<div dir="ltr"><div>Hi</div><div><br></div><div>I'm trying to move my freeradius 2.2 configuration to new installed 3.0.1. All seem to work but perl clean up some attributes empty.</div><div><br></div><div>This is my test perl script</div>
<div><div><br></div><div>use strict;</div><div>use warnings;</div><div><br></div><div># use ...</div><div>use Data::Dumper;</div><div>use DBI; # mysql information base</div><div><br></div><div><br></div>
<div># </div><div># Configuration parameters </div><div> </div><div>
use constant {</div><div> DEBUG<span class="" style="white-space:pre"> </span>=> '1',<span class="" style="white-space:pre"> </span># for debuggin</div><div> #</div><div> # database parameters</div><div>
DB_HOSTNAME => '<a href="http://db.example.com">db.example.com</a>', </div><div> DB_NAME => 'radius',</div><div> DB_USER => 'radius', </div><div> DB_PASS => 'secret'</div>
<div>}; </div><div><br></div><div># Bring the global hashes into the package scope</div><div>our (%RAD_REQUEST, %RAD_REPLY, %RAD_CHECK);</div><div><br></div><div>#</div><div># This the remapping of return values</div>
<div>#</div><div>use constant {</div><div><br></div><div><span class="" style="white-space:pre"> </span>RLM_MODULE_REJECT<span class="" style="white-space:pre"> </span>=> 0, # /* immediately reject the request */</div>
<div><span class="" style="white-space:pre"> </span>RLM_MODULE_FAIL<span class="" style="white-space:pre"> </span>=> 1, # /* module failed, don't reply */</div><div><span class="" style="white-space:pre"> </span>RLM_MODULE_OK<span class="" style="white-space:pre"> </span>=> 2, # /* the module is OK, continue */</div>
<div><span class="" style="white-space:pre"> </span>RLM_MODULE_HANDLED<span class="" style="white-space:pre"> </span>=> 3, # /* the module handled the request, so stop. */</div><div><span class="" style="white-space:pre"> </span>RLM_MODULE_INVALID<span class="" style="white-space:pre"> </span>=> 4, # /* the module considers the request invalid. */</div>
<div><span class="" style="white-space:pre"> </span>RLM_MODULE_USERLOCK<span class="" style="white-space:pre"> </span>=> 5, # /* reject the request (user is locked out) */</div><div><span class="" style="white-space:pre"> </span>RLM_MODULE_NOTFOUND<span class="" style="white-space:pre"> </span>=> 6, # /* user not found */</div>
<div><span class="" style="white-space:pre"> </span>RLM_MODULE_NOOP<span class="" style="white-space:pre"> </span>=> 7, # /* module succeeded without doing anything */</div><div><span class="" style="white-space:pre"> </span>RLM_MODULE_UPDATED<span class="" style="white-space:pre"> </span>=> 8, # /* OK (pairs modified) */</div>
<div><span class="" style="white-space:pre"> </span>RLM_MODULE_NUMCODES<span class="" style="white-space:pre"> </span>=> 9, # /* How many return codes there are */</div><div><br></div><div><span class="" style="white-space:pre"> </span># Same as src/include/radiusd.h</div>
<div><span class="" style="white-space:pre"> </span> L_DBG<span class="" style="white-space:pre"> </span>=> 1,</div><div><span class="" style="white-space:pre"> </span> L_AUTH<span class="" style="white-space:pre"> </span>=> 2,</div>
<div><span class="" style="white-space:pre"> </span> L_INFO<span class="" style="white-space:pre"> </span>=> 3,</div><div><span class="" style="white-space:pre"> </span> L_ERR<span class="" style="white-space:pre"> </span>=> 4,</div>
<div><span class="" style="white-space:pre"> </span> L_PROXY<span class="" style="white-space:pre"> </span>=> 5,</div><div><span class="" style="white-space:pre"> </span> L_ACCT<span class="" style="white-space:pre"> </span>=> 6</div>
<div>};</div><div><br></div><div><br></div><div>our $dbh;</div><div><br></div><div># Connecting datebase</div><div>sub CLONE {</div><div> $dbh = DBI->connect("dbi:mysql:dbname=".DB_NAME.";host=".DB_HOSTNAME,DB_USER,DB_PASS,{PrintError => 0})</div>
<div> or &radiusd::radlog(L_DBG, "DEBUG post_auth: DBI error: ".$DBI::errstr); </div><div> if (!defined($dbh)) {</div><div> &err_out;</div><div> &radiusd::radlog(L_ERR, "can't connect to database!"); </div>
<div> $RAD_REPLY {'Reply-Message'} = "Internal server error";</div><div> return RLM_MODULE_FAIL; </div><div> }</div><div>}</div><div><br></div><div>sub authorize {</div>
<div> print Dumper (%RAD_REQUEST);</div><div> return RLM_MODULE_OK;</div><div>}</div></div><div><br></div><div><br></div><div>And the radius -X output</div><div>This one without perl script</div><div><div>Ready to process requests.</div>
<div>rad_recv: Access-Request packet from host 192.168.20.240 port 1812, id=62, length=205</div><div> User-Name = 'test_jur'</div><div> CHAP-Password = 0x01cc75f2ddb427d70</div><div> CHAP-Challenge = 0xea55985e715e3e1f</div>
<div> Service-Type = Framed-User</div><div> Framed-Protocol = PPP</div><div> NAS-Identifier = 'test-se600'</div><div> NAS-Port = 50462720</div><div> NAS-Real-Port = 838860811</div><div> NAS-Port-Type = Virtual</div>
<div> NAS-Port-Id = '3/2 vlan-id 11 pppoe 60'</div><div> Medium-Type = DSL</div><div> Mac-Addr = '00-50-56-84-69-59'</div><div> Platform-Type = SE-600</div><div> OS-Version = '12.1.1.5'</div>
<div>(5) # Executing section authorize from file /usr/local/etc/raddb/sites-available/pppoe</div><div>(5) authorize {</div><div>(5) filter_username filter_username {</div><div>(5) ? if (!User-Name)</div><div>(5) ? if (!User-Name) -> FALSE</div>
<div>(5) ? if (User-Name =~ /([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$/) </div><div>(5) ? if (User-Name =~ /([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$/) -> FALSE</div><div>(5) ? if (User-Name == 'Redback')</div><div>
(5) ? if (User-Name == 'Redback') -> FALSE</div><div>(5) ? if (User-Name =~ / /) </div><div>(5) ? if (User-Name =~ / /) -> FALSE</div><div>(5) ? if (User-Name =~ /@.*@/ ) </div><div>(5) ? if (User-Name =~ /@.*@/ ) -> FALSE</div>
<div>(5) ? if (User-Name =~ /\\.\\./ ) </div><div>(5) ? if (User-Name =~ /\\.\\./ ) -> FALSE</div><div>(5) ? if (User-Name =~ /\\.$/) </div><div>(5) ? if (User-Name =~ /\\.$/) -> FALSE</div><div>(5) ? if (User-Name =~ /@\\./) </div>
<div>(5) ? if (User-Name =~ /@\\./) -> FALSE</div><div>(5) } # filter_username filter_username = notfound</div><div>(5) [preprocess] = ok</div><div>(5) ? if (OS-Version == '12.1.1.5') </div><div>(5) ? if (OS-Version == '12.1.1.5') -> TRUE</div>
<div>(5) if (OS-Version == '12.1.1.5') { ... } # empty sub-section is ignored</div></div><div>.....</div><div><br></div><div>And this one with perl</div><div><div>rad_recv: Access-Request packet from host 192.168.20.240 port 1812, id=60, length=205</div>
<div> User-Name = 'test_jur'</div><div> CHAP-Password = 0x016dbecc2a777</div><div> CHAP-Challenge = 0xec96dfb8b8af</div><div> Service-Type = Framed-User</div><div> Framed-Protocol = PPP</div><div> NAS-Identifier = 'test-se600'</div>
<div> NAS-Port = 50462720</div><div> NAS-Real-Port = 838860811</div><div> NAS-Port-Type = Virtual</div><div> NAS-Port-Id = '3/2 vlan-id 11 pppoe 58'</div><div> Medium-Type = DSL</div><div> Mac-Addr = '00-50-56-84-69-59'</div>
<div> Platform-Type = SE-600</div><div> OS-Version = '12.1.1.5'</div><div>(0) # Executing section authorize from file /usr/local/etc/raddb/sites-available/pppoe</div><div>(0) authorize {</div><div>$VAR1 = 'OS-Version';</div>
<div>$VAR2 = '';</div><div>$VAR3 = 'NAS-Port-Type';</div><div>$VAR4 = 'Virtual';</div><div>$VAR5 = 'NAS-Real-Port';</div><div>$VAR6 = '838860811';</div><div>$VAR7 = 'CHAP-Password';</div>
<div>$VAR8 = '0x016dbecc2a777';</div><div>$VAR9 = 'Service-Type';</div><div>$VAR10 = 'Framed-User';</div><div>$VAR11 = 'Medium-Type';</div><div>$VAR12 = 'DSL';</div><div>$VAR13 = 'Framed-Protocol';</div>
<div>$VAR14 = 'PPP';</div><div>$VAR15 = 'User-Name';</div><div>$VAR16 = '';</div><div>$VAR17 = 'CHAP-Challenge';</div><div>$VAR18 = '0xec96dfb8b8af';</div><div>$VAR19 = 'NAS-Identifier';</div>
<div>$VAR20 = '';</div><div>$VAR21 = 'Platform-Type';</div><div>$VAR22 = 'SE-600';</div><div>$VAR23 = 'NAS-Port';</div><div>$VAR24 = '50462720';</div><div>$VAR25 = 'Mac-Addr';</div>
<div>$VAR26 = '';</div><div>$VAR27 = 'NAS-Port-Id';</div><div>$VAR28 = '';</div><div>rlm_perl: Added pair OS-Version = </div><div>rlm_perl: Added pair NAS-Port-Type = Virtual</div><div>rlm_perl: Added pair NAS-Real-Port = 838860811</div>
<div>rlm_perl: Added pair CHAP-Password = 0x016dbecc2a777</div><div>rlm_perl: Added pair Service-Type = Framed-User</div><div>rlm_perl: Added pair Medium-Type = DSL</div><div>rlm_perl: Added pair Framed-Protocol = PPP</div>
<div>rlm_perl: Added pair User-Name = </div><div>rlm_perl: Added pair CHAP-Challenge = 0xec96dfb8b8af</div><div>rlm_perl: Added pair NAS-Identifier = </div><div>rlm_perl: Added pair Platform-Type = SE-600</div><div>rlm_perl: Added pair NAS-Port = 50462720</div>
<div>rlm_perl: Added pair Mac-Addr = </div><div>rlm_perl: Added pair NAS-Port-Id = </div><div>(0) [perl_pppoe] = ok</div><div>(0) filter_username filter_username {</div><div>(0) ? if (!User-Name)</div><div>(0) ? if (!User-Name) -> FALSE</div>
<div>(0) ? if (User-Name =~ /([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$/) </div><div>(0) ? if (User-Name =~ /([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$/) -> FALSE</div><div>(0) ? if (User-Name == 'Redback')</div><div>
(0) ? if (User-Name == 'Redback') -> FALSE</div><div>(0) ? if (User-Name =~ / /) </div><div>(0) ? if (User-Name =~ / /) -> FALSE</div><div>(0) ? if (User-Name =~ /@.*@/ ) </div><div>(0) ? if (User-Name =~ /@.*@/ ) -> FALSE</div>
<div>(0) ? if (User-Name =~ /\\.\\./ ) </div><div>(0) ? if (User-Name =~ /\\.\\./ ) -> FALSE</div><div>(0) ? if (User-Name =~ /\\.$/) </div><div>(0) ? if (User-Name =~ /\\.$/) -> FALSE</div><div>(0) ? if (User-Name =~ /@\\./) </div>
<div>(0) ? if (User-Name =~ /@\\./) -> FALSE</div><div>(0) } # filter_username filter_username = ok</div><div>(0) [preprocess] = ok</div><div>(0) ? if (OS-Version == '12.1.1.5') </div><div>(0) ? if (OS-Version == '12.1.1.5') -> FALSE</div>
</div><div>....</div><div><br></div><div><br></div><div><div>As you can see in the second -X output perl cleared some attributes:</div><div>OS-Version (which I tested with if statement after perl)</div><div>User-Name</div>
<div>NAS-Identifier</div><div>Mac-Addr</div><div>NAS-Port-Id</div><div><br></div><div>Why is it so? Did I do something wrong or it's a perl bug?</div></div><div><br></div><div>P.S. In 2.2 this perl script work fine.<br>
</div><div><br></div><div><div dir="ltr"><font><i>Regards,</i></font><div><font><i>Alexander.</i></font></div></div></div>
</div>