Set Calling-Station-Id after first authorization

Kledi Andoni kledi at pronet.com.al
Sat Feb 13 14:15:41 CET 2010 

After a bit of work, I was able to solve it by running a php script in the preacct process.

I added the external program with exec:

exec 1stlogin {

		wait = yes
                program = "/usr/bin/php /root/1stlogin.php %{User-Name} %{Calling-Station-Id}"
                input_pairs = request
		}

Then in the preacct session I added
	
	1stlogin

The script itself as follows:

<?php
$link = mysql_connect('localhost', 'root', 'xxxxxx');
if (!$link) {
    die('Could not connect: ' . mysql_error());
}
mysql_select_db('radius');
$result=mysql_query("SELECT * FROM radacct WHERE `UserName`='$argv[1]' order by Username limit 1");
$val = mysql_num_rows($result);
	if ($val > 0)  {
		printf ("Not first auth"); 
		}
	else {
		mysql_query("INSERT into radcheck (UserName, Attribute, op, Value) values ('$argv[1]', 'Calling-Station-Id', '==', '$argv[2]')");	
		}

?>


I rarely write any php, so any improvement in the code is highly appreciated. Do I need to return anything to freeradius in case of an error or something?

Cheers,
Kledi



On Feb 13, 2010, at 3:01 AM, EasyHorpak.com wrote:

> Kledi Andoni wrote:
>> 
>> Hello,
>> 
>> I need a way to set the Calling-Station-Id attribute automatically for each user after the first authorization request. In this way the user will be allowed to authorize only from that mac address in the future.
>> 
>> I am using freeradius 1.1.7 with mysql. I do not have the expertise to write a new module, but I believe the way to do it is:
>> 
>> - User tries to authorize and sends username/password/calling-station-id
>> - Radius verifies username/password (calling-station-id is not yet set)
>> - Check if a user has ever authorized, through a query on the radacct table. If no rows exist for the specific username then its first login
>> - insert a row containing the calling-station-id for the specific user in the radcheck table.
>> 
>> Is there a way to do this by configuring freeradius, or do I have to submit it as a request for a feature?
>> 
>> Thank you,
>> K
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>> 
>>   
> you can use modules checkval to make calling-station-id check.
> But for add calling-station-id on first login, you need more scripts to add it.
> you may use unlang. for me i use pppoe-server as nas. i use php to add it after first login.
> 
> -- 
> http://www.EasyHorpak.com - แหล่งค้นหาหอพัก,อพาร์ทเมนท์,แมนชั่น,คอนโด,โรงแรม
> http://www.EasyZoneCorp.net - ซอฟแวร์จัดการ internet คุณภาพสูง Hotpsot และ PPPoE ,Anti NetCut, Mac spoof
> http://www.thai-school.net - เว็บไซต์โรงเรียน,ศิษย์เก่า สำเร็จรูป 
> EasyZone SuperLink - แลกหมื่นลิ้งคืในคลิ๊กเดียว 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100213/e44ab85b/attachment.html>

More information about the Freeradius-Users mailing list