Proxying creates 200 Attributes resulting in DoS warning
Marius Pesé
Marius at mindspring.co.za
Wed Jul 28 16:50:01 CEST 2010
After spending some more time on our FreeRadius2 project it managed once again to leave me clueless. The error message:
WARNING: Possible DoS attack from host 196.25.xxx.xx: Too many attributes in request (received 201, max 200 are allowed).
Googleing showed that it most likely is the result of a mis-configuration in proxy.conf.
This is our proxy.conf without comments:
proxy server {
default_fallback = no
}
home_server copy-acct-to-home-server-B {
type = acct
ipaddr = 196.25.xxx.xx
port = 1646
secret = xxxxxxxxxx
}
home_server_pool my_acct_failover {
type = fail-over
home_server = copy-acct-to-home-server-B
}
realm DEFAULT {
acct_pool = my_acct_failover
}
realm LOCAL {
}
Might look a bit odd because we played around for quite a bit. Who can spot the fatal error?
Thanks
Marius
More information about the Freeradius-Users
mailing list