sql and xlat in authorize section

Sébastien Barbereau barbereau at gmail.com
Thu Aug 25 16:57:14 CEST 2011


Hi,
I am trying to do mac authorization as per
http://wiki.freeradius.org/Mac-Auth#Mac-Auth+authorisation+by+SSID+SQL
In fact my attempt is much simpler as I just have a very simple table
containing the mac address of system to accept. My conf looks like that:

authorize {
...
        # newer authorized macs
        if("%{sql_local:SELECT COUNT(mac) FROM authorized_macs WHERE mac
='%{Calling-Station-ID}'}" > 0){
                update control {
                        Auth-Type := Accept
                }
                ok = return
        }

...
}

But when doing an authentication attemp I get the following in the debug
logs :
...
Thu Aug 25 16:52:56 2011 : Info: ++? if (ok) -> FALSE
Thu Aug 25 16:52:56 2011 : Info: ++? if ("%{sql_local:SELECT COUNT(mac) FROM
authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0)
Thu Aug 25 16:52:56 2011 : Info: WARNING: Unknown module "sql_local" in
string expansion "%"
Thu Aug 25 16:52:56 2011 : Info: ? Evaluating ("%{sql_local:SELECT
COUNT(mac) FROM authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0) ->
FALSE
Thu Aug 25 16:52:56 2011 : Info: ++? if ("%{sql_local:SELECT COUNT(mac) FROM
authorized_macs WHERE mac ='%{Calling-Station-ID}'}" > 0) -> FALSE
...

As far as I can understand the documentation this should be working (
http://wiki.freeradius.org/Rlm_sql#SQL+xlat). Any helpful hand which can
bring some light to the darkness of my intellect?


Cheers,
seb.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110825/c80019b1/attachment.html>


More information about the Freeradius-Users mailing list