rlm_perl don't support tagged attributes
Igor Belikov
ivb at is.ua
Mon Apr 13 14:08:21 CEST 2009
Hello Freeradius-users,
FreeRADIUS Version 2.1.5
(it was downloaded as 2.1.4, but it writes about itself as 2.1.5)
Portion from "radiusd -X" output
Module: Linked to module rlm_perl
Module: Instantiating erxlogontime
perl erxlogontime {
module = "/usr/local/freeradius-2.1.4/etc/raddb/servicelogintime.pl"
func_authorize = "authorize"
func_authenticate = "authenticate"
func_accounting = "accounting"
func_preacct = "preacct"
func_checksimul = "checksimul"
func_detach = "detach"
func_xlat = "xlat"
func_pre_proxy = "pre_proxy"
func_post_proxy = "post_proxy"
func_post_auth = "post_auth_erx"
}
File servicelogintime.pl
use strict;
# use ...
# This is very important ! Without this script will not get the filled hashesh from main.
use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
use Data::Dumper;
# This is hash wich hold original request from radius
#my %RAD_REQUEST;
# In this hash you add values that will be returned to NAS.
#my %RAD_REPLY;
#This is for check items
#my %RAD_CHECK;
#
# This the remapping of return values
#
use constant RLM_MODULE_REJECT=> 0;# /* immediately reject the request */
use constant RLM_MODULE_FAIL=> 1;# /* module failed, don't reply */
use constant RLM_MODULE_OK=> 2;# /* the module is OK, continue */
use constant RLM_MODULE_HANDLED=> 3;# /* the module handled the request, so stop. */
use constant RLM_MODULE_INVALID=> 4;# /* the module considers the request invalid. */
use constant RLM_MODULE_USERLOCK=> 5;# /* reject the request (user is locked out) */
use constant RLM_MODULE_NOTFOUND=> 6;# /* user not found */
use constant RLM_MODULE_NOOP=> 7;# /* module succeeded without doing anything */
use constant RLM_MODULE_UPDATED=> 8;# /* OK (pairs modified) */
use constant RLM_MODULE_NUMCODES=> 9;# /* How many return codes there are */
# Function to handle post_auth
sub post_auth_erx
{
&radiusd::radlog(1, "***** custom post_auth procedure *****");
# For debugging purposes only
#&log_request_attributes;
#for (keys %RAD_REPLY)
#{
# &radiusd::radlog(1, "RAD_REPLY: $_ = $RAD_REPLY{$_}");
#}
return RLM_MODULE_NOOP;
}
procedure post_auth_erx executed as expected
portion from debug output:
+- entering group post-auth {...}
GOT CLONE -1212740928 0x82bbaf0
rlm_perl: ***** custom post_auth procedure *****
but after returning from post_auth_erx all tags from attributes are
resetted to zero:
Sending Access-Accept of id 186 to 192.168.100.73 port 60654
ERX-Service-Login-Time:0 = "Al1800-2359,Al0000-0859"
ERX-Qos-Profile-Name = "SP_WCL"
ERX-Qos-Parameters += "world_value 1000000"
ERX-Qos-Parameters += "assure_world_value 100000"
ERX-Qos-Parameters += "city_value 10000000"
ERX-Service-Statistics:0 += time-volume
ERX-Service-Statistics:0 += time-volume
ERX-Service-Activate:0 += "world(1000000)"
ERX-Service-Activate:0 += "city(10000000)"
ERX-Service-Activate:0 += "deny"
ERX-Service-Interim-Acct-Interval:0 += 600
ERX-Service-Interim-Acct-Interval:0 += 600
If we comment out module servicelogintime.pl, we receive correct
tagged attributes:
Sending Access-Accept of id 154 to 192.168.100.73 port 65168
ERX-Service-Login-Time:1 = "Al1800-2359,Al0000-0859"
ERX-Service-Activate:1 += "world(1000000)"
ERX-Service-Statistics:1 += time-volume
ERX-Service-Interim-Acct-Interval:1 += 600
ERX-Qos-Parameters += "world_value 1000000"
ERX-Qos-Parameters += "assure_world_value 100000"
ERX-Service-Activate:2 += "city(10000000)"
ERX-Service-Statistics:2 += time-volume
ERX-Service-Interim-Acct-Interval:2 += 600
ERX-Qos-Parameters += "city_value 10000000"
ERX-Service-Activate:3 += "deny"
ERX-Qos-Profile-Name = "SP_WCL"
--
Best regards,
Igor mailto:ivb at is.ua
More information about the Freeradius-Users
mailing list