[ previous ] [ next ] [ threads ]
 
 From:  "Alex M" <radiussupport at lrcommunications dot net>
 To:  "'Jonathan De Graeve'" <Jonathan dot De dot Graeve at imelda dot be>
 Cc:  "Mono Dev List" <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] Central Dynamic Configuration for Captive Portal RADIUS
 Date:  Thu, 30 Mar 2006 16:14:27 -0500
I've been looking vor variable names for CP and I found that you are using
array:

$radiusservers[0]['ipaddr'],
$radiusservers[0]['port'],
$radiusservers[0]['key']);
$radiusservers[0]['acctport'],

But, I looked through all the document and I only was that it requests only
1st line of the array, why? Isn't CP supposed to go through at lest 2
servers if fist one is not avalible? Or you are using some different methid
of getting the second line?





-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Thursday, March 30, 2006 1:51 PM
To: Alex M
Cc: m0n0wall dash dev at lists dot m0n0 dot ch
Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for Captive Portal
RADIUS

I don't know what you are up to  but it seems you are making it more
complicating then it actually is

Something like this:
1) Setup a webserver with dynamic page generating radius test file based
on http request GET (nas_id = $macaddress)
2) m0n0wall will use PHP to fetch his radius config file after each
boot.
The URL to get the config from is stored in the config. In the request
will be the macaddress to identify the nas
3) system up & running
4) possible cron script to redownload config lets say every 30minutes

Don't know if this will satisfy all of your wishes and you also have to
take care of security. A compromised config repository can be pretty a
PITA

J.



> -----Oorspronkelijk bericht-----
> Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> Verzonden: donderdag 30 maart 2006 20:39
> Aan: Jonathan De Graeve
> Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration for
Captive
> Portal RADIUS
> 
> Ok, that will be a bit more of text then, any way let me do the
program to
> work with regular php web pages first, then I will convert it to the
> command
> line functionality (don't want to install interpreter on my laptop)
> 
> 
> 
> 
> -----Original Message-----
> From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> Sent: Thursday, March 30, 2006 12:30 PM
> To: Alex M
> Cc: m0n0wall dash dev at lists dot m0n0 dot ch
> Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for Captive
> Portal
> RADIUS
> 
> It doesn't have a browser so it will be in PHP
> 
> J.
> 
> > -----Oorspronkelijk bericht-----
> > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > Verzonden: donderdag 30 maart 2006 18:44
> > Aan: Jonathan De Graeve
> > CC: Mono Dev List
> > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration for
> Captive
> > Portal RADIUS
> >
> > Host name's are to variable... MAC would be better.. but them I will
> get
> > back to PHP generation.... if Captive portal requests the file does
it
> use
> > webbrowser or PHP command line?
> >
> >
> >
> > -----Original Message-----
> > From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > Sent: Thursday, March 30, 2006 11:00 AM
> > To: Alex M
> > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for
Captive
> > Portal
> > RADIUS
> >
> > It isn't
> >
> > You can easily write a script on your webserver that dependant on
your
> > request (for example nas also sents hostname) generates the config
> file
> >
> > Should still be easy
> >
> > J.
> >
> > --
> > Jonathan De Graeve
> > Network/System Engineer
> > Imelda vzw
> > Informatica Dienst
> > +32 15/50.52.98
> > jonathan dot de dot graeve at imelda dot be
> >
> > ---------
> > Always read the manual for the correct way to do things because the
> > number of incorrect ways to do things is almost infinite
> > ---------
> >
> > > -----Oorspronkelijk bericht-----
> > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > Verzonden: donderdag 30 maart 2006 17:22
> > > Aan: Jonathan De Graeve
> > > CC: Mono Dev List
> > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration for
> > Captive
> > > Portal RADIUS
> > >
> > > That would be to easy :-P but let me keep the what you have now,
> > except
> > > there will be small problem with Shared Secret, since its NAS
> specific
> > > attribute, while Radius IPs age common attribute. Obviously Shared
> > Secret
> > > should be the same for all servers in this case. Well let me write
> > > something
> > > and see what will happen.
> > >
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > Sent: Thursday, March 30, 2006 10:05 AM
> > > To: Alex M
> > > Cc: Mono Dev List
> > > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for
> Captive
> > > Portal
> > > RADIUS
> > >
> > > Leave it easy:
> > >
> > > Use a normal textfile:
> > > $ cat /var/db/captiveportal_radius.db
> > > serverip,authenticationport,accountingport,sharedsecret
> > > serverip2,authenticationport,accountingport,sharedsecret
> > > serverip3,authenticationport,accountingport,sharedsecret
> > >
> > > Just downloading the file and storing under /var/db should be
enough
> > :)
> > >
> > > J.
> > >
> > > --
> > > Jonathan De Graeve
> > > Network/System Engineer
> > > Imelda vzw
> > > Informatica Dienst
> > > +32 15/50.52.98
> > > jonathan dot de dot graeve at imelda dot be
> > >
> > > ---------
> > > Always read the manual for the correct way to do things because
the
> > > number of incorrect ways to do things is almost infinite
> > > ---------
> > >
> > > > -----Oorspronkelijk bericht-----
> > > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > > Verzonden: donderdag 30 maart 2006 16:55
> > > > Aan: Jonathan De Graeve
> > > > CC: Mono Dev List
> > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration for
> > > Captive
> > > > Portal RADIUS
> > > >
> > > > Well the script should be easy to do... at this moment im
playing
> > > around
> > > > with different methods to obtain the configs from the file that
is
> > > stored
> > > > on
> > > > external web server...
> > > >
> > > > First I thought to use PHP to generate XML content from the
> database
> > > and
> > > > then read that "xml" ... but then I thought that if mono will
> > request
> > > that
> > > > make not thought the web browser, then php will not be
interpreted
> > so
> > > I'll
> > > > get bunch of errors...
> > > >
> > > > So now I'm thinking to use php command line to request remote
file
> > or
> > > > build
> > > > an actual xml file on the server that will be updated if server
> > status
> > > are
> > > > changed... Which one is better?
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > > Sent: Thursday, March 30, 2006 9:24 AM
> > > > To: Alex M
> > > > Cc: Mono Dev List
> > > > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for
> > Captive
> > > > Portal
> > > > RADIUS
> > > >
> > > > Currently CP is freezed until after the weekend.
> > > >
> > > > What do you have in mind with the 'script'?
> > > >
> > > > J.
> > > >
> > > > --
> > > > Jonathan De Graeve
> > > > Network/System Engineer
> > > > Imelda vzw
> > > > Informatica Dienst
> > > > +32 15/50.52.98
> > > > jonathan dot de dot graeve at imelda dot be
> > > >
> > > > ---------
> > > > Always read the manual for the correct way to do things because
> the
> > > > number of incorrect ways to do things is almost infinite
> > > > ---------
> > > >
> > > > > -----Oorspronkelijk bericht-----
> > > > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > > > Verzonden: donderdag 30 maart 2006 16:19
> > > > > Aan: Jonathan De Graeve
> > > > > CC: Mono Dev List
> > > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration
for
> > > > Captive
> > > > > Portal RADIUS
> > > > >
> > > > > Well I'm not forcing anything, I can create major part of the
> > > script,
> > > > but
> > > > > I
> > > > > will need a little bit of help on integrating it to Mono.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
> > > > > Sent: Thursday, March 30, 2006 3:06 AM
> > > > > To: Alex M; Steven McCoy
> > > > > Cc: Mono Dev List
> > > > > Subject: RE: [m0n0wall-dev] Central Dynamic Configuration for
> > > Captive
> > > > > Portal
> > > > > RADIUS
> > > > >
> > > > > > -----Oorspronkelijk bericht-----
> > > > > > Van: Alex M [mailto:radiussupport at lrcommunications dot net]
> > > > > > Verzonden: donderdag 30 maart 2006 3:03
> > > > > > Aan: 'Steven McCoy'
> > > > > > CC: Mono Dev List
> > > > > > Onderwerp: RE: [m0n0wall-dev] Central Dynamic Configuration
> for
> > > > > Captive
> > > > > > Portal RADIUS
> > > > > >
> > > > >
> > > > >
> > > > > > a) DNS is not yet supported
> > > > > what do you mean with that?
> > > > >
> > > > > > b) Current config supports only 2 servers
> > > > > Actually, it supports up to 10servers, but only 2 are
> configurable
> > > > from
> > > > > within the gui
> > > > >
> > > > > Downloading the radius configuration file from a website
should
> be
> > > > > relative easy to implement
> > > > >
> > > > > > c) DNS are good but you are limited only to controlling
where
> > > would
> > > > > and
> > > > > > IP,
> > > > > > you can not add configuration such as groups for different
> > > locatios
> > > > > and
> > > > > > group switching id the server is not responding, basically
> with
> > > DNS
> > > > > all
> > > > > > the
> > > > > > work will be manually. And in case of my idea it will be
> > > > automatically
> > > > > > self
> > > > > > existing.
> > > > > I don't understand the idea of groups quite good, what do you
> mean
> > > > with
> > > > > that?
> > > > >
> > > > > > If you even can add command on radius servers to
automatically
> > > > > > populate config file when the servr is up, and if server is
> not
> > > > > > responding,
> > > > > > delete it from the list and notify admins
> > > > > I think you're asking too much ;)
> > > > >
> > > > > Dynamically download the config: OK, but setting orders on
which
> > one
> > > > is
> > > > > the fastest to respond is also not a good idea. You should
> prefer
> > > the
> > > > > one with the least packet drops. It also makes things a lot
> > > > complicader.
> > > > > Also for accounting, only the first radiusserver is used atm.
> > > > >
> > > > > PS Don't try to force things, if you want something please ask
> and
> > > > > always remember that currently nobody gets payed todo this.
> > > > >
> > > > >
> > > > > J.
> > > > >
> > > > > --
> > > > > Jonathan De Graeve
> > > > > Network/System Engineer
> > > > > Imelda vzw
> > > > > Informatica Dienst
> > > > > +32 15/50.52.98
> > > > > jonathan dot de dot graeve at imelda dot be
> > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Steven McCoy [mailto:fnjordy at gmail dot com]
> > > > > > Sent: Wednesday, March 29, 2006 7:52 PM
> > > > > > To: Alex M
> > > > > > Cc: Mono Dev List
> > > > > > Subject: Re: [m0n0wall-dev] Central Dynamic Configuration
for
> > > > Captive
> > > > > > Portal
> > > > > > RADIUS
> > > > > >
> > > > > > Whats wrong with using DNS for this?
> > > > > >
> > > > > > --
> > > > > > Steve-o
> > > > > >
> > > > > > On 29/03/06, Alex M <radiussupport at lrcommunications dot net>
> wrote:
> > > > > > >
> > > > > > > Hi, I'm trying to create a system where I will be able to
> > mange
> > > > > hotspots
> > > > > > > more dynamically and from central location. I want to
begin
> by
> > > > > creating
> > > > > > > "algorithm" where the list of Radius servers for captive
> > portal
> > > > > could be
> > > > > > > obtained automatically from the central WEB server or
> > secondary
> > > > > backup
> > > > > > > server.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > The reason for this is faster and easy management, quality
> of
> > > > > service
> > > > > > > configuration and scalability. Here is how it works: At
> > startup
> > > > NAS
> > > > > > (M0n0)
> > > > > > > connects to preset DNS URL and read config file that has a
> > list
> > > of
> > > > > > Radius
> > > > > > > servers (and maybe other configuration) [also beside this
> > > dynamic
> > > > > > function
> > > > > > > nas should have static info on 2 radius servers, just in
> case,
> > > but
> > > > > those
> > > > > > 2
> > > > > > > will be added et the end of the list, if connection is ok]
> so
> > > > about
> > > > > the
> > > > > > > list. the list obtained from server will contain all
> available
> > > > > Radiuses,
> > > > > > > now
> > > > > > > when the list is obtained nas will ping all nases and once
> > with
> > > > the
> > > > > low
> > > > > > > pings will be placed in the beginning of the list. .
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Also, there should be implementations of groups so that we
> can
> > > > > assign
> > > > > > > nases
> > > > > > > to proper Radiuses and change the groups during
maintenance.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Do I make myself clear on what I want?  Do you want to
> > implement
> > > > my
> > > > > > Idea?
> > > > > > >
> > > > > > > Does any one want to work with me on this?
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Regards,
> > > > > > >
> > > > > > > Oleksandr
> > > > > > >
> > > > > > > LRC
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > >
> >
---------------------------------------------------------------------
> > > > > > To unsubscribe, e-mail:
m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> > > > > > For additional commands, e-mail:
> m0n0wall dash dev dash help at lists dot m0n0 dot ch
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > >
> ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> > > > > For additional commands, e-mail:
m0n0wall dash dev dash help at lists dot m0n0 dot ch
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > >
> > >
> > >
> >
> >
> >
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
> 
>