Hi Alan, Thanks for your quick answer. I added the following lines to the "exec" module: exec { wait = yes input_pairs = request program = `${raddbdir}/teste.sh %{username} %i` } The "wait" and "input_pairs" were already there. What do they mean? my raddb/teste.sh script is as follows: #!/bin/bash echo "Username: $1" echo "MAC: $2" exit 0 The debug from radius is as follows: ... Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 8 radius_xlat: '/etc/raddb/teste.sh userx 00-20-xx-xx-xx-xx' Exec-Program: /etc/raddb/teste.sh userx 00-20-xx-xx-xx-xx Exec-Program output: Username: userx MAC: 00-20-xx-xx-xx-xx Exec-Program-Wait: plaintext: Username: userx MAC: 00-20-xx-xx-xx-xx Exec-Program: returned: 0 modcall[post_auth]: module "exec" returns ok for request 18 ... So far so good... It's this the best approach? Are any issues involved with this kind of approach? Thank you for your time Ter, 2007-03-20 às 12:34 +0100, Alan DeKok escreveu:
Nelson Freire do Vale wrote:
- After the authentication and authorization process succeeds I need to pass the authenticated/authorized username and mac address to my firewall system in order to "authenticate" the client in my firewall.
See the "post-auth" section. You can use the "exec" module to run arbitrary scripts once the user has been authenticated.
Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html -- Nelson Vale Test Engineer
Critical Links, S.A. Parque Industrial de Taveiro, Lote 48 3045-504 Coimbra PORTUGAL Tel: +351.239989100 Fax: +351.239989119 Web: www.critical-links.com/ Email: nf-vale@critical-links.com