Multiple instances of the exec module

Les Brinkworth lbrinkworth at qkon.com
Fri Oct 13 12:28:52 CEST 2006 

Hi K

Thanks for the reply.  My apologies for including the code and trace.  I
have done so below.  The error I think is more serious as the server
fails to load.  I am obviously understanding the "define" incorrectly.
How does one define two instances of exec with different names that can
be called from other sections?


Code snippet from Modules section of radiusd.conf...

	exec {
		wait = yes
		program = "handlebillingrequests.exe ACCR:%Z"
		input_pairs = request
		output_pairs = reply
		packet_type = Accounting-Request
	}

...This executes for an accounting request

If I then add the same code to the authorize section...

	exec {
		wait = yes
		program = "handlebillingrequests.exe AUTR:%Z"
		input_pairs = request
		output_pairs = reply
		packet_type = Access-Request
	}

...it results in the following when I run debug


C:\Documents and Settings\lbrinkworth>Cd \Program
Files\FreeRADIUS.net-1.1.1-r0.0.1

C:\Program Files\FreeRADIUS.net-1.1.1-r0.0.1>start_radiusd_debug.bat
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: ../etc/raddb/proxy.conf
Config:   including file: ../etc/raddb/clients.conf
Config:   including file: ../etc/raddb/snmp.conf
Config:   including file: ../etc/raddb/eap.conf
Config:   including file: ../etc/raddb/mssql.conf
 main: prefix = ".."
 main: localstatedir = "../var"
 main: logdir = "../var/log/radius"
 main: libdir = "../lib"
 main: radacctdir = "../var/log/radius/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = yes
 main: log_file = "../var/log/radius/radius.log"
 main: log_auth = yes
 main: log_auth_badpass = yes
 main: log_auth_goodpass = yes
 main: pidfile = "../var/run/radiusd/radiusd.pid"
 main: user = "(null)"
 main: group = "(null)"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "../bin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = yes
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is ../lib
Module: Loaded exec
 exec: wait = yes
 exec: program = "handlebillingrequests.exe ACCR:%Z"
 exec: input_pairs = "request"
 exec: output_pairs = "reply"
 exec: packet_type = "Accounting-Request"
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
 pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: with_ntdomain_hack = no
 mschap: passwd = "(null)"
 mschap: authtype = "MS-CHAP"
 mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "../var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = "tls"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 gtc: challenge = "Password: "
 gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
 tls: rsa_key_exchange = no
 tls: dh_key_exchange = yes
 tls: rsa_key_length = 512
 tls: dh_key_length = 512
 tls: verify_depth = 0
 tls: CA_path = "(null)"
 tls: pem_file_type = yes
 tls: private_key_file =
"../etc/raddb/certs/FreeRADIUS.net/DemoCerts/FreeRADIUS.net-Server.pem"
 tls: certificate_file =
"../etc/raddb/certs/FreeRADIUS.net/DemoCerts/FreeRADIUS.net-Server.crt"
 tls: CA_file =
"../etc/raddb/certs/FreeRADIUS.net/DemoCerts/FreeRADIUS.net-CA.crt"
 tls: private_key_password = "demo"
 tls: dh_file = "../etc/raddb/certs/FreeRADIUS.net/DemoCerts/dh"
 tls: random_file = "../etc/raddb/certs/FreeRADIUS.net/DemoCerts/random"
 tls: fragment_size = 1024
 tls: include_length = yes
 tls: check_crl = no
 tls: check_cert_cn = "%{User-Name}"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
 ttls: default_eap_type = "md5"
 ttls: copy_request_to_tunnel = no
 ttls: use_tunneled_reply = yes
rlm_eap: Loaded and initialized type ttls
 peap: default_eap_type = "mschapv2"
 peap: copy_request_to_tunnel = no
 peap: use_tunneled_reply = no
 peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
 mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = "../etc/raddb/huntgroups"
 preprocess: hints = "../etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = yes
Module: Instantiated preprocess (preprocess)
radiusd.conf[1527] Unknown module rcode 'wait'.
radiusd.conf[1513] Failed to parse authorize section.

C:\Program Files\FreeRADIUS.net-1.1.1-r0.0.1\bin>

Thanks

Les

-----Original Message-----
From: freeradius-users-bounces+lbrinkworth=qkon.com at lists.freeradius.org
[mailto:freeradius-users-bounces+lbrinkworth=qkon.com at lists.freeradius.o
rg] On Behalf Of K. Hoercher
Sent: 13 October 2006 11:21 AM
To: FreeRadius users mailing list
Subject: Re: Multiple instances of the exec module

On 10/13/06, Les Brinkworth <lbrinkworth at qkon.com> wrote:
> I am lost as to where or maybe how this definition is done.  If I 
> duplicate the exec module in the actual section, RadiusD complains 
> about 'wait' not being defined.

Just a guess (as you didn't provide any output):
The error (more of a warning) is something like "...Wait=yes but no
output defined..."?
So check for the subsequent comment in the definition of an exec
instance called "echo". Which should also serve as an example how to
define different instances, which would then be called in the "actual
section" by their name.

regards
K. Hoercher
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list