Phil Mayers wrote:
> Perhaps architecturally, but not inherently; you could, at least in theory:
>
> 1. Receive 4-byte length
> 2. Sanity-check the length
> 3. Allocate buffer
> 4. Read on TCP socket non-blocking in normal select loop until you've
> filled the buffer
> 5. Parse packet from bu
Arran Cudbard-Bell wrote:
> Isn't it required for doing any RADIUS over TCP?
Nope. Only SSL.
The reason is that sometimes reading from an SSL socket requires SSL
writing data to the other end. So you end up with both ends waiting for
something. And that knowledge is buried inside of OpenSS
John Dennis wrote:
> 3.0 is not on the download page http://freeradius.org/download.html nor
> is there a download link on the above announcement page.
The announcement says: Version 3.0.0 (sig) has been released...
The 3.0.0 is a link.
I've added a link on the download page.
Alan DeKok
On 09/10/13 16:36, Arran Cudbard-Bell wrote:
On 9 Oct 2013, at 15:47, Alan DeKok wrote:
Adam Bishop wrote:
It appears the debugging switches don't work quite as I'd expect in FreeRADIUS
3 when RadSec is configured.
Yes. Because of OpenSSL limitations, the server MUST have multiple
thre
On 10/07/2013 04:18 PM, Alan DeKok wrote:
> After many years of development, the FreeRADIUS team is happy to
> announce Version 3 of the world's most popular server. The release was
> delayed from June in order to track down and solve a number of
> last-minute issues. We'd like to thank all of
Thanks Alan D
understood. I will use unlang in accounting.
Thanks
On Wednesday, October 9, 2013, Alan DeKok wrote:
> Russell Mike wrote:
> >> So if you want to do something when the users traffic is over the quota,
> >> you have to do it in the accounting section.
> >
> > Could you please kindly
On 9 Oct 2013, at 15:47, Alan DeKok wrote:
> Adam Bishop wrote:
>> It appears the debugging switches don't work quite as I'd expect in
>> FreeRADIUS 3 when RadSec is configured.
>
> Yes. Because of OpenSSL limitations, the server MUST have multiple
> threads when using radsec.
Isn't it requ
o.k. different method of getting talloc onto machine :-)
I used
curl -s https://raw.github.com/rudix-mac/package-manager/master/rudix.py | sudo
python - install rudix
then
rudix install talloc
:-))
On 9 Oct 2013, at 11:54, Arran Cudbard-Bell wrote:
>
> On 9 Oct 2013, at 11:21, Alex Shara
Russell Mike wrote:
>> So if you want to do something when the users traffic is over the quota,
>> you have to do it in the accounting section.
>
> Could you please kindly indicate what should i do there ? i tried to
> perform the check again when user is online by adding counter entry in
> *ses
On 9 Oct 2013, at 15:22, Adam Bishop wrote:
> It appears the debugging switches don't work quite as I'd expect in
> FreeRADIUS 3 when RadSec is configured.
>
> # radiusd -fxx -l stdout
>
> Works as expected (threaded debugging with no timestamps), however:
>
> # radiusd -fXx -l stdout
>
Hi,
> It appears the debugging switches don't work quite as I'd expect in
> FreeRADIUS 3 when RadSec is configured.
>
> # radiusd -fxx -l stdout
yep. if you try 'radiusd -X' it will tell you to run it like that.
> # radiusd -fXx -l stdout
> # ./sbin/radiusd -Cfxx -l stdout
single thread
Adam Bishop wrote:
> It appears the debugging switches don't work quite as I'd expect in
> FreeRADIUS 3 when RadSec is configured.
Yes. Because of OpenSSL limitations, the server MUST have multiple
threads when using radsec.
> # radiusd -fxx -l stdout
>
> Works as expected (threaded debugg
Thanks Alan. D
So if you want to do something when the users traffic is over the quota,
you have to do it in the accounting section.
Could you please kindly indicate what should i do there ? i tried to
perform the check again when user is online by adding counter entry in *
session* section. but
Franks Andy (RLZ) IT Systems Engineer wrote:
> Trying version #d166290 results in
Which is old. The bug has already been fixed.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 9 Oct 2013, at 11:56, Rok Kosir wrote:
> On 10/08/2013 07:09 PM, Arran Cudbard-Bell wrote:
>> On 8 Oct 2013, at 17:44, Phil Mayers
>> wrote:
>>
>>
>>> On 08/10/13 17:01, Rok Kosir wrote:
>>>
>>>
authentication to mysql), when i run freeradius -X, i get Segmentation
Fault when
It appears the debugging switches don't work quite as I'd expect in FreeRADIUS
3 when RadSec is configured.
# radiusd -fxx -l stdout
Works as expected (threaded debugging with no timestamps), however:
# radiusd -fXx -l stdout
Wed Oct 9 14:44:18 2013 : Error:
/opt/freeradiuss/etc/radd
Hi All. I have some code in an "sql" policy:
sql_check_user_present {
update control {
Tmp-String-0 := "%{sql_pwifi:SELECT COUNT(*) from voucher v left
join state s on v.id=s.voucher_id where v.id=s.voucher_id and
v.code='%{User-Name}' and (s.state='Inactive' or s.state='Active')}"
}
swi
Russell Mike wrote:
> All-In-MB counter works. Please note, when a user has downloaded his
> quota, counter do not force log off .
The counter modules DOES NOT DO THAT.
To see why, ask yourself what does FreeRADIUS see when the user has
downloaded his quota?
The answer is "nothing". The u
Volker Lieder wrote:
> Within the old version, we used a database config for groups with an
> attribute "Session-Timeout" and the value `%{expr:06:00}`
Which never worked. "06:00" isn't a number. You can't just invent
syntax and use i.
> With new version freeradius send an error while lookin
On 10/08/2013 07:09 PM, Arran Cudbard-Bell wrote:
On 8 Oct 2013, at 17:44, Phil Mayers wrote:
On 08/10/13 17:01, Rok Kosir wrote:
authentication to mysql), when i run freeradius -X, i get Segmentation
Fault when it reaches dhcp listner.
See doc/bugs.
and skip to section 2. :)
Arran Cudbar
On 9 Oct 2013, at 11:21, Alex Sharaz wrote:
> you don't know how hard it was to wait till the official release :-)
> A
brew install talloc
brew link talloc
./configure
make
make install
?
Arran Cudbard-Bell
FreeRADIUS Development Team
-
List info/subscribe/unsubscribe? See http://www.freer
On 9 Oct 2013, at 10:19, a.l.m.bu...@lboro.ac.uk wrote:
> Hi,
>
>> Just got a wee bit of trouble linking in the talloc libraries, but I'm sure
>> its not insurmountable
>
> Alan uses OSX so I'm *SURE* it compiles fine with the right support stuff
> present - you
> should have been compiling
Many thanks for this Olivier, much appreciated
Rgds
A
On 9 Oct 2013, at 11:07, Olivier Beytrison wrote:
> On 09.10.2013 11:25, Olivier Beytrison wrote:
>> On 09.10.2013 10:41, Alex Sharaz wrote:
>>> I was wondering if there's a way off having a bit more granularity in terms
>>> of how the f5 lo
you don't know how hard it was to wait till the official release :-)
A
On 9 Oct 2013, at 10:19, a.l.m.bu...@lboro.ac.uk wrote:
> Hi,
>
>> Just got a wee bit of trouble linking in the talloc libraries, but I'm sure
>> its not insurmountable
>
> Alan uses OSX so I'm *SURE* it compiles fine with
Hi,
Just to give some infos if I can help (this mailing has helped me a lot !)
I have F5 BigIP devices in two 2 DCs. They have each a VirtualServer with a
shared IP (not activated in VLANs used to communicate between the 2 DC to avoid
IP conflits, a much simple config for NAS - only one IP add
On 09.10.2013 11:25, Olivier Beytrison wrote:
> On 09.10.2013 10:41, Alex Sharaz wrote:
>> I was wondering if there's a way off having a bit more granularity in terms
>> of how the f5 load balances incoming RADIUS requests.
Another nice thing to do is to do persistence based on radius AVP
https:
On 9 Oct 2013, at 10:16, Fajar A. Nugraha wrote:
> On Wed, Oct 9, 2013 at 3:41 PM, Alex Sharaz wrote:
> While we have 900 switches doing mac and 802.1x based auth, we can have 6000+
> users on our wireless network all authenticating to RADIUS via 3 RAS clients.
> Looking at the back end serve
On 09.10.2013 10:41, Alex Sharaz wrote:
> Hi,
>
> Is anyone out there load balancing RADIUS with an F5 load balancer? We're
> doing it here, but I can't help thinking that the actual load balancing
> algorithm need some tweaking.
I have f5 loadbalancers but atm I don't use them for our RADIUS
Hi,
> Just got a wee bit of trouble linking in the talloc libraries, but I'm sure
> its not insurmountable
Alan uses OSX so I'm *SURE* it compiles fine with the right support stuff
present - you
should have been compiling it before the official release ;-)
alan
-
List info/subscribe/unsubscr
Am Mittwoch, 9. Oktober 2013, 09:41:19 schrieb Alex Sharaz:
> Hi,
>
> Is anyone out there load balancing RADIUS with an F5 load balancer? We're
> doing it here, but I can't help thinking that the actual load balancing
> algorithm need some tweaking.
>
> As far as I'm aware ( systems section suppo
On Wed, Oct 9, 2013 at 3:41 PM, Alex Sharaz wrote:
> While we have 900 switches doing mac and 802.1x based auth, we can have
> 6000+ users on our wireless network all authenticating to RADIUS via 3 RAS
> clients. Looking at the back end server log files, it does look as if, in
> general, all wir
Dear Aran C. Bell
Thanks for everything, Here is update.
1.)
All-In-MB counter works. Please note, when a user has downloaded his
quota, counter
do not force log off . Saying other way, if the user is online, he would
remain online until he log off him self or stop browsing. But point to be
note
Hi,
Is anyone out there load balancing RADIUS with an F5 load balancer? We're doing
it here, but I can't help thinking that the actual load balancing algorithm
need some tweaking.
As far as I'm aware ( systems section support the F5 boxes)
1). We're using round robin to spread the load over 2
Just got a wee bit of trouble linking in the talloc libraries, but I'm sure
its not insurmountable
A
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
34 matches
Mail list logo