info83

Здравствуйте. Когда примерно выйдет stable версия? А то всякие фичи добавляете, но stable ни разу не видел

Здравствуйте. У нас стоит accel-ppp 1.7.2 версии + LanBilling. Все прекрасно работает. Хотел настроить связку accel-ppp 1.7.2 + FreeRadius Но при авторизации выдает ошибку 691 (логин, пароль не правильный) В логах радиус сервера: Ready to process requests. Auth-Type already set. Not setting to PAPrad_recv: Access-Request packet from host 127.0.0.1 port 43933, id=1, length=234 User-Name = "test" NAS-Identifier = "Intel(R) Xeon(R) CPU E31220 @ 3.10GHz X4 GNU/Linux " NAS-IP-Address = 127.0.0.1 NAS-Port = 0 NAS-Port-Type = Virtual Service-Type = Framed-User Framed-Protocol = PPP Calling-Station-Id = "eth0:00:1b:21:3d:25:9f" Called-Station-Id = "52:54:00:1e:f8:3e" MS-CHAP-Challenge = 0xb593a562731f9fe9a4d30abcd2be088d MS-CHAP2-Response = 0x0100027259697071f09492637dc42bfecc020000000000000000899393aa0ba258781fd924abf1eea633aa197fa3d700dc25 # Executing section authorize from file /etc/raddb/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok [auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/127.0.0.1/auth-detail-20121012 [auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/127.0.0.1/auth-detail-20121012 [auth_log] expand: %t -> Fri Oct 12 14:58:37 2012 ++[auth_log] returns ok ++[chap] returns noop [mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap' ++[mschap] returns ok ++[digest] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [files] users: Matched entry DEFAULT at line 172 ++[files] returns ok [sql] expand: %{User-Name} -> test [sql] sql_set_user escaped user --> 'test' rlm_sql (sql): Reserving sql socket id: 2 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'test' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'test' ORDER BY priority [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'static' ORDER BY id [sql] User found in group static [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'static' ORDER BY id rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] returns noop Found Auth-Type = MSCHAP Found Auth-Type = Local Warning: Found 2 auth-types on request for user 'test' !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Replacing User-Password in config items with Cleartext-Password. !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Please update your configuration so that the "known good" !!! !!! clear text password is in Cleartext-Password, and not in User-Password. !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: Please update your configuration, and remove 'Auth-Type = Local' WARNING: Use the PAP or CHAP modules instead. No User-Password or CHAP-Password attribute in the request. Cannot perform authentication. Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /etc/raddb/sites-enabled/default +- entering group REJECT {...} [sql] expand: %{User-Name} -> test [sql] sql_set_user escaped user --> 'test' [sql] expand: %{User-Password} -> [sql] ... expanding second conditional [sql] expand: %{Chap-Password} -> [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'test', '', 'Access-Reject', '2012-10-12 14:58:37') rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'test', '', 'Access-Reject', '2012-10-12 14:58:37') rlm_sql (sql): Reserving sql socket id: 1 rlm_sql (sql): Released sql socket id: 1 ++[sql] returns ok [attr_filter.access_reject] expand: %{User-Name} -> test attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 3 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 3 Sending Access-Reject of id 1 to 127.0.0.1 port 43933 Waking up in 4.9 seconds. Cleaning up request 3 ID 1 with timestamp +404 Ready to process requests. Подключаемый логин пароль: test; test. В логах accel-ppp: [2012-10-12 14:58:34]: info: recv [PPPoE PADI 00:1b:21:3d:25:9f => ff:ff:ff:ff:ff:ff sid=0000 <Service-Name > <Host-Uniq 1900000031000000>] [2012-10-12 14:58:34]: info: send [PPPoE PADO 52:54:00:1e:f8:3e => 00:1b:21:3d:25:9f sid=0000 <AC-Name accel-ppp> <Service-Name > <AC-Cookie bf8b25465e7fe718e15ca9c269cffcee66fd43a6d76557af> <Host-Uniq 1900000031000000>] [2012-10-12 14:58:34]: info: recv [PPPoE PADR 00:1b:21:3d:25:9f => 52:54:00:1e:f8:3e sid=0000 <Service-Name > <Host-Uniq 1900000032000000> <AC-Cookie bf8b25465e7fe718e15ca9c269cffcee66fd43a6d76557af>] [2012-10-12 14:58:34]: info: send [PPPoE PADS 52:54:00:1e:f8:3e => 00:1b:21:3d:25:9f sid=001c <AC-Name accel-ppp> <Service-Name > <Host-Uniq 1900000032000000>] [2012-10-12 14:58:34]: info: ppp0: connect: ppp0 <--> pppoe(eth0:00:1b:21:3d:25:9f) [2012-10-12 14:58:34]: info: ppp0: send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1400> <magic 5c482a97>] [2012-10-12 14:58:34]: info: ppp0: recv [LCP ConfReq id=0 <mru 1480> <magic 2cf1168d> <pcomp> <accomp> < d 3 6 >] [2012-10-12 14:58:34]: info: ppp0: send [LCP ConfRej id=0 <pcomp> <accomp> < d 3 6 >] [2012-10-12 14:58:34]: info: ppp0: recv [LCP ConfReq id=1 <mru 1480> <magic 2cf1168d>] [2012-10-12 14:58:34]: info: ppp0: send [LCP ConfAck id=1 ] [2012-10-12 14:58:37]: info: ppp0: send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1400> <magic 5c482a97>] [2012-10-12 14:58:37]: info: ppp0: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <mru 1400> <magic 5c482a97>] [2012-10-12 14:58:37]: info: ppp0: send [MSCHAP-v2 Challenge id=1 <b593a562731f9fe9a4d3abcd2be88d>] [2012-10-12 14:58:37]: info: ppp0: recv [LCP Ident id=2 <MSRASV5.20>] [2012-10-12 14:58:37]: info: ppp0: recv [LCP Ident id=3 <MSRAS-0-▒▒▒-▒▒>] [2012-10-12 14:58:37]: info: ppp0: recv [LCP Ident id=4 <▒▒IK▒▒▒M▒▒ T(ԧ8>] [2012-10-12 14:58:37]: info: ppp0: recv [MSCHAP-v2 Response id=1 <27259697071f09492637dc42bfecc2>, <899393aaba258781fd924abf1eea633aa197fa3d70dc25>, F=0, name="test"] [2012-10-12 14:58:37]: info: ppp0: send [RADIUS(5) Access-Request id=1 <User-Name "test"> <NAS-Identifier "Intel(R) Xeon(R) CPU E31220 @ 3.10GHz X4 GNU/Linux "> <NAS-IP-Address 127.0.0.1> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "eth0:00:1b:21:3d:25:9f"> <Called-Station-Id "52:54:00:1e:f8:3e"><Microsoft MS-CHAP-Challenge ><Microsoft MS-CHAP2-Response >] [2012-10-12 14:58:38]: info: ppp0: recv [RADIUS(5) Access-Reject id=1] [2012-10-12 14:58:38]: info: ppp0: send [MSCHAP-v2 Failure id=1 "E=691 R=0 V=3 M=Authentication failure"] [2012-10-12 14:58:38]: info: ppp0: test: authentication failed [2012-10-12 14:58:38]: info: test: authentication failed [2012-10-12 14:58:38]: info: ppp0: send [LCP TermReq id=3] [2012-10-12 14:58:38]: info: ppp0: recv [LCP TermAck id=3] [2012-10-12 14:58:38]: info: recv [PPPoE PADT 00:1b:21:3d:25:9f => 52:54:00:1e:f8:3e sid=001c] [2012-10-12 14:58:38]: info: send [PPPoE PADT 52:54:00:1e:f8:3e => 00:1b:21:3d:25:9f sid=001c <AC-Name accel-ppp> <Service-Name > <Host-Uniq 1900000032000000>] [2012-10-12 14:58:38]: info: ppp0: disconnected Подозреваю что тут не стыкуются атрибут User-Password В mysql прописан пользователь: id username attribute op value 1 test User-Password := test

Погуглил ,дельного не нашел . Может есть у кого рабочий вариант или мануал по интеграции с accel ppp. С уважением. Наверно, что то типа этого тебе нужен: #!/bin/bash DEV=${1} DOWNLINK=${2} UPLINK=${3} tc qdisc del dev $DEV root 2> /dev/null > /dev/null tc qdisc add dev $DEV root handle 1: htb default 20 tc class add dev $DEV parent 1: classid 1:1 htb rate 100mbit burst 64k tc class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK}kbit burst 6k prio 1 # инет tc class add dev $DEV parent 1:1 classid 1:20 htb rate 100mbit burst 64k prio 3 # локалка tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10 tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10 tc filter add dev $DEV parent 1: protocol ip prio 18 u32 \ match ip src XX.XX.240.0/20 flowid 1:20 # реальные адреса абонентов tc filter add dev $DEV parent 1: protocol ip prio 18 u32 \ match ip src 10.0.0.0/8 flowid 1:20 # серые адреса абонентов tc filter add dev $DEV parent 1: protocol ip prio 20 u32 \ match ip dst 0.0.0.0/0 flowid 1:10

Jun 19 10:31:04 nas45 accel-pppd: ppp37:login: send [RADIUS(3) Accounting-Request id=1 <User-Name "login"> <NAS-Identifier "GNU/Linux"> <NAS-IP-Address XX.XX.240.45> <NAS-Port 37> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "xx:xx:xx:xx:xx:xx"> <Called-Station-Id "yy:yy:yy:yy:yy:yy"> <Class > <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "1d2f01c080ee4759"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address XX.XX.255.222>] Тут можно ли сменить начальные значении Acct-Session-Id "1d2f01c080ee4759"? Например на Acct-Session-Id "nas051c080ee4759". У нас 3 NAS сервера. У нас получается на превом сервере: 0040de0f535e1eb8 Jun 17 11:32:26 ХХ.ХХ.240.55 0040de0f535e1eb8 Jun 17 19:15:29 ХХ.ХХ.240.55 0040de0f535e1eb8 Jun 17 21:59:50 ХХ.ХХ.240.55 0040de0f535e1eb9 Jun 17 11:32:26 ХХ.ХХ.240.55 0040de0f535e1eb9 Jun 17 19:15:28 ХХ.ХХ.240.55 и т.д можно так : nas1de0f535e1eb9 Jun 17 19:15:28 ХХ.ХХ.240.55 На втором: 1d2f01c080ee02d5 Jun 17 22:41:03 ХХ.ХХ.240.60 1d2f01c080ee02de Jun 17 22:41:25 ХХ.ХХ.240.60 1d2f01c080ee02e6 Jun 17 11:56:11 ХХ.ХХ.240.60 1d2f01c080ee02e6 Jun 17 22:41:43 ХХ.ХХ.240.60 1d2f01c080ee02e7 Jun 17 22:41:44 ХХ.ХХ.240.60 можно так: nas201c080ee02e7 Jun 17 22:41:44 ХХ.ХХ.240.60 На третьем: 1d2f01c080ee237f Июн 18 15:58:58 ХХ.ХХ.240.45 1d2f01c080ee2380 Июн 18 15:59:01 ХХ.ХХ.240.45 1d2f01c080ee2381 Июн 18 15:58:58 ХХ.ХХ.240.45 1d2f01c080ee2382 Июн 18 15:59:01 ХХ.ХХ.240.45 1d2f01c080ee2383 Июн 18 15:59:01 ХХ.ХХ.240.45 1d2f01c080ee2385 Июн 18 15:58:58 ХХ.ХХ.240.45 можно так: nas301c080ee2385 Июн 18 15:58:58 ХХ.ХХ.240.45 т.е. значении 2 и 3 сервера почти совпадают и временами наблюдается совпадении.

Проблемы пропали кстати :), замесал что оно вылезает при длинном имене "пользователя" - типа user="///////////%%%{dghdfART^^^^^^^^^^^^^^^^^^^^^^^^&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&@$%^66666666666666666666666666666666666666666666666666666666666666666666ertydfgh" и т.д.

Из 3-х серверов 1 обновил до 1.7.0 версии. Надеюсь пропадут проблемы типа Jun 17 19:08:15 nas45 kernel: [1762741.669413] accel-pppd[4133] general protection ip:7f933bc4d8f3 sp:7f9335f7b668 error:0 in libtriton.so[7f933bc47000+9000]

Пару дней подряд такая же ошибка Версия accel-ppp version 1.6.0

Нашел проблемы обрыва связи. lcp теряются. Перепрошил модем на 4.49 версию и поставил lcp interval 30 lcp fail 20. Две сутки без обрыва работает.

более ничего сказать нельзя, логи недостаточной детализации Думаю этого лога достадочно. Такие проблемы наблюдаются у абонентов где модем настроен роутером. forumnag.txt

более ничего сказать нельзя, логи недостаточной детализации Больше в логах ничего нет. Это 4 уровень. Дольше только запись: May 29 14:26:44 nas-02 accel-pppd: ppp3:: disconnected

не понятно, мало логов значит клиент и сервер не могут договориться об используемом типе авторизации, к примеру на сервере включено только mschap_v2, а клиент упорно требует papлогов мало, нужен уровень 4 May 29 14:24:40 nas45 accel-pppd: ppp3:: connect: ppp3 <--> pppoe(00:e0:52:cf:a1:14) May 29 14:24:40 nas45 accel-pppd: ppp3:: send [RADIUS(4) Access-Request id=1 <User-Name "35510"> <NAS-Identifier "GNU/Linux "> <NAS-IP-Address x.x.240.45> <NAS-Port 3> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "00:e0:52:cf:a1:14"> <Called-Station-Id "90:e2:ba:0f:66:e4"><Microsoft MS-CHAP-Challenge ><Microsoft MS-CHAP2-Response >] May 29 14:24:40 nas45 accel-pppd: ppp3:: recv [RADIUS(4) Access-Accept id=1 <Session-Timeout 0> <Service-Type Framed-User> <Framed-Protocol PPP> <Framed-IP-Address x.x.248.11> <Framed-IP-Netmask 255.255.255.255> <Class ><Microsoft MS-CHAP2-Success ><Microsoft MS-MPPE-Encryption-Policy 1><Microsoft MS-MPPE-Encryption-Type 6><Microsoft MS-MPPE-Send-Key ><Microsoft MS-MPPE-Recv-Key > <Acct-Interim-Interval 60> <Speed "256">] May 29 14:24:40 nas45 accel-pppd: ppp3:35510: 35510: authentication successed May 29 14:24:40 nas45 accel-pppd: ppp3:35510: send [RADIUS(4) Accounting-Request id=1 <User-Name "35510"> <NAS-Identifier "GNU/Linux "> <NAS-IP-Address x.x.240.45> <NAS-Port 3> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "00:e0:52:cf:a1:14"> <Called-Station-Id "90:e2:ba:0f:66:e4"> <Class > <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "1d2f01c080ee0f23"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address x.x.248.11>] May 29 14:24:40 nas45 accel-pppd: ppp3:35510: recv [RADIUS(4) Accounting-Response id=1] ........................................................ ........................................................ May 29 14:26:39 nas45 accel-pppd: ppp3:35510: send [RADIUS(4) Accounting-Request id=2 <User-Name "35510"> <NAS-Identifier "GNU/Linux "> <NAS-IP-Address x.x.240.45> <NAS-Port 3> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "00:e0:52:cf:a1:14"> <Called-Station-Id "90:e2:ba:0f:66:e4"> <Class > <Acct-Status-Type Stop> <Acct-Authentic RADIUS> <Acct-Session-Id "1d2f01c080ee0f23"> <Acct-Session-Time 119> <Acct-Input-Octets 5585> <Acct-Output-Octets 8776> <Acct-Input-Packets 76> <Acct-Output-Packets 63> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address x.x.248.11> <Acct-Terminate-Cause User-Request>] May 29 14:26:39 nas45 accel-pppd: ppp3:35510: recv [RADIUS(4) Accounting-Response id=2]

У меня в логах: May 29 06:34:40 nas45 accel-pppd: ppp39:: send [RADIUS(3) Access-Request id=1 <User-Name "35510"> <NAS-Identifier "test"> <NAS-IP-Address x.x.x.x May 29 06:34:40 nas45 accel-pppd: ppp39:: recv [RADIUS(3) Access-Accept id=1 <Session-Timeout 0> <Service-Type Framed-User> <Framed-Protocol PPP> <Framed-IP-Address x.x.x.x> <Framed-IP-Netma$ May 29 06:34:40 nas45 accel-pppd: ppp39:35510: 35510: authentication successed May 29 06:34:40 nas45 accel-pppd: ppp39:35510: send [RADIUS(3) Accounting-Request id=1 <User-Name "35510"> <NAS-Identifier "test"> <NAS-IP-Address 94$ May 29 06:34:40 nas45 accel-pppd: ppp39:35510: recv [RADIUS(3) Accounting-Response id=1] May 29 06:34:40 nas45 kernel: [76358.859402] HTB: quantum of class 10001 is big. Consider r2q change. May 29 06:34:40 nas45 kernel: [76358.861548] HTB: quantum of class 10020 is big. Consider r2q change. .......................................... .......................................... May 29 06:36:39 nas45 accel-pppd: ppp39:35510: send [RADIUS(3) Accounting-Request id=2 <User-Name "35510"> <NAS-Identifier "test"> <NAS-IP-Address 94$ May 29 06:36:39 nas45 accel-pppd: ppp39:35510: recv [RADIUS(3) Accounting-Response id=2] May 29 06:36:42 nas45 accel-pppd: ppp39:: disconnected Это записи для некоторым абонентам. Как только отключаются через секунду подключаются. Дело в абонентах или я что то упустил? Еще, что значит: May 29 06:36:26 nas45 accel-pppd: ppp93:: connect: ppp93 <--> pppoe(34:08:04:00:db:b1) May 29 06:36:26 nas45 kernel: [76464.896866] HTB: quantum of class 10001 is big. Consider r2q change. May 29 06:36:26 nas45 kernel: [76464.899088] HTB: quantum of class 10020 is big. Consider r2q change. May 29 06:36:26 nas45 accel-pppd: ppp93:: cann't negotiate authentication type May 29 06:36:26 nas45 accel-pppd: ppp93:: disconnected

Спасибо

Не покажешь примерный конфиг как в syslog системы кидать? :)

/var/log/accel-ppp/*.log { rotate 7 daily size=100M compress notifempty missingok postrotate kill -HUP `cat /var/run/accel-pppd.pid` endscript } Если такое прописать на logrotate, подключение не будет обрываться при выполнении: kill -HUP `cat /var/run/accel-pppd.pid` Пробовал через cron: cat /dev/null > /var/log/accel-ppp/accel-ppp.log . Содержимое логов очищается, но размер файла не уменьшается :(. Отключение лога accel-ppp не предлагать :).