strange thing happening with rlm_perl
Pedro Figueiredo
Pedro.Figueiredo at uk.easynet.net
Wed May 23 19:00:20 CEST 2007
hi,
i'm using fr 1.1.2 and perl 5.8.4, and wrote a simple perl script to
return 2 random lns's for a given huntgroup.
$ uname -a
Linux radius1_staging 2.6.8-x4100-1 #1 SMP Wed Jun 7 08:58:42 BST
2006 x86_64 GNU/Linux
this is what i have in "users", right at the top:
#
testuser at domain Huntgroup-Name == testhuntgroup
Framed-Protocol = PPP,
Service-Type = "Dialout-Framed-User"
DEFAULT Auth-Type = Perl
Fall-Through = 1
DEFAULT Huntgroup-Name == othergroup, Suffix == "@foo"
...
#
i have radiusd.conf setup as per http://wiki.freeradius.org/Rlm_perl
and the following group in authorize:
group {
ldap {
fail = return
notfound = return
}
files {
ok = 1
}
perl {
ok =1
}
auth_log
ok = return
}
my perl simply slurps a file with the several lns parameters and
returns 2 randomly chosen ones through %RAD_REPLY:
sub authorize {
# boring file reading and random op...
my ( $ip1, $password1, $pref1 ) = @{ $lns[$lns1] };
$RAD_REPLY{'Tunnel-Server-Endpoint:1'} = $ip1;
$RAD_REPLY{'Tunnel-Type:1'} = "L2TP";
$RAD_REPLY{'Tunnel-Medium-Type:1'} = "IP";
$RAD_REPLY{'Tunnel-Password:1'} = "$password1";
$RAD_REPLY{'Tunnel-Assignment-Id:1'} = "1";
$RAD_REPLY{'Tunnel-Preference:1'} = "$pref1";
my ( $ip2, $password2, $pref2 ) = @{ $lns[$lns2] };
$RAD_REPLY{'Tunnel-Server-Endpoint:2'} = $ip2;
$RAD_REPLY{'Tunnel-Type:2'} = "L2TP";
$RAD_REPLY{'Tunnel-Medium-Type:2'} = "IP";
$RAD_REPLY{'Tunnel-Password:2'} = "$password2";
$RAD_REPLY{'Tunnel-Assignment-Id:2'} = "2";
$RAD_REPLY{'Tunnel-Preference:2'} = "$pref2";
return RLM_MODULE_UPDATED;
}
what i'm seeing in the respose are mixed av pairs, and the connection
fails (i assume because the data for each tunnel is incomplete). here
is what i see in the logs and the response sent:
rlm_perl: Added pair Tunnel-Assignment-Id = 2
rlm_perl: Added pair Tunnel-Medium-Type = IP
rlm_perl: Added pair Tunnel-Type = L2TP
rlm_perl: Added pair Tunnel-Server-Endpoint = x.x.x.x
rlm_perl: Added pair Tunnel-Password = foo
rlm_perl: Added pair Tunnel-Assignment-Id = 1
rlm_perl: Added pair Service-Type = Dialout-Framed-User
rlm_perl: Added pair Tunnel-Medium-Type = IP
rlm_perl: Added pair Tunnel-Server-Endpoint = y.y.y.y
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Tunnel-Type = L2TP
rlm_perl: Added pair Tunnel-Preference = 1
rlm_perl: Added pair Tunnel-Password = bar
rlm_perl: Added pair Tunnel-Preference = 50
here it seems to be ignoring the :1 and :2 for each tunnel. this then
results in the following reply, with values from borh tunnels mixed:
Sending Access-Accept of id 234 to t.t.t.t port 9208
Framed-Protocol = PPP
Service-Type = Dialout-Framed-User
Tunnel-Assignment-Id:2 = "2"
Tunnel-Medium-Type:1 = IP
Tunnel-Type:1 = L2TP
Tunnel-Server-Endpoint:2 = "x.x.x.x"
Tunnel-Password:2 = "foo"
Tunnel-Preference:2 = 1
am i doing something wrong, and if so, what? any help much appreciated.
thanks in advance,
pedro
--
This email and any attachments may be confidential and/or legally privileged. If you have received this e-mail and you are not a named addressee, please inform the sender of this email by sending a return email to the address above and then delete the e-mail and your response from your system. If you are not a named addressee you must not use, disclose, distribute, copy, print or rely on this e-mail. Any views or opinions presented are solely those of the author. Any statements made, or intentions expressed in this communication may not necessarily reflect the view of Easynet. No content herein will bind Easynet or any associated company unless confirmed by the execution of a formal contract by Easynet. Any figures or amounts given in this email are quotations only and are subject to change. Although Easynet routinely screens for viruses, addressees should scan this e-mail and any attachments for viruses. Easynet makes no representation or warranty as to the absence of viruses in this e-mail or any attachments. Please note that to ensure regulatory compliance and for the protection of our customers and business, we may monitor and read e-mails sent to and from our server(s).
Easynet Limited a company incorporated and existing under the laws of England and Wales, with company number 2954343 and having its registered office at 44-46 Whitfield Street London, W1T 2RJ.
More information about the Freeradius-Users
mailing list