Oleksandr Yermolenko wrote:
can I use authenticate, authorize, accounting hooks (or post_auth)? I looked at example.pl.
Then you would know that the perl module can be used in those sections. The "example.pl" has comments saying this.
Just put "perl" in somewhere eap.conf file?
No. You don't just put random text into random files. It helps to understand how the server works. There is a "authorize" section. You can list modules there. This is documented. See raddb/sites-available/default.
authenticate a lot of VPN clients (currently I can choose EAP method), keeping them in mysql or ldap.
The server already has SQL and LDAP modules. You really don't want to re-implement all of them in Perl.
According their properties give a personal access to different local resources. Accounting: updating start/stop/alive messages. POD if it's possible for strongswan.
See raddb/sites-available/originate-coa for how to send disconnect messages. Alan DeKok.