Tough time getting FreeRADIUS 3.0.9 to work with mysql
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252 Thanks in advance
On Jul 12, 2015, at 7:27 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:. ... (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = not found
So... that SELECT statement returns nothing. What happens when you run the SELECT statement by hand? What does it return? That's why the SELECT is printed in debug mode... so you can see for yourself what's going on. Odds are that it doesn't work because there's no row in radchekc with "username = me". That should be simple enough to fix. Alan DeKok.
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+ 1 row in set (0.00 sec) On Monday, July 13, 2015 8:58 PM, Alan DeKok <aland@deployingradius.com> wrote: On Jul 12, 2015, at 7:27 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:. ... (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = not found
So... that SELECT statement returns nothing. What happens when you run the SELECT statement by hand? What does it return? That's why the SELECT is printed in debug mode... so you can see for yourself what's going on. Odds are that it doesn't work because there's no row in radchekc with "username = me". That should be simple enough to fix. Alan DeKok.
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it. Alan DeKok.
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then. On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote: On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it. Alan DeKok.
HI,I finally got it working. As I thought I was doing something wrong. Maybe sharing it will help others who have the problem.When configuring the sql module, I couldn't get FreeRADIUS to start with "rlm_sql_mysql" so I chose "rlm_sql_null".After searching the mailing list, I found out that this issue had been addressed on countless occasions.During mysql installation, I did not install MySql client libraries and the MySQL development library.I did this and reinstalled freeRADIUS (./configure then installed the libraries needed to work with "rlm_slq_mysql") and everything works well now. Thanks On Tuesday, July 14, 2015 7:18 AM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote: Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then. On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote: On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 16, 2015, at 18:28, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
HI,I finally got it working. As I thought I was doing something wrong. Maybe sharing it will help others who have the problem.When configuring the sql module, I couldn't get FreeRADIUS to start with "rlm_sql_mysql" so I chose "rlm_sql_null".After searching the mailing list, I found out that this issue had been addressed on countless occasions.During mysql installation, I did not install MySql client libraries and the MySQL development library.I did this and reinstalled freeRADIUS (./configure then installed the libraries needed to work with "rlm_slq_mysql") and everything works well now. Thanks
On Tuesday, July 14, 2015 7:18 AM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:23, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 16, 2015, at 18:28, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
HI,I finally got it working. As I thought I was doing something wrong. Maybe sharing it will help others who have the problem.When configuring the sql module, I couldn't get FreeRADIUS to start with "rlm_sql_mysql" so I chose "rlm_sql_null".After searching the mailing list, I found out that this issue had been addressed on countless occasions.During mysql installation, I did not install MySql client libraries and the MySQL development library.I did this and reinstalled freeRADIUS (./configure then installed the libraries needed to work with "rlm_slq_mysql") and everything works well now. Thanks
On Tuesday, July 14, 2015 7:18 AM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:23, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 16, 2015, at 18:28, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
HI,I finally got it working. As I thought I was doing something wrong. Maybe sharing it will help others who have the problem.When configuring the sql module, I couldn't get FreeRADIUS to start with "rlm_sql_mysql" so I chose "rlm_sql_null".After searching the mailing list, I found out that this issue had been addressed on countless occasions.During mysql installation, I did not install MySql client libraries and the MySQL development library.I did this and reinstalled freeRADIUS (./configure then installed the libraries needed to work with "rlm_slq_mysql") and everything works well now. Thanks
On Tuesday, July 14, 2015 7:18 AM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:23, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 16, 2015, at 18:28, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
HI,I finally got it working. As I thought I was doing something wrong. Maybe sharing it will help others who have the problem.When configuring the sql module, I couldn't get FreeRADIUS to start with "rlm_sql_mysql" so I chose "rlm_sql_null".After searching the mailing list, I found out that this issue had been addressed on countless occasions.During mysql installation, I did not install MySql client libraries and the MySQL development library.I did this and reinstalled freeRADIUS (./configure then installed the libraries needed to work with "rlm_slq_mysql") and everything works well now. Thanks
On Tuesday, July 14, 2015 7:18 AM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 16, 2015, at 18:28, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
HI,I finally got it working. As I thought I was doing something wrong. Maybe sharing it will help others who have the problem.When configuring the sql module, I couldn't get FreeRADIUS to start with "rlm_sql_mysql" so I chose "rlm_sql_null".After searching the mailing list, I found out that this issue had been addressed on countless occasions.During mysql installation, I did not install MySql client libraries and the MySQL development library.I did this and reinstalled freeRADIUS (./configure then installed the libraries needed to work with "rlm_slq_mysql") and everything works well now. Thanks
On Tuesday, July 14, 2015 7:18 AM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 16, 2015, at 18:28, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
HI,I finally got it working. As I thought I was doing something wrong. Maybe sharing it will help others who have the problem.When configuring the sql module, I couldn't get FreeRADIUS to start with "rlm_sql_mysql" so I chose "rlm_sql_null".After searching the mailing list, I found out that this issue had been addressed on countless occasions.During mysql installation, I did not install MySql client libraries and the MySQL development library.I did this and reinstalled freeRADIUS (./configure then installed the libraries needed to work with "rlm_slq_mysql") and everything works well now. Thanks
On Tuesday, July 14, 2015 7:18 AM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 16, 2015, at 18:28, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
HI,I finally got it working. As I thought I was doing something wrong. Maybe sharing it will help others who have the problem.When configuring the sql module, I couldn't get FreeRADIUS to start with "rlm_sql_mysql" so I chose "rlm_sql_null".After searching the mailing list, I found out that this issue had been addressed on countless occasions.During mysql installation, I did not install MySql client libraries and the MySQL development library.I did this and reinstalled freeRADIUS (./configure then installed the libraries needed to work with "rlm_slq_mysql") and everything works well now. Thanks
On Tuesday, July 14, 2015 7:18 AM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 14, 2015, at 15:17, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 14, 2015, at 15:17, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thanks, I probably did something wrong in configuring the mysql module. I'll double check my configuration then.
On Tuesday, July 14, 2015 12:23 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 13, 2015, at 5:54 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+
Well, then the server should work. There's really no magic in it.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 14, 2015, at 05:54, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+ 1 row in set (0.00 sec)
On Monday, July 13, 2015 8:58 PM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 12, 2015, at 7:27 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote: Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:. ... (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = not found
So... that SELECT statement returns nothing. What happens when you run the SELECT statement by hand? What does it return?
That's why the SELECT is printed in debug mode... so you can see for yourself what's going on.
Odds are that it doesn't work because there's no row in radchekc with "username = me". That should be simple enough to fix.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 14, 2015, at 05:54, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Thank you Alan.When I run the query in mysql this is what I get:mysql> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id; +----+----------+--------------------+-------+----+ | id | username | attribute | value | op | +----+----------+--------------------+-------+----+ | 9 | me | Cleartext-Password | pass | := | +----+----------+--------------------+-------+----+ 1 row in set (0.00 sec)
On Monday, July 13, 2015 8:58 PM, Alan DeKok <aland@deployingradius.com> wrote:
On Jul 12, 2015, at 7:27 PM, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote: Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:. ... (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = not found
So... that SELECT statement returns nothing. What happens when you run the SELECT statement by hand? What does it return?
That's why the SELECT is printed in debug mode... so you can see for yourself what's going on.
Odds are that it doesn't work because there's no row in radchekc with "username = me". That should be simple enough to fix.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:20, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:20, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:20, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:19, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:17, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:18, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Why dont you unsubscribe?? List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html <http://www.freeradius.org/list/users.html>
On 19 Nov 2018, at 12:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
can someone black him Thanks & regards Mankomal Singh Krauss International P: +91-9910416231 E: ms@kc-india.com PS: Send all bulk emails to sanman.krauss@gmail.com ONLY On Mon, Nov 19, 2018 at 6:00 PM Christian Salway via Freeradius-Users < freeradius-users@lists.freeradius.org> wrote:
Why dont you unsubscribe??
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html < http://www.freeradius.org/list/users.html>
On 19 Nov 2018, at 12:16, Song Zou via Freeradius-Users < freeradius-users@lists.freeradius.org> wrote:
please don’t send email
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I don't want to unsubscribe this group i found this useful. But song zou keep sending spam email again n again written "please don't reply" Regards ZUBAIR AYUB Thanks ________________________________ From: Freeradius-Users <freeradius-users-bounces+zubairayub=hotmail.com@lists.freeradius.org> on behalf of Christian Salway via Freeradius-Users <freeradius-users@lists.freeradius.org> Sent: Monday, November 19, 2018 5:19:34 PM To: FreeRadius users mailing list Cc: Christian Salway Subject: Re: Tough time getting FreeRADIUS 3.0.9 to work with mysql Why dont you unsubscribe?? List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html <http://www.freeradius.org/list/users.html>
On 19 Nov 2018, at 12:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:25, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:25, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:25, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:15, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Nov 19, 2018, at 20:14, Song Zou via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
please don’t send email
On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
please don’t send email On Jul 13, 2015, at 07:27, Kwesi Yankson via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello,I am a freeRADIUS 2.x user and want to start using freeRADIUS 3.x.xI have installed freeRADIUS 3.0.9 and done a lot of reading since I want to avoid being told to "RTFM"I can't seem to get an Access-Accept when I do a radtest for MySQL users. I'm sure I'm missing something (still adjusting to the difference between the two version). Can someone help or point me in the right direction? Below is my debug:(1) Received Access-Request Id 121 from 127.0.0.1:35861 to 127.0.0.1:1812 length 72 (1) User-Name = "me" (1) User-Password = "pass" (1) NAS-IP-Address = 127.0.1.1 (1) NAS-Port = 0 (1) Message-Authenticator = 0xd9c706bfd54e51cd4eab51d9e19e4da2 (1) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (!&User-Name) { (1) if (!&User-Name) -> FALSE (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@.*@/ ) { (1) if (&User-Name =~ /@.*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) [chap] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "me", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (5): Hit idle_timeout, was idle for 252 seconds rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (6): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 244 seconds rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): 0 of 0 connections in use. You may need to increase "spare" rlm_sql (sql): Opening additional connection (7), 1 of 32 pending slots used rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'me' ORDER BY id rlm_sql (sql): Released connection (7) rlm_sql (sql): 0 of 1 connections in use. Need more spares rlm_sql (sql): Opening additional connection (8), 1 of 31 pending slots used (1) [sql] = notfound (1) [expiration] = noop (1) [logintime] = noop (1) } # authorize = ok (1) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject (1) Failed to authenticate the user (1) Using Post-Auth-Type Reject (1) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (1) Post-Auth-Type REJECT { (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (7) (1) sql: EXPAND %{User-Name} (1) sql: --> me (1) sql: SQL-User-Name set to 'me' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'me', 'pass', 'Access-Reject', '2015-07-12 23:21:17') (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (7) (1) [sql] = ok (1) attr_filter.access_reject: EXPAND %{User-Name} (1) attr_filter.access_reject: --> me (1) attr_filter.access_reject: Matched entry DEFAULT at line 18 (1) [attr_filter.access_reject] = updated (1) eap: Request didn't contain an EAP-Message, not inserting EAP-Failure (1) [eap] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) } # Post-Auth-Type REJECT = updated (1) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (1) <delay>: Sending delayed response (1) <delay>: Sent Access-Reject Id 121 from 127.0.0.1:1812 to 127.0.0.1:35861 length 20 Waking up in 3.9 seconds. (1) <delay>: Cleaning up request packet ID 121 with timestamp +252
Thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (6)
-
Alan DeKok -
Christian Salway -
Krauss International -
Kwesi Yankson -
Song Zou -
Zubair Ayub