On 10/18/2013 11:00 AM, Alan DeKok wrote:
Bertalan Voros wrote:
I have one question, I would like to log a message in radius.log when a
device is rejected based on its mac address.
I would like to put a message saying that the device was unauthorised
and the Calling-Station-Id into the
Hi,
Ah... a fix wasn't pulled over from v3.0.x to master. I've just done
that now.
server now starts with such switch/case config present. cheers!
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I think I know the answer to this question but I wanted to check with the Gurus!
Does FreeRADIUS give a fig about what the username is? If it were all numeric,
say 123456789 I guess it is happy with that? It's just a string to FreeRADIUS?
If there was to be an issue, it would be the back end
Thank both, that's great news.
I really need to teach myself some C..
Cheers
Andy
-Original Message-
From:
freeradius-users-bounces+andy.franks=sath.nhs...@lists.freeradius.org
[mailto:freeradius-users-bounces+andy.franks=sath.nhs.uk@lists.freeradiu
s.org] On Behalf Of
On Fri, Oct 11, 2013 at 05:41:07PM +0100, Fabrizio Vecchi wrote:
As you can see, the device wasn't listed in the file, the authentication
went fine, saying that the tunnel that I should get has ID 40, but that
wasn't overwritten by the authorized_macs check...
Add
DEFAULT Auth-Type := Reject
On Mon, Oct 14, 2013 at 10:40:19AM +0100, Matthew Newton wrote:
On Fri, Oct 11, 2013 at 05:41:07PM +0100, Fabrizio Vecchi wrote:
As you can see, the device wasn't listed in the file, the authentication
went fine, saying that the tunnel that I should get has ID 40, but that
wasn't
Hi,
Does FreeRADIUS give a fig about what the username is? If it were all
numeric, say 123456789 I guess it is happy with that? It's just a string
to FreeRADIUS?
FreeRADIUS is just a RADIUS serverand hence any decisions made by it are
all down to defined policies. so if you have
Franks Andy (RLZ) IT Systems Engineer wrote:
Hi again,
Sorry to bang on about this, but I'm struggling still.
Brand new machine, Ubuntu 13.04 server, never had freeradius installed
on it. Pulled from git, - (FreeRADIUS Version 3.1.0 (git #209982d),
I didn't see the 3.1.0... At this
Hi list,
we use freeradius for our dsl user authentication.
We want to disconnect some users via radius at fixed times, e.g. 04:00 am.
Which attribute and value should / can i use?
Session-Timeout doesnt do the job.
Regards,
Volker Lieder
-
List info/subscribe/unsubscribe? See
On 10/10/13 15:03, a.l.m.bu...@lboro.ac.uk wrote:
Samba 4 is lurvely... apparently 100% compatible with existing AD
installations, although, as always, it's a bit finicky and info is a bit thin on
the ground (and I've not written up a guide when I set my test environment up that
uses an S4
On 14 Oct 2013, at 15:52, Volker Lieder v.lie...@uvensys.de wrote:
Hi list,
we use freeradius for our dsl user authentication.
We want to disconnect some users via radius at fixed times, e.g. 04:00 am.
Which attribute and value should / can i use?
Session-Timeout doesnt do the job.
All,
Seems that the return code priority is behaving different in 3.0 -
specifically the following config:
authorize {
updated
files
if (noop) {
...
}
}
...gives:
(0) authorize {
(0) [updated] = updated
(0) [files] = noop
(0) ? if (noop)
(0) ? if (noop) - FALSE
i.e.
On 14/10/13 16:01, Jonathan Gazeley wrote:
On 10/10/13 15:03, a.l.m.bu...@lboro.ac.uk wrote:
Samba 4 is lurvely... apparently 100% compatible with existing AD
installations, although, as always, it's a bit finicky and info is a
bit thin on the ground (and I've not written up a guide when I set
Hi,
we tried to calculate it via expr.
How would you calculate it?
Regards,
Volker
Am 14.10.2013 um 17:03 schrieb Arran Cudbard-Bell:
On 14 Oct 2013, at 15:52, Volker Lieder v.lie...@uvensys.de wrote:
Hi list,
we use freeradius for our dsl user authentication.
We want to
On 14 Oct 2013, at 16:27, Volker Lieder v.lie...@uvensys.de wrote:
Hi,
we tried to calculate it via expr.
How would you calculate it?
Pretty sure the expiration module does exactly this.
Arran Cudbard-Bell a.cudba...@freeradius.org
FreeRADIUS Development Team
-
List
On 14/10/13 16:18, Phil Mayers wrote:
i.e. the noop from the files module is ignored. This is a change from
2.x where the most recent module return code can be checked.
Have I missed the change, or is this not intentional?
Looks like this happened in the modcall.c rewrite (d0aa96709cea)
On 14/10/13 17:15, Phil Mayers wrote:
On 14/10/13 16:18, Phil Mayers wrote:
i.e. the noop from the files module is ignored. This is a change from
2.x where the most recent module return code can be checked.
Have I missed the change, or is this not intentional?
Looks like this happened in
We have our freeradius setup to authenticate with Active Directory for
EAP. Currently, it uses the samaccountname but we want to use UPN instead.
We get NT_STATUS_NO_SUCH_USER when testing with ntlm through command line.
ntlm_auth --request-nt-key --domain=test.local --username=tu...@pub.com
Angelica Delgado wrote:
We have our freeradius setup to authenticate with Active Directory for
EAP. Currently, it uses the samaccountname but we want to use UPN
instead. We get NT_STATUS_NO_SUCH_USER when testing with ntlm through
command line.
ntlm_auth --request-nt-key
You might want to do an LDAP lookup first on your UPN to find the
samAccountName, then use that with ntlm_auth.
Stefan
From: freeradius-users-bounces+stefan.paetow=diamond.ac...@lists.freeradius.org
[mailto:freeradius-users-bounces+stefan.paetow=diamond.ac...@lists.freeradius.org]
On Behalf
Hi again,
Sorry to bang on about this, but I'm struggling still.
Brand new machine, Ubuntu 13.04 server, never had freeradius installed
on it. Pulled from git, - (FreeRADIUS Version 3.1.0 (git #209982d), for
host x86_64-unknown-linux-gnu, built on Oct 13 2013 at 18:42:55)
./configure
Make
Make
Hi,
this error is also present with 3.1.0 when using the provided
orginate-coa virtual-server - so its reproducable with a minimally
adjusted configuration (just drop originate-coa from sites-available
to sites-enabled)
alan
-
List info/subscribe/unsubscribe? See
Is there any book about the new version of FreeRADIUS 3.0?
--
- Osvaldo T Crispim Filho -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
a.l.m.bu...@lboro.ac.uk wrote:
this error is also present with 3.1.0 when using the provided
orginate-coa virtual-server - so its reproducable with a minimally
adjusted configuration (just drop originate-coa from sites-available
to sites-enabled)
Ah... a fix wasn't pulled over from v3.0.x
Fabrizio Vecchi wrote:
First of all, sorry if my email is very long, I am just trying not to
leave any important details out. :)
That's good.
So far, I managed to do the dynamic VLAN assignment, but cannot seem to
get it to work together with the MAC checking.
They key thing to remember
Hello,
I imported FreeRADIUS from git on Eclipse, and tried to build it, but this
error occurs while building the project:
*threads.h:47:2: error: #error WITH_THREADS defined, but pthreads not
available*
*
*
Can anybody guide me how to solve this issue? Thanks.
-
List info/subscribe/unsubscribe?
On 12 Oct 2013, at 17:40, Andrei Petru Mura mapand...@gmail.com wrote:
Hello,
I imported FreeRADIUS from git on Eclipse, and tried to build it, but this
error occurs while building the project:
threads.h:47:2: error: #error WITH_THREADS defined, but pthreads not available
Can anybody
Hi Alan and thanks for the reply.
On 12 October 2013 13:42, Alan DeKok al...@deployingradius.com wrote:
So far, I managed to do the dynamic VLAN assignment, but cannot seem to
get it to work together with the MAC checking.
Get them working independently. Then, put the pieces together.
Fabrizio Vecchi wrote:
I guess at the end of the day my question boils down to the following:
where should I put the MAC check, so that the user gets assigned to the
right VLAN?
In post-auth.
If I put it in the authorize part of sites-enabled/default, the VLAN
update request will get
hi,
you must ensure you 'sign out' of the AD before you clone as otherwise
both objects are the same...and, as you have found, doing something
with the cloen breaks the first server. or just dont bind to the AD before
cloning.
to fix, you need to ensure that both machines have their own
Did you also change the MAC address for the network adapter in the VMWare
settings? Otherwise VMWare believes (and possibly your network too) the two
machines are the same.
After changing the MAC address, reconfigure your network settings on the clone
and reboot. Delete the trust (computer)
Hi again.
I'm confused now. I've recompiled, renamed all old folder under
/usr/local and done a complete reinstall.
I've pared it all down and simply put
switch %{control:Tmp-String-0} {
case {
update control {
Tmp-String-0 := new value
}
}
}
In the default VS.
I still get
Hi everyone.
First of all, sorry if my email is very long, I am just trying not to leave
any important details out. :)
In my Company, I'd like to setup a freeradius based wifi authentication
following the same principle:
First check if a user is using the Company's laptop (or phone) by checking
I have a Free Radius Server (2.1.10-5 packaged with CentOS 6) that is
configured to handle radius authentication eaps ttls in a tunnel
(Motorola/Cambium Canopy Product). I want to be able to authenticate
plain text requests from other devices that do not support eaps. Can
Free Radius handle
Gilbert T. Gutierrez, Jr. wrote:
I have a Free Radius Server (2.1.10-5 packaged with CentOS 6) that is
configured to handle radius authentication eaps ttls in a tunnel
(Motorola/Cambium Canopy Product). I want to be able to authenticate
plain text requests from other devices that do not
Hi everyone.
First of all, sorry if my email is very long, I am just trying not to leave
any important details out. :)
In my Company, I'd like to setup a freeradius based wifi authentication
following the same principle:
First check if a user is using the Company's laptop (or phone) by checking
Hi all!
I have a problem with users using the anonymous identity field during
connecting.
It turned out that for privacy reasons it is hidden outside of the
tunnel. I found that by setting use_tunneling_reply to yes i can
transfer the inner username outside of the tunnel, and the correct
(not
So what you're saying is that even though the users are using anonymous outerid
and want anonymity you want to release their id to the site they are at?
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.-
List info/subscribe/unsubscribe? See
Hi there,
Im trying use freeradius with oracle database.
I've used guide on this site
http://wiki.freeradius.org/modules/Rlm_sql_oracle to compile oracle driver.
I'e installed oracle instant client from rpm packages (basic + devel)
When i use
./configure
Hi,
I'e installed oracle instant client from rpm packages (basic + devel)
okay. if you've done this rather than manually installing from Oracle then
its most likely that the paths are different...you will need to check where
your Oracle files have been installed and use those paths instead
On Thu, Oct 10, 2013 at 2:22 PM, Puzzel puzzel1...@gmail.com wrote:
--with-oracle-include-dir=/usr/lib/oracle/11.2/client64
** **
configure: WARNING: oracle headers not found. Use
--with-oracle-include-dir=path.configure: WARNING: silently not
building rlm_sql_oracle.
Yes, you are right, the oracle inlcude path was in the different location
(/usr/include/oracle/11.2/client64 not /usr/lib...).
Now i've got another problem.
./configure --with-oracle-lib-dir=/usr/lib/oracle/11.2/client64/lib
--with-oracle-include-dir=/usr/include/oracle/11.2/client64
checking
On 10 Oct 2013, at 09:22, Puzzel puzzel1...@gmail.com wrote:
Yes, you are right, the oracle inlcude path was in the different location
(/usr/include/oracle/11.2/client64 not /usr/lib...).
Now i've got another problem.
./configure --with-oracle-lib-dir=/usr/lib/oracle/11.2/client64/lib
Tnx Arran,
./configure went fine and then created all.mk file.
What to do next? make don't work. I'm sorry i'm not very much experienced
in linux.
-Original Message-
From: freeradius-users-bounces+puzzel1982=gmail@lists.freeradius.org
o.k deinstalled the package and package manager I was using, installed
homebrew, installed latest openssl and talloc and ….. just compiled and
installed. Simples!
Thanks for that
A
On 9 Oct 2013, at 11:54, Arran Cudbard-Bell a.cudba...@freeradius.org wrote:
On 9 Oct 2013, at 11:21, Alex
On 10 Oct 2013, at 10:31, Puzzel puzzel1...@gmail.com wrote:
Tnx Arran,
./configure went fine and then created all.mk file.
What to do next? make don't work. I'm sorry i'm not very much experienced
in linux.
You need to do make in the top level directory not in the module directory.
On 10 Oct 2013, at 10:44, Alex Sharaz alex.sha...@york.ac.uk wrote:
o.k deinstalled the package and package manager I was using, installed
homebrew, installed latest openssl and talloc and ….. just compiled and
installed. Simples!
Hmm wonder what rudix was doing to mess up talloc
All,
We're seeing bursts of:
Thu Oct 10 11:52:14 2013 : Info: WARNING: Child is hung for request
47516341 in component authenticate module peap.
Thu Oct 10 11:52:16 2013 : Info: WARNING: Module rlm_eap became
unblocked for request 47516341
...since the return of our students this year.
I
On 10 Oct 2013, at 12:02, Arran Cudbard-Bell a.cudba...@freeradius.org wrote:
On 10 Oct 2013, at 10:44, Alex Sharaz alex.sha...@york.ac.uk wrote:
o.k deinstalled the package and package manager I was using, installed
homebrew, installed latest openssl and talloc and ….. just compiled and
On 10 Oct 2013, at 12:34, Puzzel puzzel1...@gmail.com wrote:
When i do make at top level, i'm getting this output:
make
Makefile:10: *** Missing 'Make.inc' Run './configure [options]' and retry.
Stop.
- Missing - Something is not there that should be.
- 'Make.inc' - The thing that should
Hi,
Thu Oct 10 11:52:16 2013 : Info: WARNING: Module rlm_eap became
unblocked for request 47516341
...since the return of our students this year.
I am 99% sure this is ntlm_auth being slow, and I have a strong
suspicion this is related to some changes in our AD infrastructure
over the
I've made configure at top level ./configure
--with-oracle-lib-dir=/usr/lib/oracle/11.2/client64/lib
--with-oracle-include-dir=/usr/include/oracle/11.2/client64
Then i made make, but i still can't find rlm_sql_oracle.so file. :/
-Original Message-
From:
Phil Mayers wrote:
In order to prove this to the AD team, I need to gather some timing
stats for ntlm_auth; can anyone think of an easy way to do this within
FreeRADIUS?
I had patches for this a while ago. But they won't apply to the
current code.
The idea was to update the modsingle
On 10/10/13 12:56, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Thu Oct 10 11:52:16 2013 : Info: WARNING: Module rlm_eap became
unblocked for request 47516341
...since the return of our students this year.
I am 99% sure this is ntlm_auth being slow, and I have a strong
suspicion this is related to
On 10 Oct 2013, at 13:39, Puzzel puzzel1...@gmail.com wrote:
I've made configure at top level ./configure
--with-oracle-lib-dir=/usr/lib/oracle/11.2/client64/lib
--with-oracle-include-dir=/usr/include/oracle/11.2/client64
Then i made make, but i still can't find rlm_sql_oracle.so file. :/
Puzzel wrote:
I've made configure at top level ./configure
--with-oracle-lib-dir=/usr/lib/oracle/11.2/client64/lib
--with-oracle-include-dir=/usr/include/oracle/11.2/client64
If the build is having issues, you should READ the output of
configure. It tells you what it's building, and what
On 10/10/2013 08:39 AM, Puzzel wrote:
I've made configure at top level ./configure
--with-oracle-lib-dir=/usr/lib/oracle/11.2/client64/lib
--with-oracle-include-dir=/usr/include/oracle/11.2/client64
Then i made make, but i still can't find rlm_sql_oracle.so file. :/
Try reading the output
authentications (as microsoft call it) - but I'm also looking at
samba4 - as it has a new option that will balance ntlm_auth against all
known boxes rather than the first box it latches onto - to spread the
load.
Samba 4 is lurvely... apparently 100% compatible with existing AD
Hi,
Any chance you can point me in the direction of these?
heres one:
http://support.microsoft.com/kb/2688798
Semi-related, but to my annoyance we're seeing rather less SSL
resumption than I would expect, given that iOS and Android both do
it by default.
Cisco wireless problem?
theres
Hi,
Samba 4 is lurvely... apparently 100% compatible with existing AD
installations, although, as always, it's a bit finicky and info is a bit thin
on the ground (and I've not written up a guide when I set my test environment
up that uses an S4 server for EAP-MSCHAPv2). But at least it
it can also BE an AD master etc. anyway, you dont know how tempting it
was to yum install samba4 on our production system ;-)
Indeed. That's exactly what I'm using it for. :-)
I'd certainly like to see some samba3.x versus samba4 benchmarks in
this sort of context
Yes, versus Windows 2008
On 09/10/13 19:09, Alan DeKok wrote:
That is *exactly* what the server does for TCP.
...in which case my comment is entirely redundant, please disregard!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Phil wrote:
I could wrap ntlm_auth in a script that times it and lots the info, but
I'm slightly wary of that - it might perturb the timings.
Any obvious/easy thing I'm missing?
You might be able to run FR under gdb (or attach/resume a running FR),
and set breakpoints with commands that
On 10/10/13 17:16, Brian Julin wrote:
You might be able to run FR under gdb (or attach/resume a running FR),
and set breakpoints with commands that resume after running the GDB
commands.
That's in inventive one, but I'm not *that* desperate yet!
-
List info/subscribe/unsubscribe? See
I've just ported our config to 3.0 and I'm seeing a few error messages;
they don't seem to be critical but are concerning me.
Specifically I'm seeing:
ERROR: Conditional evaluation failed due to internal sanity check.
...whenever I try to compare against absent attributes. What's the
correct
On 10/10/13 18:32, Phil Mayers wrote:
I've just ported our config to 3.0 and I'm seeing a few error messages;
they don't seem to be critical but are concerning me.
Specifically I'm seeing:
We're also getting:
Info: Invalid operator for item Sql-Group: reverting to '=='
...which is logged to
On 10 Oct 2013, at 18:32, Phil Mayers p.may...@imperial.ac.uk wrote:
I've just ported our config to 3.0 and I'm seeing a few error messages; they
don't seem to be critical but are concerning me.
Specifically I'm seeing:
ERROR: Conditional evaluation failed due to internal sanity
On 10/10/13 18:51, Arran Cudbard-Bell wrote:
possibly if (outer.request
Hmm, no same thing, and worse it's squashing Module-Failure-Message :o(
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Phil Mayers wrote:
I've just ported our config to 3.0 and I'm seeing a few error messages;
they don't seem to be critical but are concerning me.
Specifically I'm seeing:
ERROR: Conditional evaluation failed due to internal sanity check.
That should be fixed. Either it can be deleted,
On 10/10/13 15:01, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Any chance you can point me in the direction of these?
heres one:
http://support.microsoft.com/kb/2688798
Semi-related, but to my annoyance we're seeing rather less SSL
resumption than I would expect, given that iOS and Android both do
On 10 Oct 2013, at 22:23, Alan DeKok al...@deployingradius.com wrote:
Phil Mayers wrote:
I've just ported our config to 3.0 and I'm seeing a few error messages;
they don't seem to be critical but are concerning me.
Specifically I'm seeing:
ERROR: Conditional evaluation failed due to
I configured freeradius version 2.2.0 running on Ubuntu 12.04
to authenticate against active directory and it is working fine until I decide
to clone (vmware) the machine.
Once the machine is clone I changed the IP address, hostname
in (/etc/hosts and /etc/hostname) and also changed the name in
Hello list,
I want to delete one reply attribute from the reply list if the access-request
is originating not from a special NAS-IP-Address.
Currently I have solved this by adding this unlang code in authorize section:
if(!NAS-IP-Address == x.x.x.x) {
update reply {
On 9 Oct 2013, at 07:05, Hachmer, Tobias tobias.hach...@stadt-frankfurt.de
wrote:
Hello list,
I want to delete one reply attribute from the reply list if the
access-request is originating not from a special NAS-IP-Address.
Currently I have solved this by adding this unlang code in
Hello Arran,
thanks for the answer. This has worked!
Regards,
Tobias Hachmer
-Ursprüngliche Nachricht-
Von:
freeradius-users-bounces+tobias.hachmer=stadt-frankfurt...@lists.freeradius.org
[mailto:freeradius-users-bounces+tobias.hachmer=stadt-frankfurt...@lists.freeradius.org]
Im
Hi,
we upgraded a freeradius setup from 1.x to 2.1.10+dfsg-2+squeeze1 on Debian
Squeeze.
Within the old version, we used a database config for groups with an attribute
Session-Timeout and the value `%{expr:06:00}`
With new version freeradius send an error while looking in debug mode like:
Tue
Just got a wee bit of trouble linking in the talloc libraries, but I'm sure
its not insurmountable
A
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Is anyone out there load balancing RADIUS with an F5 load balancer? We're doing
it here, but I can't help thinking that the actual load balancing algorithm
need some tweaking.
As far as I'm aware ( systems section support the F5 boxes)
1). We're using round robin to spread the load over
Dear Aran C. Bell
Thanks for everything, Here is update.
1.)
All-In-MB counter works. Please note, when a user has downloaded his
quota, counter
do not force log off . Saying other way, if the user is online, he would
remain online until he log off him self or stop browsing. But point to be
On Wed, Oct 9, 2013 at 3:41 PM, Alex Sharaz alex.sha...@york.ac.uk wrote:
While we have 900 switches doing mac and 802.1x based auth, we can have
6000+ users on our wireless network all authenticating to RADIUS via 3 RAS
clients. Looking at the back end server log files, it does look as if, in
Am Mittwoch, 9. Oktober 2013, 09:41:19 schrieb Alex Sharaz:
Hi,
Is anyone out there load balancing RADIUS with an F5 load balancer? We're
doing it here, but I can't help thinking that the actual load balancing
algorithm need some tweaking.
As far as I'm aware ( systems section support the
Hi,
Just got a wee bit of trouble linking in the talloc libraries, but I'm sure
its not insurmountable
Alan uses OSX so I'm *SURE* it compiles fine with the right support stuff
present - you
should have been compiling it before the official release ;-)
alan
-
List
On 09.10.2013 10:41, Alex Sharaz wrote:
Hi,
Is anyone out there load balancing RADIUS with an F5 load balancer? We're
doing it here, but I can't help thinking that the actual load balancing
algorithm need some tweaking.
I have f5 loadbalancers but atm I don't use them for our RADIUS
On 9 Oct 2013, at 10:16, Fajar A. Nugraha l...@fajar.net wrote:
On Wed, Oct 9, 2013 at 3:41 PM, Alex Sharaz alex.sha...@york.ac.uk wrote:
While we have 900 switches doing mac and 802.1x based auth, we can have 6000+
users on our wireless network all authenticating to RADIUS via 3 RAS
On 09.10.2013 11:25, Olivier Beytrison wrote:
On 09.10.2013 10:41, Alex Sharaz wrote:
I was wondering if there's a way off having a bit more granularity in terms
of how the f5 load balances incoming RADIUS requests.
Another nice thing to do is to do persistence based on radius AVP
Hi,
Just to give some infos if I can help (this mailing has helped me a lot !)
I have F5 BigIP devices in two 2 DCs. They have each a VirtualServer with a
shared IP (not activated in VLANs used to communicate between the 2 DC to avoid
IP conflits, a much simple config for NAS - only one IP
you don't know how hard it was to wait till the official release :-)
A
On 9 Oct 2013, at 10:19, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Just got a wee bit of trouble linking in the talloc libraries, but I'm sure
its not insurmountable
Alan uses OSX so I'm *SURE* it compiles fine with the
Many thanks for this Olivier, much appreciated
Rgds
A
On 9 Oct 2013, at 11:07, Olivier Beytrison oliv...@heliosnet.org wrote:
On 09.10.2013 11:25, Olivier Beytrison wrote:
On 09.10.2013 10:41, Alex Sharaz wrote:
I was wondering if there's a way off having a bit more granularity in terms
of
On 9 Oct 2013, at 10:19, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Just got a wee bit of trouble linking in the talloc libraries, but I'm sure
its not insurmountable
Alan uses OSX so I'm *SURE* it compiles fine with the right support stuff
present - you
should have been compiling it
On 9 Oct 2013, at 11:21, Alex Sharaz alex.sha...@york.ac.uk wrote:
you don't know how hard it was to wait till the official release :-)
A
brew install talloc
brew link talloc
./configure
make
make install
?
Arran Cudbard-Bell a.cudba...@freeradius.org
FreeRADIUS Development Team
-
List
On 10/08/2013 07:09 PM, Arran Cudbard-Bell wrote:
On 8 Oct 2013, at 17:44, Phil Mayers p.may...@imperial.ac.uk wrote:
On 08/10/13 17:01, Rok Kosir wrote:
authentication to mysql), when i run freeradius -X, i get Segmentation
Fault when it reaches dhcp listner.
See doc/bugs.
and skip to
Volker Lieder wrote:
Within the old version, we used a database config for groups with an
attribute Session-Timeout and the value `%{expr:06:00}`
Which never worked. 06:00 isn't a number. You can't just invent
syntax and use i.
With new version freeradius send an error while looking in
Russell Mike wrote:
All-In-MB counter works. Please note, when a user has downloaded his
quota, counter do not force log off .
The counter modules DOES NOT DO THAT.
To see why, ask yourself what does FreeRADIUS see when the user has
downloaded his quota?
The answer is nothing. The
Hi All. I have some code in an sql policy:
sql_check_user_present {
update control {
Tmp-String-0 := %{sql_pwifi:SELECT COUNT(*) from voucher v left
join state s on v.id=s.voucher_id where v.id=s.voucher_id and
v.code='%{User-Name}' and (s.state='Inactive' or s.state='Active')}
}
switch
It appears the debugging switches don't work quite as I'd expect in FreeRADIUS
3 when RadSec is configured.
# radiusd -fxx -l stdout
Works as expected (threaded debugging with no timestamps), however:
# radiusd -fXx -l stdout
snip
Wed Oct 9 14:44:18 2013 : Error:
On 9 Oct 2013, at 11:56, Rok Kosir rok.ko...@cosylab.com wrote:
On 10/08/2013 07:09 PM, Arran Cudbard-Bell wrote:
On 8 Oct 2013, at 17:44, Phil Mayers p.may...@imperial.ac.uk
wrote:
On 08/10/13 17:01, Rok Kosir wrote:
authentication to mysql), when i run freeradius -X, i get
Franks Andy (RLZ) IT Systems Engineer wrote:
Trying version #d166290 results in
Which is old. The bug has already been fixed.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks Alan. D
So if you want to do something when the users traffic is over the quota,
you have to do it in the accounting section.
Could you please kindly indicate what should i do there ? i tried to
perform the check again when user is online by adding counter entry in *
session* section. but
Adam Bishop wrote:
It appears the debugging switches don't work quite as I'd expect in
FreeRADIUS 3 when RadSec is configured.
Yes. Because of OpenSSL limitations, the server MUST have multiple
threads when using radsec.
# radiusd -fxx -l stdout
Works as expected (threaded debugging
Hi,
It appears the debugging switches don't work quite as I'd expect in
FreeRADIUS 3 when RadSec is configured.
# radiusd -fxx -l stdout
yep. if you try 'radiusd -X' it will tell you to run it like that.
# radiusd -fXx -l stdout
# ./sbin/radiusd -Cfxx -l stdout
single thread
1 - 100 of 78683 matches
Mail list logo