Hi,
I see know that it was my fault (obviously it was going to be). I am using sql, and not the users file as the guide (http://wiki.freeradius.org/Rlm_perl) suggests. I added Auth-Type attribute into the table and I know cannot login with the user baduser. So radcheck used to look like this
+------+----------+-----------+----+---------+ | id | username | attribute | op | value | +------+----------+-----------+----+---------+ 8813 | baduser | password | == | baduser +------+----------+-----------+----+---------+
it now looks like this.
+------+----------+-----------+----+---------+ | id | username | attribute | op | value | +------+----------+-----------+----+---------+ | 8813 | baduser | password | == | baduser | | 8814 | baduser | Auth-Type | = | Perl | +------+----------+-----------+----+---------+
using a recent version of FR? if so, change that first line to be | 8813 | baduser | cleartext-password | := | baduser | (as per the docs!) your initial question.....'what is /^baduser/i ?' - its a quick function that checks the User-Name attribute and see if it matches (and begins with) the word 'baduser' (and is case insensitive). its a quick demo to show that things that you can do.... if you were to do this in production, you'd probably have an array of 'bad users' and do a loop function in which you check User-Name against all members of that array (and return a found or not found code back to the routine that fired off the check....eg if (baduser() ){ } etc. alan