I have one question to this, you suposed that RADIUS and DataBase services are in the same machine, what happens if these services are in severa or there are replicate servers?
My advice is to create a database trigger on INSERTs, UPDATEs,DELETEs.For example, my postgresql trigger written in
Then pipe the susdo command though ssh...
-Peter
On Tue 31 Jul 2007, Santiago Balaguer García wrote:
I have one question to this, you suposed that RADIUS and DataBase services
are in the same machine, what happens if these services are in severa or
there are replicate servers?
My advice is
Hi Santiago,
Tuesday, July 31, 2007, 11:21:36 AM, you wrote:
I have one question to this, you suposed that RADIUS and DataBase
services are in the same machine, what happens if these services are
in severa or there are replicate servers?
Most probably you will have the radius and the
Thanks for that Claudiu - I'll have to see what I can do :)
Handling the sighup would be a big deal. I am adding my NAS via a php script
so I can easily ask it to give the server a kick once i've added a NAS.
It may be that I can live with an hourly cron job - will have to see. In
theory there
Hi,
It is an issue that has been discussed previously and FreeRADIUS is
unlikely to ever do an SQL SELECT of the nas table for every inbound
packet. What may be possible is to reload the nas list at certain intervals
(from cron is the easiest) but until/unless HUP handling is improved that
On Mon 30 Jul 2007, Stefan Winter wrote:
Hi,
It is an issue that has been discussed previously and FreeRADIUS is
unlikely to ever do an SQL SELECT of the nas table for every inbound
packet. What may be possible is to reload the nas list at certain
intervals (from cron is the easiest) but
On 2007-07-30 15:54, Stefan Winter wrote:
Hi,
It is an issue that has been discussed previously and FreeRADIUS is
unlikely to ever do an SQL SELECT of the nas table for every inbound
packet. What may be possible is to reload the nas list at certain intervals
(from cron is the easiest) but
Krzysztof Olędzki wrote:
I'm not sure it this is a good idea. What if you need to change for
example a shared secret?
Poke it with radclient from a host that is not in the client table?
--
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com
-
List
On 2007-07-30 17:06, Dennis Skinner wrote:
Krzysztof Olędzki wrote:
I'm not sure it this is a good idea. What if you need to change for
example a shared secret?
Poke it with radclient from a host that is not in the client table?
Like 127.15.16.18? Good idea. So maybe a magic-client
Hi Paul,
Saturday, July 28, 2007, 6:08:23 PM, you wrote:
I however just tried hitting radiusd with a SIGHUP and it really
didn't like it Output attached, I just got a segfault when I hit it with
the next radius request.
Currently, I'm able to run a SIGHUPed freeradius 20070420
:11:02 PM
Subject: Out of Office AutoReply: Re[2]: Adding a NAS via SQL
===8==Original message text===
danke für ihre mail, aber ich bin bis einschliesslich 19.08.2007 nicht im
büro. wenden Sie sich bei dringenden anfragen bitte an
[EMAIL PROTECTED]
i'm out of office until
Thanks for your help guys.
I guess a way to prevent the DoS is through the correct use of a firewall?
Kind regards,
Paul.
On 7/28/07, Peter Nixon [EMAIL PROTECTED] wrote:
On Sat 28 Jul 2007, Paul Lambert wrote:
Hi,
I have now taken a look through the archives and I can't see a clean
Yeah. That would be one way, but its kind of like saying we are going to
introduce a new feature to a BMW that makes it dangerous at speeds over
100km so don't drive it on an autobahn...
It is an issue that has been discussed previously and FreeRADIUS is unlikely
to ever do an SQL SELECT of
Hi,
It is an issue that has been discussed previously and FreeRADIUS is unlikely
to ever do an SQL SELECT of the nas table for every inbound packet. What may
be possible is to reload the nas list at certain intervals (from cron is the
easiest) but until/unless HUP handling is improved that
[EMAIL PROTECTED] said:
how about updating the NAS list from SQL via, for example, an SNMP write
command
or a special RADIUS command packet. both of these could have security
protection
to prevent DoS (eg the SNMP write from only certain locations (firewalled)
and
has password too of
Hugh Messenger wrote:
[EMAIL PROTECTED] said:
how about updating the NAS list from SQL via, for example, an SNMP write
command
or a special RADIUS command packet. both of these could have security
protection
to prevent DoS (eg the SNMP write from only certain locations (firewalled)
and
On 2007-07-29 19:13, Arran Cudbard-Bell wrote:
Hugh Messenger wrote:
[EMAIL PROTECTED] said:
how about updating the NAS list from SQL via, for example, an SNMP write
command
or a special RADIUS command packet. both of these could have security
protection
to prevent DoS (eg the SNMP
Ram, ty for the response,
It doesn't seem to be having an effect until I restart the server.
I know I have set this up in the past with no issues, is there anything
obvious I could be missing?
I will take a look again and if I am still having problems post the server
debug etc.
Paul.
On
OK,
I was using 2.0.0 pre1, so decided to go back to 1.1.7.
I have attached the output of radiusd -X.
From this output, I can see the radius server is reading the NAS table in my
MySQL database on startup, but not again after that.
The order of events:
I started radiusd -X with the entry for
On Fri 27 Jul 2007, Paul Lambert wrote:
Hi all,
I think I might be being a little dense but when I add a NAS to my SQL
database, it doesn't appear to be enabled until I restart my radius
server.
Yep. Thats to way it's designed to protect against DoS attacks, otherwise
every inbound packet
Thanks,
I thought I might have been going crazy!!!
I however just tried hitting radiusd with a SIGHUP and it really didn't like
it Output attached, I just got a segfault when I hit it with the next
radius request.
Is there a cleaner way to make it re-read the nas list?
TIA
Paul.
On
Paul
All of these questions have been discussed MANY times on the list. Please
check the archives..
Peter
On Sat 28 Jul 2007, Paul Lambert wrote:
Thanks,
I thought I might have been going crazy!!!
I however just tried hitting radiusd with a SIGHUP and it really didn't
like it Output
Peter,
Please accept my apologies for wasting your time.
Paul
On 7/28/07, Peter Nixon [EMAIL PROTECTED] wrote:
Paul
All of these questions have been discussed MANY times on the list. Please
check the archives..
Peter
On Sat 28 Jul 2007, Paul Lambert wrote:
Thanks,
I thought I
Hi,
I have now taken a look through the archives and I can't see a clean
solution for reloading the nas without restarting. I assume this is what you
were suggesting I do via cron?
Paul.
On 7/28/07, Paul Lambert [EMAIL PROTECTED] wrote:
Peter,
Please accept my apologies for wasting your
Paul Lambert wrote:
I have now taken a look through the archives and I can't see a clean
solution for reloading the nas without restarting. I assume this is what
you were suggesting I do via cron?
Yes.
Unfortunately, *no* application daemon I've looked at handles HUP very
well. Almost
On Sat 28 Jul 2007, Paul Lambert wrote:
Hi,
I have now taken a look through the archives and I can't see a clean
solution for reloading the nas without restarting. I assume this is what
you were suggesting I do via cron?
Yep.. The short answer is that FreeRADIUS does not currently reload the
Hi all,
I think I might be being a little dense but when I add a NAS to my SQL
database, it doesn't appear to be enabled until I restart my radius server.
Is there a way to automatically activate a new NAS device that I add to the
SQL database?
Kind regards,
Paul.
-
List
On 7/27/07, Paul Lambert [EMAIL PROTECTED] wrote:
Hi all,
I think I might be being a little dense but when I add a NAS to my SQL
database, it doesn't appear to be enabled until I restart my radius server.
Is there a way to automatically activate a new NAS device that I add to
the SQL
28 matches
Mail list logo