Accounting in MySQL - Password

P K getpkme at gmail.com
Wed Jan 15 10:31:37 CET 2014 

Thanks Alan. Got it working.

I've scoured the list and found your reply here in 2010 (
http://lists.freeradius.org/pipermail/freeradius-users/2010-July/047686.html).
I'm having the same problem - has this been fixed? post-auth is not being
executed in inner-tunnel when the user is *rejected*. As a result no reject
entry is being written to the table from inner tunnel.Is there a way to
make it execute? I'm running 2.1.10+dfsg-3ubuntu0.12.04.1.

#inner tunnel
..snip..
post-auth {
..snip..
sql
Post-Auth-Type REJECT {
                # log failed authentications in SQL, too.
                sql
                attr_filter.access_reject
}

update outer.reply {
                User-Name = "%{request:User-Name}"
}

}


Thanks for all your help.


On 14 January 2014 16:51, Alan DeKok <aland at deployingradius.com> wrote:

> P K wrote:
> > Thanks Alan. I understand now.  I've created my own postauth table and
> > updated the sql query. My query is like this:
>
>   That should work.
>
> > outer.request:User-Name works when this query is being executed from
> > inner-tunnel but not in outer obviously. So I want to put an if
> > condition. I'm fine with the syntax but i'm struggling to determine
> > what to put a condition on. What variable should I look at to
> > determine if I'm in inner or outer tunnel?  I was thinking
> > virtual-server .. not sure.
>
>   You put a condition on the expansion.  See "man unlang"
>
>         %{%{outer.request:User-Name}:-NONE}
>
> > Also I want to record protocol TTLS/PAP or PEAP/MSCHAP that has been
> > in action. What variable should I use for this?
>
>   outer.request:EAP-Type.
>
> > Is there a variable that would indicate the module that succeeded e.g
> > ldap, mysql etc. so that I could record it? Auth-Type??
>
>   No.  Because the EAP module is doing authentication.
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140115/b7543a26/attachment.html>

More information about the Freeradius-Users mailing list