Using freeradius2.1.3 and rlm_dbm module<br><br>Having a problem with rlm_dbm_parser to create dbm file. Testing with 3 DEFAULT Realm records and two username/password. Seems to<br>be overwriting DEFAULT Realm as only last one exists. rlm_dbm_parser reports all records read and no errors but rlm_dbm_cat shows<br>
only last Default. radclient tests naturally only succeed with DEFAULT domain_three <br><br>Is there a know issue here on creating dbm files or have I missed some setting to allow multiple DEFAULT Realm=xxx records in dbm file.<br>
<br>Desired approach is<br>- dbm file with large numbers of DEFAULT Realm and all with no fallthru.<br>- we have no other (catch-all) DEFAULTs with explicit accept or reject<br>- ideally usernames matching these realms (proxy.conf) and DEFAULT Realm should respond with Accept straight away - no searching full<br>
subscriber base dbm file and then DEFAULT match. (e.g treat DEFAULT Realm =xxx as distinct from generic DEFAULT)<br>- ideally have DEFAULT Realm=xxx be read in to hash/memory from separate file and DBM users just have subscriber base (user/pass). This way every time<br>
users.db updated/re-created/re-read - does not impact DEFAULT Realm=xxx records. The later Realms more static - subscriber base <br> changes more dynamic.<br>- Also using dbm as faster/ less memory resources and no need to restart radiusd as dbm files change - and do change constantly.. <br>
<br>This possible? <br><br><br>Logs below:<br><br>Test users file<br>--------------------<br>DEFAULT Realm == "domain_one", Auth-Type := Accept<br> Tunnel-Type:1 = L2TP,<br> Tunnel-Medium-Type:1 = IP,<br>
Tunnel-Server-Endpoint:1 = "xxx.xxx.xxx.xxx",<br> Tunnel-Client-Auth-Id:1 = "realm1",<br> Tunnel-Password:1 = "xxx",<br> Tunnel-Assignment-Id:1 = "xxx",<br>
Tunnel_Algorithm = 2,<br> Tunnel_Domain = 1<br><br>DEFAULT Realm == "domain_two", Auth-Type := Accept<br> Tunnel-Type:1 = L2TP,<br> Tunnel-Medium-Type:1 = IP,<br> Tunnel-Server-Endpoint:1 = "xxx.xxx.xxx.xxx",<br>
Tunnel-Client-Auth-Id:1 = "realm2",<br> Tunnel-Password:1 = "xxx",<br> Tunnel-Assignment-Id:1 = "xxx",<br> Tunnel_Algorithm = 2,<br> Tunnel_Domain = 1<br><br>
DEFAULT Realm == "domain_three", Auth-Type := Accept<br> Tunnel-Type:1 = L2TP,<br> Tunnel-Medium-Type:1 = IP,<br> Tunnel-Server-Endpoint:1 = "xxx.xxx.xxx.xxx",<br> Tunnel-Client-Auth-Id:1 = "realm3",<br>
Tunnel-Password:1 = "xxx",<br> Tunnel-Assignment-Id:1 = "xxx",<br> Tunnel_Algorithm = 2,<br> Tunnel_Domain = 1<br><br>userone@one Cleartext-Password := "pass"<br>
Class = "xxxclass1xxx",<br> Service-Type = Framed-User,<br> Framed-Protocol = PPP<br><br>usertwo@norealm Cleartext-Password := "pass", Calling-Station-Id == "123456"<br>
Service-Type = Framed-User,<br> Framed-Protocol = PPP,<br> Framed-IP-Address = 10.10.10.0,<br> Framed-IP-Netmask = 255.255.255.240,<br>------------------------------------------------------------------<br>
<br>rlm_dbm_parser logs:<br>%% # /usr/local/freeradius/bin/rlm_dbm_parser -c -xxx -i /usr/local/freeradius/etc/raddb/users_generic -o /usr/local/freeradius/etc/raddb/users<br>Use dictionary in: /usr/local/freeradius/etc/raddb<br>
Found user: DEFAULT<br>Found user: DEFAULT<br>Found user: DEFAULT<br>Found user: userone@one<br>Found user: usertwo@norealm<br><br>Record loaded: 5<br>Lines parsed: 41<br>Record skiped: 0<br>Warnings: 0<br>Errors: 0<br>%%#<br>
<br>rlm_dbm_cat logs - only shows last DEFAULT Realm<br>------------------------------<br>%% # /usr/local/freeradius/bin/rlm_dbm_cat -f /usr/local/freeradius/etc/raddb/users <br>
DEFAULT Realm == "domain_three", Auth-Type := Accept<br> Tunnel-Type:1 = L2TP, Tunnel-Medium-Type:1 = IPv4, Tunnel-Server-Endpoint:1 = "xxx.xxx.xxx.xxx", Tunnel-Client-Auth-Id:1 = "realm3", Tunnel-Password:1 = "xxx", Tunnel-Assignment-Id:1 = "xxx", Tunnel_Algorithm = 2, Tunnel_Domain = 1<br>
<br>userone@one Cleartext-Password := "pass"<br> Class = "xxxclass1xxx", Service-Type = Framed-User, Framed-Protocol = PPP<br><br>usertwo@norealm Cleartext-Password := "pass", Calling-Station-Id == "123456"<br>
Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 10.10.10.0, Framed-IP-Netmask = 255.255.255.240<br><br>%%#<br><br><br>-----------------------<br>Havent included radiusd -X logs as issue seems to be creating dbm file and hence before using Radius. radclient tests are successful when matching 3 records that do<br>
exit in dbm file. Problem is two missing records<br>