Yes, I have, and am.Jason Antman wrote:I'm running FreeRADIUS 2.1.7 on CentOS 5, and trying to configure MAC Auth Bypass. I got everything functioning correctly using the Mac-Auth Wiki page as a guide, including placement of the actual CSID authentication code in the post-auth section. However, I just enabled SQL in the post-auth section, and everything is getting logged to SQL with reply Access-Accept, even if it matched the "reject" statement.I don't see how that is possible. Are you sure you know what it's doing? Have you run the server in debugging mode?
See above.It seems to me that it's pretty logical that post-auth would be entered with Auth-Type == Access-Accept, the SQL log would happen, and *then* the "reject" statement would get executedThat makes no sense. "If it's accept, it runs reject" ?
Why is the authorize statement in the post-auth { } section? That seems to be the cause of these problems.... What I don't understand is why I shouldn't move the actual authentication (authorized_macs.authorize) to the auth { } section, or else how I go about logging rejected requests.I have no idea what that means.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html