sql and xlat in authorize section
Sébastien Barbereau
barbereau at gmail.com
Fri Aug 26 09:10:20 CEST 2011
hi
thought so at the beginning but I did :)
The startup of freeradius shows that the module is loaded (called
local-sql.conf):
...
Thu Aug 25 16:26:48 2011 : Debug: including configuration file
/etc/raddb/modules/files
Thu Aug 25 16:26:48 2011 : Debug: including configuration file
/etc/raddb/modules/policy
Thu Aug 25 16:26:48 2011 : Debug: including configuration file
/etc/raddb/modules/local-sql.conf
Thu Aug 25 16:26:48 2011 : Debug: including configuration file
/etc/raddb/modules/smbpasswd
Thu Aug 25 16:26:48 2011 : Debug: including configuration file
/etc/raddb/eap.conf
Thu Aug 25 16:26:48 2011 : Debug: including configuration file
/etc/raddb/policy.conf
Thu Aug 25 16:26:48 2011 : Debug: including files in directory
/etc/raddb/sites-enabled/
Thu Aug 25 16:26:48 2011 : Debug: including configuration file
/etc/raddb/sites-enabled/default
Thu Aug 25 16:26:48 2011 : Debug: including configuration file
/etc/raddb/sites-enabled/control-socket
Thu Aug 25 16:26:48 2011 : Debug: main {
....
Here is the module:
sql sql_local {
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
login = "radius"
password = "xxxxxxxxxxxxxxxxxxxx"
radius_db = "radius-MAB"
read_groups = no
sqltrace = yes
sqltracefile = ${logdir}/sqltrace.sql
num_sql_socks = 5
connect_failure_retry_delay = 5
lifetime = 0
max_queries = 0
}
Can this be version related? i'm running 2.1.10 ...
On Thu, Aug 25, 2011 at 5:29 PM, Arran Cudbard-Bell <
a.cudbardb at freeradius.org> wrote:
> Means you haven't instantiated your SQL module with the correct instance
> name.
>
> Check that the config block for your SQL is :
>
> sql sql_local {
>
> }
>
> -Arran
>
>
> On 25 Aug 2011, at 16:57, Sébastien Barbereau wrote:
>
> Hi,
> I am trying to do mac authorization as per
> http://wiki.freeradius.org/Mac-Auth#Mac-Auth+authorisation+by+SSID+SQL
> In fact my attempt is much simpler as I just have a very simple table
> containing the mac address of system to accept. My conf looks like that:
>
> authorize {
> ...
> # newer authorized macs
> if("%{sql_local:SELECT COUNT(mac) FROM authorized_macs WHERE mac
> ='%{Calling-Station-ID}'}" > 0){
> update control {
> Auth-Type := Accept
> }
> ok = return
> }
>
> ...
> }
>
> But when doing an authentication attemp I get the following in the debug
> logs :
> ...
> Thu Aug 25 16:52:56 2011 : Info: ++? if (ok) -> FALSE
> Thu Aug 25 16:52:56 2011 : Info: ++? if ("%{sql_local:SELECT COUNT(mac)
> FROM authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0)
> Thu Aug 25 16:52:56 2011 : Info: WARNING: Unknown module "sql_local" in
> string expansion "%"
> Thu Aug 25 16:52:56 2011 : Info: ? Evaluating ("%{sql_local:SELECT
> COUNT(mac) FROM authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0) ->
> FALSE
> Thu Aug 25 16:52:56 2011 : Info: ++? if ("%{sql_local:SELECT COUNT(mac)
> FROM authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0) -> FALSE
> ...
>
> As far as I can understand the documentation this should be working (
> http://wiki.freeradius.org/Rlm_sql#SQL+xlat). Any helpful hand which can
> bring some light to the darkness of my intellect?
>
>
> Cheers,
> seb.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> Arran Cudbard-Bell
> a.cudbardb at freeradius.org
>
> RADIUS - Half the complexity of Diameter
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110826/c94a6559/attachment.html>
More information about the Freeradius-Users
mailing list