Exec Module FreeRADIUS Version 2.1.8
hollman.diaz
hollman.diaz at gmail.com
Mon Jan 31 14:01:46 CET 2011
Thanks for you reply!
>Why?
I want to change Auth-Type from Accept to Reject based on the account
expiration date from a user. All users have the same username and password
but they are identified by the calling-station-id. So the external
application verifies in a database the expiration date of the
calling-station-id and changes the Auth-Type attribute.
Can I change this attribute?
Is it possible?
>Pretty much all of the is *completely* wrong.
Yeah, I new with Freeradius :s.
I changed the files and now only /etc/freeradius/exec is modified:
exec {
wait = yes
input_pairs = request
output_pairs = reply
program = "/usr/bin/php /etc/disconnect/return.php
%{Calling-Station-Id}"
shell_escape = yes
}
In this way, Freeradius accepts the authentication requests, runs the
external application but it does not change the Auth-Type attribute:
...
[files] users: Matched entry DEFAULT at line 71
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
+- entering group post-auth {...}
[exec] expand: %{Calling-Station-Id} -> 57300
PHP Deprecated: Comments starting with '#' are deprecated in
/etc/php5/cli/conf.d/mcrypt.ini on line 1 in Unknown on line 0
Exec-Program output: Reject
Exec-Program-Wait: plaintext: Reject
Exec-Program: returned: 0
++[exec] returns ok
Sending Access-Accept of id 27 to 192.168.0.3 port 2265
Finished request 0.
Going to the next request
The external application responds "Reject" for Calling-Station-Id==57300 but
send an Acces-Accept because the Auth-Type is not changed.
>Read "man unlang".
I have already read the man unlang but I don't know where I should modify
the attribute: radiusd.conf or default or exec or what file.
Thanks again,
Hollman Diaz
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Exec-Module-FreeRADIUS-Version-2-1-8-tp3363953p3364444.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list