Yes, that works well. Many thanks. In fact by changing the logic slightly you can achieve the required functionality fairly easily. e.g. changing the UserID/Password upon radius_request such that corresponding policies can be applied based on the modified UserName. rg. 2008/4/16 Ivan Kalik <tnt@kalik.net>:
No. Use it to bypass chap.
http://www.freeradius.org/radiusd/man/unlang.html
Ivan Kalik Kalik Informatika ISP
Dana 16/4/2008, "rsg" <ranil.santhish@gmail.com> piše:
Could unlang be used check Calling-station-Id for instance, from an SQL backend?
2008/4/10 Ivan Kalik <tnt@kalik.net>:
You use unlang for that. Read man unlang.
Ivan Kalik Kalik Informatika ISP
Dana 10/4/2008, "rsg" <ranil.santhish@gmail.com> piše:
Hi,
After a brief review of the logic, i managed to get it working. My apologies for the trouble and thank you for your time.
rlm_perl related question once again: When performing credential based Auth, how could I simply fall-though to the next check when there isn't a match.
With RAD_REQUEST if Calling-Station-Id is found Password authentication could be bypassed.
If not found how to hand the process into a different module e.g. PAP or CHAP?
Is it possible to achieve this with rlm_perl?
Also could it be possible to go to a deeper level like user credential checking? E.g. to check on a particular user profile and perform IP allocation,etc? And this should come after the Calling-station-id check.
Thanks once again for your valuable thoughts.
rg.
2008/4/10 Ivan Kalik <tnt@kalik.net>:
$myvalue = $RAD_REQUEST{'Calling-Station-Id'}; # Print it or check in some other way
$myquery = "SELECT IF(EXISTS(SELECT callerid FROM auth WHERE callerid='" . $myvalue . "'),'y','n')"; # Now print or check in some other way the query to see if it is joined well
$yourquery = "SELECT IF(EXISTS(SELECT callerid FROM auth WHERE callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')"; # And print or check in some other way this to see why it doesn't work
$status = $db->Mysql::query($myquery);
Ivan Kalik Kalik Informatika ISP
Dana 10/4/2008, "rsg" <ranil.santhish@gmail.com> piše:
Hi,
I attempted setting it to a local variable as well.
Result was the same.
Thanks so much for your suggestions & guidance. It's really appreciated.
On Thu, Apr 10, 2008 at 1:02 PM, <A.L.M.Buxey@lboro.ac.uk> wrote: > Hi, > > > > My next query is when I tried to retrieve the CallerId from a Mysql DB > > using the same perl script with, > > > > --------- > > use Mysql; > > : > > : > > $status = $db->Mysql::query("SELECT IF(EXISTS(SELECT callerid FROM > > auth WHERE callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')"); > > your escape characters are wrong > > $RAD_REQUEST{\'Calling-Station-Id\'} > > personally, i would set the value into a local variable and do some > sanity checking to ensure it'll not screw up the SQL... a nasty > person could do something trivial like set their Calling station id > to "'; drop all from users" :-) > > alan > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html