MAC-Auth + Freeradius + MySQL Database

Alan DeKok aland at
Sun Feb 24 15:20:03 CET 2013

Russell Mike wrote:
> Thanks for guidelines. exactly, as you stated I simple want to store MAC
> address somewhere & compair against the request. Can they be in
> "radcheck"?

  I wouldn't do that.  Just create your own table of MAC addresses.  If
all you want is to list known MACs, you can do that with a custom table.

  Then, do:

	if ("%{sql: SELECT ...}") {
		# known MAC

  Use a SQL client to write the correct SELECT statement, and then put
it into the example above.  Then apply any "known MAC" rule inside of
the "if" statement.

> Secondly, i would have list of maximum 500 MACs, how about listing them
> in a file. Would it be considerably slow reading from file than DB? I
> have no idea because I never used radius with files. 

  See "man rlm_passwd".  It contains examples.  You could put the MACs
into a group via that module, and then do group checking.

  Alan DeKok.

More information about the Freeradius-Users mailing list