send an "coa" packet from "authorize {}" section

Jorge Pereira jpereiran at gmail.com
Sun Oct 4 21:21:59 CEST 2015


Hi,

    I need to send a COA to another NAS during the section "authorize { }",
below my current approach.

1) I receive the "Access-Request"

Sun Oct  4 18:19:33 2015 : Debug: (0) Received Access-Request Id 227 from
10.1.2.128:42305 to 192.168.56.90:1812 length 46
Sun Oct  4 18:19:33 2015 : Debug: (0)   User-Name = "ca:de:ca:fe:00:01"
Sun Oct  4 18:19:33 2015 : Debug: (0)   Acct-Session-Id = "12345"
Sun Oct  4 18:19:33 2015 : Debug: (0) session-state: No State attribute
Sun Oct  4 18:19:33 2015 : Debug: (0) # Executing section authorize from
file /etc/freeradius/sites-enabled/mcare-nas-portal
Sun Oct  4 18:19:33 2015 : Debug: (0)   authorize {

2) Build a "coa" packet and build to the home-server.

*Sun Oct  4 18:19:33 2015 : Debug: (0)     update coa {*
*Sun Oct  4 18:19:33 2015 : Debug: (0)       &Packet-Type := CoA-Request*
*Sun Oct  4 18:19:33 2015 : Debug: (0)       &Acct-Session-Id := "12345"*
*Sun Oct  4 18:19:33 2015 : Debug: (0)       &Home-Server-Pool :=
coa_pool_wifilabs*
*Sun Oct  4 18:19:33 2015 : Debug: (0)     } # update coa = noop*
Sun Oct  4 18:19:33 2015 : Debug: (0)     modsingle[authorize]: calling
handled (rlm_always) for request 0
Sun Oct  4 18:19:33 2015 : Debug: (0)     modsingle[authorize]: returned
from handled (rlm_always) for request 0
Sun Oct  4 18:19:33 2015 : Debug: (0)     [handled] = handled
Sun Oct  4 18:19:33 2015 : Debug: (0)   } # authorize = handled

3) From this point, I can't figure out about the best way to wait and only
responds after coa feedback.

Sun Oct  4 18:19:33 2015 : Debug: (0) There was no response configured:
rejecting request
Sun Oct  4 18:19:33 2015 : Debug: (0) Using Post-Auth-Type Reject
Sun Oct  4 18:19:33 2015 : Debug: (0) Post-Auth-Type sub-section not
found.  Ignoring.

4) Below the behavior of home-server (mcare-nas-radius-wifilabs)... was
sent with success!

Sun Oct  4 18:19:33 2015 : Debug: (0) # Executing group from file
/etc/freeradius/sites-enabled/mcare-nas-portal
Sun Oct  4 18:19:33 2015 : Debug: (0) server mcare-nas-radius-wifilabs {
Sun Oct  4 18:19:33 2015 : Debug: (0) Empty pre-proxy section in virtual
server "mcare-nas-radius-wifilabs".  Using default return values.
Sun Oct  4 18:19:33 2015 : Debug: (0) }
Sun Oct  4 18:19:33 2015 : Debug: (0) proxy: Trying to allocate ID (0/2)
Sun Oct  4 18:19:33 2015 : Debug: (0) proxy: request is now in proxy hash
Sun Oct  4 18:19:33 2015 : Debug: (0) proxy: allocating destination
10.11.10.22 port 1812 - Id 25
Sun Oct  4 18:19:33 2015 : Debug: (0) session-state: Nothing to cache
*Sun Oct  4 18:19:33 2015 : Debug: (0) Sent CoA-Request Id 25 from
0.0.0.0:57493 <http://0.0.0.0:57493> to 10.11.10.22:1812
<http://10.11.10.22:1812> length 27*
Sun Oct  4 18:19:33 2015 : Debug: (0)   Acct-Session-Id := "12345"
Sun Oct  4 18:19:33 2015 : Debug: (0) Delaying response for 1.000000 seconds
Sun Oct  4 18:19:33 2015 : Debug: Waking up in 0.3 seconds.
Sun Oct  4 18:19:33 2015 : Proxy: (0) Marking home server 10.11.10.22 port
1812 alive
Sun Oct  4 18:19:33 2015 : Debug: (0) Clearing existing &reply: attributes
*Sun Oct  4 18:19:33 2015 : Debug: (0) Received CoA-ACK Id 25
from 10.11.10.221812 to 192.168.56.90:57493 <http://192.168.56.90:57493>
length 75*
Sun Oct  4 18:19:33 2015 : Debug: (0)   Reply-Message = "AAA->NOKIA()
listen::type=coa,port::1812 pack-type=(CoA-Request)"

5) I would like to get the received response from home-server and threat to
reponse Access-Accept (if CoA-ACK) or Access-Reject (if CoA-NAK)

Sun Oct  4 18:19:33 2015 : Debug: (0) server mcare-nas-radius-wifilabs {
Sun Oct  4 18:19:33 2015 : Debug: (0)   # Executing section post-proxy from
file /etc/freeradius/sites-enabled/mcare-nas-radius-wifilabs
Sun Oct  4 18:19:33 2015 : Debug: (0)     post-proxy {
Sun Oct  4 18:19:33 2015 : Debug: (0)       update control {
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Auth-Type := Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Response-Packet-Type :=
Access-Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Packet-Type := Access-Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)       } # update control = noop
Sun Oct  4 18:19:33 2015 : Debug: (0)       update request {
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Auth-Type := Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Response-Packet-Type :=
Access-Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Packet-Type := Access-Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)       } # update request = noop
Sun Oct  4 18:19:33 2015 : Debug: (0)       update proxy-reply {
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Auth-Type := Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Response-Packet-Type :=
Access-Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)         &Packet-Type := Access-Accept
Sun Oct  4 18:19:33 2015 : Debug: (0)       } # update proxy-reply = noop
Sun Oct  4 18:19:33 2015 : Debug: (0)       modsingle[post-proxy]: calling
updated (rlm_always) for request 0
Sun Oct  4 18:19:33 2015 : Debug: (0)       [handled] = handled
Sun Oct  4 18:19:33 2015 : Debug: (0)     } # post-proxy = handled
Sun Oct  4 18:19:33 2015 : Debug: (0) }
Sun Oct  4 18:19:33 2015 : Debug: (0) Cleaning up request packet ID 227
with timestamp +286
Sun Oct  4 18:19:33 2015 : Debug: Waking up in 0.1 seconds.
Sun Oct  4 18:19:33 2015 : Debug: Waking up in 0.6 seconds.

I have tried all lists "request", "proxy-reply" and "control".... but,
don't work!

Sun Oct  4 18:19:34 2015 : Debug: (0) Sending delayed response
Sun Oct  4 18:19:34 2015 : Debug: (0) Sent Access-Reject Id 227 from
192.168.56.90:1812 to 10.1.2.128:42305 length 20
Sun Oct  4 18:19:34 2015 : Debug: Waking up in 3.9 seconds.

Any suggestions are welcome!
--
Jorge Pereira


More information about the Freeradius-Users mailing list