FreeRADIUS + MySQL + DHCP Opt82
IVB
ivb at is.ua
Mon Apr 2 09:05:15 CEST 2012
Fajar A. Nugraha-2 wrote
>
>
> ... and then on authorize section add something like this (just for check)
>
> if ( (request:User-Name == "00:12:23:56:78:9A") &&
> (control:Agent-Circuit-ID != "%{request:Agent-Circuit-ID}") ) {
> update control {
> Auth-Type := "Reject"
> }
> }
>
> then use debug mode again. It should print out what it recognize
> control:Agent-Circuit-ID (which is from db) and
> request:Agent-Circuit-ID. Then you just need to edit entry on db to
> match what's on the request.
>
Construction shown above don't help me, because there was no output of
control:Agent-Circuit-ID and request:Agent-Circuit-ID.
But I use another construction:
if (request:User-Name == "20:cf:30:e1:e6:29") {
update control {
Auth-Type := "Reject"
}
update reply {
Context-Name := "%{control:Agent-Circuit-ID}
%{request:Agent-Circuit-ID}"
}
}
so in Acces-Reject I can see in Context-Name attribute both request and
control attributes.
And I have bad news. I got following:
Context-Name = "0x 0x000403fc0017"
Request attribute is OK, but control attribute is zero-length string. I
think this is because first byte in string is 0, and Radius treat this as
end-of-string.
I tested this - I try to return attribute with only printable chars, and got
it in Context-Name exactly as it stored in DB.
So I urgently need help - how I can store needed value to adequately
accepted by Radius?
--
View this message in context: http://freeradius.1045715.n5.nabble.com/FreeRADIUS-MySQL-DHCP-Opt82-tp5606148p5611663.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list