RLM_PERL Simultaneous-Use RLM_MODULE_REJECT

Anatoly S. Zimin anatolyz at team.co.ru
Thu Nov 20 09:52:33 CET 2008


Hello again. =)
I am found workaround! Using post-auth section.
If anybody know how I may do it without post-auth.
Please mail me.

Thanks a lot.


> Hello everybody!
> I am using rlm_perl for checking Simultaneous-Use.
> But this not work... :-(
> FreeRadius 2.1.1
> session {
>         perl
> }
> I see, that module is work. But if I return RLM_MODULE_REJECT the user is not REJECTED!!!
> What I do wrong?
> In debug mode (radiusd -X):
> 
> Found Auth-Type = PAP
> +- entering group PAP {...}
> [pap] login attempt with password "**************"
> [pap] Using CRYPT encryption.
> [pap] User authenticated successfully
> ++[pap] returns ok
> +- entering group session {...}
> Using perl at 0xa6b40
> rlm_perl: RLM_PERL => sub checksimul
> rlm_perl: RAD_REQUEST: NAS-Port-Type = Virtual
> rlm_perl: RAD_REQUEST: Service-Type = Framed-User
> rlm_perl: RAD_REQUEST: Framed-Protocol = PPP
> rlm_perl: RAD_REQUEST: User-Name = s_1295737
> rlm_perl: RAD_REQUEST: User-Password = ****************** 
> rlm_perl: RAD_REQUEST: Realm = DEFAULT
> rlm_perl: RAD_REQUEST: NAS-Port = 0
> rlm_perl: RAD_REQUEST: NAS-IP-Address = 192.168.0.1 
> rlm_perl: RAD_REQUEST: NAS-Port-Id = 0/0/1/500
> rlm_perl: RAD_REPLY: Framed-Protocol = PPP
> rlm_perl: RAD_REPLY: Session-Timeout = 90000
> rlm_perl: RAD_REPLY: Service-Type = Framed-User
> rlm_perl: RAD_CONFIG: Crypt-Password = ***************** 
> rlm_perl: RAD_CONFIG: Simultaneous-Use = 1
> rlm_perl: RAD_CONFIG: Auth-Type = PAP
> rlm_perl: RAD_CHECK: Crypt-Password = **************** 
> rlm_perl: RAD_CHECK: Simultaneous-Use = 1
> rlm_perl: RAD_CHECK: Auth-Type = PAP
> rlm_perl: CHECK: send [s_1295737] to [194.186.47.51:6795] is ok
> rlm_perl: CHECK: Multiple logins (hits 3) (max 1) : [s_1295737] (from client 192.168.0.1 port 0)
> rlm_perl: Added pair NAS-Port-Type = Virtual
> rlm_perl: Added pair Service-Type = Framed-User
> rlm_perl: Added pair Framed-Protocol = PPP
> rlm_perl: Added pair User-Name = s_1295737
> rlm_perl: Added pair User-Password = **************** 
> rlm_perl: Added pair Realm = DEFAULT
> rlm_perl: Added pair NAS-Port = 0
> rlm_perl: Added pair NAS-IP-Address = 192.168.0.1 
> rlm_perl: Added pair NAS-Port-Id = 0/0/1/500
> rlm_perl: Added pair Framed-Protocol = PPP
> rlm_perl: Added pair Session-Timeout = 90000
> rlm_perl: Added pair Service-Type = Framed-User
> rlm_perl: Added pair Crypt-Password = *************** 
> rlm_perl: Added pair Simultaneous-Use = 1
> rlm_perl: Added pair Auth-Type = PAP
> ++[perl] returns reject
> Login OK: [s_1295737] (from client cisco1 port 0)
> 
> Also I attempted:
> RLM_MODULE_REJECT
> RLM_MODULE_FAIL
> RLM_MODULE_HANDLED
> RLM_MODULE_INVALID
> RLM_MODULE_USERLOCK
> 
> and response still "Login OK: [s_1295737] (from client cisco1 port 0)"....
>  
> P.S. authorize section work very good.
> 
> Thanks a lot!
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html



More information about the Freeradius-Devel mailing list