Re: [RADIATOR] hotspot login portal

You might want to check out: http://www.chillispot.info/ which we had working with Radiator back in the day, and its newer sibling: http://coova.org/ Dave From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On Behalf Of John Lodge Sent: M

Re: [RADIATOR] searchable archive? CouchDB?

See replies... -Original Message- From: Heikki Vatiainen [mailto:h...@open.com.au] Sent: Tuesday, October 11, 2011 9:01 AM To: Dave Kitabjian Cc: radiator@open.com.au; Greg Evanyke Subject: Re: [RADIATOR] searchable archive? CouchDB? [dhk] ... >> 2) Is there an AuthBy that wil

Re: [RADIATOR] searchable archive? CouchDB?

Thanks for the reply. See comments... -Original Message- From: Heikki Vatiainen [mailto:h...@open.com.au] Sent: Friday, October 07, 2011 5:14 AM To: Dave Kitabjian Cc: radiator@open.com.au; Greg Evanyke Subject: Re: [RADIATOR] searchable archive? CouchDB? On 10/06/2011 11:14 PM, Dave

[RADIATOR] searchable archive? CouchDB?

Hello, folks! Two questions: 1) Is there a searchable archive for this list these days? The only one I found is this zipped version: http://www.open.com.au/pipermail/radiator/ 2) Is there an AuthBy that will talk to CouchDB or MongoDB? Thanks in advance! Best Regards, Dave

Re: [RADIATOR] Executing an external script from Radiator

I should clarify that the Exec-Program method is particularly useful when you want to execute something conditionally based on (typically database-driven) user configs. Dave From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On Behalf Of Dave Kitabjian Sent: Tuesday

Re: [RADIATOR] Executing an external script from Radiator

My favorite method is to use the special RADIUS Reply-Item, "Exec-Program". Radiator will then shell whatever you pass in as an argument to this attribute. Very powerful; very dangerous; very cool J The only thing Radiator doesn't do is provide a way to change the user under which the shell exe

Re: [RADIATOR] Multiple radiator instances on single server?

fyi, You can also run separate instances with all pointing to a common config file, if that's simpler. That works if you can "override" everything instance-specific by using different command line arguments. A single config file can be easier to manage if they will otherwise duplicate a lot of th

Re: [RADIATOR] ClientHook sequence?

Mike, Hugh, and Heikki, Thanks!! Dave -Original Message- From: Hugh Irvine [mailto:h...@open.com.au] Sent: Friday, August 20, 2010 7:03 PM To: Heikki Vatiainen Cc: Dave Kitabjian; radiator@open.com.au; Greg Evanyke Subject: Re: [RADIATOR] ClientHook sequence? Hello Heikki, Hello Dave

[RADIATOR] ClientHook sequence?

Does anyone know where the "ClientHook" fits in this order-of-execution sequence? Dave http://open.com.au/radiator/ref.pdf 1. Server started 2. StartupHook called 3. Request received from NAS 4. Global RewriteUsernames applied 5. PreClientHook called 6. Client clause selected 7. C

RE: RE : (RADIATOR) Cisco IOS aaa ??

I don't know where my notes are, but we solved a couple of perplexing Cisco IOS Port Attribute related problems by issuing a configuration command into the Cisco config file. Something reminiscent of: radius-server attribute nas-port format d as mentioned at http://googleweb-1.cisco.

RE: (RADIATOR) Invalid object name 'inerted'

Hmm. Do you mean other than the fact that “inserted” is spelled wrong, presumably in a trigger attached to the ACCOUNTING table?   Dave   -Original Message- From: Michel Bant [mailto:[EMAIL PROTECTED] Sent: Friday, June 13, 2003 10:22 AM To: [EMAIL PROTECTED] Subject: (RADIA

RE: (RADIATOR) ISDN fails but Analog fine

What brand NAS do you use? We found that with Cisco NASes (5300's, eg), some ISDN people had problems getting the PPP connection up, even after passing authenication (I guess IPCP was failing). Strangely, it seemed that if we took out the Idle-Timeout reply item attribute, lots of these people wer

RE: (RADIATOR) AuthBy in an Accounting-Request

Trout [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 19, 2003 12:19 PMTo: Dave Kitabjian; [EMAIL PROTECTED]Subject: RE: (RADIATOR) AuthBy in an Accounting-Request I believe you still need something to return a packet to register the logging; we just use an AuthBy TEST clause to

(RADIATOR) AuthBy in an Accounting-Request

Given the following: ... AuthBy LDAP_SERVER_1 am I correct in assuming that the AuthBy specifier would be completely ignored and irrelevant since no Access-Requests will ever be handled here? Dave === Archive at http://www.open.com.au/a

(RADIATOR) hostname -s ?

Title: Message Hello!   I noticed that %h returns the equivalent of our "hostname" command,       rad1.domain.net     rad2.domain.net     rad3.domain.net   However, it would be nice if I could just have the host's name, as in the command "hostname -s":       rad1     rad2     rad3   I c

(RADIATOR) AuthLog + ContinueWhileReject behavior?

Hello! Here is my config: AuthBy LDAP_GROUP AuthLog AUTH_LOGGER Identifier LDAP_GROUP AuthByPolicy ContinueWhileReject AuthBy LDAP_AUTH_1 AuthBy LDAP_AUTH_2 Identifier AUTH_LOGGER ... I seem to be observing the fo

RE: (RADIATOR) What is the order?

I would think the easiest way to find out is to set your Debug level to 4 and then use radpwtst to send a few authentication/accounting requests to Radiator. Then, check the log file, and I think it will show you most or all of those statements right there... Dave > -Original Message- > F

RE: (RADIATOR) Renaming cisco-avpair

This may not be worth much, but... You might consider deleting each cisco-avpair attribute from the list after you recode it, and then add it back in "the right way", such as cisco-avpair-connect-progress = "41". That way, you'll get the next one in line the next time you call get_attr() becaus

(RADIATOR) password encryption and proxying to iPass

Title: Message I just observed something, but maybe someone can tell me if I'm right or confused...   I just noticed that foreign iPass users hitchhiking on our network (aka, "iPass outbound") are showing up in our Authentication Log, complete with clear text passwords.   Now, I know this

RE: (RADIATOR) Port-Error

We've gotten Port-Errors now and then over the years. But sadly, I haven't been able to figure out what they mean. The RFC doesn't say much, and I've never tracked down the manufacturer info that explains exactly what it means. Sorry, Dave > -Original Message- > From: Mohammed AbdusSami

RE: (RADIATOR) Mac OS X Questions

> I have just had a quick look at the > ODBC Administrator application, and it looks like it should > do the job > nicely. What is this ODBC Administrator app? Is that another OS X SERVER specialty, or is it a 3rd party piece of software? Dave === Archive at http://www.open.com.au/archives/r

RE: (RADIATOR) Mac OS X Questions

> Mac OS X has a built-in process monitoring > software called watchdog. The idea seems similar to restartWrapper. Hey, I don't recall "watchdog". Is that unique to Mac OS X SERVER or is it also in the consumer OS X? Is it new to Jaguar (10.2)? Dave === Archive at http://www.open.com.au/archi

RE: (RADIATOR) Request feature: DictionaryFileList

I like this idea. I'd much rather have all my custom dictionary entries in a separate, concise file. Dave > -Original Message- > From: Mariano Absatz [mailto:[EMAIL PROTECTED]] > Sent: Monday, September 16, 2002 4:34 PM > To: Radiator Mailinglist > Subject: (RADIATOR) Request feature: D

RE: (RADIATOR) Expiration

sing it along to the database.   Let me know!   Dave :) -Original Message-From: Radius Admin [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 13, 2002 10:11 AMTo: Dave Kitabjian; [EMAIL PROTECTED]Subject: Re: (RADIATOR) Expiration Dave,   I am now using this:   AcctSQLSt

RE: (RADIATOR) Expiration

Title: Message There are a whole mess of date formatting options in the manual:       http://www.open.com.au/radiator/ref.html#pgfId=290952   Let me know how you make out!   Dave   TABLE 2. DateFormat special characters Specifier Is replaced at run-time by:

RE: (RADIATOR) DATE

Well, there is no one "valid DATE Type", unfortunately. Every application has it's own standard :-\ But to get a date that Sql Server didn't reject, we had to remove the Day of Week portion, such as "Mon", "Tue", etc. I think that was all it took. Dave > -Original Message- > From: auth

RE: (RADIATOR) Timestamp attribute

Interesting question. The question for you is, what event do you want the stamp for? The Timestamp attribute indicates, I think, when the RADIUS packet is actually sent by the NAS. The line at the top: Wed Jul 24 12:59:01 2002 Acct-Session-Id = "0002BAA0" Fra

RE: (RADIATOR) Error in AuthLog

I might be confusing the issue, but I know that we often get a Reason = Proxied in our AuthLog. In our case, we have a ContinueWhileReject AuthByPolicy, and if the first AuthBy fails then the second one is an AuthBy RADIUS. So we were a little confused at first to see the "Proxied" in the AuthLog

RE: (RADIATOR) Cisco, non-unique NAS-Ports, clobbering Online DB

.   Regards,   Bernhard -Original Message-From: Dave Kitabjian [mailto:[EMAIL PROTECTED]]Sent: Thursday, July 11, 2002 7:25 AMTo: [EMAIL PROTECTED]Subject: (RADIATOR) Cisco, non-unique NAS-Ports, clobbering Online DB I finally tracked down the reason why our

RE: (RADIATOR) Cisco, non-unique NAS-Ports, clobbering Online DB

- > From: Hugh Irvine [mailto:[EMAIL PROTECTED]] > Sent: Thursday, July 11, 2002 3:18 AM > To: Frank Danielson; Dave Kitabjian; [EMAIL PROTECTED] > Subject: Re: (RADIATOR) Cisco, non-unique NAS-Ports, > clobbering Online DB > > > > Hello Dave, Hello Frank - > > T

RE: (RADIATOR) Cisco, non-unique NAS-Ports, clobbering Online DB

They are 5400s. Are you sure you're not confusing the Cisco-NAS-Port with the NAS-Port? D > -Original Message- > From: Vangelis Kyriakakis [mailto:[EMAIL PROTECTED]] > Sent: Thursday, July 11, 2002 3:44 AM > To: Dave Kitabjian > Cc: [EMAIL PROTECTED] > Subjec

(RADIATOR) Cisco, non-unique NAS-Ports, clobbering Online DB

Title: Cisco, non-unique NAS-Ports, clobbering Online DB I finally tracked down the reason why our Online DB has been reporting a much lower count of onliners than are actually online. Look at the attached sequence of two accounting records. tmeyers logs on to NAS 216.118.66.25 and Port 105.

(RADIATOR) Duplicate request id: ignored

"Wed Jun 26 16:03:16 2002: INFO: Duplicate request id 87 received from 10.52.0.1(1026): ignored" This message was logged for an Accounting request that was clearly retransmitted since it had a large Acct-Delay-Time value. But if Radiator keeps ignoring the request, the NAS will keep retr

RE: (RADIATOR) Help for the DBM-Impaired

I think what you want to do is get the radwho.cgi script (included with Radiator) set up and running under Apache. Then, when you access it in your web browser, you can click "Delete" to remove individual rows from the DBM. Dave > -Original Message- > From: Scott Rothgaber [mailto:[EMAIL

RE: (RADIATOR) MacOSX Users

I'm kinda interested, too :) If I had a lot more time, I'd set it up on my Mac at home and give it a whirl... Dave > -Original Message- > From: Bennie Warren [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, June 18, 2002 2:28 AM > To: [EMAIL PROTECTED] > Subject: (RADIATOR) MacOSX Users >

RE: (RADIATOR) RE:PrePaid for Voip

Sadly, our attempt to do this with the AS5300 confirmed that the Session-Timeout attribute was not honored (and I think Cisco acknowledged this). That other post about the h323-credit-time sounds interesting, though. We'll have to look into that sometime. Dave > -Original Message- > Fro

(RADIATOR) Making Exec-Program safe

Title: Message First of all, thanks for the Exec-Program special reply item! It works like a charm!   Here are two related requests or questions.   1) It would be nice if Radiator DEBUG logged that the program was run and perhaps the return value.   2) Is there any way to lock down this fe

(RADIATOR) perl sanity check

I need some basic perl help here from y'all. Given the clip of Radiator perl code below, does this mean that $self is a reference to an object which is an array of references to arrays which contain 2 elements each, attribute and value? Dave # AttrVal.pm # #

(RADIATOR) RE: RADIUS going in circles

Oh no! Someone already stole my idea! http://www.wheatstone.net/whatwedo/Portal/Standards/radius_diameter.htm Dave :) > -Original Message- > From: Dave Kitabjian > Sent: Wednesday, February 06, 2002 5:05 PM > To: [EMAIL PROTECTED] > Subject: RADIUS g

RE: (RADIATOR) Need help

Title: Message I guess the solution would be something like:       AuthBy IPASS_AUTH       AuthBy GRIC_AUTH       #default catch-all #---     Identifier    IPASS_AUTH     Host ...           Identifier    GRIC_AUTH     Host ...       Let m

RE: (RADIATOR) unknown ports

TED]] > Sent: Friday, March 08, 2002 5:41 PM > To: Dave Kitabjian; Jim Liebgott > Cc: Ronan Eckelberry; [EMAIL PROTECTED] > Subject: Re: (RADIATOR) unknown ports > > > > Hello Dave - > > Here is the message: > > Sat Mar 9 09:37:10 2002: DEBUG: Packet dump: &

RE: (RADIATOR) unknown ports

Just one thought: I haven't been reading this thread in all its detail, but this might be of some value. Some time back, I believe when we transitioned from USR to Cisco NASes, we started getting log entries such as: *** Received from X.X.X.X on port 1645 when we were definitely only listening

RE: (RADIATOR) 2 copies of User-Name attribute

of the User-Name. That means it's out of spec to send 2 copies. I'll take this up with Cisco. Meanwhile, I'm still open to feedback on the Radiator side (since Cisco notoriously drags its feet on our bug reports). Dave > -Original Message- > From: Dave Kitabjian >

(RADIATOR) 2 copies of User-Name attribute

Recently I've been noticing that the Radius Accounting packets coming from some of our Cisco gear has been sending some attributes in duplicate; in particular, we get two copies each of User-Name and Nas-Port. Fortunately, the two copies have identical values. But it still causes a problem. We ha

RE: (RADIATOR) Logging failed authentication attempts

As a bonus, here's what we do: # Identifier AUTH_LOGGER Filename%D/Authentication/%R-%h LogSuccess 1 LogFailure 1 # Note the literal tab characters: SuccessFormat %l%r\

(RADIATOR) ERR: Unknown keyword 'AddToRequest'

ounting/IPASS_OUTBOUND-%h     AuthLog AUTH_LOGGER     PasswordLogFileName %L/password.log We're running 2.18. Does anyone know if this keyword was new to Handlers since 2.18? I didn't remember reading about it... _ Dave Kitabjian NetCarrier, Software Engineering

(RADIATOR) RADIUS going in circles

FYI, have you heard that RADIUS is doubling its number of attributes? Yea, the new protocol is called DIAMETER... Dave ;) === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body

RE: (RADIATOR) Content filtering

We're getting ready to do this too. Two approaches we have so far are: 1) Use the Filter-Id reply item. When the NAS sees this, it will load a filter by that name that you must have already configured on that NAS and saved. The filter is a series of rules based on protocol, IP address block, and

RE: (RADIATOR) CDB format ?

Hugh, Are you sure you're not confusing DBM-style databases with CDB? Pascal, The Radiator manual says: "The CDB is indexed by username and the value is the check items followed by a newline followed by the reply items." So a typical entry might look like this: +6,145:corey1->Password="jack",

RE: (RADIATOR) Radiator Startup + daemontools

You can read more about daemontools here: http://cr.yp.to/daemontools.html In particular, I think you're talking about supervise: http://cr.yp.to/daemontools/supervise.html Unfortunately, I'm not a whiz at supervise. But there's a mailing list you should consult: http:

RE: (RADIATOR) Authenticaton Problems

ting the same > error. Only now instead of 127.0.0.1 it shows the realm as default > > At 03:42 PM 1/2/02 -0500, Dave Kitabjian wrote: > >The problem is that "127.0.0.1" is not a realm, it's a Client. > > > >Try changing > > > > > >

RE: (RADIATOR) Authenticaton Problems

The problem is that "127.0.0.1" is not a realm, it's a Client. Try changing to and let us know if it works. Dave > -Original Message- > From: Eric Johnson [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 02, 2002 11:21 AM > To: [EMAIL PROTECTED] > Subject:

RE: (RADIATOR) Authentication Question..

Remember that the Authentication requests can be sent to a different place than the Accounting requests, via separate lines in your Cisco config file. Perhaps the AUTH line is not correct... Dave > -Original Message- > From: GwangHee Yi [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, Dece

RE: (RADIATOR) IpassPerl still lingering around?

ally only handled Inbound requests, but then later they upgraded it to also handle Outbound as well?   Dave -Original Message-From: Dave Kitabjian Sent: Thursday, December 06, 2001 3:11 PMTo: [EMAIL PROTECTED]Subject: (RADIATOR) IpassPerl still lingering around? Regarding t

(RADIATOR) IpassPerl still lingering around?

x27;t IpassPerl part of what was deprecated along with way back? In general, how accurate is the rest of the iPass appendix of the manual? Thanks! _ Dave Kitabjian NetCarrier, Software Engineering

RE: (RADIATOR) AuthLog question/requests

t the actual password in ... Dave > -Original Message- > From: Hugh Irvine [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, December 05, 2001 6:44 PM > To: Dave Kitabjian; [EMAIL PROTECTED] > Subject: Re: (RADIATOR) AuthLog question/requests > > > > Hello Dave

(RADIATOR) AuthLog question/requests

, especially since the whole purpose of this logfile for us is to debug password problems. Thanks!! _ Dave Kitabjian NetCarrier, Software Engineering

(RADIATOR) 2.18: FailureFormat not reread on HUP

Title: 2.18: FailureFormat not reread on HUP Just as an FYI, The AuthLog.FailureFormat does not appear to be reread after a HUP to Radiator 2.18. Perhaps it was fixed it 2.19, but I don't remember reading about it in the fixlist. Thanks! _____ Dave Kitabjian NetCarrier, Sof

RE: (RADIATOR) RADIATOR (freebsd install)

Are you sure you are root when you run "make install"? Dave > -Original Message- > From: Rick Ross [mailto:[EMAIL PROTECTED]] > Sent: Sunday, December 02, 2001 1:54 PM > To: [EMAIL PROTECTED] > Subject: (RADIATOR) RADIATOR (freebsd install) > > > ok Im trying to install 2.19 on freeb

RE: (RADIATOR) can snmpget query NAS w/ Cisco-NAS-Port?

5" when it goes to see if the user is still online? That's my main concern... Dave > -Original Message- > From: Hugh Irvine [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 16, 2001 8:09 PM > To: Dave Kitabjian; Radiator List > Subject: Re: (RADIATOR) ca

(RADIATOR) can snmpget query NAS w/ Cisco-NAS-Port?

rather than the Nas-Port. But how do we get snmpget to query that info in the Cisco MIB? Thanks in advance!! _ Dave Kitabjian NetCarrier, Software Engineering

RE: (RADIATOR) after year 2037

Yea, but what if the customer has already paid for 40 years up front and so his expriation date is 2040? Dave :) sorry, couldn't resist > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, November 14, 2001 9:37 AM > To: ISMAIL,IRWAN (HP-Malaysia,

RE: (RADIATOR) Questions about PPPoE

You may not need any changes whatsoever. We just turned on an Apartment Complex for full-time Internet access to all the dwelling units. They use WinPOET and MacPOET as their PPPoE clients. Currently, we use a PPPoE server running on FreeBSD, whose IP we list in our clause. We have configured th

(RADIATOR) Radiator/LDAP hangs on binary username! (repost, upon request)

> From: Hugh Irvine [mailto:[EMAIL PROTECTED]] > > Hello Dave - > > At 11:11 -0500 30/11/00, Dave Kitabjian wrote: > >I believe it's a BUG. > > > >Please see my post from last week: > > > > "Radiator/LDAP hangs on binary username!&q

RE: (RADIATOR) What is this? A bug, a DOS attack?

I believe it's a BUG. Please see my post from last week: "Radiator/LDAP hangs on binary username!" to which no one has replied yet, where I described a similar experience. Again, AuthBy CDB never misbehaved with these binary usernames, but AuthBy LDAP2 will hang Radiator completely. It

Re: (RADIATOR) packet dumps: how to analyze them?

Hey guys, Thanks very much for the feedback! Dave :) ___ Have a copy of the rfc alongside the packet dump and check the attribute definitions to do the translation. Otherwise, use something like this: regards Hugh === Archi

(RADIATOR) packet dumps: how to analyze them?

With Trace level 5 enabled, here is a sample packet dump using radpwtst: Tue Nov 28 12:53:15 2000: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1101 Packet length = 67 04 5b 00 43 bb d7 4c 1d 80 3e 3b 4f 5e 51 80 cf bb f6 79 a6 01 07 6d 69 6b 65 6d 06 06 00 00 0

(RADIATOR) Radiator/LDAP hangs on binary username!

We have been using for about a year without any problems. We are now trying to cutover all our systems to . Twice now since Friday, since we have gone live with LDAP, Radiator has hung, causing me great grief. This never happened before with CDB. Here are the details: - Authentication and Accoun

RE: (RADIATOR) NoDefault and NoDefaultIfFound

Okay, thanks! This is all very clear now. I think the only thing I might suggest is a small change in the documentation wording... From: 6.16.11 NoDefault Normally if Radiator searches for a user in the database and finds one, but the users check items fail, Radiator will then consult th

(RADIATOR) NoDefault and NoDefaultIfFound

(See the official definitions from the manual below.) I find these definitions confusing. For NoDefaultIfFound, it says "Radiator will only look for a DEFAULT if there were no entries found in the user database for the user". In that case, shouldn't this be called DefaultIfNotFound? The reason t

RE: (RADIATOR) Radiator,MS SQL & Cisco AS5300 for VoIP

I'm looking forward to seeing any replies to this, since we will be doing the exact same thing in just a couple weeks. Meanwhile, do you have the AS5300 dictionary that includes the VSA's for VoIP? I haven't been able to find that anywhere. Thanks! Dave > -Original Message- > From: [EM

(RADIATOR) Reject vs. Ignore when no Handler?

Here is a sample log entry: Mon Oct 30 19:03:42 2000: WARNING: Could not find a handler for krussell@joeh arnesscable.com: request is ignored Since there is no Handler for the Realm "joeharnesscable.com", the request is ignored. Because the request is ignored, the log shows that it is be

(RADIATOR) What does "Pty" stands for in "Open System Consultants Pty. Ltd."?

Anyone know? It must be one of those British things. To me, "pty" sounds like some type of virtual terminal ;) Dave === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the messa

RE: (RADIATOR) Problem with Cisco NAS

Yes, I'd like to reinforce one of Gildas' points:       'Service-Type = Framed-User',  'Framed-Protocol = PPP'   While our USR/3Com NASes will work fine if these "standard" Reply items are omitted, our Cisco NAS does not, so we had to state them explicitly.   Dave :) -Original Messag

RE: (RADIATOR) Check Attribute in LDAP

So Stephen, If I understand you correctly, this "patch" basically implements the Check Item with NEGATIVE LOGIC, correct? Rather than having Radiator check for a MATCH, it checks for a MISMATCH to allow authentication? If so, this is similar to what we're looking for. We want to define 2 types o

(RADIATOR) How to log Access-Request packets?

As an ISP, Accounting Packets are not enough to assist our Techs with diagnosing customer login problems, since they only appear on success. Far more useful would be the ability to see every Access-Request packet (and possibly also the Access-Accept/Reject replies). Is there any way to get Radiat

(RADIATOR) TCP/IP problems -> "no such user" ??

We've been having some problems with what may be an overload on Radiator's ability to process authentication requests. I'm NOT asking for ideas in this regard (this time); I'm familiar with the suggestions under High Availability and Performance. My question is this: Is it possible to get a "no

RE: (RADIATOR) SocketQueueLength, kern.ipc.somaxconn, and units

> > So are these apples and apples, or are they two unrelated > quantities? > > > > Also, what are the units on SocketQueueLength: bytes or requests? > > > > Yes, these are the same thing. You need to configure the > kernel before you can > tell Radiator to use the extra queue space. The unit

(RADIATOR) SocketQueueLength, kern.ipc.somaxconn, and units

I might have better luck on a Unix newsgroup, but I'll proceed anyway... Regarding the SocketQueueLength global, does this pertain to the same setting as the kern.ipc.somaxconn MIB variable? On my system, I get: # sysctl kern.ipc.somaxconn kern.ipc.somaxconn: 128 According to "m

RE: [(RADIATOR) Multithreaded radiator.]

ginal Message- > From: Robin Gruyters [mailto:[EMAIL PROTECTED]] > Sent: Monday, June 12, 2000 1:16 PM > To: Dave Kitabjian > Subject: Re: [(RADIATOR) Multithreaded radiator.] > > > On Mon, Jun 12, 2000 at 01:03:41PM -0400, Dave Kitabjian wrote: > > Thanks, all, for y

RE: [(RADIATOR) Multithreaded radiator.]

Thanks, all, for your suggestions. This looks like it will be exactly what we need. Only problem is, I can't get it to work. The only difference I see is that we are using ports 1812/1813, not 1645/1646. I changed my config file to: AuthPort 1812 AcctPort Then I HUPped radiator.

RE: (RADIATOR) Accounting

Hey Robin, It needs the dictionary b/c the attributes and "values" come numerically from Radiator: #1 = #2 So to be friendly, Radiator looks them up in the dictionary and logs the "friendly" values in the detail (accounting) file instead of the number: Framed-Protocol = PPP Da

RE: [hugh@open.com.au: Re: (RADIATOR) Multithreaded radiator.]

I, too, would like to see an example of splitting accounting and authentication. Do you need two different config files? If so, what is the AcctPort in the authentication config file, and vice versa? Etc... Dave > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]O

RE: (RADIATOR) Logging attributes by integer..

I never found an easy solution to this, so I have a translation routine. However, I never really tried one idea which was suggested, and I'm still curious whether it would work: I would think that if you remove the "VALUE" entries from you dictionary corresponding to the data you want in integer

(RADIATOR) LDAP: new "AuthAttrDef" attribute?

Regarding: http://www.open.com.au/radiator/ref.html#pgfId=369888 and the new AuthAttrDef attribute for LDAP... This looks like a nice feature. However, to make AuthAttrDef entries as: AuthAttrDef ldapattributename, radiusattributename, type you would need to anticipate and list in your

RE: (RADIATOR) AuthBy LDAP2: support for OpenLDAP?

6 AM > To: Dave Kitabjian > Cc: '[EMAIL PROTECTED]' > Subject: Re: (RADIATOR) AuthBy LDAP2: support for OpenLDAP? > > > Dave, > > It works perfectly with OpenLDAP. OpenLDAP is based on the U > of M code. > > - Joost. > > Dave Kitabjian wrote: &g

(RADIATOR) AuthBy LDAP2: support for OpenLDAP?

Regarding: http://www.open.com.au/radiator/ref.html#pgfId=369888 The docs say: "AuthBy LDAP2 works with the newer Net::LDAP module version in perl-ldap-0.09 or better (Available from CPAN). It is implemented in AuthLDAP2.pm. The Net::LDAP will work with both University of Michigan LDAP

(RADIATOR) AuthByLDAP: sample LDIF file?

I've seen the sample file, goodies/ldap.cfg. However, I'd be very greatful to anyone who could post for me examples of their: - ldap.cfg file being used in production - LDIF of a section of your LDAP db I want to see *real examples* of what kind of schema people are usin

RE: (RADIATOR) Accounting for Realms?

--Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 25, 2000 6:22 PM To: Dave Kitabjian; '' Subject: RE: (RADIATOR) Accounting for Realms? On Tue, 25 Apr 2000, Dave Kitabjian wrote: > Thanks for the tip. > > From a Radiator point of vie

RE: (RADIATOR) Accounting for Realms?

I split them apart from within Radiator ? Also, I'm still curious how the rest of you handle logging realms? Thanks! Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hugh Irvine Sent: Monday, April 24, 2000 8:12 PM To: Dave Kitabjian; '[

(RADIATOR) Accounting for Realms?

What is the proper or best way to handle Accounting for Realms? It appears that, by default, regardless of whether the Username is rewritten, the Realm is just tagged onto the Username for Accounting: [EMAIL PROTECTED] and that's what gets exported to the Accounting record (and inserted

(RADIATOR) Coordinating multiple radiator instances

We will be bringing a couple more Radiators online to work in parallel to our main one. I could use some guidance here: 1) logfile - Since they all write atomically, could they all share the same logfile if it resides on a common NFS volume? Is there a non-NFS way to do this? 2) SessionDatabase

(RADIATOR) stripping spaces off username

We have a surprising number of "No such user" failures which appear to be caused by leading or trailing spaces around the username. In Unix, I would fix this as: echo " dave " | sed -e 's/^ *//' -e 's/ *$//' Since I don't know perl, I'm not sure how to test this without going live,

RE: (RADIATOR) Restricting 800# usage?

On Friday, March 10, 2000 2:06 AM, Hugh Irvine [SMTP:[EMAIL PROTECTED]] wrote: > > Hello Dave - > > On Fri, 10 Mar 2000, Dave Kitabjian wrote: > > This is partly a Radiator question and partly a generic Radius question. > > > > It's rather simple, we want

(RADIATOR) Restricting 800# usage?

This is partly a Radiator question and partly a generic Radius question. It's rather simple, we want to make our 800# available only to certain customers. My guess is that this would be controlled by some type of radius Reply Attribute. So the first question is, what attribute do I use? Then,

RE: (RADIATOR) How to make username case-INsensitive? - DECISION

> > We're using CDB (for maximum speed and huge username count). That's why SQL tricks are not an option :( > > > > So when you build the CDB file, why not lowercase (or UPPERCASE) the usernames > then? And how many is "huge username count"? We have some customers up around > the million mark r

RE: (RADIATOR) How to make username case-INsensitive?

> On Thu, 09 Mar 2000, Dave Kitabjian wrote: > > Thank you both for your replies. > > > > RewriteUsername would work fine except for one major problem: I don't know > > the case of the username as stored in the database. Names are entered > > automatically

RE: (RADIATOR) How to make username case-INsensitive?

efore > giving up. Besides, as an security-concious admin, I would say that > passwords SHOULD be case-sensitive. > > Mike Nerone <mailto:[EMAIL PROTECTED]> > Network Operations Manager > Internet Direct, Inc. <http://www.idworld.net/> > > > > -Original

(RADIATOR) How to make username case-INsensitive?

I thought this would be a FAQ, but I can't seem to find it addressed anywhere. The subject says it all. I'm using AuthBy=CDB, and I want to simply allow case-errors in the username (not the password) to be permitted. We are about to switch it live, and since our current radius, RadiusNT, is c

(RADIATOR) RE:

I'm not a Radiator whiz, but look at: http://www.open.com.au/radiator/ref.html#pgfId=363701 section 6.4.5 NasType. If you group your clauses somehow by NasType, you might be able to handle the two groups in this fashion. Dave On Friday, February 25, 2000 2:50 PM, Jeff Baldwin [SMTP

  1   2   >