Arnuschkys Project Page

The FreeRADIUS Server Project is a high-performance and highly configurable GPL'd free RADIUS server. It is more configurable and more powerful than any other free software RADIUS server, and has many features usually found only in commercial products. Even then, most commercial servers are distributed as a "base" system ($), and an "enhanced" version ($$), with more features. FreeRADIUS has 99% of the features that the commercial "enhanced" servers have, at zero cost.

This patch allows to use regular expressions in the realm definitions, so that wildcards are possible in realm names.

The example below shows a realm containing a regular expression, matching anything like user@company.com as well as user@host.company.com. All requests with this realm will be handled locally.

realm company.com {
  regexp    = "^.*company\.com"
  type      = radius
  authhost  = LOCAL
  accthost  = LOCAL
}

Please note that the regular expressions must be POSIX compatible and will be matched case insensitive. Additionally, the regexp should be the same on all servers of a fail-over and round-robin realm.

BASP is a kernel module designed for 2.4.x kernels that provides load-balancing, fault-tolerance, and VLAN features. These features are provided by creating teams that consist of multiple NIC interfaces. A team can consist of 1 to 8 NIC interfaces and each interface can be designated primary, or hot-standby (SLB team only). All primary NIC interfaces in a team will participate in Load-balancing operations by sending and receiving a portion of the total traffic. Hot-standby interfaces will take over in the event that all primary interfaces have lost their links. VLANs can be added to a team to allow multiple VLANs with different VLAN IDs. A virtual device is created for each VLAN added.

BASP supports Smart Load-balance (SLB(tm)), SLB (Auto-Fallback Disable), Generic trunking and IEEE 802.3ad Link Aggregation.

This patch provides a new Makefile and changes to the sourcecode that allows to use BASP with Linux 2.6.x kernels.

Out of the box, a lot of software isn't able to use chained certificates. Use the appropriate patch to enable certificate chaining.

If you have multiple controllers in your system, and/or using a hacked controller BIOS, the kernel disables your controller with the warning

PDC20276: neither IDE port enabled (BIOS)

This patch disables this for the promise controller PDC20276.

Note: this patch is obsolete, as it has been integrated into kernel 2.6. Enable CONFIG_PDC202XX_FORCE to use it.

FreeS/WAN is the most famous IPSEC software for linux, but I always considered a bit of shitty, as most of the routing stuff is done my extremly dirty shellscripts. I always had some strange bugs with this software, especially on links with dynamic IPs.

One of the oddities of this software is the need for four (4!) tunnels if you simple want to link two servers and the networks behind them. This is a common problem as stated here.

I've written a patch that uses the iproute2 feature to specify the SRC address. That allows to route all packets to a single tunnel. This patch is based on the iproute2 patch of Chad Carr and others, thanks guys!

Please note that this is only a quick hack (again.. :) and does not improve the bad quality of the routing scripts. I don't use this patch anymore, as I don't use FreeS/WAN, but it can be easily ported to newer versions.

Postfix (snapshot 20010808) didn't feature recipient-based-routing. Our company needed this feature, so I wrote a patch to add it. This is obsolete, as it has been added to Postfix 2.0 (?) (it wasn't my patch which was added, somebody must have written a better one :). Here is original patch:

OpenBSD tries the IRQs of the PCMCIA cards in a very strange order. So when detection of already used IRQs fails, some of the most important IRQs get used twice. I have no clue, if this should be addressed with IRQ sharing, or if anyone else had this problem.

On my old DIGITAL laptop, OpenBSD used the IRQ of the harddisk for the PCMCIA-slots, leaving the harddisk unaccessable after inserting a card. :(

This "patch" changes the order of the IRQ probing, but it is that simple you can't really call it a patch.

As vISDN is currently not actively developed, I created a couple of patches that allow to use it with a current kernel:

DevFS has been removed from kernels 2.6.18+. In order to compile vISDN properly, you have to comment the following lines in modules/vgsm/vgsm_main.c:

//  vgsm_tty_driver->devfs_name = "vgsm/";
//  vgsm_tty_driver->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_NO_DEVFS ;
  

They are at line 604 and line 610. vGSM should compile then.