Thanks Kalik,<br><br>We changed the default sql to allow it to actually insert the grouname.<br><br><div class="gmail_quote">2009/2/26 <span dir="ltr"><<a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a>></span><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Send Freeradius-Users mailing list submissions to<br>
<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.freeradius.org/mailman/listinfo/freeradius-users" target="_blank">http://lists.freeradius.org/mailman/listinfo/freeradius-users</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:freeradius-users-owner@lists.freeradius.org">freeradius-users-owner@lists.freeradius.org</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of Freeradius-Users digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: SQLCounter configuration (Alan DeKok)<br>
2. Re: SQLCounter configuration (Alexander Solodukhin)<br>
3. Re: EAP-PEAP GTC auth_type (<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>)<br>
4. Re: Freeradius-Users Digest, Vol 46, Issue 102 Why is<br>
groupname fieldblank in radacct (<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Thu, 26 Feb 2009 11:03:22 +0100<br>
From: Alan DeKok <<a href="mailto:aland@deployingradius.com">aland@deployingradius.com</a>><br>
Subject: Re: SQLCounter configuration<br>
To: FreeRadius users mailing list<br>
<<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a>><br>
Message-ID: <<a href="mailto:49A668EA.40702@deployingradius.com">49A668EA.40702@deployingradius.com</a>><br>
Content-Type: text/plain; charset=ISO-8859-1<br>
<br>
alt_ wrote:<br>
> Can you show some examples please? I try to do like this:<br>
><br>
> noresetBytecounter<br>
><br>
> if (reject) {<br>
> update reply {<br>
> Reply-Message := "Traffic limit exceeded."<br>
> }<br>
> }<br>
><br>
> but if noresetBytecounter return reject freeradius immediatly return reject<br>
> to user and do not process 'if' clause<br>
<br>
You need to put this in the "post-auth" section, "Reject" subsection.<br>
See the example configuration files.<br>
<br>
Alan DeKok.<br>
<br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Thu, 26 Feb 2009 12:12:50 +0200<br>
From: "Alexander Solodukhin" <<a href="mailto:alt@softwarium.net">alt@softwarium.net</a>><br>
Subject: Re: SQLCounter configuration<br>
To: "FreeRadius users mailing list"<br>
<<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a>><br>
Message-ID: <<a href="mailto:op.upyenokwqsf5os@demon.cris.net">op.upyenokwqsf5os@demon.cris.net</a>><br>
Content-Type: text/plain; format=flowed; delsp=yes; charset=koi8-r<br>
<br>
On Thu, 26 Feb 2009 12:03:22 +0200, Alan DeKok <<a href="mailto:aland@deployingradius.com">aland@deployingradius.com</a>><br>
wrote:<br>
<br>
> alt_ wrote:<br>
>> Can you show some examples please? I try to do like this:<br>
>><br>
>> noresetBytecounter<br>
>><br>
>> if (reject) {<br>
>> update reply {<br>
>> Reply-Message := "Traffic limit exceeded."<br>
>> }<br>
>> }<br>
>><br>
>> but if noresetBytecounter return reject freeradius immediatly return<br>
>> reject<br>
>> to user and do not process 'if' clause<br>
><br>
> You need to put this in the "post-auth" section, "Reject" subsection.<br>
> See the example configuration files.<br>
<br>
<br>
/etc/freeradius/sites-enabled/default[412]: "SQL Counter" modules aren't<br>
allowed in 'post-auth' sections -- they have no such method.<br>
<br>
--<br>
ISP CrIS, Softwarium<br>
<br>
<br>
------------------------------<br>
<br>
Message: 3<br>
Date: Thu, 26 Feb 2009 11:14:37 +0100<br>
From: <<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>><br>
Subject: Re: EAP-PEAP GTC auth_type<br>
To: "FreeRadius users mailing list"<br>
<<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a>><br>
Message-ID: <<a href="mailto:FwAfhIxV.1235643277.5432590.tnt@kalik.net">FwAfhIxV.1235643277.5432590.tnt@kalik.net</a>><br>
Content-Type: text/plain; charset=ISO-8859-2<br>
<br>
>Great! It works perfectly.<br>
>Other than enabling ldap in authorize and authenticate in<br>
>inner-tunnel, I also had to change eap.conf's gtc section to auth_type<br>
>= LDAP.<br>
><br>
>This works, but it brings up another problem. Setting auth_type to<br>
>PAP, Local, or commented out on gtc section does not work for LDAP. On<br>
>the other hand, If I set auth_type = LDAP, PEAP-GTC with system user<br>
>(which works if I set auth_type = PAP on gtc section) does not work.<br>
><br>
>Is there a way I can authenticate with BOTH system user and LDAP using PEAP-GTC?<br>
>the main radiusd.conf can have multiple authorize methods available,<br>
>right? Why does gct have to explicitly set auth_type?<br>
><br>
<br>
Leave gtc as pap. Change set_auth_type to no in ldap module<br>
configuration. Module will then just collect the password and pass it to<br>
pap module for authentication. It will not do "bind as user" ldap<br>
authentication.<br>
<br>
Ivan Kalik<br>
Kalik Informatika ISP<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 4<br>
Date: Thu, 26 Feb 2009 11:34:28 +0100<br>
From: <<a href="mailto:tnt@kalik.net">tnt@kalik.net</a>><br>
Subject: Re: Freeradius-Users Digest, Vol 46, Issue 102 Why is<br>
groupname fieldblank in radacct<br>
To: "FreeRadius users mailing list"<br>
<<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a>><br>
Message-ID: <<a href="mailto:I1ceiOfk.1235644468.0624740.tnt@kalik.net">I1ceiOfk.1235644468.0624740.tnt@kalik.net</a>><br>
Content-Type: text/plain; charset=ISO-8859-2<br>
<br>
>I have MySQL 5.0.67 and PostgreSQL 8.3.6 and freeRADIUS 2.17 installed on<br>
>GNU/Linux Fedora 10 distribution. I have identical radius databases on both<br>
>MySQL and PostgreSQL. When I use the PostgreSQL, the groupname field in the<br>
>radacct table gets filled in but when I change the database to MySQL, the<br>
>groupname filled is blank. I checked the queries in mysql/diaup.conf and<br>
>postgresql/dialup.conf and found out that they are the same. Why is it<br>
>working with PostgreSQL and not working with MySQL? The groupnames are<br>
>defined in radusergroup table.<br>
><br>
<br>
Default queries that come with the source don't write to groupname<br>
field. MySQL or PostgreSQL. You can place Class in radgroupreply and<br>
give it the value of the group name. Then put %{Class} into groupname<br>
field in accounting queries.<br>
<br>
Ivan Kalik<br>
Kalik Informatika ISP<br>
<br>
<br>
<br>
------------------------------<br>
<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
<br>
<br>
End of Freeradius-Users Digest, Vol 46, Issue 105<br>
*************************************************<br>
</blockquote></div><br>