fr3 socket max_connections

Polish pavel.polacek at ujep.cz
Fri Nov 22 10:28:43 CET 2013


On Fri, 22 Nov 2013, Alan Buxey wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Look at what you just posted.  There is clearly a debug flag in that command (-x) that is why it's failing.
>
> TLS means you cannot run in single thread mode. ... so if you want to debug you need the flags that the server asks you to use when it fails.  Are you really telling us that some distribution has those flags on a default install???
>
>
> alan

I don't able to describe clear.

Downloaded version of FR3 (3.0.0 or latest git version) compiled by tools to
generate debian packages.

1) debug messages in logs without -x option
"/etc/init.d/freeradius start" on debian wheezy

in logs I see:
0) Fri Nov 22 10:20:09 2013 : Debug:     TLS_accept: before/accept
initialization
(0) Fri Nov 22 10:20:09 2013 : Debug:     TLS_accept: SSLv3 read client
hello A

19 rows for every tls connection, so in default (idle_timeout) every 30 seconds.

2) invoking "/etc/init.d/freeradius restart" always fail if site tls is
enabled

/etc/freeradius# /etc/init.d/freeradius restart
[FAIL] Checking FreeRADIUS daemon configuration...failed
(/etc/freeradius/sites-enabled/tls[7]: You probably need to do 'radiusd -fxx -l stdout' for debugging).

   Best regards  Pavel Polacek


More information about the Freeradius-Users mailing list