3.0.10 and auth+acct type under the listen section
Matthew Newton
mcn4 at leicester.ac.uk
Mon Dec 21 01:47:25 CET 2015
On Mon, Dec 21, 2015 at 09:38:14AM +1300, Peter Lambrechtsen wrote:
> It's sending Auth & Acct messages on 1646.
>
> I tried setting the type to auth+acct in the sites-enabled/default listen
> section:
That means use the specified port from auth, and port+1 for acct.
> Listening on auth+acct address * port 1646 bound to server default
> Ready to process requests
> Receive - Invalid packet code 4 sent to authentication port from client
See src/main/listen.c auth_socket_recv/acct_socket_recv. This
isn't something you can override in the config.
> Any ideas on how to sort this?
Get a new NAS, from the sound of it...
Maybe there's some other software out there that will take
something broken like this and proxy it through in a sane way?
Or iptables u32 match on the packet code and redirect to the
correct port...
iptables -t nat -A PREROUTING \
-p udp --dport 1812 \
-m u32 --u32 "25&0xff=0x4" \
-j REDIRECT --to-ports 1813
I can't believe I just did that; eugh. This is completely not
recommended. Fix the NAS.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list