*** glibc detected *** /usr/local/sbin/radiusd: malloc(): memory corruption: 0x000000000e253360 ***
Hello Got this on 2.1.5. The server was ok until now (it's running without problems within the last 2 years), and now it crashes several time per day. Any help ? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: *** glibc detected *** /usr/local/sbin/radiusd: malloc(): memory corruption: 0x000000000e253360 ***
ok thanks On Wed, Oct 3, 2012 at 5:50 PM, Phil Mayers p.may...@imperial.ac.uk wrote: On 03/10/12 17:25, Armando Oliveira wrote: Hello Got this on 2.1.5. The server was ok until now (it's running without problems within the last 2 years), and now it crashes several time per day. Any help ? Sorry, but no-one here is going to help you with a version that old. Upgrade to 2.2.0. I did run into similar double-free problems in older versions; I think it was Postgres or OpenSSL-related but never chased it - I just upgraded. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radclient disconnect
I been trying to find how to disconnect an actual logged user, radclient has a disconnect option, I wonder if anyone on the list has managed to work it out with it. The nas is a Cisco AS5300 Thanks Armando Leal. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radclient disconnect
On 4 Oct 2004 at 15:05, Alan DeKok wrote: am trying something like ./radclient -s 192.168.1.1 disconnect secret User-Name=username and on NAS: aaa pod server server-key secret but radclient, hangs, and I done on NAS a debug aaa pod but no request is being sent have you manage it to work? but it hangs there.. [EMAIL PROTECTED] wrote: I been trying to find how to disconnect an actual logged user, radclient has a disconnect option, I wonder if anyone on the list has managed to work it out with it. The nas is a Cisco AS5300 Check the NAS documentation to see if it accepts disconnect packets, and what it expects to see in a disconnect packet. Then, create a packet and use radclient to send it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Executing External Program
Yeah, did that, but no signs of php execution, I added to users with
exec-wait and it worked ok..
the only problem is I try to send a Time-Out, with the php script,
and it seems to not work.. and making some more tests.
On 11 Sep 2004 at 16:48, George Chelidze wrote:
Hello,
If my understanding is correct, your authorize section should look
similar to this:
authorize {
...
test
...
}
Have you done this?
Best Regards,
[EMAIL PROTECTED] wrote:
Hi am trying to excecute a program before autentification so I could deny access
if it
is on a callingstationnumber ban list on mysql..
But Script is not being Excecuting.. what seems the problem?
radiud.conf
exec test{
wait = yes
program = /usr/local/bin/php -f /scriptest/test.php
input_pairs = request
output_pairs = reply
packet_type = Access-Request
}
Test.php
?php
ob_start();
$clientcallingstation = $_ENV['CALLING_STATION_ID'];
$calledstationid = $_ENV['CALLED_STATION_ID'];
ob_end_clean();
//log to txt
function logtotxt($somecontent)
{
$filename = 'log.txt';
$handle = fopen($filename, 'a');
fwrite($handle, $somecontent);
fclose($handle);
}
logtotxt(Script Was Excecuted);
// Make a test
if (!empty($clientcallingstation) !empty($calledstationid))
{
logtotxt($clientcallingstation:$calledstationid);
$retval = 0;
} else {
// otherwise reject
$retval = 1;
}
exit ($retval);
?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
George Chelidze
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Executing External Program
Hi am trying to excecute a program before autentification so I could deny access if it
is on a callingstationnumber ban list on mysql..
But Script is not being Excecuting.. what seems the problem?
radiud.conf
exec test{
wait = yes
program = /usr/local/bin/php -f /scriptest/test.php
input_pairs = request
output_pairs = reply
packet_type = Access-Request
}
Test.php
?php
ob_start();
$clientcallingstation = $_ENV['CALLING_STATION_ID'];
$calledstationid = $_ENV['CALLED_STATION_ID'];
ob_end_clean();
//log to txt
function logtotxt($somecontent)
{
$filename = 'log.txt';
$handle = fopen($filename, 'a');
fwrite($handle, $somecontent);
fclose($handle);
}
logtotxt(Script Was Excecuted);
// Make a test
if (!empty($clientcallingstation) !empty($calledstationid))
{
logtotxt($clientcallingstation:$calledstationid);
$retval = 0;
} else {
// otherwise reject
$retval = 1;
}
exit ($retval);
?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: kill user connection
On 3 Sep 2004 at 22:36, Troy Davis wrote: http://freshmeat.net/projects/radkill/ Regards Troy Comstech Systems Ph: 1300 550 664 www.comstech.com This proggy is a simple Telnet, disconnect user and exit.. using expect, getting the actual online users from radwho. * its not a snmp connection.. that might be faster and a better option.. But even tho is an option, tnx for your advise. Armando Leal - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, September 03, 2004 10:12 AM Subject: Re: kill user connection Could you explain how to use snmp to disconnect a session, I been told you need to use snmpwalk and do some configs on NAS to autentificate, also a problem is knowing what is the channel, ofcourse obtaining it by radius to send to the NAS a line clear. I had tried to find a snmp scripts to do that specific function, without luck, I understand I need to understand better how snmp works, but taking a look on a piece of code will help a lot. Armando Leal. On 3 Sep 2004 at 0:19, Simon Bryden wrote: There is a RADIUS disconnect mechanism which is not standardised as far as I know and not too widely supported. In most cases you need to use SNMP or other techniques to disconnect sessions. The most standardised way of disconnecting sessions is to use Session-Timeout attribute to tell the NAS when to terminate the session. Regards, Simon. --- On Thursday 02 September 2004 14:57, Edgars wrote: is there a way to do subj. from the freeradius - i'll use this when some time is reached. Edgars - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: kill user connection
Could you explain how to use snmp to disconnect a session, I been told you need to use snmpwalk and do some configs on NAS to autentificate, also a problem is knowing what is the channel, ofcourse obtaining it by radius to send to the NAS a line clear. I had tried to find a snmp scripts to do that specific function, without luck, I understand I need to understand better how snmp works, but taking a look on a piece of code will help a lot. Armando Leal. On 3 Sep 2004 at 0:19, Simon Bryden wrote: There is a RADIUS disconnect mechanism which is not standardised as far as I know and not too widely supported. In most cases you need to use SNMP or other techniques to disconnect sessions. The most standardised way of disconnecting sessions is to use Session-Timeout attribute to tell the NAS when to terminate the session. Regards, Simon. --- On Thursday 02 September 2004 14:57, Edgars wrote: is there a way to do subj. from the freeradius - i'll use this when some time is reached. Edgars - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Rejecting CallingStationId
On 1 Sep 2004 at 8:34, Keith Yoder wrote:
I changed the default SQL queries to do this. I'll try to explain how
(using MySQL).
First I created a table to store the bad CallingStationIDs.
CREATE TABLE `bad_callingstationids` (
`CALLINGSTATIONID` varchar(18) NOT NULL default '',
`OBSERVATION` varchar(100) NOT NULL default '',
PRIMARY KEY (`CALLINGSTATIONID`)
)
ok create the table.. here I will add something like:
CREATE TABLE `bad_callingstationids` (
`callingstationid` varchar(18) NOT NULL default '',
`id_calledstationid` varchar(18) NOT NULL default '',
`OBSERVATION` varchar(100) NOT NULL default '',
PRIMARY KEY (`callingstationid`)
)
CREATE TABLE `calledstationids` (
`calledstationid` varchar(18) NOT NULL default '',
`900number` varchar(18) NOT NULL default '',
`OBSERVATION` varchar(100) NOT NULL default '',
PRIMARY KEY (`calledstationid`)
)
so I could separate the also that number from the line is coming.
Then I changed the authorize_check_query in the sql.conf file to this:
SELECT id,UserName,Attribute,Value,op
FROM ${authcheck_table} LEFT JOIN bad_callingstationids ON
'%{Calling-Station-Id}' = bad_callingstationids.CALLINGSTATIONID
WHERE Username = '%{SQL-User-Name}' AND
bad_callingstationids.CALLINGSTATIONID IS NULL ORDER BY id
Understood, but I have a problem maybe you know a way, I should allow any
username or password to log, but I need to block some callingstationids if they due
their time, and I am thinking a way to structure the authorize_check_query and the
reply to let any login or pass, I just need login with a sufix. like
:DEFAULTSuffix == mx, Auth-Type := Accept
Service-Type = Framed-User,
Framed-Protocol = PPP,
Session-Timeout=900,
Idle-Timeout = 900
and then do a selection of bad_callingstationids (callingstationid AND
calledstationid)
Hope that's understandable,
Keith Yoder
Tnx for your help Keith, intersting aprouch, that made me make some tests! )
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Rejecting CallingStationId
I could ban or reject a specific CallingStationID? , the only examples I seen is on a specific user or group of users, on file /etc/users Some nice friends on the list told me to try: DEFAULTCalling-Station-Id =~8183635958, Auth-Type :=Reject I tried it and it works, I tried also some things like DEFAULT Called-Station-Id ==4700,Auth-Type :=Reject DEFAULT Calling-Station-Id ==8183635958, Called-Station-Id ==4700,Auth- Type :=Reject and I think it worked just fine, the question now is, I could have this Called, and Calling stations id in a sql table, so my script for blocking/baning Called or Calling would be in a sql table and not restart radius each time I add a new rule on users file Thanks Armando Leal. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Rejecting CallingStationId
I could ban or reject a specific CallingStationID? , the only examples I seen is on a specific user or group of users, on file /etc/users There is another option am trying doing a snmp command via the nas and drop each time it connects, but I think is not the best option. Thanks Armando Leal. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
