On Jan 29, 2020, at 2:26 AM, Nilsson, Cristian (Göteborg) <Cristian.Nilsson@eltelnetworks.se> wrote:
While your way definitely seems like the best way I don't think we have that option with extreme wing controllers.
That makes it harder.
Where would I start looking to modify the access-accept/reject function of freeradius?
My idea is to do the normal check and if failed just insert into the database.
Since this is a specialized use-case, I would suggest creating a specialized table in SQL. There's no need to use the default schema, which is complicated. Just create a table of known MACs, and then run SQL queries from unlang: authorize { ... if ("%{sql:SELECT mac FROM table WHERE mac = '%{User-Name}}" != "") { # # Just run an SQL INSERT with some magic unlang so that it runs # update control { Tmp_String-0 := "%{sql:INSERT into table MAC = '%{User-Name}'}" } } ... } You will need to create the table, set the correct permissions, and fix the queries for your SQL server. But that's the basic idea. Alan DeKok.