external script doesn't add the attributes it prints out

Fri May 22 18:44:12 CEST 2009

Hi all,

I have installed freeradius 2.14 on Freebsd using the ports.
I need to use an external script, so in radiusd.conf I created in the
module section :
      exec GETVLAN {
                wait = yes
                program = "/usr/local/etc/raddb/getVlan %{User-Name}"
                input-pairs = request
                output-pairs = reply
        }

and I use it in the post-auth section of the inner-tunnel. (I 'm using
peap/mschapv2)

But the result is not what I expected...
I do "echo" for assigning vlan id but the attributes are not appended
to the reply.
Here is a cut of the debug debug :

...
[GETVLAN]       expand: %{User-Name} -> nobody
Exec-Program output: Tunnel-Medium-Type = 6, Tunnel-Type = 13,
Tunnel-Private-Group-Id = 1
Exec-Program-Wait: value-pairs: Tunnel-Medium-Type = 6, Tunnel-Type =
13, Tunnel-Private-Group-Id = 1
Exec-Program: returned: 3
++[GETVLAN] returns ok
} # server inner-tunnel
[peap] Got tunneled reply code 2
        EAP-Message = 0x03080004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "nobody"
[peap] Got tunneled reply RADIUS code 2
        EAP-Message = 0x03080004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "nobody"
[peap] Tunneled authentication was successful.
[peap] SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 8 to 192.168.3.125 port 48956
        EAP-Message =
0x0109002b190017030100206a5e995dedc28425eadd6f6b92faa22efdc1a93ab3a26a000df6f49744b8b392
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x1f8b9f59174286e5556aa2fa4357052a
Finished request 8.
Going to the next request
....

Regards,

G.