MODULE DEV: Problem adding an attribute to access-accept message
Linux Chips
linux.chips at gmail.com
Wed May 15 14:03:01 CEST 2013
On 05/15/2013 12:28 PM, Ivan Ostres wrote:
>
> service = pairfind(request->packet->vps,
> CISCO_SSG_SERVICE_INFO, VENDOR_CISCO, TAG_ANY);
> if (service != NULL) {
> RDEBUG("Found CISCO_SSG_SERVICE_INFO -> Prepaid billing
> request");
> pairmake_reply("Idle-Timeout",10, T_OP_ADD);
> request->reply->code = PW_AUTHENTICATION_ACK;
> return RLM_MODULE_OK;
> }
>
not sure about "pairmake_reply", i still use the 2.1.x release. what i
normally do is something like
VALUE_PAIR *pair;
pair = radius_paircreate(request, &request->reply->vps,
PW_IDLE-TIMEOUT/*not sure about the spelling*/, PW_TYPE_INTEGER);
pair->vp_integer = 10;
> I can see in a log that this part of code is used:
>
> (0) prepaid : Found CISCO_SSG_SERVICE_INFO -> Prepaid billing request
> (0) [prepaid] = handled
> (0) # Executing section post-auth from file
> /usr/local/etc/raddb/sites-enabled/default
> (0) group post-auth {
> (0) - entering group post-auth {...}
> (0) [exec] = noop
> Sending Access-Accept of id 12 from 0.0.0.0 port 1812 to
> 192.168.123.196 port 49444
> (0) Finished request 0.
>
> but there is no "Idle-Timeout" in outgoing Access-Accept. I cannot
> figure out what am I doing wrong...
>
how can you tell there are no "Idle-Timeout" in the packet? i see you
are using the += operator (T_OP_ADD), you maybe adding a duplicate pair
and your NAS is considering the first one. i suggest you use wireshark
to verify. and consider using the set operator := (T_OP_SET) instead.
> Please help!
>
> BR,
> iostres
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/devel.html
More information about the Freeradius-Devel
mailing list