From users file to SQL
David Majorel
dm at lagoon.nc
Tue Jun 5 06:05:42 CEST 2007
Hi,
I need to convert my users/group file to rlm_sql, but after reading the wiki,
I can't figure out how to reproduce the flow.
I want to authorize all connections, except if the user exists and the
password is wrong. If the users doesn't exist or is disabled, I set an
unrouteable address to the user. The point is to prevent DSL routers to keep
on trying to connect when they are misconfigured, or customer is suspended.
I use rlm_sql and rlm_sqlippool with a MySQL backend.
The users file I try to convert looks like this :
------
# Default profile for everyone
DEFAULT Pool-Name = "default"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Netmask = 255.255.255.254,
Framed-MTU = 1492,
Framed-Compression = Van-Jacobson-TCP-IP,
Qos-Policy-Metering = DL128,
Qos-Policy-Policing = UL64,
Fall-Through = Yes
# Set group attributes
DEFAULT Group-Name == "SUSPENDED", Auth-Type := Accept, \
Pool-Name := "disabled"
DEFAULT Group-Name == "DSL500", Pool-Name := "dsl500"
Qos-Policy-Metering := DL512,
Qos-Policy-Policing := UL128,
Fall-Through = Yes
[... more groups ...]
# Set user attributes
testuser ClearText-Password := 'test'
Framed-IP-Address := [...],
Framed-Route := [...],
Framed-IP-Netmask := [...],
[... more users ...]
DEFAULT Auth-Type := Accept
------
According to the wiki, rlm_sql process users first, then groups. With this
order, a user could have his IP/routes set even if he is disabled (because he
is not rejected).
As I have about 10000 users, using big users/group files is not really an
option :-)
Maybe I did something wrong, any help would be appreciated.
Thanks,
--
David Majorel
Offratel/Lagoon ISP
More information about the Freeradius-Users
mailing list