From owner-freebsd-isp@FreeBSD.ORG Sun Jun 12 12:36:54 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DD8DC16A421 for ; Sun, 12 Jun 2005 12:36:54 +0000 (GMT) (envelope-from bob@buckhorn.net) Received: from whitehall.lin-tech.net (whitehall.lin-tech.net [66.118.35.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4A11E43D60 for ; Sun, 12 Jun 2005 12:36:52 +0000 (GMT) (envelope-from bob@buckhorn.net) Received: from [192.168.0.3] (lfkn-adsl-dhcp-72-26-14-213.consolidated.net [72.26.14.213]) by whitehall.lin-tech.net (Postfix) with ESMTP id 2AC202505B for ; Sun, 12 Jun 2005 07:36:45 -0500 (CDT) Message-ID: <42AC2C57.1070305@buckhorn.net> Date: Sun, 12 Jun 2005 07:36:39 -0500 From: Bob Martin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041217 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at spamcontrol Subject: Diablo News Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Jun 2005 12:36:55 -0000 We're about to set up a Diablo transit server, and was wondering if anyone with real world experience could help us resolve the best way set up the disk space. The box has 4 250GB SATA drives. Option 1 is to put everything but the spool on disk one, and spread the spool across the other 3 drives. Option 2 is to put those 3 drives in software raid 0. Any suggestions? Bob Martin From owner-freebsd-isp@FreeBSD.ORG Sun Jun 12 12:56:16 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DCF9616A41C for ; Sun, 12 Jun 2005 12:56:16 +0000 (GMT) (envelope-from bob@buckhorn.net) Received: from whitehall.lin-tech.net (whitehall.lin-tech.net [66.118.35.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id B1BCF43D1F for ; Sun, 12 Jun 2005 12:56:16 +0000 (GMT) (envelope-from bob@buckhorn.net) Received: from [192.168.0.3] (lfkn-adsl-dhcp-72-26-14-213.consolidated.net [72.26.14.213]) by whitehall.lin-tech.net (Postfix) with ESMTP id 05AB52505F; Sun, 12 Jun 2005 07:56:07 -0500 (CDT) Message-ID: <42AC30E1.9070502@buckhorn.net> Date: Sun, 12 Jun 2005 07:56:01 -0500 From: Bob Martin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041217 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Erik @ Microcontroller.nl" References: <1118313350.4665.19.camel@tessa.mysmt.net> In-Reply-To: <1118313350.4665.19.camel@tessa.mysmt.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at spamcontrol Cc: freebsd-isp@freebsd.org Subject: Re: serial ata raid X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Jun 2005 12:56:17 -0000 Use vinum (man 8 vinum) Bob Martin Erik @ Microcontroller.nl wrote: > Hi, > > Does anyone uses a serial ata raid controller with freebsd 5 ? > More specific I would like to use the Promise TX2200 or an other simple > cheap little controller only for mirroring. > > What is support? any experiences? > > Thanks for any input, > > -Erik. > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Sun Jun 12 19:10:16 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0ED2A16A41C for ; Sun, 12 Jun 2005 19:10:16 +0000 (GMT) (envelope-from gamtech@gamani.com) Received: from regar.mail.atl.earthlink.net (regar.mail.atl.earthlink.net [207.69.200.160]) by mx1.FreeBSD.org (Postfix) with ESMTP id D2A8C43D49 for ; Sun, 12 Jun 2005 19:10:15 +0000 (GMT) (envelope-from gamtech@gamani.com) Received: from vespasian-z.mspring.net ([207.69.231.78] helo=vespasian.mspring.net) by regar.mail.atl.earthlink.net with smtp (Exim 3.36 #4) id 1DhXqZ-0007wv-00 for freebsd-isp@freebsd.org; Sun, 12 Jun 2005 15:10:15 -0400 X-MindSpring-Loop: gamtech@gamani.com To: freebsd-isp@freebsd.org Precedence: bulk From: no-reply@gamani.com Message-Id: Date: Sun, 12 Jun 2005 15:10:15 -0400 Subject: Gamani Support new email address X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Jun 2005 19:10:16 -0000 Gamani's contact email addresses have changed to stop the flood of spam and computer worms. Please use the following e-mail address instead: gamtech2@gamani.com Sorry for the inconvenience and thanks for your support, gamani productions From owner-freebsd-isp@FreeBSD.ORG Mon Jun 13 23:24:03 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7BEA216A41C for ; Mon, 13 Jun 2005 23:24:03 +0000 (GMT) (envelope-from annkok2001@yahoo.com) Received: from web53302.mail.yahoo.com (web53302.mail.yahoo.com [206.190.39.231]) by mx1.FreeBSD.org (Postfix) with SMTP id E8E2243D1F for ; Mon, 13 Jun 2005 23:24:02 +0000 (GMT) (envelope-from annkok2001@yahoo.com) Received: (qmail 88016 invoked by uid 60001); 13 Jun 2005 23:23:59 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=rYHZLcMSYgfy4Hn1UH9RTChqqP3AzhfPhKuYQsRGS17dE9+0Op6+mibLq3ZBF99WFhw0jWFmjdeSpQIQpEFF0UDdrBAfZI1sedLM5kgBRyKVwEW+XK3SXKeFg6zSkheYtvYO2oWMSsEqmbXCev6sMzi7VQMMBtpvTYaj85bklu4= ; Message-ID: <20050613232359.88014.qmail@web53302.mail.yahoo.com> Received: from [66.49.254.13] by web53302.mail.yahoo.com via HTTP; Mon, 13 Jun 2005 16:23:59 PDT Date: Mon, 13 Jun 2005 16:23:59 -0700 (PDT) From: ann kok To: freebsd-isp@freebsd.org, freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: Subject: vlan - pls help X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jun 2005 23:24:03 -0000 Dear all I am using freebsd 4.1 to setup 30 vlan on em1 I tried to connect linux box ip address 192.168.1.5/30 to the freebsd interface em1 with cross over cable but they can't ping each other 1/ Could you help me how to check the problem? 2/ how can I know the vlan is working? I did compile the kernel "pseudo-device vlan 30" reboot and then ifconfig ifconfig vlan0 192.168.1.2 netmask 255.255.255.252 vlan 108 vlandev em1 mtu 1500 up ifconfig vlan1 192.168.1.6 netmask 255.255.255.252 vlan 109 vlandev em1 mtu 1500 up vlan0: flags=8843 mtu 1500 inet 192.168.1.2 netmask 0xfffffffc broadcast 192.168.1.3 ether 00:0e:0c:5d:75:d4 media: Ethernet autoselect (100baseTX ) status: active vlan: 108 parent interface: em1 vlan1: flags=8843 mtu 1500 inet 192.168.1.6 netmask 0xfffffffc broadcast 192.168.1.7 ether 00:0e:0c:5d:75:d4 media: Ethernet autoselect (100baseTX ) status: active vlan: 109 parent interface: em1 netstat -rn -f inet Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 202.64.230.1 UGSc 0 0 em0 192.168.1/30 link#5 UC 0 0 vlan0 192.168.1.4/30 link#6 UC 1 0 vlan1 192.168.1.5 link#6 UHLW 0 3 vlan1 202.64.230/24 link#1 UC 3 0 em0 202.64.230.1 00:0c:6e:99:80:71 UHLW 1 0 em0 1175 202.64.230.13 00:04:23:ab:75:41 UHLW 2 936 em0 949 202.64.230.254 00:40:05:8a:2e:01 UHLW 0 11 em0 736 127.0.0.1 127.0.0.1 UH 0 0 lo0 Thank you so much __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From owner-freebsd-isp@FreeBSD.ORG Tue Jun 14 08:38:35 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C55AB16A41C for ; Tue, 14 Jun 2005 08:38:35 +0000 (GMT) (envelope-from jhs@flat.berklix.net) Received: from tower.berklix.org (bsd.bsn.com [194.221.32.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3A91143D49 for ; Tue, 14 Jun 2005 08:38:34 +0000 (GMT) (envelope-from jhs@flat.berklix.net) Received: from js.berklix.net (p549A57AE.dip.t-dialin.net [84.154.87.174]) (authenticated bits=0) by tower.berklix.org (8.12.9p2/8.12.9) with ESMTP id j5E8cV8o091734; Tue, 14 Jun 2005 10:38:32 +0200 (CEST) (envelope-from jhs@flat.berklix.net) Received: from fire.jhs.private (fire.jhs.private [192.168.91.41]) by js.berklix.net (8.12.11/8.12.11) with ESMTP id j5E8cTKV001859; Tue, 14 Jun 2005 10:38:30 +0200 (CEST) (envelope-from jhs@flat.berklix.net) Received: from fire.jhs.private (localhost.jhs.private [127.0.0.1]) by fire.jhs.private (8.13.1/8.13.3) with ESMTP id j5E8cUud005126; Tue, 14 Jun 2005 10:38:30 +0200 (CEST) (envelope-from jhs@fire.jhs.private) Message-Id: <200506140838.j5E8cUud005126@fire.jhs.private> To: ann kok In-Reply-To: Message from ann kok of "Mon, 13 Jun 2005 16:23:59 PDT." <20050613232359.88014.qmail@web53302.mail.yahoo.com> Date: Tue, 14 Jun 2005 10:38:30 +0200 From: "Julian H. Stacey" Cc: freebsd-isp@freebsd.org Subject: Re: vlan - pls help X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2005 08:38:35 -0000 ann kok wrote: To: freebsd-isp@freebsd.org, freebsd-questions@freebsd.org Do not post 2 lists at once, it's deprecated. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html#ERESOURCES-MAIL > I am using freebsd 4.1 to setup 30 vlan on em1 4.1 is ancient. Consider 4.11 & 5.4 are current releases (I prefer 5.3 to 5.4). - Julian Stacey Net & Sys Eng Consultant, Munich http://berklix.com Mail in Ascii (Html=Spam). Ihr Rauch = mein allergischer Kopfschmerz. From owner-freebsd-isp@FreeBSD.ORG Tue Jun 14 21:34:12 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB7B416A41C for ; Tue, 14 Jun 2005 21:34:12 +0000 (GMT) (envelope-from krzychk2@o2.pl) Received: from poczta.o2.pl (mx.go2.pl [193.17.41.41]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5676543D49; Tue, 14 Jun 2005 21:34:11 +0000 (GMT) (envelope-from krzychk2@o2.pl) Received: from localhost (staticline3210.toya.net.pl [217.113.238.94]) by poczta.o2.pl (Postfix) with ESMTP id D5A521376CE; Tue, 14 Jun 2005 23:34:09 +0200 (CEST) Date: Tue, 14 Jun 2005 23:34:06 +0200 From: KrzychK2 X-Mailer: The Bat! (v3.0) Professional X-Priority: 3 (Normal) Message-ID: <1308802311.20050614233406@o2.pl> To: freebsd-isp@freebsd.org, freebsd-devel@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: Subject: PF strange problem X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: KrzychK2 List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2005 21:34:13 -0000 Hello freebsd-isp! I have a strange problem with pf on freebsd. Here it is my config: ext_if="xl0" int_if="xl1" internal_net="192.168.3.0/24" external_addr="217.153.198.65" icmp_types = "echoreq" set optimization normal set block-policy drop set fingerprints "/etc/pf.os" scrub in all altq on $ext_if bandwidth 6218Kb cbq queue { OUT_to_net, external } altq on $int_if bandwidth 11957Kb cbq queue { IN_from_net, internal } queue external bandwidth 10% cbq(default) queue internal bandwidth 10% cbq(default) queue OUT_to_net bandwidth 6218Kb cbq{326_out, 3216_out, 349_out, 320_out, 321_o... } queue 326_out bandwidth 128Kb cbq(red) queue 3216_out bandwidth 128Kb cbq(red) queue 349_out bandwidth 128Kb cbq(red) queue 320_out bandwidth 384Kb cbq(red) queue 321_out bandwidth 50Kb cbq(red) queue 322_out bandwidth 128Kb cbq(red) queue 323_out bandwidth 128Kb cbq(red) queue 19866_out bandwidth 256Kb cbq(red) . . . queue IN_from_net bandwidth 11957Kb cbq{326_in, 3216_in, 349_in, 320_in, 321_in...} queue 326_in bandwidth 256Kb cbq(red) queue 3216_in bandwidth 256Kb cbq(red) queue 349_in bandwidth 256Kb cbq(red) queue 320_in bandwidth 384Kb cbq(red) queue 321_in bandwidth 256Kb cbq(red) queue 322_in bandwidth 265Kb cbq(red) queue 323_in bandwidth 256Kb cbq(red) queue 19866_in bandwidth 220Kb cbq(red) . . . and so on with queues nat on $ext_if from $internal_net to any -> $external_addr block on {$int_if, $ext_if} all pass quick on lo0 all pass in quick on $ext_if proto tcp from any to $ext_if port 22 keep state pass in quick on $int_if proto tcp from any to $int_if port 22 keep state pass out on $ext_if proto tcp all modulate state flags S/SA pass out on $ext_if proto { udp, icmp } all keep state pass in inet proto icmp all icmp-type $icmp_types keep state pass in quick on $int_if from 192.168.3.26 to any queue 326_in pass out quick on $int_if from any to 192.168.3.26 queue 326_out pass in quick on $int_if from 192.168.3.216 to any queue 3216_in pass out quick on $int_if from any to 192.168.3.216 queue 3216_out pass in quick on $int_if from 192.168.3.49 to any queue 349_in pass out quick on $int_if from any to 192.168.3.49 queue 349_out pass in quick on $int_if from 192.168.3.20 to any queue 320_in pass out quick on $int_if from any to 192.168.3.20 queue 320_out pass in quick on $int_if from 192.168.3.21 to any queue 321_in pass out quick on $int_if from any to 192.168.3.21 queue 321_out pass in quick on $int_if from 192.168.3.22 to any queue 322_in pass out quick on $int_if from any to 192.168.3.22 queue 322_out pass in quick on $int_if from 192.168.3.23 to any queue 323_in pass out quick on $int_if from any to 192.168.3.23 queue 323_out pass in quick on $int_if from 217.153.198.66 to any queue 19866_in pass out quick on $int_if from any to 217.153.198.66 queue 19866_out and so on. The problem is that pfctl -vsr shows that net traffic is correctly captured by rules. But (this is good) pfctl -vsq shows something diffrent, the only queue that have antything inside is the default queue!! This config is almost similar to default config and I really don't know what is going on, or where I've made a mistake. -- Greetings, KrzychK2 From owner-freebsd-isp@FreeBSD.ORG Wed Jun 15 05:52:34 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EA7D416A41C for ; Wed, 15 Jun 2005 05:52:34 +0000 (GMT) (envelope-from root@pace.stpp.soft.net) Received: from pace.stpp.soft.net (pace.stpp.soft.net [203.129.230.147]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9873943D53 for ; Wed, 15 Jun 2005 05:52:33 +0000 (GMT) (envelope-from root@pace.stpp.soft.net) Received: (from root@localhost) by pace.stpp.soft.net (8.11.6/8.11.6) id j5F5rXw03017; Wed, 15 Jun 2005 11:23:33 +0530 Date: Wed, 15 Jun 2005 11:23:33 +0530 From: root Message-Id: <200506150553.j5F5rXw03017@pace.stpp.soft.net> To: freebsd-isp@freebsd.org References: In-Reply-To: X-Mailer: procmail Subject: Re: Encrypted Mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2005 05:52:35 -0000 Your mail has been blocked as it was found to be carrying a Virus or disallowed attchment type. From owner-freebsd-isp@FreeBSD.ORG Wed Jun 15 06:26:57 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB5A916A41F for ; Wed, 15 Jun 2005 06:26:57 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4038D43D1D for ; Wed, 15 Jun 2005 06:26:56 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: by wproxy.gmail.com with SMTP id 71so255697wra for ; Tue, 14 Jun 2005 23:26:56 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=LTutNGEq5JZhG+Hi1XHYHsqzZFTqpwoylznw0G0WkEpNaGkirc35CS23QjG5K9OXZseDXAHn8EI6Evp7aJLzfvmcq5wrliBAeMutk1kHxnicOalnterxFUTEQ8Tr5mWqUjVaRECsQ3sLvXvuwNlGFGzldtFuoiWtL/cD8/gAMRA= Received: by 10.54.142.8 with SMTP id p8mr3688498wrd; Tue, 14 Jun 2005 23:26:56 -0700 (PDT) Received: by 10.54.66.16 with HTTP; Tue, 14 Jun 2005 23:26:56 -0700 (PDT) Message-ID: Date: Wed, 15 Jun 2005 09:26:56 +0300 From: Abu Khaled To: freebsd-isp@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Subject: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Abu Khaled List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2005 06:26:57 -0000 Can you guys recommend a Radius server with a good web or gui interface. I searched the ports and found Freeradius but it would not build. A security issue with the SQL module. The icradius port is gone, I used it in the past on Redhat but it looks like it is no longer updated (August 6, 2003 on sourceforge site). Thanks in advance. --=20 Kind regards Abu Khaled From owner-freebsd-isp@FreeBSD.ORG Wed Jun 15 08:29:24 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF78316A41C for ; Wed, 15 Jun 2005 08:29:24 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.192]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE9C543D49 for ; Wed, 15 Jun 2005 08:29:24 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: by wproxy.gmail.com with SMTP id 71so292812wra for ; Wed, 15 Jun 2005 01:29:24 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=CdFbTVP4oAF6nG7y0MRYcc1Npj3O5xgeNk/unphCOw893eqoGidzfdBREL/GpLcixJAb21BNZlGf4tOCBJPCU4q2+Xoq+HBl6eHh9dvGTBKVWljERdw41pJn9UZc6zgDci1BHAFfweeOKvliZXKpr9yRkLHrdjp9v0daMaEsXPw= Received: by 10.54.71.3 with SMTP id t3mr3742819wra; Wed, 15 Jun 2005 01:29:24 -0700 (PDT) Received: by 10.54.66.16 with HTTP; Wed, 15 Jun 2005 01:29:24 -0700 (PDT) Message-ID: Date: Wed, 15 Jun 2005 11:29:24 +0300 From: Abu Khaled To: Marcin Jessa In-Reply-To: <20050615101339.760e33b1.lists@yazzy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <20050615101339.760e33b1.lists@yazzy.org> Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Abu Khaled List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2005 08:29:25 -0000 On 6/15/05, Marcin Jessa wrote: > On Wed, 15 Jun 2005 09:26:56 +0300 > Abu Khaled wrote: >=20 > > Can you guys recommend a Radius server with a good web or gui interface= . >=20 > Freeradius with dialupadmin should do if you want free solution. Otherwis= e you need to pay $$$. >=20 > > I searched the ports and found Freeradius but it would not build. >=20 > On FreeBSD > cd /usr/ports/net/freeradius ; make install clean Freeradius <=3D1.0.2_1 has a security issue > what does not build? =20 since I have portaudit installed the port would not build it needs Updating to the latest version (1.0.3) =20 > > A security issue with the SQL module. > What issue? >=20 http://www.freebsd.org/ports/portaudit/2fbe16c2-cab6-11d9-9aed-000e0c2e438a= .html http://www.freeradius.org/security.html I can disable portaudit and install Freeradius but I really need to use mysql and I am paranoid enogh not to do it. --=20 Kind regards Abu Khaled From owner-freebsd-isp@FreeBSD.ORG Wed Jun 15 08:31:59 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C962816A41C for ; Wed, 15 Jun 2005 08:31:59 +0000 (GMT) (envelope-from lists@visionsix.com) Received: from mordrede.visionsix.net (mordrede.visionsix.net [206.113.65.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9049243D1F for ; Wed, 15 Jun 2005 08:31:59 +0000 (GMT) (envelope-from lists@visionsix.com) Received: from vsis169 (unverified [206.113.65.14]) by mordrede.visionsix.net (Vircom SMTPRS 4.0.340.0) with SMTP id for ; Wed, 15 Jun 2005 03:31:58 -0500 Message-ID: <004101c57184$b1ee66a0$0e4171ce@visionsix.com> From: "Lewis Watson" To: References: Date: Wed, 15 Jun 2005 03:31:58 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2005 08:31:59 -0000 > Can you guys recommend a Radius server with a good web or gui = interface. < > Thanks in advance. < > Abu Khaled < Hello Abu, W have been using Gnu Radius for about two years. The actual = configuration is based on a few text files and it supports MySQL as = well as other ways to maintain authentication schemes. Gnu Radius has = performed excellent for us and the software itself is still being = actively developed by the software developer; Sergey Poznyakoff. =20 There is a web interface available, however, we built our own web = interface as we began using Gnu Radius so I cannot provide much insight = in regards to the one that is included with the source. Gnu Radius is included in the Ports Collection and it seems that we = installed from the port without trouble on more than one server. Good = documentation and information about its mail list at Gnu Radius' = website:=20 http://www.gnu.org/software/radius/radius.html hth, Lewis Watson From owner-freebsd-isp@FreeBSD.ORG Wed Jun 15 09:06:22 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ADF6D16A41C for ; Wed, 15 Jun 2005 09:06:22 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6DB4043D49 for ; Wed, 15 Jun 2005 09:06:22 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: by wproxy.gmail.com with SMTP id 50so2497727wri for ; Wed, 15 Jun 2005 02:06:21 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=rwD7FMk1pgB2NHGqokstqLtvUqPNx9PoAW9KhIF+pk9QgYvUmjdrtEJ7nAbBbMhAVFVGRGxM5EPMGpw4h9RcF0mJ+3xtPe4V7Q5asL5L4pzhwU2qBkPZ+3PcwIbEd+SiJcLC5VSpGTI3lJhoU1fLQhXCXr+220GVMTnQLE60TS4= Received: by 10.54.36.8 with SMTP id j8mr2119816wrj; Wed, 15 Jun 2005 02:06:21 -0700 (PDT) Received: by 10.54.66.16 with HTTP; Wed, 15 Jun 2005 02:06:21 -0700 (PDT) Message-ID: Date: Wed, 15 Jun 2005 12:06:21 +0300 From: Abu Khaled To: Marcin Jessa In-Reply-To: <20050615104129.5ecae980.lists@yazzy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <20050615101339.760e33b1.lists@yazzy.org> <20050615104129.5ecae980.lists@yazzy.org> Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Abu Khaled List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2005 09:06:22 -0000 On 6/15/05, Marcin Jessa wrote: > On Wed, 15 Jun 2005 11:29:24 +0300 > Abu Khaled wrote: >=20 > > On 6/15/05, Marcin Jessa wrote: > > > On Wed, 15 Jun 2005 09:26:56 +0300 > > > Abu Khaled wrote: > > > > > > > Can you guys recommend a Radius server with a good web or gui inter= face. > > > > > > Freeradius with dialupadmin should do if you want free solution. Othe= rwise you need to pay $$$. > > > > > > > I searched the ports and found Freeradius but it would not build. > > > > > > On FreeBSD > > > cd /usr/ports/net/freeradius ; make install clean > > > > Freeradius <=3D1.0.2_1 has a security issue > > > Freeradius 1.0.3 is out. >=20 >=20 > > > what does not build? > > > > since I have portaudit installed the port would not build it needs > > Updating to the latest version (1.0.3) >=20 > Install 1.0.3 from sources then and wait for the new portupdate. > Or send pr with your patches. >=20 > Or install a firewall and do not allow radius request from anyone but tru= sted IP's. >=20 >=20 > > > > A security issue with the SQL module. > > > What issue? > > > > > > > http://www.freebsd.org/ports/portaudit/2fbe16c2-cab6-11d9-9aed-000e0c2e= 438a.html > > http://www.freeradius.org/security.html > > > > I can disable portaudit and install Freeradius but I really need to > > use mysql and I am paranoid enogh not to do it. >=20 > Then you need prepare to pay a few thousands bucks or more and get a comm= ercial solution which can have even more bugs which noone cared to test. > And those bugs can be way more serious than the ones you refere to. >=20 A commercial solution !!! You mean M$ $ERVER $$$ RADIU$ $$$ FIREWALL $$$ ANTIVIUR$ $$$ UPDATE$ Oh please no such replies... --=20 Kind regards Abu Khaled From owner-freebsd-isp@FreeBSD.ORG Wed Jun 15 15:35:33 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F04CF16A41F for ; Wed, 15 Jun 2005 15:35:32 +0000 (GMT) (envelope-from deichert@wrench.com) Received: from mx1a.swcp.com (mx1a.swcp.com [216.184.2.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id AFD7343D5C for ; Wed, 15 Jun 2005 15:35:32 +0000 (GMT) (envelope-from deichert@wrench.com) Received: from taka.swcp.com (taka-216.swcp.com [216.184.2.3]) by mx1a.swcp.com (8.13.3/8.13.3/Debian-6) with ESMTP id j5FFZVHM031072 for ; Wed, 15 Jun 2005 09:35:31 -0600 Received: from yagi.swcp.com (yagi.swcp.com [216.184.2.43]) by taka.swcp.com (8.13.3/8.13.1) with ESMTP id j5FFZUKa078708 for ; Wed, 15 Jun 2005 09:35:30 -0600 (MDT) (envelope-from deichert@wrench.com) Received: from localhost (deichert@localhost) by yagi.swcp.com (8.8.8/8.8.7) with ESMTP id PAA26482 for ; Wed, 15 Jun 2005 15:35:29 GMT X-Authentication-Warning: yagi.swcp.com: deichert owned process doing -bs Date: Wed, 15 Jun 2005 09:35:29 -0600 (MDT) From: Diana Eichert X-Sender: deichert@yagi.swcp.com To: freebsd-isp@freebsd.org In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on kaimen.swcp.com X-Spam-Status: No, hits=0.0 required=10.0 tests=none autolearn=no version=2.63 X-Spam-Level: Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2005 15:35:33 -0000 On Wed, 15 Jun 2005, Abu Khaled wrote: > Can you guys recommend a Radius server with a good web or gui interface. > I searched the ports and found Freeradius but it would not build. A > security issue with the SQL module. The icradius port is gone, I used > it in the past on Redhat but it looks like it is no longer updated > (August 6, 2003 on sourceforge site). we use the commercial RADIUS server Radiator along with the companion Radmin app in our environment. diana From owner-freebsd-isp@FreeBSD.ORG Wed Jun 15 21:57:16 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A35A16A41C for ; Wed, 15 Jun 2005 21:57:16 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from mail.yazzy.org (mail.yazzy.org [217.8.140.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 16F1043D55 for ; Wed, 15 Jun 2005 21:57:15 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from localhost.localdomain (yazzy.yazzy.org [192.168.98.11]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yazzy.org (Postfix) with ESMTP id A0EB339869; Wed, 15 Jun 2005 23:57:41 +0200 (CEST) Date: Wed, 15 Jun 2005 23:57:11 +0200 From: Marcin Jessa To: Diana Eichert Message-Id: <20050615235711.5b5cbfa3.lists@yazzy.org> In-Reply-To: References: Organization: YazzY.org X-Mailer: Sylpheed version 1.0.4 (GTK+ 1.2.10; i386-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2005 21:57:16 -0000 On Wed, 15 Jun 2005 09:35:29 -0600 (MDT) Diana Eichert wrote: > On Wed, 15 Jun 2005, Abu Khaled wrote: > > > Can you guys recommend a Radius server with a good web or gui interface. > > I searched the ports and found Freeradius but it would not build. A > > security issue with the SQL module. The icradius port is gone, I used > > it in the past on Redhat but it looks like it is no longer updated > > (August 6, 2003 on sourceforge site). > > we use the commercial RADIUS server Radiator along with the companion > Radmin app in our environment. > > diana Yeah and that gives you absolutelly no possibility to add/remove/change the features of your Radmin. You'd need to write your own admin app for that. And why not doing this for freeradius which is very feature rich, free and with source code avaliable for quality inspection. The only reason to use commercial soft is to be able to get commercial support. And that gives you no guarantee their software is free for bugs. I doubt anyone checks for Radiator security risks as they do for freeradius. Cheers, Marcin. From owner-freebsd-isp@FreeBSD.ORG Wed Jun 15 23:07:01 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8E42016A41C for ; Wed, 15 Jun 2005 23:07:01 +0000 (GMT) (envelope-from gusmao@wminas.com) Received: from webmail.redewminas.com.br (wminas.planetarium.com.br [200.196.44.60]) by mx1.FreeBSD.org (Postfix) with SMTP id 3C69A43D48 for ; Wed, 15 Jun 2005 23:06:56 +0000 (GMT) (envelope-from gusmao@wminas.com) Received: (qmail 43665 invoked by uid 1002); 15 Jun 2005 23:08:56 -0000 Received: from gusmao@wminas.com by webmail.redewminas.com.br by uid 82 with qmail-scanner-1.20 (uvscan: v4.3.20/v4351. spamassassin: 2.63. Clear:RC:1(201.8.45.82):. Processed in 0.698367 secs); 15 Jun 2005 23:08:56 -0000 Received: from unknown (HELO NITRO) (201.8.45.82) by domains.redewminas.com.br with SMTP; 15 Jun 2005 23:08:56 -0000 Message-ID: <02c101c571fe$d1b35570$01fea8c0@NITRO> From: =?iso-8859-1?Q?Gusm=E3o?= To: Date: Wed, 15 Jun 2005 20:06:09 -0300 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: wifi X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2005 23:07:01 -0000 hi, how to monitor quality/signal/noise in FreeBSD 5.x or 6-CURRENT using = driver wi or ath??? hostap mode and client... using 4.x: wicontrol -i wi0 -C but in FreeBSD 5.x or 6-CURRENT this is = broken... any sugestions? thanks Gusm=E3o From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 01:59:14 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B4B9C16A41C for ; Thu, 16 Jun 2005 01:59:14 +0000 (GMT) (envelope-from lists@complx.LF.net) Received: from complx.LF.net (complx.LF.net [212.9.190.63]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7670443D1D for ; Thu, 16 Jun 2005 01:59:14 +0000 (GMT) (envelope-from lists@complx.LF.net) Received: from lists by complx.LF.net with local (Exim 4.43) id 1Dijey-0002eA-Va for freebsd-isp@freebsd.org; Thu, 16 Jun 2005 03:59:12 +0200 Date: Thu, 16 Jun 2005 03:59:12 +0200 From: Kurt Jaeger To: freebsd-isp@freebsd.org Message-ID: <20050616015912.GA66926@complx.LF.net> References: <20050615235711.5b5cbfa3.lists@yazzy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050615235711.5b5cbfa3.lists@yazzy.org> Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 01:59:14 -0000 Hi! Sorry if I comment on that, but... > > we use the commercial RADIUS server Radiator along with the companion > > Radmin app in our environment. > Yeah and that gives you absolutelly no possibility to add/remove/change > the features of your Radmin. Radiator and stuff is written in perl, and therefore you get the source. If you add stuff and submit it to open.com.au, the company that implements and sells radiator, it will be added to the next release. Lots of people do this, as can be seen on their mailing list. http://www.open.com.au/archives/radiator/ > The only reason to use commercial soft is to be able to get > commercial support. > And that gives you no guarantee their software is free for bugs. No software is free of bugs. But the guys at open.com.au do a *very* good job. We use their software since 1998, never had a problem. Disclaimer: It's so good we're even reselling it 8-) > I doubt anyone checks for Radiator security risks as they do for freeradius. Well, only the net-admins of all the biggest ISPs and carriers in the world that use radiator are checking it 8-) See http://www.open.com.au/radiator/customers.html -- MfG/Best regards, Kurt Jaeger 15 years to go ! LF.net GmbH fon +49 711 90074-23 pi@LF.net Ruppmannstr. 27 fax +49 711 90074-33 D-70565 Stuttgart mob +49 171 3101372 From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 03:51:23 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2794C16A41C for ; Thu, 16 Jun 2005 03:51:23 +0000 (GMT) (envelope-from lists@netxp.com.au) Received: from mail.netxp.com.au (adsl-127-117.swiftdsl.com.au [218.214.127.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 21EFB43D4C for ; Thu, 16 Jun 2005 03:51:20 +0000 (GMT) (envelope-from lists@netxp.com.au) Received: from localhost (localhost [127.0.0.1]) by mail.netxp.com.au (Postfix) with ESMTP id 368B6116ED7; Thu, 16 Jun 2005 13:52:23 +1000 (EST) Received: from mail.netxp.com.au ([127.0.0.1]) by localhost (phil.netxp.com.au [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 50153-10; Thu, 16 Jun 2005 13:52:20 +1000 (EST) Received: from [192.168.101.3] (unknown [192.168.101.3]) by mail.netxp.com.au (Postfix) with ESMTP id 8DE77116ECA; Thu, 16 Jun 2005 13:52:20 +1000 (EST) Received: from 127.0.0.1 (AVG SMTP 7.0.323 [267.7.5]); Thu, 16 Jun 2005 13:51:06 +1000 Message-ID: <42B0F729.80703@netxp.com.au> Date: Thu, 16 Jun 2005 13:51:05 +1000 From: phil grainger User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Abu Khaled References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at netxp.com.au Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 03:51:23 -0000 Abu Khaled wrote: > Can you guys recommend a Radius server with a good web or gui interface. > I searched the ports and found Freeradius but it would not build. A > security issue with the SQL module. The icradius port is gone, I used > it in the past on Redhat but it looks like it is no longer updated > (August 6, 2003 on sourceforge site). > > Thanks in advance. > you can mod the icradius cgi interface to work with freeradius, works fine. From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 04:04:25 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF6AD16A41C for ; Thu, 16 Jun 2005 04:04:25 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.197]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE54343D1D for ; Thu, 16 Jun 2005 04:04:25 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: by wproxy.gmail.com with SMTP id 50so249492wri for ; Wed, 15 Jun 2005 21:04:25 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=XmARAIXQxmoVobh1r2BDwk4sh0DITOMxvqMvgiPZWKctRKJh3vnAl75gddcPf8i5K0gs7OZPp0R0nz10adMVfvwgMx1m3vPdvj0qztaEOY+iOAvcoIp6tja0spSacZ6hB1WnEevQay4YI4F6OeUmTUB//zQ3BeFSXHb8ncL4gf0= Received: by 10.54.51.26 with SMTP id y26mr352579wry; Wed, 15 Jun 2005 21:04:25 -0700 (PDT) Received: by 10.54.66.16 with HTTP; Wed, 15 Jun 2005 21:04:24 -0700 (PDT) Message-ID: Date: Thu, 16 Jun 2005 07:04:24 +0300 From: Abu Khaled To: phil grainger In-Reply-To: <42B0F729.80703@netxp.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <42B0F729.80703@netxp.com.au> Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Abu Khaled List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 04:04:26 -0000 On 6/16/05, phil grainger wrote: > Abu Khaled wrote: > > Can you guys recommend a Radius server with a good web or gui interface= . > > I searched the ports and found Freeradius but it would not build. A > > security issue with the SQL module. The icradius port is gone, I used > > it in the past on Redhat but it looks like it is no longer updated > > (August 6, 2003 on sourceforge site). > > > > Thanks in advance. > > >=20 > you can mod the icradius cgi interface to work with freeradius, > works fine. >=20 Very interesting. How much modification is required? When it comes to setting up a icradius/freeradius, mysql and apache then I can do it. I know only the basics of c/perl/php/... (Just how to write a Hello World and sometimes I need help writing one), so any help is appreciated --=20 Kind regards Abu Khaled From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 07:45:07 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B02516A41C for ; Thu, 16 Jun 2005 07:45:07 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from mail.yazzy.org (mail.yazzy.org [217.8.140.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id DC89F43D48 for ; Thu, 16 Jun 2005 07:45:06 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from 217-13-2-82.dd.nextgentel.com ([217.13.2.82] helo=h311r4z3r) by mail.yazzy.org with esmtps (TLSv1:AES256-SHA:256) (YazzY.org) id 1Dip3K-0006QD-KB; Thu, 16 Jun 2005 09:44:46 +0200 Date: Thu, 16 Jun 2005 09:45:03 +0200 From: Marcin Jessa To: Abu Khaled Message-Id: <20050616094503.3fd09a8d.lists@yazzy.org> In-Reply-To: References: <42B0F729.80703@netxp.com.au> Organization: YazzY.org X-Mailer: Sylpheed version 1.9.12 (GTK+ 2.6.7; i386-portbld-freebsd6.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Score: -2.6 (--) Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 07:45:07 -0000 On Thu, 16 Jun 2005 07:04:24 +0300 Abu Khaled wrote: > On 6/16/05, phil grainger wrote: > > Abu Khaled wrote: > > > Can you guys recommend a Radius server with a good web or gui interface. > > > I searched the ports and found Freeradius but it would not build. A > > > security issue with the SQL module. The icradius port is gone, I used > > > it in the past on Redhat but it looks like it is no longer updated > > > (August 6, 2003 on sourceforge site). > > > > > > Thanks in advance. > > > > > > > you can mod the icradius cgi interface to work with freeradius, > > works fine. > > > > Very interesting. How much modification is required? > When it comes to setting up a icradius/freeradius, mysql and apache > then I can do it. I know only the basics of c/perl/php/... (Just how > to write a Hello World and sometimes I need help writing one), so any > help is appreciated > I thought you didnt want to run freeradius becouse of the security issues. And now all the sudden it became secure becouse of a different web interface? And dialupadmin would work fine, you dont need to recode interface of icradius. Email thompsa@FreeBSD.org and ask him if he's working on new port of freeradius 1.0.3. If not, I can do that. From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 07:53:51 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9F56C16A41F for ; Thu, 16 Jun 2005 07:53:51 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from mail.yazzy.org (mail.yazzy.org [217.8.140.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 531F543D49 for ; Thu, 16 Jun 2005 07:53:51 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from 217-13-2-82.dd.nextgentel.com ([217.13.2.82] helo=h311r4z3r) by mail.yazzy.org with esmtps (TLSv1:AES256-SHA:256) (YazzY.org) id 1DipBm-0007XT-OY for freebsd-isp@freebsd.org; Thu, 16 Jun 2005 09:53:31 +0200 Date: Thu, 16 Jun 2005 09:53:47 +0200 From: Marcin Jessa To: freebsd-isp@freebsd.org Message-Id: <20050616095347.4d706226.lists@yazzy.org> In-Reply-To: <20050616094503.3fd09a8d.lists@yazzy.org> References: <42B0F729.80703@netxp.com.au> <20050616094503.3fd09a8d.lists@yazzy.org> Organization: YazzY.org X-Mailer: Sylpheed version 1.9.12 (GTK+ 2.6.7; i386-portbld-freebsd6.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Score: -2.6 (--) Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 07:53:51 -0000 On Thu, 16 Jun 2005 09:45:03 +0200 Marcin Jessa wrote: > On Thu, 16 Jun 2005 07:04:24 +0300 > Abu Khaled wrote: > > > On 6/16/05, phil grainger wrote: > > > Abu Khaled wrote: > > > > Can you guys recommend a Radius server with a good web or gui interface. > > > > I searched the ports and found Freeradius but it would not build. A > > > > security issue with the SQL module. The icradius port is gone, I used > > > > it in the past on Redhat but it looks like it is no longer updated > > > > (August 6, 2003 on sourceforge site). > > > > > > > > Thanks in advance. > > > > > > > > > > you can mod the icradius cgi interface to work with freeradius, > > > works fine. > > > > > > > Very interesting. How much modification is required? > > When it comes to setting up a icradius/freeradius, mysql and apache > > then I can do it. I know only the basics of c/perl/php/... (Just how > > to write a Hello World and sometimes I need help writing one), so any > > help is appreciated > > > > I thought you didnt want to run freeradius becouse of the security issues. > And now all the sudden it became secure becouse of a different web interface? > And dialupadmin would work fine, you dont need to recode interface of icradius. > Email thompsa@FreeBSD.org and ask him if he's working on new port of freeradius 1.0.3. > If not, I can do that. Actually 1.0.4. is gonna to be released in a few hours and Andrew Thompson will port it then. https://list.xs4all.nl/pipermail/freeradius-users/2005-June/044608.html From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 08:01:43 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3D29116A41C for ; Thu, 16 Jun 2005 08:01:43 +0000 (GMT) (envelope-from thompsa@fud.org.nz) Received: from heff.fud.org.nz (60-234-149-201.bitstream.orcon.net.nz [60.234.149.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C8F843D1D for ; Thu, 16 Jun 2005 08:01:41 +0000 (GMT) (envelope-from thompsa@fud.org.nz) Received: from thompsa by heff.fud.org.nz with local (Exim 4.50 (FreeBSD)) id 1DipJe-0002kn-58; Thu, 16 Jun 2005 20:01:34 +1200 Date: Thu, 16 Jun 2005 20:01:34 +1200 From: Andrew Thompson To: Marcin Jessa Message-ID: <20050616080134.GA10529@heff.fud.org.nz> References: <42B0F729.80703@netxp.com.au> <20050616094503.3fd09a8d.lists@yazzy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050616094503.3fd09a8d.lists@yazzy.org> User-Agent: Mutt/1.4.2.1i Sender: Andrew Thompson Cc: freebsd-isp@freebsd.org, Abu Khaled Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 08:01:43 -0000 On Thu, Jun 16, 2005 at 09:45:03AM +0200, Marcin Jessa wrote: > On Thu, 16 Jun 2005 07:04:24 +0300 > Abu Khaled wrote: > > > On 6/16/05, phil grainger wrote: > > > > > > you can mod the icradius cgi interface to work with freeradius, > > > works fine. > > > > > > > Very interesting. How much modification is required? > > When it comes to setting up a icradius/freeradius, mysql and apache > > then I can do it. I know only the basics of c/perl/php/... (Just how > > to write a Hello World and sometimes I need help writing one), so any > > help is appreciated > > > > I thought you didnt want to run freeradius becouse of the security issues. > And now all the sudden it became secure becouse of a different web interface? > And dialupadmin would work fine, you dont need to recode interface of icradius. > Email thompsa@FreeBSD.org and ask him if he's working on new port of freeradius 1.0.3. > If not, I can do that. Ive been aware of 1.0.3 for a week now but it has known bugs. "06 June, 2005: Minor problems in version 1.0.3 mean that we will be releasing 1.0.4 in a day or so. Please wait until then to upgrade." 1.0.4 was meant to be out by now and I have it confirmed that will be only a few more hours. It will be updated as soon as its out. cheers, Andrew From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 08:36:40 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A435516A41C for ; Thu, 16 Jun 2005 08:36:40 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6157C43D1D for ; Thu, 16 Jun 2005 08:36:40 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: by wproxy.gmail.com with SMTP id 69so344663wra for ; Thu, 16 Jun 2005 01:36:39 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=T4LzswL92lRL1IXEznb+0tHXDNHcIrXx96BZjbTRQPUSfQf0QMSox/vJTyIX3hq9k0CtqHI3nLwPFWVy5H1AZW5VwKH+vJHJ8K3PRe8n/fXpBBsuU3mOAfOBsLhMiEX2n1PV/rafUrBWx5x2leClA5zbwShNVco5ciUmC5UlJ3w= Received: by 10.54.83.15 with SMTP id g15mr136500wrb; Thu, 16 Jun 2005 01:36:39 -0700 (PDT) Received: by 10.54.66.16 with HTTP; Thu, 16 Jun 2005 01:36:39 -0700 (PDT) Message-ID: Date: Thu, 16 Jun 2005 11:36:39 +0300 From: Abu Khaled To: Marcin Jessa In-Reply-To: <20050616094503.3fd09a8d.lists@yazzy.org> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <42B0F729.80703@netxp.com.au> <20050616094503.3fd09a8d.lists@yazzy.org> Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Abu Khaled List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 08:36:40 -0000 On 6/16/05, Marcin Jessa wrote: > On Thu, 16 Jun 2005 07:04:24 +0300 > Abu Khaled wrote: >=20 > > On 6/16/05, phil grainger wrote: > > > Abu Khaled wrote: > > > > Can you guys recommend a Radius server with a good web or gui inter= face. > > > > I searched the ports and found Freeradius but it would not build. A > > > > security issue with the SQL module. The icradius port is gone, I us= ed > > > > it in the past on Redhat but it looks like it is no longer updated > > > > (August 6, 2003 on sourceforge site). > > > > > > > > Thanks in advance. > > > > > > > > > > you can mod the icradius cgi interface to work with freeradius, > > > works fine. > > > > > > > Very interesting. How much modification is required? > > When it comes to setting up a icradius/freeradius, mysql and apache > > then I can do it. I know only the basics of c/perl/php/... (Just how > > to write a Hello World and sometimes I need help writing one), so any > > help is appreciated > > >=20 > I thought you didnt want to run freeradius becouse of the security issues= . > And now all the sudden it became secure becouse of a different web interf= ace? > And dialupadmin would work fine, you dont need to recode interface of icr= adius. > Email thompsa@FreeBSD.org and ask him if he's working on new port of free= radius 1.0.3. > If not, I can do that. >=20 Hello Marcin. A web interface change is not going to affect my choice of not installing freeradius 1.0.2. It is just a fact that my co-admins already used icradius web interface so why not give them something they know how to use. Dialupadmin looks interesting and I might use it myself. Another admin in my network only uses mysql and never used a web interface or GUI for anything but we lack the knowledge and time to write a web interface. If we had freeradius already running on our server, then it would have been running and not removed just for a security issue. It has always worked that way. However, since this is a new server we would like to avoid baby-sitting the new installation and focus on already running servers. Anyways after discussing various issues with them, we agreed to wait for Andrew to update freeradius to 1.0.4. --=20 Kind regards Abu Khaled From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 09:24:48 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE32416A41C for ; Thu, 16 Jun 2005 09:24:48 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from lapdance.yazzy.net (217-13-2-82.dd.nextgentel.com [217.13.2.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD40943D49 for ; Thu, 16 Jun 2005 09:24:47 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from localhost (localhost [127.0.0.1]) by lapdance.yazzy.net (8.13.4/8.13.4) with SMTP id j5F8fT01001036; Wed, 15 Jun 2005 10:41:29 +0200 (CEST) (envelope-from lists@yazzy.org) Date: Wed, 15 Jun 2005 10:41:29 +0200 From: Marcin Jessa To: Abu Khaled Message-Id: <20050615104129.5ecae980.lists@yazzy.org> In-Reply-To: References: <20050615101339.760e33b1.lists@yazzy.org> Organization: YazzY.org X-Mailer: Sylpheed version 1.9.12 (GTK+ 2.6.7; i386-portbld-freebsd5.4) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 09:24:48 -0000 On Wed, 15 Jun 2005 11:29:24 +0300 Abu Khaled wrote: > On 6/15/05, Marcin Jessa wrote: > > On Wed, 15 Jun 2005 09:26:56 +0300 > > Abu Khaled wrote: > > > > > Can you guys recommend a Radius server with a good web or gui interface. > > > > Freeradius with dialupadmin should do if you want free solution. Otherwise you need to pay $$$. > > > > > I searched the ports and found Freeradius but it would not build. > > > > On FreeBSD > > cd /usr/ports/net/freeradius ; make install clean > > Freeradius <=1.0.2_1 has a security issue > Freeradius 1.0.3 is out. > > what does not build? > > since I have portaudit installed the port would not build it needs > Updating to the latest version (1.0.3) Install 1.0.3 from sources then and wait for the new portupdate. Or send pr with your patches. Or install a firewall and do not allow radius request from anyone but trusted IP's. > > > A security issue with the SQL module. > > What issue? > > > > http://www.freebsd.org/ports/portaudit/2fbe16c2-cab6-11d9-9aed-000e0c2e438a.html > http://www.freeradius.org/security.html > > I can disable portaudit and install Freeradius but I really need to > use mysql and I am paranoid enogh not to do it. Then you need prepare to pay a few thousands bucks or more and get a commercial solution which can have even more bugs which noone cared to test. And those bugs can be way more serious than the ones you refere to. > -- > Kind regards > Abu Khaled From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 09:24:50 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 133C416A420 for ; Thu, 16 Jun 2005 09:24:50 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from lapdance.yazzy.net (217-13-2-82.dd.nextgentel.com [217.13.2.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E67643D49 for ; Thu, 16 Jun 2005 09:24:49 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from localhost (localhost [127.0.0.1]) by lapdance.yazzy.net (8.13.4/8.13.4) with SMTP id j5F8Ddmp000924; Wed, 15 Jun 2005 10:13:39 +0200 (CEST) (envelope-from lists@yazzy.org) Date: Wed, 15 Jun 2005 10:13:39 +0200 From: Marcin Jessa To: Abu Khaled Message-Id: <20050615101339.760e33b1.lists@yazzy.org> In-Reply-To: References: Organization: YazzY.org X-Mailer: Sylpheed version 1.9.12 (GTK+ 2.6.7; i386-portbld-freebsd5.4) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 09:24:50 -0000 On Wed, 15 Jun 2005 09:26:56 +0300 Abu Khaled wrote: > Can you guys recommend a Radius server with a good web or gui interface. Freeradius with dialupadmin should do if you want free solution. Otherwise you need to pay $$$. > I searched the ports and found Freeradius but it would not build. On FreeBSD cd /usr/ports/net/freeradius ; make install clean on gentoo emerge freeradius what does not build? > A security issue with the SQL module. What issue? The icradius port is gone, I used > it in the past on Redhat but it looks like it is no longer updated > (August 6, 2003 on sourceforge site). > > Thanks in advance. > > -- > Kind regards > Abu Khaled > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 09:48:45 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5019816A41C; Thu, 16 Jun 2005 09:48:45 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from mail.yazzy.org (mail.yazzy.org [217.8.140.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 043A543D48; Thu, 16 Jun 2005 09:48:44 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from 217-13-2-82.dd.nextgentel.com ([217.13.2.82] helo=h311r4z3r) by mail.yazzy.org with esmtps (TLSv1:AES256-SHA:256) (YazzY.org) id 1Diqyv-0000us-Tt; Thu, 16 Jun 2005 11:48:21 +0200 Date: Thu, 16 Jun 2005 11:48:35 +0200 From: Marcin Jessa To: Andrew Thompson , Paul.Hampson@PObox.com (Paul Hampson), "Alan DeKok" Message-Id: <20050616114835.7ff9342d.lists@yazzy.org> In-Reply-To: <20050616080134.GA10529@heff.fud.org.nz> References: <42B0F729.80703@netxp.com.au> <20050616094503.3fd09a8d.lists@yazzy.org> <20050616080134.GA10529@heff.fud.org.nz> Organization: YazzY.org X-Mailer: Sylpheed version 1.9.12 (GTK+ 2.6.7; i386-portbld-freebsd6.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Score: -2.6 (--) Cc: freebsd-isp@freebsd.org, edgars@mikrotik.com, normunds@mikrotik.com, freeradius-users@lists.freeradius.org Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 09:48:45 -0000 On Thu, 16 Jun 2005 20:01:34 +1200 Andrew Thompson wrote: > On Thu, Jun 16, 2005 at 09:45:03AM +0200, Marcin Jessa wrote: > > On Thu, 16 Jun 2005 07:04:24 +0300 > > Abu Khaled wrote: > > > > > On 6/16/05, phil grainger wrote: > > > > > > > > you can mod the icradius cgi interface to work with freeradius, > > > > works fine. > > > > > > > > > > Very interesting. How much modification is required? > > > When it comes to setting up a icradius/freeradius, mysql and apache > > > then I can do it. I know only the basics of c/perl/php/... (Just how > > > to write a Hello World and sometimes I need help writing one), so any > > > help is appreciated > > > > > > > I thought you didnt want to run freeradius becouse of the security issues. > > And now all the sudden it became secure becouse of a different web interface? > > And dialupadmin would work fine, you dont need to recode interface of icradius. > > Email thompsa@FreeBSD.org and ask him if he's working on new port of freeradius 1.0.3. > > If not, I can do that. > > Ive been aware of 1.0.3 for a week now but it has known bugs. > > "06 June, 2005: Minor problems in version 1.0.3 mean that we will be > releasing 1.0.4 in a day or so. Please wait until then to upgrade." > > 1.0.4 was meant to be out by now and I have it confirmed that will be > only a few more hours. It will be updated as soon as its out. > Is there a way you could include a new dictionary.mikrotik as a patch for the port? And add it as $INCLUDE dictionary.mikrotik in the dictionary file? I suppose it will not make it to the 1.0.4 release (Paul, Alan?). The old one is inaccurate. Here is the new dictionary.mikrotik : # http://www.mikrotik.com # # http://www.mikrotik.com/Documentation/manual_2.8/dictionary.mikrotik # VENDOR Mikrotik 14988 ATTRIBUTE Recv-Limit 1 integer Mikrotik ATTRIBUTE Xmit-Limit 2 integer Mikrotik ATTRIBUTE Mikrotik-Group 3 string Mikrotik ATTRIBUTE Wireless-Forward 4 integer Mikrotik ATTRIBUTE Wireless-Skip-Dot1x 5 integer Mikrotik ATTRIBUTE Wireless-Enc-Algo 6 integer Mikrotik ATTRIBUTE Wireless-Enc-Key 7 string Mikrotik ATTRIBUTE Rate-Limit 8 string Mikrotik ATTRIBUTE Mikrotik-Realm 9 string Mikrotik # MikroTik Values VALUE Wireless-Enc-Algo No-encryption 0 VALUE Wireless-Enc-Algo 40-bit-WEP 1 VALUE Wireless-Enc-Algo 104-bit-WEP 2 Cheers, Marcin P.S The dictionary file on mikrotik's website is inaccurate as well. The realm and group values are not changed to match the current ones even tho I asked them to correct that. From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 12:11:53 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6B7DA16A41C for ; Thu, 16 Jun 2005 12:11:53 +0000 (GMT) (envelope-from remy@unix-asp.com) Received: from mx1.unix-asp.com (84-107-153-15.dsl.quicknet.nl [84.107.153.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id B378043D1F for ; Thu, 16 Jun 2005 12:11:50 +0000 (GMT) (envelope-from remy@unix-asp.com) Received: from [10.0.1.1] (unknown [10.0.1.1]) by mx1.unix-asp.com (Postfix) with ESMTP id DB75E4B8E5 for ; Thu, 16 Jun 2005 14:10:37 +0200 (CEST) Message-ID: <42B16C3A.8040008@unix-asp.com> Date: Thu, 16 Jun 2005 14:10:34 +0200 From: Remy de Ruysscher User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org References: <20050616120019.BFAEB16A421@hub.freebsd.org> In-Reply-To: <20050616120019.BFAEB16A421@hub.freebsd.org> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms050906050109040303020001" X-MailScanner-Information: Please contact root@unix-asp.com for more information X-MailScanner: Found to be clean X-unix-asp.com-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (score=-2.82, required 6, ALL_TRUSTED -2.82, NO_RDNS 0.50, SMILEY -0.50) X-unix-asp.com-MailScanner-From: remy@unix-asp.com Subject: Re: freebsd-isp Digest, Vol 117, Issue 4 X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 12:11:53 -0000 This is a cryptographically signed message in MIME format. --------------ms050906050109040303020001 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi there, I'm struggeling with the setup of Reverse Proxy (Squid) for our serverfarm. Is it possible to preserve the orginal IP address in the logs on the destinator webserver (Apache access-logs). If not all connections are comming from the Squid Proxy. If seen a number of patches for Squid, but haven't dived into it yet. Any tips on this matter are most welcome ;). Regards, Remy. --------------ms050906050109040303020001 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIIOzCC AngwggHhoAMCAQICAw4WSTANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwMjIwMDk0MjAwWhcNMDYwMjIwMDk0MjAw WjBwMRUwEwYDVQQEEwxkZSBSdXlzc2NoZXIxEzARBgNVBCoTClJlbXkgRnJhbmsxIDAeBgNV BAMTF1JlbXkgRnJhbmsgZGUgUnV5c3NjaGVyMSAwHgYJKoZIhvcNAQkBFhFyZW15QHVuaXgt YXNwLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2XLqNANBOoniY+SWkbJ/wDDT pulVEw9fFm1vu8tLtv2t8P8DUCoCf+EgTzdET6mx/q3NFVwOk0J1bAA5OGsSX07IDi1ReJrJ 4ORC3zjHnvHTE75j1ReM16QdO80eFxyxKC2xD0JyMcVYmoIqAtahVNosby4cjxR4n5M7TC4D PbMCAwEAAaMuMCwwHAYDVR0RBBUwE4ERcmVteUB1bml4LWFzcC5jb20wDAYDVR0TAQH/BAIw ADANBgkqhkiG9w0BAQQFAAOBgQCuFtFZWIAv53BazTyK9UUg95DzHVRg+H3pjnNF8JY+65BJ CWXFtqQtgUPnlTwpDJF1FETHoUCjkjzKjW+u1V9wGjcGGyhRrZZZv9nnP1ZQz1beW8Q38WQm ECyGV/9JT5JK56I8SHkAe5caU/zeUKV1NWui5DOnlwvTc7Xbcu10YTCCAngwggHhoAMCAQIC Aw4WSTANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENv bnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWls IElzc3VpbmcgQ0EwHhcNMDUwMjIwMDk0MjAwWhcNMDYwMjIwMDk0MjAwWjBwMRUwEwYDVQQE EwxkZSBSdXlzc2NoZXIxEzARBgNVBCoTClJlbXkgRnJhbmsxIDAeBgNVBAMTF1JlbXkgRnJh bmsgZGUgUnV5c3NjaGVyMSAwHgYJKoZIhvcNAQkBFhFyZW15QHVuaXgtYXNwLmNvbTCBnzAN BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2XLqNANBOoniY+SWkbJ/wDDTpulVEw9fFm1vu8tL tv2t8P8DUCoCf+EgTzdET6mx/q3NFVwOk0J1bAA5OGsSX07IDi1ReJrJ4ORC3zjHnvHTE75j 1ReM16QdO80eFxyxKC2xD0JyMcVYmoIqAtahVNosby4cjxR4n5M7TC4DPbMCAwEAAaMuMCww HAYDVR0RBBUwE4ERcmVteUB1bml4LWFzcC5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B AQQFAAOBgQCuFtFZWIAv53BazTyK9UUg95DzHVRg+H3pjnNF8JY+65BJCWXFtqQtgUPnlTwp DJF1FETHoUCjkjzKjW+u1V9wGjcGGyhRrZZZv9nnP1ZQz1beW8Q38WQmECyGV/9JT5JK56I8 SHkAe5caU/zeUKV1NWui5DOnlwvTc7Xbcu10YTCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcN AQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT CUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRp ZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBG cmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNv bTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYD VQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVy c29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA xKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkV cI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUq VIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMG A1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZy ZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJp dmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIX oUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydx VyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8x ggK6MIICtgIBATBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGlu ZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWlu ZyBDQQIDDhZJMAkGBSsOAwIaBQCgggGnMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJ KoZIhvcNAQkFMQ8XDTA1MDYxNjEyMTAzNFowIwYJKoZIhvcNAQkEMRYEFHQmFbIymI6HB8sh 1df8XrWymx4FMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMHgGCSsGAQQBgjcQBDFr MGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0 ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAgMOFkkw egYLKoZIhvcNAQkQAgsxa6BpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg SXNzdWluZyBDQQIDDhZJMA0GCSqGSIb3DQEBAQUABIGAJc4Qrve3RWfdOLYLbtgxOQYVNHPB 8UN2kQhc59XBo74zqv0C3AvuMpVLeO5A9VdEKrHjK80P2oP6v2fWoa2dRki9PI4qKcukwfER UP1v2BVG7LhCrO0Byc1O4UhXs0gsT1mrKl/yl/rpMZA/Ts6WQBokqSIT4pS0KL6CVR4AC0QA AAAAAAA= --------------ms050906050109040303020001-- From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 12:54:24 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4844816A41C for ; Thu, 16 Jun 2005 12:54:24 +0000 (GMT) (envelope-from deichert@wrench.com) Received: from mx1a.swcp.com (mx1a.swcp.com [216.184.2.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0BC0C43D49 for ; Thu, 16 Jun 2005 12:54:23 +0000 (GMT) (envelope-from deichert@wrench.com) Received: from taka.swcp.com (taka-216.swcp.com [216.184.2.3]) by mx1a.swcp.com (8.13.3/8.13.3/Debian-6) with ESMTP id j5GCsMGC011617 for ; Thu, 16 Jun 2005 06:54:23 -0600 Received: from yagi.swcp.com (yagi.swcp.com [216.184.2.43]) by taka.swcp.com (8.13.3/8.13.1) with ESMTP id j5GCsHH3050157 for ; Thu, 16 Jun 2005 06:54:22 -0600 (MDT) (envelope-from deichert@wrench.com) Received: from localhost (deichert@localhost) by yagi.swcp.com (8.8.8/8.8.7) with ESMTP id MAA24288 for ; Thu, 16 Jun 2005 12:54:17 GMT X-Authentication-Warning: yagi.swcp.com: deichert owned process doing -bs Date: Thu, 16 Jun 2005 06:54:17 -0600 (MDT) From: Diana Eichert X-Sender: deichert@yagi.swcp.com To: freebsd-isp@freebsd.org In-Reply-To: <20050615235711.5b5cbfa3.lists@yazzy.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on kaimen.swcp.com X-Spam-Status: No, hits=0.0 required=10.0 tests=none autolearn=no version=2.63 X-Spam-Level: Subject: Re: Radius server with web/gui interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 12:54:24 -0000 On Wed, 15 Jun 2005, Marcin Jessa wrote: > Yeah and that gives you absolutelly no possibility to add/remove/change > the features of your Radmin. > You'd need to write your own admin app for that. > And why not doing this for freeradius which is very feature rich, free > and with source code avaliable for quality inspection. > The only reason to use commercial soft is to be able to get commercial > support. > And that gives you no guarantee their software is free for bugs. > I doubt anyone checks for Radiator security risks as they do for > freeradius. > > Cheers, > Marcin. When I first looked at freeradius several years ago it didn't have the feature set I required, today things may be different, shrug. You ever looked at Radiator/Radmin? The source is there, I've made changes to it and posted it back to them. I needed commercial software for the company I work because some companies require there be support for software packages in case I move on or get hit by the proverbial beer truck. diana From owner-freebsd-isp@FreeBSD.ORG Thu Jun 16 14:23:45 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3ABC116A41C for ; Thu, 16 Jun 2005 14:23:45 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id EDF6A43D49 for ; Thu, 16 Jun 2005 14:23:44 +0000 (GMT) (envelope-from khaled.abu@gmail.com) Received: by wproxy.gmail.com with SMTP id 69so501241wra for ; Thu, 16 Jun 2005 07:23:44 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=SAgBPv2podiY6p+laHkj0xGJI5szUSO10ctiGQNWtNHFvkprdq7r/1PuaLva6V36maOLe3Exkp57m1qqUlUHkdj0sh+L79D5PT/UEVi6jHhTDkj+Cc1BDE0XlBsUap32qZQXYpPzoNx3TIShQtLwXCXvXTN/KZKuOjYccvwUtU8= Received: by 10.54.5.50 with SMTP id 50mr644009wre; Thu, 16 Jun 2005 07:23:43 -0700 (PDT) Received: by 10.54.66.16 with HTTP; Thu, 16 Jun 2005 07:23:43 -0700 (PDT) Message-ID: Date: Thu, 16 Jun 2005 17:23:43 +0300 From: Abu Khaled To: Remy de Ruysscher In-Reply-To: <42B16C3A.8040008@unix-asp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <20050616120019.BFAEB16A421@hub.freebsd.org> <42B16C3A.8040008@unix-asp.com> Cc: freebsd-isp@freebsd.org Subject: Re: freebsd-isp Digest, Vol 117, Issue 4 X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Abu Khaled List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 14:23:45 -0000 On 6/16/05, Remy de Ruysscher wrote: > Hi there, >=20 > I'm struggeling with the setup of Reverse Proxy (Squid) for our > serverfarm. Is it possible to preserve the orginal IP address > in the logs on the destinator webserver (Apache access-logs). If not all > connections are comming from the Squid Proxy. >=20 > If seen a number of patches for Squid, but haven't dived into it yet. > Any tips on this matter are most welcome ;). >=20 > Regards, >=20 > Remy. >=20 >=20 >=20 I found this sometime ago while trying to configure my apache log files. Check apache mod_log_config documentation. http://httpd.apache.org/docs/mod/mod_log_config.html Inserting X-Forwarded-For for apache access-logs might help. # start LogFormat "%v %{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common CustomLog logs/access_log common # end --=20 Kind regards Abu Khaled From owner-freebsd-isp@FreeBSD.ORG Fri Jun 17 13:58:53 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4B2FD16A41C for ; Fri, 17 Jun 2005 13:58:53 +0000 (GMT) (envelope-from "") Received: from brighthouse.nl (viviumbo2.xs4all.nl [80.127.170.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id A632843D1F for ; Fri, 17 Jun 2005 13:58:52 +0000 (GMT) (envelope-from "") Received: from helvoirt03.brighthouse.local ([192.168.0.3]) by gate.brighthouse.nl with ESMTP id <119050>; Fri, 17 Jun 2005 16:07:42 +0200 Received: from MailMarshal.Engine ([127.0.0.1]) by helvoirt03.brighthouse.local with NetIQ MailMarshal (v6, 0, 3, 8) id ; Fri, 17 Jun 2005 15:59:07 +0200 Message-ID: From: mailmarshal@brighthouse.nl To: freebsd-isp@freebsd.org Date: Fri, 17 Jun 2005 15:59:07 +0200 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="--=a31a82d3-c6d6-4e62-8d2e-92c1c94ef0aa" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: kees.schalkwijk@brighthouse.nl Subject: Your email message was blocked X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Jun 2005 13:58:53 -0000 ----=a31a82d3-c6d6-4e62-8d2e-92c1c94ef0aa Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable The following email message was blocked by MailMarshal: From:freebsd-isp@freebsd.org To:kees.schalkwijk@brighthouse.nl Subject:Mail Delivery (failure kees.schalkwijk@brighthouse.nl) Message: B42b2d6da0000.000000000001.0001.mml Because it contains a potentially malicious filetype attachment. If you believe the message is business related, please contact postmaster= @brighthouse.nl and request that the message be released. If no contact i= s made within 5 days the message will be automatically deleted. MailMarshal Rule: Content Security (Inbound) : Block Suspect Attachments NetIQ MailMarshal Email Content Security ----=a31a82d3-c6d6-4e62-8d2e-92c1c94ef0aa-- From owner-freebsd-isp@FreeBSD.ORG Fri Jun 17 17:56:04 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E53F016A41C for ; Fri, 17 Jun 2005 17:56:04 +0000 (GMT) (envelope-from persecution@swanseacity.com) Received: from p54B2EF5A.dip.t-dialin.net (p54B2EF5A.dip.t-dialin.net [84.178.239.90]) by mx1.FreeBSD.org (Postfix) with SMTP id 65AF943D1D for ; Fri, 17 Jun 2005 17:56:04 +0000 (GMT) (envelope-from persecution@swanseacity.com) Received: from [184.115.240.223] (port=4004 helo=[stunning]) by p54B2EF5A.dip.t-dialin.net with esmtp id 9500212603sleepless50452 for freebsd-isp@freebsd.org; Fri, 17 Jun 2005 19:56:01 +0200 Mime-Version: 1.0 (Apple Message framework v728) Content-Transfer-Encoding: 7bit Message-Id: <87439130224.14256122776@p54B2EF5A.dip.t-dialin.net> Content-Type: text/plain; charset=US-ASCII; format=flowed To: freebsd-isp@freebsd.org From: Donald Date: Fri, 17 Jun 2005 19:56:00 +0200 X-Mailer: Apple Mail (2.728) Subject: Legal, prescription medications under the essential guidance of licensed medical X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Jun 2005 17:56:05 -0000 Make your life full of grand impressions! http://lrhlnz.9ou2vsrko19hds9.shieldha.com Only learn to seize good fortune, for good fortune is always here. I hate quotations. Tell me what you know. The idea of all-out nuclear war is unsettling. From owner-freebsd-isp@FreeBSD.ORG Sat Jun 18 07:57:20 2005 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B74C116A41C for ; Sat, 18 Jun 2005 07:57:20 +0000 (GMT) (envelope-from freebsd-isp@chef-ingenieur.de) Received: from mta.webmatic.de (mta.webmatic.de [212.78.99.126]) by mx1.FreeBSD.org (Postfix) with ESMTP id 061E043D48 for ; Sat, 18 Jun 2005 07:57:19 +0000 (GMT) (envelope-from freebsd-isp@chef-ingenieur.de) Received: (qmail 14255 invoked by uid 1003); 18 Jun 2005 07:57:16 -0000 Received: from freebsd-isp@chef-ingenieur.de by mta.webmatic.de by uid 89 with qmail-scanner-1.22 (spamassassin: 2.63. Clear:RC:1(217.186.4.121):. Processed in 0.05576 secs); 18 Jun 2005 07:57:16 -0000 Received: from unknown (HELO ?172.21.1.12?) (freebsd-stable@chef-ingenieur.de@217.186.4.121) by mta.webmatic.de with (DHE-RSA-AES256-SHA encrypted) SMTP; 18 Jun 2005 07:57:16 -0000 Message-ID: <42B3D3DF.6000003@chef-ingenieur.de> Date: Sat, 18 Jun 2005 09:57:19 +0200 From: Thomas Krause User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317) X-Accept-Language: de-DE, de, en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Subject: ssh: PermitRootLogin / ChallengeResponseAuthentication X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Jun 2005 07:57:20 -0000 Hello, I want allow root login only with ssh keys, not with password. "PermitRootLoing without-password" is not working, because ChallengeResponseAuthentication is enabled by default. How can I solve this? Kind regards, Thomas.