SQL statement in radcheck
Ljupco Vangelski
ljupco.vangelski at gmail.com
Mon Sep 15 21:12:31 CEST 2008
Alan DeKok напиша:
> Ljupco Vangelski wrote:
>
>> The question is whether I can use sql in check items at all?
>>
>
> Not like that.
>
>
>> (1) For one attribute (Reply-Message), the runtime variable is converted
>> into it's runtime value, for the other one (Filter-Id) it just returns
>> the text.
>>
>
> The Reply-Message attribute is treated differently, for historical
> reasons. See the debug output for more information.
>
>
>> How can I make freeradius use the sql module and extract (return)
>> information for Filter-Id just like it does for Reply-Message?
>>
>
> Edit the source code to rlm_sql.
>
>
Hi Alan,
Thanks for the reply. Been some debugging and I just can't understand
this: If I use the users file, for example
---------------------------------------------------------------------------------------------------------------
ljupco Auth-Type := Local, User-Password == "ljupco"
Filter-Id = "%{sql:select service from userinfo limit 1;}",
Reply-Message = "%{sql:select service from userinfo limit 1;}"
---------------------------------------------------------------------------------------------------------------
then the everything works great, and the sql function is performed:
---------------------------------------------------------------------------------------------------------------
# radtest ljupco ljupco localhost 523 testing123
Sending Access-Request of id 20 to 127.0.0.1 port 1812
User-Name = "ljupco"
User-Password = "ljupco"
NAS-IP-Address = 255.255.255.255
NAS-Port = 523
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=20, length=32
Filter-Id = "net1"
Reply-Message = "net1"
---------------------------------------------------------------------------------------------------------------
And if i put the same value (%{sql:select service from userinfo limit
1;}) in radreply for the same attributes,
---------------------------------------------------------------------------------------------------------------
UserName......Attribute..........op.........Value
test Framed-Id = %{sql:select service from userinfo limit 1;}
test Reply-Message = %{sql:select service from userinfo limit 1;}
---------------------------------------------------------------------------------------------------------------
the sql function doesn't get executed for the attribute Filter-Id, and
only for Reply-Message. I get the reply:
---------------------------------------------------------------------------------------------------------------
# radtest ljupco ljupco localhost 523 testing123
Sending Access-Request of id 20 to 127.0.0.1 port 1812
User-Name = "ljupco"
User-Password = "ljupco"
NAS-IP-Address = 255.255.255.255
NAS-Port = 523
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=20, length=32
Filter-Id = "%{sql:select service from userinfo limit 1;}"
Reply-Message = "net1"
---------------------------------------------------------------------------------------------------------------
Actually, this is what I need, but I don't want to use the users file
and want to use the radreply table instead. Is this feature different in
later freeradius versions, freeradius2 for example?
Thanks for Your time,
--
Ljupco
More information about the Freeradius-Users
mailing list