perl examples
Phil Mayers
p.mayers at imperial.ac.uk
Mon Apr 8 16:18:28 CEST 2013
On 08/04/13 14:47, Alex Sharaz wrote:
>
> On 8 Apr 2013, at 14:24, A.L.M.Buxey at lboro.ac.uk wrote:
>
>> Hi,
>>
>>> In post-auth I want to
>>>
>>> extract the nas-ip address and calling station-id of the client
>>> device open a db connection and perform a query that'll let me
>>> decide what vlan-id to send back in the access-accept packet
>>> write radius attributes into the access-accept reply
>>
>> one more comment...for somethign so 'trivial' I would seriously
>> consider using unlang to do this anyway eg
>>
>> update reply { Tunnel-Private-Group-ID ="%{sql:SELECT vlan from
>> authtable where NAS='%{NAS-IP-Address}' and
>> csi='%{Calling-Station-Id}'}" Tunnel-Medium-Type = IEEE-802
>> Tunnel-Type = VLAN }
>>
>> ..or such…
>>
> looks neat, but getting the vlan associated with the switch and the
> calling station id isn't that simple. but I'll have a look anyway
FWIW we use "unlang" and a simple stored procedure that returns a little
blob:
vlan,something,somemore
...which we split using a regexp in the next unlang statemenr. This is
also a handy place to check for an empty xlat result (which indicates
failure of the SQL lookup) and do logging, and possibly set
"Do-Not-Respond" to allow the other RADIUS server a chance to succeed
the auth.
More information about the Freeradius-Users
mailing list