jasoneswan wrote:
I'm using sites-available/dynamic-clients config...
You posted pretty much a default configuration file. Why? It's not
like I don't have access to it.
What is happening is when a client connects it doesn't even check database
it simply says unknown client
And you
aland wrote:
jasoneswan wrote:
I'm using sites-available/dynamic-clients config...
You posted pretty much a default configuration file. Why? It's not
like I don't have access to it.
What is happening is when a client connects it doesn't even check
database
it simply says
jasoneswan wrote:
The key here is the ipaddr is 0.0.0.0 and netmask is 0. It SHOULD atleast
send an SQL query out when any IP connects
If you've configured it right. Perhaps that's where the problem is?
but this simply says
Ignoring request to authentication address * port 1812 from
this is how we do it:
radius.conf:
get user's group from ldap
users file:
if user is member of groupA assign ip pool1
if user is member of groupB assign ip pool2
here is users file(This is not using ip pools, just limits connection duration
and when they can login):
DEFAULT LDAP-Group ==
Hi,
what is there to be done if you want a running instance and a standby
instance ? virtual servers won't help here. P.S: I only use radius with
accounting request ( logging into oracle db )
Mark Tunnell-3 wrote:
Nataniel Klug wrote:
Hello all,
I am trying to find some info about
aland wrote:
jasoneswan wrote:
The key here is the ipaddr is 0.0.0.0 and netmask is 0. It SHOULD atleast
send an SQL query out when any IP connects
If you've configured it right. Perhaps that's where the problem is?
but this simply says
Ignoring request to authentication address *
andreiv wrote:
Hi,
what is there to be done if you want a running instance and a standby
instance ?
There's no such thing as a standby instance. It's either listening
on the RADIUS port, or it's not.
You're better off using a wrapper to watch the server, such as
daemontools, or
Carlos Eduardo Tavares Terra wrote:
Sorry, but maybe I didn't understand how virtual servers really work.
raddb/sites-available/README
Each virtual server is a RADIUS server, just like in 1.x. The only
difference is that you don't need to run multiple processes to get
multiple server
Norbert Wegener wrote:
It seems to me, the log section contains the same items as in 2.0.5.
The requests entry is new. It can send logs to different
destinations based on dynamic expansions.
So I am not sure how to turn logging on for a specific user when the
server is running:
Yes,
Alan DeKok wrote:
..
* Debug logs can now be turned on/off while the server is
running, for a user, group, realm, etc. See the log section
of radiusd.conf.
It seems to me, the log section contains the same items as in 2.0.5.
So I am not sure how to turn
It's a bug in 2.1.0 that will be fixed in 2.1.1.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yes, that isn't documented there. I've added some text for 2.1.1.
In short, you can do:
...
update control {
Tmp-String-0 = %{debug:2}
}
...
Didn't you alter the parser slightly to allow just:
...
%{debug:2}
...
Or did you
Sent: 09 September 2008 11:16 AM
To: FreeRadius users mailing list
Subject: Re: Dynamic Clients with FreeRADIUS
It's a bug in 2.1.0 that will be fixed in 2.1.1.
Hi,
Is the the availibility of Nas-Identendifier to the virtual server thing??
Thanks
Johan Meiring
Alan DeKok.
-
Arran Cudbard-Bell wrote:
Didn't you alter the parser slightly to allow just:
...
%{debug:2}
...
Err, yes. But that's horrible syntax, and I don't think it will stay.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
Didn't you alter the parser slightly to allow just:
...
%{debug:2}
...
Err, yes. But that's horrible syntax, and I don't think it will stay.
if (condition) {
call debug 2
}
Might also be useful for:
post-auth {
call sql insert
Phil Mayers wrote:
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
Didn't you alter the parser slightly to allow just:
...
%{debug:2}
...
Err, yes. But that's horrible syntax, and I don't think it will stay.
It's not a horrible syntax it's useful syntax, especially when being
Johan Meiring wrote:
Is the the availibility of Nas-Identendifier to the virtual server thing??
No. Maybe in 2.1.2.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Can't I change the way it's look into MySQL table? Even this comming
with User-Name I can't look for the value in another field? This is a
MySQL query, not the way it came... i hope... :)
[EMAIL PROTECTED] escreveu:
Well, you don't have much say in this because NAS sends it that way:
If I understood what you need ...
Using Cisco VPN Client, you can define Groups in the Cisco
Concentrator ...
Configuration - User Management - Groups
... and assign an Address Pool to each group. According the Group used
in the Cisco VPN Client, the user will receive an IP addresses from a
Phil Mayers wrote:
if (condition) {
call debug 2
}
Nah.
radmin debug file /var/log/radius/bob.log
radmin debug condition '(User-Name == bob)'
...
radmin debug condition
That's better. Very powerful, and very clean.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Alan DeKok wrote:
Phil Mayers wrote:
if (condition) {
call debug 2
}
Nah.
radmin debug file /var/log/radius/bob.log
radmin debug condition '(User-Name == bob)'
...
radmin debug condition
That's better. Very powerful, and very clean.
Nice!
-
List info/subscribe/unsubscribe? See
Can't I change the way it's look into MySQL table? Even this comming
with User-Name I can't look for the value in another field? This is a
MySQL query, not the way it came... i hope... :)
You have three options:
- fill your database with (useless) data and try to change rlm_sql code
and queries
Hi,
I have been using freeradius 1.0.5 for captive portal authentication
in our internal network. I use mysql as backend for radius and using
sqlcounter to check monthly usage.
I was trying out freeradius version 2.1.0 and found out that check
attribute values from radcheck table being
I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
report for a similar system here on the list, but this is not the same
error. That one was an error compiling radmin, this is an error
compiling the server:
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -Wall
Greg Woods wrote:
I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
report for a similar system here on the list, but this is not the same
error. That one was an error compiling radmin, this is an error
compiling the server:
...
Alan DeKok wrote:
Greg Woods wrote:
I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
report for a similar system here on the list, but this is not the same
error. That one was an error compiling radmin, this is an error
compiling the server:
...
Thanks for your answer, but I can't use LDAP groups in this case because
I haven'ts groups defined in LDAP according to LDAP attribute. For
example, I haven't a group Sales in LDAP with only users with the
value attribute=1.
And I need to assign addresses according to the value attribute .
1.1.7 also requires ltdl
(CentOS 5.x)
Alan DeKok wrote:
Greg Woods wrote:
I am running on CentOS 5.2 on an x86_64 architecture. I note a previous
report for a similar system here on the list, but this is not the same
error. That one was an error compiling radmin, this is an error
compiling
Thanks Ivan.
Another question: is there any way to have one database for each virtual
server?
[EMAIL PROTECTED] escreveu:
Can't I change the way it's look into MySQL table? Even this comming
with User-Name I can't look for the value in another field? This is a
MySQL query, not the way it
On Tue, 2008-09-09 at 16:53 +0100, [EMAIL PROTECTED] wrote:
yep, you havent got all the required development packages installed.
libtool-ltdl-devel
libtool-ltdl
Thanks, that was it. However, I discovered what I think is a bug in yum
in the process. I tried yum list *ltdl* and this failed to
Marinko Tarlac wrote:
1.1.7 also requires ltdl
The only changes made to 1.1.x from now on will be security related.
i.e. no new features. no build fixes, etc.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Greg Woods wrote:
After this I ran into the previously-noted issue compiling radmin. In
Makefile.inc, define LIBREADLINE as -lreadline -lncurses.
Which is also fixed in git.freeradius.org.
But I now have 2.1.0 compiled so I can work on setting up dynamic
clients, which is a feature we
Hi,
Marinko Tarlac wrote:
1.1.7 also requires ltdl
The only changes made to 1.1.x from now on will be security related.
i.e. no new features. no build fixes, etc.
I dont think it was a build fix request - more a comment
that 1.1.7 needs ltdl on some platforms due to the way
that
On Tue, 2008-09-09 at 19:50 +0200, Alan DeKok wrote:
Please checkout and build git.freeradius.org.
If I get time to do this before 2.1.1 comes out, I'll give it a shot,
but there are no git packages for CentOS and I've never used it before,
so I'll have to install git on my Fedora 9
On Tue, 2008-09-09 at 18:54 +0100, [EMAIL PROTECTED] wrote:
generally, its blindingly obvious when you see something like
Error - libfoo.h missing
you think, hmmm, i dont have an include.
But if libfoo.h actually exists in the source tree (as in the case of
ltdl.h), then it's not so
Yes I know... (
Last few weeks I'm trying to build test system for 2.x.x version. I want
to test DHCP functions.
All systems we have are already in use and I don't have enough space
to do some testings :)
Alan DeKok wrote:
Marinko Tarlac wrote:
1.1.7 also requires ltdl
The
On Tue, 2008-09-09 at 19:50 +0200, Alan DeKok wrote:
Please checkout and build git.freeradius.org.
OK, I got this done. It configures and makes on my system (CentOS
release 5.2 (Final) -- x86_64) with no problems. Now on to some fun with
dynamic clients.
--Greg
-
List
Good it's sent in the reply to the nas! Thx
But the sqlcounter i setup was supposed to reset every hours , but
apparently doesn't...
Where can i take a look to find out why?
Is it supposed to update the database to reset counters (which seems a
bad solution to me) or does freeradius maintain
On Tue, 2008-09-09 at 11:24 -0600, Greg Woods wrote:
On Tue, 2008-09-09 at 16:53 +0100, [EMAIL PROTECTED] wrote:
yep, you havent got all the required development packages installed.
libtool-ltdl-devel
libtool-ltdl
Thanks, that was it. However, I discovered what I think is a bug in
On Tue, 2008-09-09 at 19:43 +0100, John Horne wrote:
Does something a bit more generic like 'yum list *td*' show you a list
of installed and available packages? It works for me on CentOS 5.2,
AAAUGH! I got it figured out. I was in the freeradius-server directory
when I tried this, so it turns
Greg Woods wrote:
I tried to use a non-default prefix, and it craps out on make install
because one of the sql-related files refuses to install in a directory
name that didn't end with /usr/local/lib .
That's libtool insanity. It drives me crazy.
I was able to work around
this by using
John Dennis wrote:
I know the freeradius source tree and source tarball contains rpm spec
files and some suse and redhat specific info but I wonder if that is the
right place for that information, the distribution in question will have
up to date spec files specific to their distributions, I'm
Yes. Create multiple sql instances. List the name of the instance you
want to use in place of sql in appropriate sections (authorize,
accounting, post-auth, etc.).
Ivan Kalik
Kalik Informatika ISP
Dana 9/9/2008, Nataniel Klug [EMAIL PROTECTED] piše:
Thanks Ivan.
Another question: is there any
Hi,
But if libfoo.h actually exists in the source tree (as in the case of
ltdl.h), then it's not so blindingly obvious that the problem is a
missing -devel package rather than a configuration/compilation issue.
but you chose to use the system stuff in the configure stage
rather than the
Hi,
OK, I got this done. It configures and makes on my system (CentOS
congrats! - GIT is far nicer than some of the older methods of
source retrieval.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Nah! We've all done things like this more times than we care to admit.
Welcome to the club, your turn to bring refreshments next time :-)
hey! you cant skip *your* turn! ;-)
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi...
Thanks for your answer Leonardo but, if I define the groups in the Cisco
VPN Server, it will be enough with knowing the password of other defined
group's to obtain an address from a group to which I don't really
belong. I.e., if Sale's user know password of Development group, will
can
On Tue, 2008-09-09 at 15:24 -0400, John Dennis wrote:
Wildcards passed to commands must always be quoted or escaped
Well, no, not always any more. If I did something like cd /root first,
then the yum commands work just fine. It's a bash feature that if the
wildcard doesn't actually match
Good it's sent in the reply to the nas! Thx
But the sqlcounter i setup was supposed to reset every hours , but
apparently doesn't...
Where can i take a look to find out why?
Check the sql query definition and value of reset in counter.conf.
Ivan Kalik
Kalik Informatika ISP
-
List
On Tue, 2008-09-09 at 15:17 -0400, John Dennis wrote:
I'm inclined to think for those people who wish to build from upstream
they are better off using the autotools configure script included in
the freeradius source distribution and not use rpm mechanisms
Yes, but there are still packages
On Tue, 2008-09-09 at 21:56 +0100, [EMAIL PROTECTED] wrote:
but you chose to use the system stuff in the configure stage
rather than the supplied version, yes?
Much of the time, by the time I get around to wanting to build
freeradius, it's been months since the server was installed, so I don't
Hi,
CentOS box for configure and make. Just a bit more of a pain than
downloading a release tar file.
but thats the point...the stuff you want isnt in a release tar
just yet - a nightly tarball, i guess, would be what you would
prefer for this sort of action?
alan
-
List
Hi,
Much of the time, by the time I get around to wanting to build
freeradius, it's been months since the server was installed, so I don't
really know what's installed on it unless I check. I do know that when
include files are not found, it might mean a -devel package needs to be
installed.
here is the counter definition:
sqlcounter bytesQuota {
counter-name = traffic_quota
check-name = Max-Traffic
reply-name = Tmp-Integer-0
sqlmod-inst = mysqldb
key = User-Name
reset = hourly
query = SELECT SUM(acctinputoctets +
[EMAIL PROTECTED] a écrit :
here is the counter definition:
sqlcounter bytesQuota {
counter-name = traffic_quota
check-name = Max-Traffic
reply-name = Tmp-Integer-0
sqlmod-inst = mysqldb
key = User-Name
reset = hourly
query = SELECT
so what's the use of the reset parameter if th sql query is managing it
all by its own?
Alexandre Chapellon a écrit :
[EMAIL PROTECTED] a écrit :
here is the counter definition:
sqlcounter bytesQuota {
counter-name = traffic_quota
check-name = Max-Traffic
reply-name =
On Tue, 2008-09-09 at 22:48 +0100, [EMAIL PROTECTED] wrote:
a nightly tarball, i guess, would be what you would
prefer for this sort of action?
What I generally prefer is to wait for a stable release. For my own
needs, I could well have done that this time too. But in this case, Alan
asked me
reset parameter controls value of %b.
Ivan Kalik
Kalik Informatika ISP
Dana 9/9/2008, Alexandre Chapellon [EMAIL PROTECTED] piše:
so what's the use of the reset parameter if th sql query is managing it
all by its own?
Alexandre Chapellon a écrit :
[EMAIL PROTECTED] a écrit :
here is the
Greg Woods wrote:
Hopefully the feedback provided from that was useful.
Yes.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Looking at the source of rlm_sqlcounter i saw that when a users tries to
conect at a time close to the next reset time, the value of the
check-item for the next cycle is added to the reply item.
I'd like to avoid this behaviour for **some** of my users. Indeed I want
to use counters to count
Di Klikrupiah, anda akan mendapatkan uang setiap klik iklan.
Prosesnya cukup mudah anda cuma klik iklan dan lihat beberapa detik
kemudian uang masuk kesaldo anda. Anda tidak membutuhkan keahlian.
Yang anda butuhkan hanya lihat iklan dan klik yang ada di website
kami. Anda
bisa mengajak teman anda
61 matches
Mail list logo