MAC-Authentication from Mysql

David Seira davidseira at gmail.com
Tue Nov 23 13:13:09 CET 2010


> The next logical step would be to post *that line* from the file, and
ask "What is wrong about it"?

Yes, but I think it is not possible with SQL XLAT. For that reason, finally,
I try with sql.authorize, as Arran advised me, and I think I've achieved the
solution. The problem was I didn't understand the rlm_mysql module; I didn't
know the authorize function of rlm_mysql.

The solution for my scenario is:

                sql.authorize
                if(notfound){
                        reject
                }
                else{
                        ok
                }

This configuration works for me if the NAS sends username and
Calling-Station-Id. But I don't know if all comercial NAS send these
attributes or only Calling-Station-Id. What do you know about it?

Thanks for all.

Regards,
David

2010/11/23 Alan DeKok <aland at deployingradius.com>

> David Seira wrote:
> > Thanks for your responses.
> >
> > I tried SQL XLAT yesterday but I had the next radiusd -X errors:
> >
> > /usr/local/etc/raddb/sites-enabled/default[598]: Failed to parse "if"
> > subsection.
>
>   The next logical step would be to post *that line* from the file, and
> ask "What is wrong about it"?
>
>  Or, to look at the 2-3 previous error messages above that one, which
> likely tell you *what* is wrong.
>
> > I think it is not possible to that with SQL XLAT.
>
>   Nonsense.
>
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101123/4208a8cd/attachment.html>


More information about the Freeradius-Users mailing list