about use mavis tacauth_limit module with tac_plus, config snapshot,need help
0 views
Skip to first unread message
Aruforce
4:57 AM (11 hours ago) 4:57 AM
to Event-Driven Servers
Hello Marc.
now we use tac_plus. wany some feature like fail to lock, i found module tacauth_limit,
try with next snapshot :
id = spawnd {
listen = {
address = 127.0.0.1
port = 10049
}
spawn {
instances min = 1
instances max = 1
users min = 100
users max = 100
}
}
id = tac_plus {
debug = ALL
log = stderr {
destination = /dev/stderr
}
log = authentication_log {
destination = "/var/log/tac_plus/authentication/authentication.log"
log separator = "|!|"
}
log = authorization_log {
destination = "/var/log/tac_plus/authorization/authorization.log"
log separator = "|!|"
}
log = accounting_log {
destination = "/var/log/tac_plus/accounting/accounting.log"
log separator = "|!|"
}
authentication log = authentication_log
authorization log = authorization_log
accounting log = accounting_log#
connection timeout = 300
context timeout = 3600
password max-attempts = 1
password backoff = 1
separation tag = "*"
skip conflicting groups = yes
skip missing groups = yes
single-connection = no
mavis module = tacauth_limit {
blacklist time = 900
blacklist count = 3
hash = USER
directory = /opt/blacklist/
}
user backend = mavis
login backend = mavis
####LIST OF DEVICE GROUPS####
host = test {
address = "0.0.0.0/0"
key = "streamkey"
}
group = adminHUAWEIRoute {
default service = permit
service = shell {
default command = permit
default attribute = permit
set priv-lvl = 15
message deny = "Denied '%c %a' "
}
}
group = role_1 {
member = adminHUA...@x.x.x.x
}
user = test {
login = crypt "$1$Bm24z9s2$tNiN96UdMXd/mb2PEGkZO/"
pap = login # Clone login
enable = crypt "$1$Bm24z9s2$tNiN96UdMXd/mb2PEGkZO/"
valid from = 1697514703
valid until = 1792425599
member = role_1
}
}
tac_plus can parse it but it seems not work as expected, try 3 time wrong pass and 1 correct with in 21 minute the last login unexpected
now we use tac_plus. wany some feature like fail to lock, i found module tacauth_limit,
try with next snapshot :
id = spawnd {
listen = {
address = 127.0.0.1
port = 10049
}
spawn {
instances min = 1
instances max = 1
users min = 100
users max = 100
}
}
id = tac_plus {
debug = ALL
log = stderr {
destination = /dev/stderr
}
log = authentication_log {
destination = "/var/log/tac_plus/authentication/authentication.log"
log separator = "|!|"
}
log = authorization_log {
destination = "/var/log/tac_plus/authorization/authorization.log"
log separator = "|!|"
}
log = accounting_log {
destination = "/var/log/tac_plus/accounting/accounting.log"
log separator = "|!|"
}
authentication log = authentication_log
authorization log = authorization_log
accounting log = accounting_log#
connection timeout = 300
context timeout = 3600
password max-attempts = 1
password backoff = 1
separation tag = "*"
skip conflicting groups = yes
skip missing groups = yes
single-connection = no
mavis module = tacauth_limit {
blacklist time = 900
blacklist count = 3
hash = USER
directory = /opt/blacklist/
}
user backend = mavis
login backend = mavis
####LIST OF DEVICE GROUPS####
host = test {
address = "0.0.0.0/0"
key = "streamkey"
}
group = adminHUAWEIRoute {
default service = permit
service = shell {
default command = permit
default attribute = permit
set priv-lvl = 15
message deny = "Denied '%c %a' "
}
}
group = role_1 {
member = adminHUA...@x.x.x.x
}
user = test {
login = crypt "$1$Bm24z9s2$tNiN96UdMXd/mb2PEGkZO/"
pap = login # Clone login
enable = crypt "$1$Bm24z9s2$tNiN96UdMXd/mb2PEGkZO/"
valid from = 1697514703
valid until = 1792425599
member = role_1
}
}
tac_plus can parse it but it seems not work as expected, try 3 time wrong pass and 1 correct with in 21 minute the last login unexpected
Marc Huber
12:56 PM (3 hours ago) 12:56 PM
to event-driv...@googlegroups.com
Hi,
tacauth_limit is a MAVIS module, and it should keep track of lower-level MAVIS authentication failures.
However, you're probably testing with your local "test" user, so the MAVIS backend isn't involved at all and tacauth_limit won't see these authentications.
Cheers,
Marc
tac_plus can parse it but it seems not work as expected, try 3 time wrong pass and 1 correct with in 21 minute the last login unexpected --
You received this message because you are subscribed to the Google Groups "Event-Driven Servers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to event-driven-ser...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/event-driven-servers/9a9bb98d-87a1-4847-8eb0-333a65aef8f5n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages