On 2010/05/14 10:35 AM, Alan DeKok wrote:
Johan Meiring wrote:
The "dynamic clients' code runs modules before the packet is decoded... but that's only because it doesn't *receive* the packet. So any "raw" access to the packet will return nothing.
What are you doing with the module? I can't for the life of me see why it would be useful in *any* situation.
Its dynamic clients. I use it inside dynamic clients to look up the client via the Nas-Identifier. My clients don't have fixed IPs. The only way to give different Nas's different shared secrets is by doing this. You made a modification to dynamic clients a while ago where you could get hold of the whole packet inside dynamic clients. Dont know if you remember this. You sent a mail to me about it on Wed, 27 May 2009 14:05:31 +0200 ============================SNIP=================================== I've made some changes in revision control that should help you. The "dynamic client" virtual server will now receive the *full* RADIUS packet. Before, it was impossible to look at the contents. You will *still* need to use the "rlm_raw" module to look at the raw packet contents. The contents are *not* decoded into attributes, as happens when receiving normal packets. See http://git.freeradius.org/pre for a tar file that contains the code changes. You will need to add rlm_raw to the build. But after that, something like the following should work: authorize { ... if ("%{raw:NAS-Identifier}" == "foo") { ... } ... } ============================SNIP=================================== It is definately usefull to me! -- Johan Meiring Cape PC Services CC Tel: (021) 883-8271 Fax: (021) 886-7782