rlm_exec and retriving RAD_REQUEST attribute values

Matt morris mmorris36 at hotmail.com
Wed Aug 24 22:05:35 CEST 2005 

Hello list,

This has probably been asked a lot times before, but I just couldn't get the 
attributes values from accounting request packets with my perl script. I am 
trying to do some database queries when I received stop accounting request 
packets, here are the relevant sections of my radiusd.conf and script file:

=============
radiusd.conf:
=============

modules {

	exec {
		wait = yes
		input_pairs = request
	}

	exec custom123 {
		wait = no
		program = "/usr/src/myscript.pl %{Acct-Unique-Session-Id} %{User-Name} 
%{Called-Station-Id}"
		input-pairs = request
		output-pairs = reply
		packet-type = Accounting-Request
	}
}

instantiate {

	exec

	custom123

	expr

}

accounting {

	detail
	unix

	radutmp
	sql

	custom123
}

=============================================================
myscript.pl (simplifed the accounting section for the purpose of posting):
=============================================================
#!/usr/bin/perl

use DBI;
use Data::Dumper;
use strict 'vars';

use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
use Data::Dumper;

my %RAD_REQUEST;
my %RAD_REPLY;
my %RAD_CHECK;

use constant    RLM_MODULE_REJECT=>    0;#  /* immediately reject the 
request */
use constant	RLM_MODULE_FAIL=>      1;#  /* module failed, don't reply */
use constant	RLM_MODULE_OK=>        2;#  /* the module is OK, continue */
use constant	RLM_MODULE_HANDLED=>   3;#  /* the module handled the request, 
so stop. */
use constant	RLM_MODULE_INVALID=>   4;#  /* the module considers the request 
invalid. */
use constant	RLM_MODULE_USERLOCK=>  5;#  /* reject the request (user is 
locked out) */
use constant	RLM_MODULE_NOTFOUND=>  6;#  /* user not found */
use constant	RLM_MODULE_NOOP=>      7;#  /* module succeeded without doing 
anything */
use constant	RLM_MODULE_UPDATED=>   8;#  /* OK (pairs modified) */
use constant	RLM_MODULE_NUMCODES=>  9;#  /* How many return codes there are 
*/

	&test_call;

	return RLM_MODULE_OK;
}

sub authorize {
	&test_call;
	return RLM_MODULE_OK;
}

sub authenticate {

	if ($RAD_REQUEST{'User-Name'} =~ /^baduser/i) {
		$RAD_REPLY{'Reply-Message'} = "Denied access by rlm_perl function";
		return RLM_MODULE_REJECT;
	} else {
		$RAD_REPLY{'h323-credit-amount'} = "100";
		return RLM_MODULE_OK;
	}
}

sub preacct {

	return RLM_MODULE_OK;
}

sub accounting {

	if ($RAD_REQUEST{'Acct-Status-Type'} eq "Stop") {

		open(FILEWRITE, "> /downloads/tronsun/testperlfile.log");

		print FILEWRITE "Logging RAD Request Attributes\n";
		print FILEWRITE "Acct-Unique-Session-Id : 
$RAD_REQUEST{'Acct-Unique-Session-Id'}\n";

		close FILEWRITE;

		return RLM_MODULE_OK;
	}

	else {
		return RLM_MODULE_NOOP;
	}

}

sub checksimul {
	return RLM_MODULE_OK;
}

sub xlat {

	my ($filename,$a,$b,$c,$d) = @_;
	&radiusd::radlog(1, "From xlat $filename ");
	&radiusd::radlog(1,"From xlat $a $b $c $d ");
	local *FH;
	open FH, $filename or die "open '$filename' $!";
	local($/) = undef;
	my $sub = <FH>;
	close FH;
	my $eval = qq{ sub handler{ $sub;} };
	eval $eval;
	eval {main->handler;};
}

sub detach {
	&radiusd::radlog(0,"rlm_perl::Detaching. Reloading. Done.");
}

sub log_request_attributes {
	for (keys %RAD_REQUEST) {
		&radiusd::radlog(1, "RAD_REQUEST: $_ = $RAD_REQUEST{$_}");
	}
}

&accounting();

==========================================================================
End myscript.pl
==========================================================================

=============================
My Accounting-Request packet:
=============================

Acct-Session-Id = "1124643784.6"
h323-connect-time = "2005-08-22 01:04:29"
h323-setup-time = "2005-08-22 01:04:25"
Cisco-NAS-Port = "SIP/14002-081332c8"
Called-Station-Id = "18001112345"
Acct-Status-Type = Stop
h323-conf-id = "A46B7F2B-0D73-4E75-ABCF-F6CA7140B9D5 at 192.168.1.101"
NAS-IP-Address = 123.123.123.123
Acct-Session-Time = 67
Calling-Station-Id = "9871234"
h323-disconnect-time = "2005-08-22 01:05:36"
Cisco-AVPair = "codec-type-rate=ulaw;useragent=X-Lite release 1103m;"
User-Name = "9871234"
NAS-Identifier = "Asterisk"
NAS-Port = 5070
Acct-Delay-Time = 4
Client-IP-Address = 127.0.0.1
Acct-Unique-Session-Id = "44e82fcfd875db6f"
Timestamp = 1124643865

======================

After the script is ran in freeradius, there is no value in 
$RAD_REQUEST{'Acct-Status-Type'} and $RAD_REQUEST{'Acct-Unique-Session-Id'}

Right now I'm putting the attributes into the arugments when executing 
myscript.pl (as shown in radiusd.conf), which works fine. But I would like 
to know the proper way. Please point me the right direction. Thank you very 
much.

_________________________________________________________________
MSN® Calendar keeps you organized and takes the effort out of scheduling 
get-togethers. 
http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines 
  Start enjoying all the benefits of MSN® Premium right now and get the 
first two months FREE*.

More information about the Freeradius-Users mailing list