Arran Cudbard-Bell wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

chap {
	reject = 1
}



  
I try search about unlang and write it to accept user even though wrong
password and chap reject.
i need to set wrong password user to ip group and then redirect them to
html explain about the problem.



i try this unlang in chap


authenticate {
        # 
        #  PAP authentication, when a back-end database listed
        #  in the 'authorize' section supplies a password.  The
        #  password can be clear-text, or encrypted.
        Auth-Type PAP {
                pap
        }

        #
        #  Most people want CHAP authentication
        #  A back-end database listed in the 'authorize' section
        #  MUST supply a CLEAR TEXT password.  Encrypted passwords
        #  won't work.
        Auth-Type CHAP {
                chap


if (reject) {

                       update reply {

                               Framed-IP-Address = "13.0.0.0+"
                               Framed-IP-Netmask = "255.255.255.0"

                        }

                        update control {
                              Auth-Type := "Accept"
            
                        }
                }

}


and it 's not work...

Could any one point me how to solve this?
Or what i should change on      if (reject) {  
Or What section should it put this unlang.

Or give me some unlang scripts.


Thank you in advance.



-- 
http://www.EasyHorpak.com - �หล�����หาหอ�ั�,อ�าร�ทเม�ท�,�ม��ั��,�อ��ด,�ร��รม
http://www.EasyZoneCorp.net - �อ��วร��ัด�าร internet �ุณ�า�สู� Hotpsot �ละ
PPPoE ,Anti NetCut, Mac spoof
http://www.thai-school.net - เว����ต��ร�เรีย�,ศิษย�เ��า สำเร��รู�
EasyZone SuperLink <http://www.easyhorpak.com/superlink> - �ล�หมื��ลิ���ื���
ลิ��เดียว



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
    

- -- 
Arran Cudbard-Bell <A.Cudbard-Bell@sussex.ac.uk>,
Systems Administrator (AAA),
Infrastructure Services (IT Services),
E1-1-08, Engineering 1, University Of Sussex, Brighton, BN1 9QT
DDI+FAX: +44 1273 873900 | INT: 3900
GPG: 86FF A285 1AA1 EE40 D228 7C2E 71A9 25BB 1E68 54A2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkspH74ACgkQcaklux5oVKLE+gCePfzCo4HQSXidGjotxSMS42ic
8IUAmwVLU44TbE/Ezz3FiS84vrarFwEF
=acnc
-----END PGP SIGNATURE-----

  
Thank you Arran Cudbard-Bell.

with your short reply i try this.

authenticate {
??????? #
??????? #? PAP authentication, when a back-end database listed
??????? #? in the 'authorize' section supplies a password.? The
??????? #? password can be clear-text, or encrypted.
??????? Auth-Type PAP {
??????????????? pap
??????? }

??????? #
??????? #? Most people want CHAP authentication
??????? #? A back-end database listed in the 'authorize' section
??????? #? MUST supply a CLEAR TEXT password.? Encrypted passwords
??????? #? won't work.
??????? Auth-Type CHAP {
??????????????? chap {
reject = 1
}

if (reject) {

?????????????????????? update reply {

?????????????????????????????? Framed-IP-Address = "13.0.0.0+"
?????????????????????????????? Framed-IP-Netmask = "255.255.255.0"

??????????????????????? }

??????????????????????? update control {
????????????????????????????? Auth-Type := "Accept"

??????????????????????? }
ok
??????????????? }



??????? }



it works? now !! GREAT !!

bad password user can accept and get ip 13.0.0.0+
good user? can accept and get ip 192.168.99.1+

and then i create iptables to redirect bad password to html to explain what happen.


I spent many night with panda eyes to find this unlang. now it resolved.

Thank you so much Arran Cudbard-Bell . You are Great!!.


--
http://www.EasyHorpak.com - áËÅ觤é¹ËÒË;ѡ,;ÒÃì·àÁ¹·ì,áÁ¹ªÑè¹,¤Í¹â´,âçáÃÁ
http://www.EasyZoneCorp.net - «Í¿áÇÃì¨Ñ´¡Òà internet ¤Ø³ÀÒ¾ÊÙ§ Hotpsot áÅÐ PPPoE ,Anti NetCut, Mac spoof
http://www.thai-school.net - àÇçºä«µìâçàÃÕ¹,ÈÔÉÂìà¡èÒ ÊÓàÃç¨ÃÙ»
EasyZone SuperLink - áÅ¡ËÁ×è¹ÅÔ駤×㹤ÅÔê¡à´ÕÂÇ