<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/4.4.4">
</HEAD>
<BODY>
Hello,<BR>
<BR>
I'm unable to sort out this problem.<BR>
Googling didn't help and i've not been able to find a satisfying answer on the official documentation.<BR>
<BR>
I would like to store my users in MySQL and assign all of them to the same Huntgroup.<BR>
Here's my database:<BR>
<BR>
mysql> SELECT * FROM radcheck;<BR>
+----+----------+--------------------+----+-------+<BR>
| id | username | attribute | op | value |<BR>
+----+----------+--------------------+----+-------+<BR>
| 1 | foo | Cleartext-Password | := | bar |<BR>
+----+----------+--------------------+----+-------+<BR>
1 row in set (0.00 sec)<BR>
<BR>
mysql> SELECT * FROM radusergroup;<BR>
+----------+-----------+----------+<BR>
| username | groupname | priority |<BR>
+----------+-----------+----------+<BR>
| foo | TECNICI | 1 |<BR>
+----------+-----------+----------+<BR>
1 row in set (0.00 sec)<BR>
<BR>
mysql> SELECT * FROM radgroupcheck;<BR>
+----+-----------+----------------+----+----------+<BR>
| id | groupname | attribute | op | value |<BR>
+----+-----------+----------------+----+----------+<BR>
| 1 | TECNICI | Huntgroup-Name | == | APPARATI |<BR>
+----+-----------+----------------+----+----------+<BR>
1 row in set (0.01 sec)<BR>
<BR>
According the to debug below i would expect the user "foo" to be associated to the huntgroup<BR>
APPARATI, and the request to be rejected because of the absence of the proper NAS-IP-Address<BR>
in the said huntgroup.<BR>
<BR>
Here a dump of /etc/freeradius/huntgroups :<BR>
<A HREF="mailto:root@tango">root@tango</A>:~# cat /etc/freeradius/huntgroups | grep APPARATI<BR>
APPARATI NAS-IP-Address =~ 192.0.2.[0-9]<BR>
<BR>
Anyway, as you can see in the log below, the request is accepted and the user is authenticated.<BR>
<BR>
As a side note the request is rejected when i put the user foo in the huntgroup "APPARATI"<BR>
in the radcheck table.<BR>
ie: INSERT INTO radcheck VALUES ( NULL, "foo", "Huntgroup-Name", "==", "APPARATI" )<BR>
<BR>
Can You, please, help?<BR>
<BR>
FreeRADIUS Version 2.1.8, for host i486-pc-linux-gnu, built on Jan 5 2010 at 02:49:11<BR>
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. <BR>
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A <BR>
PARTICULAR PURPOSE. <BR>
You may redistribute copies of FreeRADIUS under the terms of the <BR>
GNU General Public License v2. <BR>
Starting - reading configuration files ...<BR>
including configuration file /etc/freeradius/radiusd.conf<BR>
including configuration file /etc/freeradius/proxy.conf<BR>
including configuration file /etc/freeradius/clients.conf<BR>
including files in directory /etc/freeradius/modules/<BR>
including configuration file /etc/freeradius/modules/always<BR>
including configuration file /etc/freeradius/modules/attr_filter<BR>
including configuration file /etc/freeradius/modules/attr_rewrite<BR>
including configuration file /etc/freeradius/modules/chap<BR>
including configuration file /etc/freeradius/modules/checkval<BR>
including configuration file /etc/freeradius/modules/counter<BR>
including configuration file /etc/freeradius/modules/cui<BR>
including configuration file /etc/freeradius/modules/detail<BR>
including configuration file /etc/freeradius/modules/detail.example.com<BR>
including configuration file /etc/freeradius/modules/detail.log<BR>
including configuration file /etc/freeradius/modules/digest<BR>
including configuration file /etc/freeradius/modules/echo<BR>
including configuration file /etc/freeradius/modules/etc_group<BR>
including configuration file /etc/freeradius/modules/exec<BR>
including configuration file /etc/freeradius/modules/expiration<BR>
including configuration file /etc/freeradius/modules/expr<BR>
including configuration file /etc/freeradius/modules/files<BR>
including configuration file /etc/freeradius/modules/inner-eap<BR>
including configuration file /etc/freeradius/modules/ippool<BR>
including configuration file /etc/freeradius/modules/krb5<BR>
including configuration file /etc/freeradius/modules/ldap<BR>
including configuration file /etc/freeradius/modules/linelog<BR>
including configuration file /etc/freeradius/modules/logintime<BR>
including configuration file /etc/freeradius/modules/mac2ip<BR>
including configuration file /etc/freeradius/modules/mac2vlan<BR>
including configuration file /etc/freeradius/modules/mschap<BR>
including configuration file /etc/freeradius/modules/ntlm_auth<BR>
including configuration file /etc/freeradius/modules/otp<BR>
including configuration file /etc/freeradius/modules/pam<BR>
including configuration file /etc/freeradius/modules/pap<BR>
including configuration file /etc/freeradius/modules/passwd<BR>
including configuration file /etc/freeradius/modules/perl<BR>
including configuration file /etc/freeradius/modules/policy<BR>
including configuration file /etc/freeradius/modules/preprocess<BR>
including configuration file /etc/freeradius/modules/radutmp<BR>
including configuration file /etc/freeradius/modules/realm<BR>
including configuration file /etc/freeradius/modules/smbpasswd<BR>
including configuration file /etc/freeradius/modules/smsotp<BR>
including configuration file /etc/freeradius/modules/sql_log<BR>
including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login<BR>
including configuration file /etc/freeradius/modules/sradutmp<BR>
including configuration file /etc/freeradius/modules/unix<BR>
including configuration file /etc/freeradius/modules/wimax<BR>
including configuration file /etc/freeradius/modules/acct_unique<BR>
including configuration file /etc/freeradius/eap.conf<BR>
including configuration file /etc/freeradius/sql.conf<BR>
including configuration file /etc/freeradius/sql/mysql/dialup.conf<BR>
including configuration file /etc/freeradius/policy.conf<BR>
including files in directory /etc/freeradius/sites-enabled/<BR>
including configuration file /etc/freeradius/sites-enabled/default<BR>
including configuration file /etc/freeradius/sites-enabled/inner-tunnel<BR>
main {<BR>
user = "freerad"<BR>
group = "freerad"<BR>
allow_core_dumps = no<BR>
}<BR>
including dictionary file /etc/freeradius/dictionary<BR>
main {<BR>
prefix = "/usr"<BR>
localstatedir = "/var"<BR>
logdir = "/var/log/freeradius"<BR>
libdir = "/usr/lib/freeradius"<BR>
radacctdir = "/var/log/freeradius/radacct"<BR>
hostname_lookups = no<BR>
max_request_time = 30<BR>
cleanup_delay = 5<BR>
max_requests = 1024<BR>
pidfile = "/var/run/freeradius/freeradius.pid"<BR>
checkrad = "/usr/sbin/checkrad"<BR>
debug_level = 0<BR>
proxy_requests = yes<BR>
log {<BR>
stripped_names = no<BR>
auth = no<BR>
auth_badpass = no<BR>
auth_goodpass = no<BR>
}<BR>
security {<BR>
max_attributes = 200<BR>
reject_delay = 1<BR>
status_server = yes<BR>
}<BR>
}<BR>
radiusd: #### Loading Realms and Home Servers ####<BR>
proxy server {<BR>
retry_delay = 5<BR>
retry_count = 3<BR>
default_fallback = no<BR>
dead_time = 120<BR>
wake_all_if_all_dead = no<BR>
}<BR>
home_server localhost {<BR>
ipaddr = 127.0.0.1<BR>
port = 1812<BR>
type = "auth"<BR>
secret = "testing123"<BR>
response_window = 20<BR>
max_outstanding = 65536<BR>
require_message_authenticator = no<BR>
zombie_period = 40<BR>
status_check = "status-server"<BR>
ping_interval = 30<BR>
check_interval = 30<BR>
num_answers_to_alive = 3<BR>
num_pings_to_alive = 3<BR>
revive_interval = 120<BR>
status_check_timeout = 4<BR>
irt = 2<BR>
mrt = 16<BR>
mrc = 5<BR>
mrd = 30<BR>
}<BR>
home_server_pool my_auth_failover {<BR>
type = fail-over<BR>
home_server = localhost<BR>
}<BR>
realm example.com {<BR>
auth_pool = my_auth_failover<BR>
}<BR>
realm LOCAL {<BR>
}<BR>
radiusd: #### Loading Clients ####<BR>
client localhost {<BR>
ipaddr = 127.0.0.1<BR>
require_message_authenticator = no<BR>
secret = "testing123"<BR>
nastype = "other"<BR>
}<BR>
radiusd: #### Instantiating modules ####<BR>
instantiate {<BR>
Module: Linked to module rlm_exec<BR>
Module: Instantiating exec<BR>
exec {<BR>
wait = no<BR>
input_pairs = "request"<BR>
shell_escape = yes<BR>
}<BR>
Module: Linked to module rlm_expr<BR>
Module: Instantiating expr<BR>
Module: Linked to module rlm_expiration<BR>
Module: Instantiating expiration<BR>
expiration {<BR>
reply-message = "Password Has Expired "<BR>
}<BR>
Module: Linked to module rlm_logintime<BR>
Module: Instantiating logintime<BR>
logintime {<BR>
reply-message = "You are calling outside your allowed timespan "<BR>
minimum-timeout = 60<BR>
}<BR>
}<BR>
radiusd: #### Loading Virtual Servers ####<BR>
server inner-tunnel {<BR>
modules {<BR>
Module: Checking authenticate {...} for more modules to load<BR>
Module: Linked to module rlm_pap<BR>
Module: Instantiating pap<BR>
pap {<BR>
encryption_scheme = "auto"<BR>
auto_header = no<BR>
}<BR>
Module: Linked to module rlm_chap<BR>
Module: Instantiating chap<BR>
Module: Linked to module rlm_mschap<BR>
Module: Instantiating mschap<BR>
mschap {<BR>
use_mppe = yes<BR>
require_encryption = no<BR>
require_strong = no<BR>
with_ntdomain_hack = no<BR>
}<BR>
Module: Linked to module rlm_unix<BR>
Module: Instantiating unix<BR>
unix {<BR>
radwtmp = "/var/log/freeradius/radwtmp"<BR>
}<BR>
Module: Linked to module rlm_eap<BR>
Module: Instantiating eap<BR>
eap {<BR>
default_eap_type = "md5"<BR>
timer_expire = 60<BR>
ignore_unknown_eap_types = no<BR>
cisco_accounting_username_bug = no<BR>
max_sessions = 4096<BR>
}<BR>
Module: Linked to sub-module rlm_eap_md5<BR>
Module: Instantiating eap-md5<BR>
Module: Linked to sub-module rlm_eap_leap<BR>
Module: Instantiating eap-leap<BR>
Module: Linked to sub-module rlm_eap_gtc<BR>
Module: Instantiating eap-gtc<BR>
gtc {<BR>
challenge = "Password: "<BR>
auth_type = "PAP"<BR>
}<BR>
Module: Linked to sub-module rlm_eap_tls<BR>
Module: Instantiating eap-tls<BR>
tls {<BR>
rsa_key_exchange = no<BR>
dh_key_exchange = yes<BR>
rsa_key_length = 512<BR>
dh_key_length = 512<BR>
verify_depth = 0<BR>
pem_file_type = yes<BR>
private_key_file = "/etc/freeradius/certs/server.key"<BR>
certificate_file = "/etc/freeradius/certs/server.pem"<BR>
CA_file = "/etc/freeradius/certs/ca.pem"<BR>
private_key_password = "whatever"<BR>
dh_file = "/etc/freeradius/certs/dh"<BR>
random_file = "/etc/freeradius/certs/random"<BR>
fragment_size = 1024<BR>
include_length = yes<BR>
check_crl = no<BR>
cipher_list = "DEFAULT"<BR>
make_cert_command = "/etc/freeradius/certs/bootstrap"<BR>
cache {<BR>
enable = no<BR>
lifetime = 24<BR>
max_entries = 255<BR>
}<BR>
}<BR>
Module: Linked to sub-module rlm_eap_ttls<BR>
Module: Instantiating eap-ttls<BR>
ttls {<BR>
default_eap_type = "md5"<BR>
copy_request_to_tunnel = no<BR>
use_tunneled_reply = no<BR>
virtual_server = "inner-tunnel"<BR>
include_length = yes<BR>
}<BR>
Module: Linked to sub-module rlm_eap_peap<BR>
Module: Instantiating eap-peap<BR>
peap {<BR>
default_eap_type = "mschapv2"<BR>
copy_request_to_tunnel = no<BR>
use_tunneled_reply = no<BR>
proxy_tunneled_request_as_eap = yes<BR>
virtual_server = "inner-tunnel"<BR>
}<BR>
Module: Linked to sub-module rlm_eap_mschapv2<BR>
Module: Instantiating eap-mschapv2<BR>
mschapv2 {<BR>
with_ntdomain_hack = no<BR>
}<BR>
Module: Checking authorize {...} for more modules to load<BR>
Module: Linked to module rlm_realm<BR>
Module: Instantiating suffix<BR>
realm suffix {<BR>
format = "suffix"<BR>
delimiter = "@"<BR>
ignore_default = no<BR>
ignore_null = no<BR>
}<BR>
Module: Linked to module rlm_files<BR>
Module: Instantiating files<BR>
files {<BR>
usersfile = "/etc/freeradius/users"<BR>
acctusersfile = "/etc/freeradius/acct_users"<BR>
preproxy_usersfile = "/etc/freeradius/preproxy_users"<BR>
compat = "no"<BR>
}<BR>
Module: Checking session {...} for more modules to load<BR>
Module: Linked to module rlm_radutmp<BR>
Module: Instantiating radutmp<BR>
radutmp {<BR>
filename = "/var/log/freeradius/radutmp"<BR>
username = "%{User-Name}"<BR>
case_sensitive = yes<BR>
check_with_nas = yes<BR>
perm = 384<BR>
callerid = yes<BR>
}<BR>
Module: Checking post-proxy {...} for more modules to load<BR>
Module: Checking post-auth {...} for more modules to load<BR>
Module: Linked to module rlm_attr_filter<BR>
Module: Instantiating attr_filter.access_reject<BR>
attr_filter attr_filter.access_reject {<BR>
attrsfile = "/etc/freeradius/attrs.access_reject"<BR>
key = "%{User-Name}"<BR>
}<BR>
} # modules<BR>
} # server<BR>
server {<BR>
modules {<BR>
Module: Checking authenticate {...} for more modules to load<BR>
Module: Checking authorize {...} for more modules to load<BR>
Module: Linked to module rlm_preprocess<BR>
Module: Instantiating preprocess<BR>
preprocess {<BR>
huntgroups = "/etc/freeradius/huntgroups"<BR>
hints = "/etc/freeradius/hints"<BR>
with_ascend_hack = no<BR>
ascend_channels_per_line = 23<BR>
with_ntdomain_hack = no<BR>
with_specialix_jetstream_hack = no<BR>
with_cisco_vsa_hack = no<BR>
with_alvarion_vsa_hack = no<BR>
}<BR>
Module: Linked to module rlm_sql<BR>
Module: Instantiating sql<BR>
sql {<BR>
driver = "rlm_sql_mysql"<BR>
server = "localhost"<BR>
port = ""<BR>
login = "root"<BR>
password = "superpipp0"<BR>
radius_db = "freeradius"<BR>
read_groups = yes<BR>
sqltrace = no<BR>
sqltracefile = "/var/log/freeradius/sqltrace.sql"<BR>
readclients = no<BR>
deletestalesessions = yes<BR>
num_sql_socks = 5<BR>
lifetime = 0<BR>
max_queries = 0<BR>
sql_user_name = "%{User-Name}"<BR>
default_user_profile = "DEFAULT"<BR>
nas_query = "SELECT id, nasname, shortname, type, secret FROM nas"<BR>
authorize_check_query = "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id"<BR>
authorize_reply_query = "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id"<BR>
authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id"<BR>
authorize_group_reply_query = "SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id"<BR>
accounting_onoff_query = " UPDATE radacct SET acctstoptime = '%S', acctsessiontime = unix_timestamp('%S') - unix_timestamp(acctstarttime), acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = %{%{Acct-Delay-Time}:-0} WHERE acctstoptime IS NULL AND nasipaddress = '%{NAS-IP-Address}' AND acctstarttime <= '%S'"<BR>
accounting_update_query = " UPDATE radacct SET framedipaddress = '%{Framed-IP-Address}', acctsessiontime = '%{Acct-Session-Time}', acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'"<BR>
accounting_update_query_alt = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctsessiontime, acctauthentic, connectinfo_start, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, servicetype, framedprotocol, framedipaddress, acctstartdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{%{Acct-Session-Time}:-0} + %{%{Acct-Delay-Time}:-0}) SECOND), '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{X-Ascend-Session-Svr-Key}')"<BR>
accounting_start_query = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}')"<BR>
accounting_start_query_alt = " UPDATE radacct SET acctstarttime = '%S', acctstartdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_start = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'"<BR>
accounting_stop_query = " UPDATE radacct SET acctstoptime = '%S', acctsessiontime = '%{Acct-Session-Time}', acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_stop = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'"<BR>
accounting_stop_query_alt = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{%{Acct-Session-Time}:-0} + %{%{Acct-Delay-Time}:-0}) SECOND), '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{%{Acct-Delay-Time}:-0}')"<BR>
group_membership_query = "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority"<BR>
connect_failure_retry_delay = 60<BR>
simul_count_query = ""<BR>
simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"<BR>
postauth_query = "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')"<BR>
safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"<BR>
}<BR>
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked<BR>
rlm_sql (sql): Attempting to connect to <A HREF="mailto:root@localhost">root@localhost</A>:/freeradius<BR>
rlm_sql (sql): starting 0<BR>
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0<BR>
rlm_sql_mysql: Starting connect to MySQL server for #0<BR>
rlm_sql (sql): Connected new DB handle, #0<BR>
rlm_sql (sql): starting 1<BR>
rlm_sql (sql): Attempting to connect rlm_sql_mysql #1<BR>
rlm_sql_mysql: Starting connect to MySQL server for #1<BR>
rlm_sql (sql): Connected new DB handle, #1<BR>
rlm_sql (sql): starting 2<BR>
rlm_sql (sql): Attempting to connect rlm_sql_mysql #2<BR>
rlm_sql_mysql: Starting connect to MySQL server for #2<BR>
rlm_sql (sql): Connected new DB handle, #2<BR>
rlm_sql (sql): starting 3<BR>
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3<BR>
rlm_sql_mysql: Starting connect to MySQL server for #3<BR>
rlm_sql (sql): Connected new DB handle, #3<BR>
rlm_sql (sql): starting 4<BR>
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4<BR>
rlm_sql_mysql: Starting connect to MySQL server for #4<BR>
rlm_sql (sql): Connected new DB handle, #4<BR>
Module: Checking preacct {...} for more modules to load<BR>
Module: Linked to module rlm_acct_unique<BR>
Module: Instantiating acct_unique<BR>
acct_unique {<BR>
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"<BR>
}<BR>
Module: Checking accounting {...} for more modules to load<BR>
Module: Linked to module rlm_detail<BR>
Module: Instantiating detail<BR>
detail {<BR>
detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<BR>
header = "%t"<BR>
detailperm = 384<BR>
dirperm = 493<BR>
locking = no<BR>
log_packet_header = no<BR>
}<BR>
Module: Instantiating attr_filter.accounting_response<BR>
attr_filter attr_filter.accounting_response {<BR>
attrsfile = "/etc/freeradius/attrs.accounting_response"<BR>
key = "%{User-Name}"<BR>
}<BR>
Module: Checking session {...} for more modules to load<BR>
Module: Checking post-proxy {...} for more modules to load<BR>
Module: Checking post-auth {...} for more modules to load<BR>
} # modules<BR>
} # server<BR>
radiusd: #### Opening IP addresses and Ports ####<BR>
listen {<BR>
type = "auth"<BR>
ipaddr = *<BR>
port = 0<BR>
}<BR>
listen {<BR>
type = "acct"<BR>
ipaddr = *<BR>
port = 0<BR>
}<BR>
Listening on authentication address * port 1812<BR>
Listening on accounting address * port 1813<BR>
Listening on proxy address * port 1814<BR>
Ready to process requests.<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
rad_recv: Access-Request packet from host 127.0.0.1 port 53653, id=63, length=55<BR>
User-Name = "foo"<BR>
User-Password = "bar"<BR>
NAS-IP-Address = 127.0.1.1<BR>
NAS-Port = 1<BR>
+- entering group authorize {...}<BR>
[preprocess] expand: %{NAS-IP-Address} -> 127.0.1.1<BR>
[preprocess] expand: %{NAS-IP-Address} -> 127.0.1.1<BR>
[preprocess] expand: %{NAS-IP-Address} -> 127.0.1.1<BR>
[preprocess] expand: %{NAS-IP-Address} -> 127.0.1.1<BR>
[preprocess] expand: %{NAS-IP-Address} -> 127.0.1.1<BR>
[preprocess] expand: %{NAS-IP-Address} -> 127.0.1.1<BR>
[preprocess] expand: %{NAS-IP-Address} -> 127.0.1.1<BR>
++[preprocess] returns ok<BR>
++[chap] returns noop<BR>
++[mschap] returns noop<BR>
[suffix] No '@' in User-Name = "foo", looking up realm NULL<BR>
[suffix] No such realm "NULL"<BR>
++[suffix] returns noop<BR>
[eap] No EAP-Message, not doing EAP<BR>
++[eap] returns noop<BR>
++[unix] returns notfound<BR>
++[files] returns noop<BR>
[sql] expand: %{User-Name} -> foo<BR>
[sql] sql_set_user escaped user --> 'foo'<BR>
rlm_sql (sql): Reserving sql socket id: 4<BR>
[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'foo' ORDER BY id<BR>
[sql] User found in radcheck table<BR>
[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'foo' ORDER BY id<BR>
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'foo' ORDER BY priority<BR>
[sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'TECNICI' ORDER BY id<BR>
[sql] Checking profile DEFAULT<BR>
[sql] sql_set_user escaped user --> 'DEFAULT'<BR>
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'DEFAULT' ORDER BY priority<BR>
rlm_sql (sql): Released sql socket id: 4<BR>
++[sql] returns ok<BR>
++[expiration] returns noop<BR>
++[logintime] returns noop<BR>
++[pap] returns updated<BR>
Found Auth-Type = PAP<BR>
+- entering group PAP {...}<BR>
[pap] login attempt with password "bar"<BR>
[pap] Using clear text password "bar"<BR>
[pap] User authenticated successfully<BR>
++[pap] returns ok<BR>
+- entering group post-auth {...}<BR>
++[exec] returns noop<BR>
Sending Access-Accept of id 63 to 127.0.0.1 port 53653<BR>
Finished request 0.<BR>
Going to the next request<BR>
Waking up in 4.9 seconds.<BR>
<BR>
</BODY>
</HTML>