Hello, Sorry for ask newbie question. I would like to implement sqlippool functionality on FreeRADIUS 2.1.3. I read /usr/local/share/doc/freeradius/rlm_sqlippool there has following note "IP-Pool Attribute (Keep in mind that its a **CHECK** item, not reply)" I didn't understand. which attribute (IP-Pool or Pool-Name) needed for sqlippool? and I also defined sqlippool in accounting { ...} and post-auth {...} directive. But pool didn't work. You can see more detailed below. Thanks for any help. accounting { # # Create a 'detail'ed log of the packets. # Note that accounting requests which are proxied # are also logged in the detail file. detail # daily # Update the wtmp file # # If you don't use "radlast", you can delete this line. #unix # # Log traffic to an SQL database. # # See "Accounting queries" in sql.conf sql *sqlippool* # # For Simultaneous-Use tracking. # # Due to packet losses in the network, the data here # may be incorrect. There is little we can do about it. radutmp # sradutmp # Return an address to the IP Pool when we see a stop record. # main_pool # # Instead of sending the query to the SQL server, # write it into a log file. # # sql_log # Cisco VoIP specific bulk accounting # pgsql-voip # Filter attributes from the accounting response. attr_filter.accounting_response # # See "Autz-Type Status-Server" for how this works. # # Acct-Type Status-Server { # # } } and post-auth { # Get an address from the IP Pool. # main_pool # # If you want to have a log of authentication replies, # un-comment the following line, and the 'detail reply_log' # section, above. # reply_log # # After authenticating the user, do another SQL query. # # See "Authentication Logging Queries" in sql.conf sql * sqlippool* # # Instead of sending the query to the SQL server, # write it into a log file. # # sql_log # # Un-comment the following if you have set # 'edir_account_policy_check = yes' in the ldap module sub-section of # the 'modules' section. # # ldap exec # # Access-Reject packets are sent through the REJECT sub-section of the # post-auth section. # # Add the ldap module name (or instance) if you have set # 'edir_account_policy_check = yes' in the ldap module configuration # Post-Auth-Type REJECT { attr_filter.access_reject } }
participants (1)
-
Tseveendorj