp.73012 (%doc)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.73012
Michael Messner wrote:
Patric sagte:
Have you tried compiling the source?
that works!
if I add the -i in the spec file there is no change ... same error!
thanks mIke
So it compiles from source? Ok, what is your rpmbuild command?
Patric
-
List info/subscribe/unsubscribe? See
Alexandru Matei [EMAIL PROTECTED] wrote:
One last tought: I think Freeradius could de improved if in debug mode
caould say what is the sql result it doesn't like.
Sure. Send a patch.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
Hi again,
I run into trouble again. I want to authenticate with chap and radius
failed with:
rad_recv: Access-Request packet from host 127.0.0.1:32769, id=110, length=70
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = test1
CHAP-Password =
I have set up Freeradius working fine with a users-file. I did some tests
to change to Mysql and all was ok, until I want to add some conditions for
users in more than one group.
This looks like a simple setup for Mysql, but it's not working as I
thought it would:
mysql select * from usergroup;
Hi all,
I have some problems setting up Freeradius 1.1.3, with mysql 3.23.54 on
Redhat9.
Here's the log for radiusd (relevant part):
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:32769, id=216,
Christopher Carver wrote:
Hello,
How do I rewrite the value of the User-Name attribute based on
Called-Station-Id? I need to do a series of these logical decisions and
replace the username with username@some-isp.com based on what the value of
Called-Station-Id is.
hmm that is a tricky one!
Thank you, that was it!
Still, I'll be gratefull if somebody can point me into right direction
with some documentation describing what Attributes -Type -Values are
more usually used.
That's besides the dictionaries...
One last tought: I think Freeradius could de improved if in debug mode
Mircea Harapu [EMAIL PROTECTED] wrote:
At 2% of auth requests freeradius is hanging for 5 secs , discarding
duplicate requests and ignoring other requests.
In debug mode it hangs at this line :
...
rlm_ldap: bind as cn=user,ou=People,dc=company,dc=ro/x to
ldap.company.ro:389
On Tue 14 Nov 2006 11:41, Mircea Harapu wrote:
I have compiled FreeRadius 1.1.3 to work with OpenLDAP 2.2.23 on Fedora
Core 4 .
At 2% of auth requests freeradius is hanging for 5 secs , discarding
duplicate requests and ignoring other requests.
In debug mode it hangs at this line :
preacct returns noop for request 4
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 4
radius_xlat:
'/usr/local/var/log/radius/radacct/152.2.199.26/detail-20061114'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Patric schrieb:
Michael Messner wrote:
Patric sagte:
Have you tried compiling the source?
that works!
if I add the -i in the spec file there is no change ... same error!
thanks mIke
So it compiles from source? Ok, what is your rpmbuild
Patric sagte:
Michael Messner wrote:
Patric sagte:
Have you tried compiling the source?
that works!
if I add the -i in the spec file there is no change ... same error!
thanks mIke
So it compiles from source? Ok, what is your rpmbuild command?
jep from source it compiles,
16:05:16
Justin Church [EMAIL PROTECTED] wrote:
I need to be able to proxy accounting requests that arrive with no
User-Name attribute. Is that possible? I haven't been able to make it
work. Maybe I could insert a dummy User-Name pre-proxy and remove it
post-proxy?
No. Just set Proxy-To-Realm
Is it possible to have multiple huntgroups for the same NAS-IP-ADDRESS?
I am running into this issue trying to configure a vpn appliance that uses
the same freeRADIUS server to authenticate its users as well as its admins.
The huntgroups file gets checked from top to bottom, so depending which
-Name. Ignoring.
modcall: group preacct returns noop for request 0
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 0
radius_xlat:
'/usr/local/var/log/radius/radacct/152.2.199.26/detail-20061114'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client
So sorry!
[EMAIL PROTECTED] ~]# radiusd -v
radiusd: FreeRADIUS Version 2.0.0-pre0, for host i686-pc-linux-gnu, built on
Apr 29 2006 at 19:51:21
Copyright (C) 2000-2003 The FreeRADIUS server project.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may
:
'/usr/local/var/log/radius/radacct/152.2.199.26/detail-20061114'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/152.2.199.26/detail-20061114
radius_xlat: 'Tue Nov 14 14:30:25 2006'
radius_xlat: '/usr/local/var/log
Justin Church [EMAIL PROTECTED] wrote:
Not exactly sure where to set this. I've tried acct_users with no luck:
The debug log shows that the files module isn't even being called.
So... you edited radiusd.conf to tell it to NOT look at acct_users.
Don't do that.
Alan DeKok.
--
Is it possible to have multiple huntgroups for the same NAS-IP-ADDRESS?
I am running into this issue trying to configure a vpn appliance that
uses
the same freeRADIUS server to authenticate its users as well as its
admins.
Yes, but something needs to distinguish the two (another attribute).
Are
Hi,
I'm experiencing a problem with freeradius 1.1.2 when I configure and
compile. It writes the binaries and configuration files to the correct
directories, but /usr/sbin/radiusd tries to source config files in /usr/etc
instead of /etc/raddb.
I can change this via /usr/sbin/radiusd -X -d
Hello,
Trying to do a very simple task here - create a new check attribute
Pool-Name := servername, depending on what NAS sends the request to
the RADIUS server (identifiable by IP address or by name or whatever
in the request attributes).
What's the best way of doing this?
Thanks,
Jan
-
Hi,Thanks a lot for the response. But I have two problems. The first is my english: I am Brazilian and I might not write in english very well... ; )The second and more important problem is this: I configured my freeradius server, I can authenticate with my users ldap... but I configured my mysql
Hi,
I'm experiencing a problem with freeradius 1.1.2 when I configure and
compile. It writes the binaries and configuration files to the correct
directories, but /usr/sbin/radiusd tries to source config files in /usr/etc
instead of /etc/raddb.
I can change this via /usr/sbin/radiusd -X
On Monday 13 November 2006 22:24, Christopher Carver wrote:
Hello,
How do I rewrite the value of the User-Name attribute based on
Called-Station-Id? I need to do a series of these logical decisions and
replace the username with username@some-isp.com based on what the value
of
Anne,The only diference from your table radgroup and my is the value priority. All entries in my radgroup table has 1 as priority.I really don't know if make sense... Try it and check if will run
Regards,FabianoOn 11/14/06, Anne-Mie Vandermeeren [EMAIL PROTECTED]
wrote:I have set up Freeradius
35 matches
Mail list logo