christian-becker / tac_plus-ng Goto Github PK
View Code? Open in Web Editor NEWRun "tac_plus-ng", a new TACACS+ daemon, on Alpine Linux with Docker.
License: MIT License
Run "tac_plus-ng", a new TACACS+ daemon, on Alpine Linux with Docker.
License: MIT License
followed:
https://www.pro-bono-publico.de/projects/howto-tac_plus-ng-ads.html
and stuck with a basic configuration to test access
`#!/usr/local/sbin/tac_plus-ng
id = spawnd {
listen = { address = 0.0.0.0 port = 4949 }
}
id = tac_plus-ng {
host IPv4only {
address = 0.0.0.0/0
welcome banner = "\n Welcome to TACACS+NG\n\n"
key = <<<>>
}
profile netadmin {
script {
if (service == shell) {
if (cmd == "") {
set priv-lvl = 15
permit
}
}
}
}
group admin
user cisco {
password login = clear cisco
member = admin
}
ruleset {
rule {
script {
if (member == admin) { profile = netadmin permit }
}
}
}
}`
and have Arista setup to hit the server
tacacs-server key 7 <<<omitted>>> tacacs-server host <<<omitted>>> key 7 <<<omitted>>> aaa authentication login default group tacacs+ local aaa authentication enable default group tacacs+ local
I start the service with debugging
tacacs@tacacs01:~/tac_plugng$ tac_plus-ng -f basic.cfg -d 4 21056: 18:13:42.748 0/00000000: - Version 70da485722588c0e17d03261833d1aeef4575976 initialized 21055: 18:13:42.748 0/00000000: - Version 70da485722588c0e17d03261833d1aeef4575976 initialized
however, a pcap shows that the server does a TCP reset immediately upon receiving a packer on port 49
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode listening on ens18, link-type EN10MB (Ethernet), snapshot length 262144 bytes 18:21:16.673625 IP 201-r0102-08-oobds.16.172.in-addr.arpa.48714 > tacacs01.tacacs: Flags [S], seq 2855777150, win 64240, options [mss 1460,sackOK,TS val 3947280169 ecr 0,nop,wscale 7], length 0 18:21:16.673645 IP tacacs01.tacacs > 201-r0102-08-oobds.16.172.in-addr.arpa.48714: Flags [R.], seq 0, ack 2855777151, win 0, length 0 ^C 2 packets captured 2 packets received by filter 0 packets dropped by kernel
and ss shows that 49 is not active
tacacs@tacacs01:~$ ss | grep 49 u_str ESTAB 0 0 /run/systemd/journal/stdout 35150 * 35149 u_str ESTAB 0 0 * 35149 * 35150 u_str ESTAB 0 0 * 47496 * 47495 u_str ESTAB 0 0 * 28690 * 28349 u_str ESTAB 0 0 * 47495 * 47496 u_str ESTAB 0 0 /run/systemd/journal/stdout 28349 * 28690
What would cause the service to not start recieving on port 49?
UFW & iptables are disabled
System information:
tacacs@tacacs01:~$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 22.04.3 LTS Release: 22.04 Codename: jammy
kernel version:
5.15.0-91-generic
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.