Hi I've noticed this comment in the cvs log (for rlm_perl.c): Over-write existing vp's with new ones. This means that the Perl module works more like the other modules, which have absolute power over the VP's, and less like the "users" file, which updates the VP's via operators, etc So I've compiled the source and gave it a try, but it behaved exactly as the stable version - didn't replace nor removed any attributes. Is this supposed to work? I tested the pre and post proxy methods: rad_recv: Access-Request packet from host 127.0.0.1 port 32785, id=96, length=62 User-Password = "test" User-Name = "test" Service-Type = Framed-User Framed-Protocol = PPP NAS-IP-Address = a.b.c.d Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" perl_pool: item 0x82013e0 asigned new request. Handled so far: 1 found interpetator at address 0x82013e0 rlm_perl: Added pair Framed-Protocol = PPP rlm_perl: Added pair User-Name = test rlm_perl: Added pair User-Password = test rlm_perl: Added pair Service-Type = Framed-User rlm_perl: Added pair NAS-IP-Address = a.b.c.d rlm_perl: Added pair Proxy-To-Realm = quik rlm_perl: Added pair Stripped-User-Name = test perl_pool total/active/spare [32/0/32] Unreserve perl at address 0x82013e0 modcall: group authorize returns ok for request 0 Processing the pre-proxy section of radiusd.conf modcall: entering group pre-proxy for request 0 perl_pool: item 0x840f4e0 asigned new request. Handled so far: 1 found interpetator at address 0x840f4e0 rlm_perl: entering pre-proxy rlm_perl: Added pair Framed-Protocol = PPP rlm_perl: Added pair User-Name = testuser rlm_perl: Added pair User-Password = test rlm_perl: Added pair Service-Type = Framed-User rlm_perl: Added pair Realm = quik rlm_perl: Added pair NAS-IP-Address = a.b.c.d rlm_perl: Added pair Stripped-User-Name = test rlm_perl: Added pair Proxy-To-Realm = quik rlm_perl: Added pair Framed-Protocol = PPP rlm_perl: Added pair User-Name = test rlm_perl: Added pair User-Password = test rlm_perl: Added pair Proxy-State = 0x3936 rlm_perl: Added pair Service-Type = Framed-User rlm_perl: Added pair Realm = quik rlm_perl: Added pair NAS-IP-Address = a.b.c.d perl_pool total/active/spare [32/0/32] Unreserve perl at address 0x840f4e0 modcall: group pre-proxy returns updated for request 0 Sending Access-Request of id 197 to x.y.z.103 port 1812 Framed-Protocol = PPP User-Name = "test" User-Password = "test" Proxy-State = 0x3936 Service-Type = Framed-User NAS-IP-Address = a.b.c.d --- Walking the entire request list --- Waking up in 1 seconds... rad_recv: Access-Accept packet from host x.y.z.103 port 1812, id=197, length=30 Framed-IP-Address = 192.168.1.65 Proxy-State = 0x3936 Processing the post-proxy section of radiusd.conf modcall: entering group post-proxy for request 0 perl_pool: item 0x85f6b88 asigned new request. Handled so far: 1 found interpetator at address 0x85f6b88 rlm_perl: entering post-proxy rlm_perl: Added pair Framed-Protocol = PPP rlm_perl: Added pair User-Name = testuser rlm_perl: Added pair User-Password = test rlm_perl: Added pair Service-Type = Framed-User rlm_perl: Added pair Realm = quik rlm_perl: Added pair NAS-IP-Address = a.b.c.d rlm_perl: Added pair Framed-IP-Address = 10.10.1.1 rlm_perl: Added pair Proxy-To-Realm = quik rlm_perl: Added pair Stripped-User-Name = test rlm_perl: Added pair Framed-Protocol = PPP rlm_perl: Added pair User-Name = test rlm_perl: Added pair User-Password = test rlm_perl: Added pair Service-Type = Framed-User rlm_perl: Added pair Proxy-State = 0x3936 rlm_perl: Added pair Realm = quik rlm_perl: Added pair NAS-IP-Address = a.b.c.d rlm_perl: Added pair Proxy-State = 0x3936 rlm_perl: Added pair Framed-IP-Address = 192.168.1.65 perl_pool total/active/spare [32/0/32] Unreserve perl at address 0x85f6b88 modcall: group post-proxy returns updated for request 0 authorize: Skipping authorize in post-proxy stage rad_check_password: Found Auth-Type rad_check_password: Auth-Type = Accept, accepting the user Sending Access-Accept of id 96 to 127.0.0.1 port 32785 Framed-IP-Address = 10.10.1.1 Framed-IP-Address = 192.168.1.65 Finished request 0 Going to the next request Waking up in 1 seconds... It looks like the content of the original hashes is still being kept. perl code: #add attributes to the request sub sanitise { my ($login,$realm) = split(/\@/, $RAD_REQUEST{'User-Name'}); $RAD_CHECK{'REALM'} = $realm; $RAD_CHECK{'Stripped-User-Name'} = $login; } # Function to handle pre_proxy sub pre_proxy { &radiusd::radlog(1, "entering pre-proxy"); $RAD_REQUEST{'User-Name'} = 'testuser'; return RLM_MODULE_OK; } # Function to handle post_proxy sub post_proxy { &radiusd::radlog(1, "entering post-proxy"); $RAD_REPLY{'Framed-IP-Address'} = '10.10.1.1'; return RLM_MODULE_OK; } # Function to handle authorize sub authorize { #pre-process the packet &sanitise(); if ($RAD_CHECK{'Realm'} == 'adsl.com'){ $RAD_CHECK{'Proxy-To-Realm'} = 'quik'; } return RLM_MODULE_OK; } regards pshemko