Exec Module FreeRADIUS Version 2.1.8

hollman.diaz hollman.diaz at gmail.com
Mon Jan 31 14:01:46 CET 2011


Thanks for you reply!

>Why? 

I want to change Auth-Type from Accept to Reject based on the account
expiration date from a user. All users have the same username and password
but they are identified by the calling-station-id. So the external
application verifies in a database the expiration date of the
calling-station-id and changes the Auth-Type attribute.

Can I change this attribute?
Is it possible?

>Pretty much all of the is *completely* wrong. 

Yeah, I new with Freeradius :s. 
I changed the files and now only /etc/freeradius/exec is modified:
exec {
		wait = yes
		input_pairs = request
                output_pairs = reply
                program = "/usr/bin/php /etc/disconnect/return.php
%{Calling-Station-Id}"
                shell_escape = yes
	}

In this way, Freeradius accepts the authentication requests, runs the
external application but it does not change the Auth-Type attribute:

...
[files] users: Matched entry DEFAULT at line 71
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
+- entering group post-auth {...}
[exec] 	expand: %{Calling-Station-Id} -> 57300
PHP Deprecated:  Comments starting with '#' are deprecated in
/etc/php5/cli/conf.d/mcrypt.ini on line 1 in Unknown on line 0
Exec-Program output: Reject 
Exec-Program-Wait: plaintext: Reject 
Exec-Program: returned: 0
++[exec] returns ok
Sending Access-Accept of id 27 to 192.168.0.3 port 2265
Finished request 0.
Going to the next request

The external application responds "Reject" for Calling-Station-Id==57300 but
send an Acces-Accept because the Auth-Type is not changed.

>Read "man unlang".

I have already read the man unlang but I don't know where I should modify
the attribute: radiusd.conf or default or exec or what file.

Thanks again,

Hollman Diaz

-- 
View this message in context: http://freeradius.1045715.n5.nabble.com/Exec-Module-FreeRADIUS-Version-2-1-8-tp3363953p3364444.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list