RLM_Perl Question

Arnab Roy arnabroy at mail.com
Tue Feb 7 21:51:34 CET 2017


   Hi Alan,

   I have done exactly that for the sql module and it works fine but not
   for the perl module. I know you havent asked for this but I can only
   see the following variables in radiusd -X

   (0) perl:   $RAD_REQUEST{'User-Name'} = &request:User-Name ->
   'username at domain.com'
   (0) perl:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address ->
   '10.24.1.3'
   (0) perl:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
   (0) perl:   $RAD_REQUEST{'Framed-IP-Address'} =
   &request:Framed-IP-Address -> '10.24.1.17'
   (0) perl:   $RAD_REQUEST{'Called-Station-Id'} =
   &request:Called-Station-Id -> '000B866E18BC'
   (0) perl:   $RAD_REQUEST{'Calling-Station-Id'} =
   &request:Calling-Station-Id -> '98B8E34E1CAF'
   (0) perl:   $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type ->
   'Wireless-802.11'
   (0) perl:   $RAD_REQUEST{'Acct-Status-Type'} =
   &request:Acct-Status-Type -> 'Stop'
   (0) perl:   $RAD_REQUEST{'Acct-Delay-Time'} = &request:Acct-Delay-Time
   -> '0'
   (0) perl:   $RAD_REQUEST{'Acct-Input-Octets'} =
   &request:Acct-Input-Octets -> '4701'
   (0) perl:   $RAD_REQUEST{'Acct-Output-Octets'} =
   &request:Acct-Output-Octets -> '4678'
   (0) perl:   $RAD_REQUEST{'Acct-Session-Id'} = &request:Acct-Session-Id
   -> 'arnab.ro98B8E34E1CAF-589A307E'
   (0) perl:   $RAD_REQUEST{'Acct-Session-Time'} =
   &request:Acct-Session-Time -> '41'
   (0) perl:   $RAD_REQUEST{'Acct-Input-Packets'} =
   &request:Acct-Input-Packets -> '24'
   (0) perl:   $RAD_REQUEST{'Acct-Output-Packets'} =
   &request:Acct-Output-Packets -> '19'
   (0) perl:   $RAD_REQUEST{'Acct-Terminate-Cause'} =
   &request:Acct-Terminate-Cause -> 'NAS-Request'
   (0) perl:   $RAD_REQUEST{'Acct-Multi-Session-Id'} =
   &request:Acct-Multi-Session-Id -> '98B8E34E1CAF-0000000434'
   (0) perl:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp
   -> 'Feb  7 2017 20:40:07 GMT'
   (0) perl:   $RAD_REQUEST{'Aruba-User-Role'} = &request:Aruba-User-Role
   -> 'authenticated'
   (0) perl:   $RAD_REQUEST{'Aruba-User-Vlan'} = &request:Aruba-User-Vlan
   -> '1025'
   (0) perl:   $RAD_REQUEST{'Aruba-Essid-Name'} =
   &request:Aruba-Essid-Name -> 'eduroam'
   (0) perl:   $RAD_REQUEST{'Aruba-Location-Id'} =
   &request:Aruba-Location-Id -> '00:0b:86:8e:b0:35'
   (0) perl:   $RAD_REQUEST{'Aruba-AP-Group'} = &request:Aruba-AP-Group ->
   'default'
   (0) perl:   $RAD_REQUEST{'Aruba-Device-Type'} =
   &request:Aruba-Device-Type -> 'iPad'
   (0) perl:   $RAD_REQUEST{'Stripped-User-Name'} =
   &request:Stripped-User-Name -> 'username'
   (0) perl:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'domain.com'
   (0) perl:   $RAD_REQUEST{'Acct-Unique-Session-Id'} =
   &request:Acct-Unique-Session-Id -> '0fc1fdf003e0982f25a4df81c5efeb4f'
   (0) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'domain.com'
   (0) perl: &request:Acct-Session-Id = $RAD_REQUEST{'Acct-Session-Id'} ->
   'arnab.ro98B8E34E1CAF-589A307E'
   (0) perl: &request:Stripped-User-Name =
   $RAD_REQUEST{'Stripped-User-Name'} -> 'username'
   (0) perl: &request:Aruba-Location-Id =
   $RAD_REQUEST{'Aruba-Location-Id'} -> '00:0b:86:8e:b0:35'
   (0) perl: &request:Acct-Input-Packets =
   $RAD_REQUEST{'Acct-Input-Packets'} -> '24'
   (0) perl: &request:Acct-Delay-Time = $RAD_REQUEST{'Acct-Delay-Time'} ->
   '0'
   (0) perl: &request:Acct-Terminate-Cause =
   $RAD_REQUEST{'Acct-Terminate-Cause'} -> 'NAS-Request'
   (0) perl: &request:Acct-Multi-Session-Id =
   $RAD_REQUEST{'Acct-Multi-Session-Id'} -> '98B8E34E1CAF-0000000434'
   (0) perl: &request:Acct-Status-Type = $RAD_REQUEST{'Acct-Status-Type'}
   -> 'Stop'
   (0) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} ->
   'username at domain.com'
   (0) perl: &request:Aruba-AP-Group = $RAD_REQUEST{'Aruba-AP-Group'} ->
   'default'
   (0) perl: &request:Aruba-User-Vlan = $RAD_REQUEST{'Aruba-User-Vlan'} ->
   '1025'
   (0) perl: &request:Framed-IP-Address =
   $RAD_REQUEST{'Framed-IP-Address'} -> '10.24.1.17'
   (0) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
   (0) perl: &request:Acct-Output-Octets =
   $RAD_REQUEST{'Acct-Output-Octets'} -> '4678'
   (0) perl: &request:Aruba-Device-Type =
   $RAD_REQUEST{'Aruba-Device-Type'} -> 'iPad'
   (0) perl: &request:Aruba-User-Role = $RAD_REQUEST{'Aruba-User-Role'} ->
   'authenticated'
   (0) perl: &request:Calling-Station-Id =
   $RAD_REQUEST{'Calling-Station-Id'} -> '98B8E34E1CAF'
   (0) perl: &request:Acct-Input-Octets =
   $RAD_REQUEST{'Acct-Input-Octets'} -> '4701'
   (0) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
   '10.24.1.3'
   (0) perl: &request:Called-Station-Id =
   $RAD_REQUEST{'Called-Station-Id'} -> '000B866E18BC'
   (0) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} ->
   'Wireless-802.11'
   (0) perl: &request:Acct-Unique-Session-Id =
   $RAD_REQUEST{'Acct-Unique-Session-Id'} ->
   '0fc1fdf003e0982f25a4df81c5efeb4f'
   (0) perl: &request:Acct-Session-Time =
   $RAD_REQUEST{'Acct-Session-Time'} -> '41'
   (0) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} ->
   'Feb  7 2017 20:40:07 GMT'
   (0) perl: &request:Acct-Output-Packets =
   $RAD_REQUEST{'Acct-Output-Packets'} -> '19'
   (0) perl: &request:Aruba-Essid-Name = $RAD_REQUEST{'Aruba-Essid-Name'}
   -> 'eduroam'
   (10) perl:   $RAD_REQUEST{'User-Name'} = &request:User-Name ->
   'username at domain.com'
   (10) perl:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address
   -> '10.24.1.3'
   (10) perl:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
   (10) perl:   $RAD_REQUEST{'Service-Type'} = &request:Service-Type ->
   'Framed-User'
   (10) perl:   $RAD_REQUEST{'Framed-MTU'} = &request:Framed-MTU -> '1100'
   (10) perl:   $RAD_REQUEST{'State'} = &request:State ->
   '0xb4ac9a30b5a680e1e06ae9d02f4b3a06'
   (10) perl:   $RAD_REQUEST{'Called-Station-Id'} =
   &request:Called-Station-Id -> '000B866E18BC'
   (10) perl:   $RAD_REQUEST{'Calling-Station-Id'} =
   &request:Calling-Station-Id -> '98B8E34E1CAF'
   (10) perl:   $RAD_REQUEST{'NAS-Identifier'} = &request:NAS-Identifier
   -> '10.24.1.3'
   (10) perl:   $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type ->
   'Wireless-802.11'
   (10) perl:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp
   -> 'Feb  7 2017 20:40:10 GMT'
   (10) perl:   $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message ->
   '0x020a00061a03'
   (10) perl:   $RAD_REQUEST{'Chargeable-User-Identity'} =
   &request:Chargeable-User-Identity -> '0x00'
   (10) perl:   $RAD_REQUEST{'Aruba-Essid-Name'} =
   &request:Aruba-Essid-Name -> 'eduroam'
   (10) perl:   $RAD_REQUEST{'Aruba-Location-Id'} =
   &request:Aruba-Location-Id -> '00:0b:86:8e:b0:35'
   (10) perl:   $RAD_REQUEST{'Aruba-AP-Group'} = &request:Aruba-AP-Group
   -> 'default'
   (10) perl:   $RAD_REQUEST{'Aruba-Device-Type'} =
   &request:Aruba-Device-Type -> 'iPad'
   (10) perl:   $RAD_REQUEST{'FreeRADIUS-Proxied-To'} =
   &request:FreeRADIUS-Proxied-To -> '127.0.0.1'
   (10) perl:   $RAD_REQUEST{'EAP-Type'} = &request:EAP-Type -> 'MSCHAPv2'
   (10) perl:   $RAD_REQUEST{'Stripped-User-Name'} =
   &request:Stripped-User-Name -> 'username'
   (10) perl:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'domain.com'
   (10) perl:   $RAD_REQUEST{'Cache-Entry-Hits'} =
   &request:Cache-Entry-Hits -> '4'
   (10) perl:   $RAD_REPLY{'EAP-Message'} = &reply:EAP-Message ->
   '0x030a0004'
   (10) perl:   $RAD_REPLY{'Message-Authenticator'} =
   &reply:Message-Authenticator -> '0x00000000000000000000000000000000'
   (10) perl:   $RAD_REPLY{'MS-MPPE-Encryption-Policy'} =
   &reply:MS-MPPE-Encryption-Policy -> 'Encryption-Required'
   (10) perl:   $RAD_REPLY{'MS-MPPE-Encryption-Types'} =
   &reply:MS-MPPE-Encryption-Types -> '4'
   (10) perl:   $RAD_REPLY{'MS-MPPE-Send-Key'} = &reply:MS-MPPE-Send-Key
   -> '0x193e4482d7e6f569e67acf728665e09e'
   (10) perl:   $RAD_REPLY{'MS-MPPE-Recv-Key'} = &reply:MS-MPPE-Recv-Key
   -> '0x81fd648b675807d94834eb58e9adea82'
   (10) perl:   $RAD_REPLY{'Stripped-User-Name'} =
   &reply:Stripped-User-Name -> 'username'
   (10) perl:   $RAD_CHECK{'Auth-Type'} = &control:Auth-Type -> 'eap'
   (10) perl:   $RAD_CHECK{'LDAP-Group'}[0] = &control:LDAP-Group ->
   'CN=ps-security,OU=Groups,OU=asdasd,DC=domain,DC=com'
   (10) perl:   $RAD_CHECK{'LDAP-Group'}[1] = &control:LDAP-Group ->
   'ps-security'
   (10) perl:   $RAD_CHECK{'LDAP-Group'}[2] = &control:LDAP-Group ->
   'CN=Professional Services Team,CN=Users,DC=domain,DC=com'
   (10) perl:   $RAD_CONFIG{'Auth-Type'} = &control:Auth-Type -> 'eap'
   (10) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'domain.com'
   (10) perl: &request:Stripped-User-Name =
   $RAD_REQUEST{'Stripped-User-Name'} -> 'username'
   (10) perl: &request:EAP-Type = $RAD_REQUEST{'EAP-Type'} -> 'MSCHAPv2'
   (10) perl: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} ->
   '10.24.1.3'
   (10) perl: &request:Aruba-Location-Id =
   $RAD_REQUEST{'Aruba-Location-Id'} -> '00:0b:86:8e:b0:35'
   (10) perl: &request:State = $RAD_REQUEST{'State'} ->
   '0xb4ac9a30b5a680e1e06ae9d02f4b3a06'
   (10) perl: &request:EAP-Message = $RAD_REQUEST{'EAP-Message'} ->
   '0x020a00061a03'
   (10) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} ->
   'username at domain.com'
   (10) perl: &request:Aruba-AP-Group = $RAD_REQUEST{'Aruba-AP-Group'} ->
   'default'
   (10) perl: &request:FreeRADIUS-Proxied-To =
   $RAD_REQUEST{'FreeRADIUS-Proxied-To'} -> '127.0.0.1'
   (10) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
   (10) perl: &request:Service-Type = $RAD_REQUEST{'Service-Type'} ->
   'Framed-User'
   (10) perl: &request:Aruba-Device-Type =
   $RAD_REQUEST{'Aruba-Device-Type'} -> 'iPad'
   (10) perl: &request:Calling-Station-Id =
   $RAD_REQUEST{'Calling-Station-Id'} -> '98B8E34E1CAF'
   (10) perl: &request:Cache-Entry-Hits = $RAD_REQUEST{'Cache-Entry-Hits'}
   -> '4'
   (10) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
   '10.24.1.3'
   (10) perl: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1100'
   (10) perl: &request:Called-Station-Id =
   $RAD_REQUEST{'Called-Station-Id'} -> '000B866E18BC'
   (10) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} ->
   'Wireless-802.11'
   (10) perl: &request:Chargeable-User-Identity =
   $RAD_REQUEST{'Chargeable-User-Identity'} -> '0x00'
   (10) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'}
   -> 'Feb  7 2017 20:40:10 GMT'
   (10) perl: &request:Aruba-Essid-Name = $RAD_REQUEST{'Aruba-Essid-Name'}
   -> 'eduroam'
   (10) perl: &reply:Stripped-User-Name = $RAD_REPLY{'Stripped-User-Name'}
   -> 'username'
   (10) perl: &reply:MS-MPPE-Recv-Key = $RAD_REPLY{'MS-MPPE-Recv-Key'} ->
   '0x81fd648b675807d94834eb58e9adea82'
   (10) perl: &reply:Message-Authenticator =
   $RAD_REPLY{'Message-Authenticator'} ->
   '0x00000000000000000000000000000000'
   (10) perl: &reply:MS-MPPE-Encryption-Types =
   $RAD_REPLY{'MS-MPPE-Encryption-Types'} -> '4'
   (10) perl: &reply:MS-MPPE-Encryption-Policy =
   $RAD_REPLY{'MS-MPPE-Encryption-Policy'} -> 'Encryption-Required'
   (10) perl: &reply:EAP-Message = $RAD_REPLY{'EAP-Message'} ->
   '0x030a0004'
   (10) perl: &reply:MS-MPPE-Send-Key = $RAD_REPLY{'MS-MPPE-Send-Key'} ->
   '0x193e4482d7e6f569e67acf728665e09e'
   (10) perl: &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'eap'
   (11) perl:   $RAD_REQUEST{'User-Name'} = &request:User-Name ->
   'username at domain.com'
   (11) perl:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address
   -> '10.24.1.3'
   (11) perl:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
   (11) perl:   $RAD_REQUEST{'Service-Type'} = &request:Service-Type ->
   'Framed-User'
   (11) perl:   $RAD_REQUEST{'Framed-MTU'} = &request:Framed-MTU -> '1100'
   (11) perl:   $RAD_REQUEST{'State'} = &request:State ->
   '0xbc16ac72b51db56b528c5ed1e008d82b'
   (11) perl:   $RAD_REQUEST{'Called-Station-Id'} =
   &request:Called-Station-Id -> '000B866E18BC'
   (11) perl:   $RAD_REQUEST{'Calling-Station-Id'} =
   &request:Calling-Station-Id -> '98B8E34E1CAF'
   (11) perl:   $RAD_REQUEST{'NAS-Identifier'} = &request:NAS-Identifier
   -> '10.24.1.3'
   (11) perl:   $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type ->
   'Wireless-802.11'
   (11) perl:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp
   -> 'Feb  7 2017 20:40:10 GMT'
   (11) perl:   $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message ->
   '0x020b002b190017030100200f78b226c7b9c68967f8bf7df8cf85950812b06d45036a
   f1fac12de1a1bf7ce9'
   (11) perl:   $RAD_REQUEST{'Message-Authenticator'} =
   &request:Message-Authenticator -> '0x99de93553cae0d7d796ac27cf85a2c8a'
   (11) perl:   $RAD_REQUEST{'Chargeable-User-Identity'} =
   &request:Chargeable-User-Identity -> '0x00'
   (11) perl:   $RAD_REQUEST{'Aruba-Essid-Name'} =
   &request:Aruba-Essid-Name -> 'eduroam'
   (11) perl:   $RAD_REQUEST{'Aruba-Location-Id'} =
   &request:Aruba-Location-Id -> '00:0b:86:8e:b0:35'
   (11) perl:   $RAD_REQUEST{'Aruba-AP-Group'} = &request:Aruba-AP-Group
   -> 'default'
   (11) perl:   $RAD_REQUEST{'Aruba-Device-Type'} =
   &request:Aruba-Device-Type -> 'iPad'
   (11) perl:   $RAD_REQUEST{'EAP-Type'} = &request:EAP-Type -> 'PEAP'
   (11) perl:   $RAD_REQUEST{'Stripped-User-Name'} =
   &request:Stripped-User-Name -> 'username'
   (11) perl:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'domain.com'
   (11) perl:   $RAD_REPLY{'EAP-Message'} = &reply:EAP-Message ->
   '0x030b0004'
   (11) perl:   $RAD_REPLY{'Message-Authenticator'} =
   &reply:Message-Authenticator -> '0x00000000000000000000000000000000'
   (11) perl:   $RAD_REPLY{'Aruba-User-Role'} = &reply:Aruba-User-Role ->
   'authenticated'
   (11) perl:   $RAD_REPLY{'MS-MPPE-Send-Key'} = &reply:MS-MPPE-Send-Key
   -> '0x533d4e5a8fb97b8f2ea98818e275718d92a3f883e6ed7d4c032f6a0f46b8d262'
   (11) perl:   $RAD_REPLY{'MS-MPPE-Recv-Key'} = &reply:MS-MPPE-Recv-Key
   -> '0xc8378fcef4a6a611aac47826096e2c4629bc61809e70bdd5b05dd1e631646884'
   (11) perl:   $RAD_REPLY{'Stripped-User-Name'}[0] =
   &reply:Stripped-User-Name -> 'username'
   (11) perl:   $RAD_REPLY{'Stripped-User-Name'}[1] =
   &reply:Stripped-User-Name -> 'username'
   (11) perl:   $RAD_REPLY{'EAP-MSK'} = &reply:EAP-MSK ->
   '0xc8378fcef4a6a611aac47826096e2c4629bc61809e70bdd5b05dd1e631646884533d
   4e5a8fb97b8f2ea98818e275718d92a3f883e6ed7d4c032f6a0f46b8d262'
   (11) perl:   $RAD_REPLY{'EAP-EMSK'} = &reply:EAP-EMSK ->
   '0xd1b0de8b80f4aaac6cbf47a09820373aaef24d2d4b7bfd4d199c28309b717b24e73a
   7472cc19f9565e33a4bfad2d8bab0adc9caf06ede720f5f9a790ea0ee403'
   (11) perl:   $RAD_REPLY{'EAP-Session-Id'} = &reply:EAP-Session-Id ->
   '0x19589a30a9974ada812b304e6f08428eb423346f5a0867ca707276e7b5364677e45e
   6fe25843d1422e6a9a9db0dab1bd89fe49e7b2da4ac260d546cc2398b770bc'
   (11) perl:   $RAD_CHECK{'Auth-Type'} = &control:Auth-Type -> 'eap'
   (11) perl:   $RAD_CONFIG{'Auth-Type'} = &control:Auth-Type -> 'eap'
   (11) perl:   $RAD_STATE{'EAP-Message'} = &session-state:EAP-Message ->
   '0x030a0004'
   (11) perl:   $RAD_STATE{'Message-Authenticator'} =
   &session-state:Message-Authenticator ->
   '0x00000000000000000000000000000000'
   (11) perl:   $RAD_STATE{'Aruba-User-Role'} =
   &session-state:Aruba-User-Role -> 'authenticated'
   (11) perl:   $RAD_STATE{'MS-MPPE-Encryption-Policy'} =
   &session-state:MS-MPPE-Encryption-Policy -> 'Encryption-Required'
   (11) perl:   $RAD_STATE{'MS-MPPE-Encryption-Types'} =
   &session-state:MS-MPPE-Encryption-Types -> '4'
   (11) perl:   $RAD_STATE{'MS-MPPE-Send-Key'} =
   &session-state:MS-MPPE-Send-Key -> '0x193e4482d7e6f569e67acf728665e09e'
   (11) perl:   $RAD_STATE{'MS-MPPE-Recv-Key'} =
   &session-state:MS-MPPE-Recv-Key -> '0x81fd648b675807d94834eb58e9adea82'
   (11) perl:   $RAD_STATE{'Stripped-User-Name'} =
   &session-state:Stripped-User-Name -> 'username'
   (11) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'domain.com'
   (11) perl: &request:Stripped-User-Name =
   $RAD_REQUEST{'Stripped-User-Name'} -> 'username'
   (11) perl: &request:EAP-Type = $RAD_REQUEST{'EAP-Type'} -> 'PEAP'
   (11) perl: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} ->
   '10.24.1.3'
   (11) perl: &request:Aruba-Location-Id =
   $RAD_REQUEST{'Aruba-Location-Id'} -> '00:0b:86:8e:b0:35'
   (11) perl: &request:State = $RAD_REQUEST{'State'} ->
   '0xbc16ac72b51db56b528c5ed1e008d82b'
   (11) perl: &request:EAP-Message = $RAD_REQUEST{'EAP-Message'} ->
   '0x020b002b190017030100200f78b226c7b9c68967f8bf7df8cf85950812b06d45036a
   f1fac12de1a1bf7ce9'
   (11) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} ->
   'username at domain.com'
   (11) perl: &request:Aruba-AP-Group = $RAD_REQUEST{'Aruba-AP-Group'} ->
   'default'
   (11) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
   (11) perl: &request:Service-Type = $RAD_REQUEST{'Service-Type'} ->
   'Framed-User'
   (11) perl: &request:Aruba-Device-Type =
   $RAD_REQUEST{'Aruba-Device-Type'} -> 'iPad'
   (11) perl: &request:Calling-Station-Id =
   $RAD_REQUEST{'Calling-Station-Id'} -> '98B8E34E1CAF'
   (11) perl: &request:Message-Authenticator =
   $RAD_REQUEST{'Message-Authenticator'} ->
   '0x99de93553cae0d7d796ac27cf85a2c8a'
   (11) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
   '10.24.1.3'
   (11) perl: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1100'
   (11) perl: &request:Called-Station-Id =
   $RAD_REQUEST{'Called-Station-Id'} -> '000B866E18BC'
   (11) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} ->
   'Wireless-802.11'
   (11) perl: &request:Chargeable-User-Identity =
   $RAD_REQUEST{'Chargeable-User-Identity'} -> '0x00'
   (11) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'}
   -> 'Feb  7 2017 20:40:10 GMT'
   (11) perl: &request:Aruba-Essid-Name = $RAD_REQUEST{'Aruba-Essid-Name'}
   -> 'eduroam'
   (11) perl: &reply:EAP-MSK = $RAD_REPLY{'EAP-MSK'} ->
   '0xc8378fcef4a6a611aac47826096e2c4629bc61809e70bdd5b05dd1e631646884533d
   4e5a8fb97b8f2ea98818e275718d92a3f883e6ed7d4c032f6a0f46b8d262'
   (11) perl: &reply:Stripped-User-Name +=
   $RAD_REPLY{'Stripped-User-Name'} -> 'username'
   (11) perl: &reply:Stripped-User-Name +=
   $RAD_REPLY{'Stripped-User-Name'} -> 'username'
   (11) perl: &reply:Aruba-User-Role = $RAD_REPLY{'Aruba-User-Role'} ->
   'authenticated'
   (11) perl: &reply:Message-Authenticator =
   $RAD_REPLY{'Message-Authenticator'} ->
   '0x00000000000000000000000000000000'
   (11) perl: &reply:EAP-Session-Id = $RAD_REPLY{'EAP-Session-Id'} ->
   '0x19589a30a9974ada812b304e6f08428eb423346f5a0867ca707276e7b5364677e45e
   6fe25843d1422e6a9a9db0dab1bd89fe49e7b2da4ac260d546cc2398b770bc'
   (11) perl: &reply:EAP-Message = $RAD_REPLY{'EAP-Message'} ->
   '0x030b0004'
   (11) perl: &reply:MS-MPPE-Recv-Key = $RAD_REPLY{'MS-MPPE-Recv-Key'} ->
   '0xc8378fcef4a6a611aac47826096e2c4629bc61809e70bdd5b05dd1e631646884'
   (11) perl: &reply:EAP-EMSK = $RAD_REPLY{'EAP-EMSK'} ->
   '0xd1b0de8b80f4aaac6cbf47a09820373aaef24d2d4b7bfd4d199c28309b717b24e73a
   7472cc19f9565e33a4bfad2d8bab0adc9caf06ede720f5f9a790ea0ee403'
   (11) perl: &reply:MS-MPPE-Send-Key = $RAD_REPLY{'MS-MPPE-Send-Key'} ->
   '0x533d4e5a8fb97b8f2ea98818e275718d92a3f883e6ed7d4c032f6a0f46b8d262'
   (11) perl: &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'eap'
   (11) perl: &session-state:Stripped-User-Name =
   $RAD_STATE{'Stripped-User-Name'} -> 'username'
   (11) perl: &session-state:Aruba-User-Role =
   $RAD_STATE{'Aruba-User-Role'} -> 'authenticated'
   (11) perl: &session-state:Message-Authenticator =
   $RAD_STATE{'Message-Authenticator'} ->
   '0x00000000000000000000000000000000'
   (11) perl: &session-state:MS-MPPE-Encryption-Policy =
   $RAD_STATE{'MS-MPPE-Encryption-Policy'} -> 'Encryption-Required'
   (11) perl: &session-state:EAP-Message = $RAD_STATE{'EAP-Message'} ->
   '0x030a0004'
   (11) perl: &session-state:MS-MPPE-Recv-Key =
   $RAD_STATE{'MS-MPPE-Recv-Key'} -> '0x81fd648b675807d94834eb58e9adea82'
   (11) perl: &session-state:MS-MPPE-Encryption-Types =
   $RAD_STATE{'MS-MPPE-Encryption-Types'} -> '4'
   (11) perl: &session-state:MS-MPPE-Send-Key =
   $RAD_STATE{'MS-MPPE-Send-Key'} -> '0x193e4482d7e6f569e67acf728665e09e'
   (13) perl:   $RAD_REQUEST{'User-Name'} = &request:User-Name ->
   'username at domain.com'
   (13) perl:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address
   -> '10.24.1.3'
   (13) perl:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
   (13) perl:   $RAD_REQUEST{'Framed-IP-Address'} =
   &request:Framed-IP-Address -> '10.24.1.17'
   (13) perl:   $RAD_REQUEST{'Called-Station-Id'} =
   &request:Called-Station-Id -> '000B866E18BC'
   (13) perl:   $RAD_REQUEST{'Calling-Station-Id'} =
   &request:Calling-Station-Id -> '98B8E34E1CAF'
   (13) perl:   $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type ->
   'Wireless-802.11'
   (13) perl:   $RAD_REQUEST{'Acct-Status-Type'} =
   &request:Acct-Status-Type -> 'Start'
   (13) perl:   $RAD_REQUEST{'Acct-Delay-Time'} = &request:Acct-Delay-Time
   -> '0'
   (13) perl:   $RAD_REQUEST{'Acct-Session-Id'} = &request:Acct-Session-Id
   -> 'arnab.ro98B8E34E1CAF-589A30AC'
   (13) perl:   $RAD_REQUEST{'Acct-Authentic'} = &request:Acct-Authentic
   -> 'RADIUS'
   (13) perl:   $RAD_REQUEST{'Acct-Multi-Session-Id'} =
   &request:Acct-Multi-Session-Id -> '98B8E34E1CAF-0000000435'
   (13) perl:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp
   -> 'Feb  7 2017 20:40:12 GMT'
   (13) perl:   $RAD_REQUEST{'Aruba-User-Role'} = &request:Aruba-User-Role
   -> 'authenticated'
   (13) perl:   $RAD_REQUEST{'Aruba-User-Vlan'} = &request:Aruba-User-Vlan
   -> '1025'
   (13) perl:   $RAD_REQUEST{'Aruba-Essid-Name'} =
   &request:Aruba-Essid-Name -> 'eduroam'
   (13) perl:   $RAD_REQUEST{'Aruba-Location-Id'} =
   &request:Aruba-Location-Id -> '00:0b:86:8e:b0:35'
   (13) perl:   $RAD_REQUEST{'Aruba-AP-Group'} = &request:Aruba-AP-Group
   -> 'default'
   (13) perl:   $RAD_REQUEST{'Aruba-Device-Type'} =
   &request:Aruba-Device-Type -> 'iPad'
   (13) perl:   $RAD_REQUEST{'Stripped-User-Name'} =
   &request:Stripped-User-Name -> 'username'
   (13) perl:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'domain.com'
   (13) perl:   $RAD_REQUEST{'Acct-Unique-Session-Id'} =
   &request:Acct-Unique-Session-Id -> 'f758c752f3da5ef3c091e9722939c220'
   (13) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'domain.com'
   (13) perl: &request:Acct-Session-Id = $RAD_REQUEST{'Acct-Session-Id'}
   -> 'arnab.ro98B8E34E1CAF-589A30AC'
   (13) perl: &request:Stripped-User-Name =
   $RAD_REQUEST{'Stripped-User-Name'} -> 'username'
   (13) perl: &request:Aruba-Location-Id =
   $RAD_REQUEST{'Aruba-Location-Id'} -> '00:0b:86:8e:b0:35'
   (13) perl: &request:Acct-Delay-Time = $RAD_REQUEST{'Acct-Delay-Time'}
   -> '0'
   (13) perl: &request:Acct-Authentic = $RAD_REQUEST{'Acct-Authentic'} ->
   'RADIUS'
   (13) perl: &request:Acct-Multi-Session-Id =
   $RAD_REQUEST{'Acct-Multi-Session-Id'} -> '98B8E34E1CAF-0000000435'
   (13) perl: &request:Acct-Status-Type = $RAD_REQUEST{'Acct-Status-Type'}
   -> 'Start'
   (13) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} ->
   'username at domain.com'
   (13) perl: &request:Aruba-AP-Group = $RAD_REQUEST{'Aruba-AP-Group'} ->
   'default'
   (13) perl: &request:Aruba-User-Vlan = $RAD_REQUEST{'Aruba-User-Vlan'}
   -> '1025'
   (13) perl: &request:Framed-IP-Address =
   $RAD_REQUEST{'Framed-IP-Address'} -> '10.24.1.17'
   (13) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
   (13) perl: &request:Aruba-Device-Type =
   $RAD_REQUEST{'Aruba-Device-Type'} -> 'iPad'
   (13) perl: &request:Aruba-User-Role = $RAD_REQUEST{'Aruba-User-Role'}
   -> 'authenticated'
   (13) perl: &request:Calling-Station-Id =
   $RAD_REQUEST{'Calling-Station-Id'} -> '98B8E34E1CAF'
   (13) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
   '10.24.1.3'
   (13) perl: &request:Called-Station-Id =
   $RAD_REQUEST{'Called-Station-Id'} -> '000B866E18BC'
   (13) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} ->
   'Wireless-802.11'
   (13) perl: &request:Acct-Unique-Session-Id =
   $RAD_REQUEST{'Acct-Unique-Session-Id'} ->
   'f758c752f3da5ef3c091e9722939c220'
   (13) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'}
   -> 'Feb  7 2017 20:40:12 GMT'
   (13) perl: &request:Aruba-Essid-Name = $RAD_REQUEST{'Aruba-Essid-Name'}
   -> 'eduroam'

   My config for the inner server post auth looks like this

   post-auth {
           $INCLUDE /etc/raddb/outer-post-auth/
           perl
           sql
           stash
           Post-Auth-Type REJECT {
                   sql
                   stash
                   attr_filter.access_reject
                   remove_reply_message_if_eap
                   update reply {
                   Reply-Message := "Inner EAP Reject"
                   }
           }
   }

   Your help is appreciated.

   Many Thanks
   Arnab
   Sent: Tuesday, February 07, 2017 at 7:34 PM
   From: "Alan DeKok" <aland at deployingradius.com>
   To: "FreeRadius users mailing list"
   <freeradius-users at lists.freeradius.org>
   Subject: Re: RLM_Perl Question
   On Feb 7, 2017, at 12:18 PM, Arnab Roy <arnabroy at mail.com> wrote:
   > I trying to write out if the request was accepted or rejected using
   RLM
   > perl into a json file. I am able to get everything under the sun for
   > the request apart from this simple thing.
   >
   > Looking at how this is done in the sql module it appears its just a
   > simple expansion of %{reply:Packet-Type}, but cant find a way to do
   the
   > same in RLM perl.
   The reply type isn't set until after all of the modules are run.
   You can instead use the post-auth section to do this logging. The main
   post-auth section is for Access-Accept. The "Post-Auth-Type Reject"
   section is for Access-Reject.
   Alan DeKok.
   -
   List info/subscribe/unsubscribe? See
   [1]http://www.freeradius.org/list/users.html

References

   1. http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list