Issues with building Freeradius on CentOS 6.5: need rlm_cache
Brandon Jozsa
bjozsa at gmail.com
Sat Jun 14 22:08:40 CEST 2014
Ok, I made that adjustment (thank you a lot, that makes more sense actually
to put in post-proxy), but for some reason, I'm still not seeing any write
entries to the database. Am I missing something? I see cache working,
correctly I think...but no updates to the database (timestamps are the same
on radcheck).
rlm_sql (sql): Released sql socket id: 4
[sql] User tester not found
++[sql] = notfound
++? if (notfound)
? Evaluating (notfound) -> TRUE
++? if (notfound) -> TRUE
++if (notfound) {
+++update control {
+++} # update control = noop
[cache] expand: %{User-Name} -> tester
+++[cache] = notfound
+++update control {
+++} # update control = noop
+++? if (!notfound)
? Evaluating !(notfound) -> TRUE
+++? if (!notfound) -> TRUE
+++if (!notfound) {
++++update control {
++++} # update control = noop
+++} # if (!notfound) = noop
+++ ... skipping else for request 0: Preceding "if" was taken
++} # if (notfound) = noop
+} # group authorize = ok
WARNING: Empty pre-proxy section. Using default return values.
Sending Access-Request of id 95 to 192.168.1.35 port 1812
User-Name = "tester"
User-Password = "suckit"
NAS-IP-Address = 192.168.1.136
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x313331
Proxying request 0 to home server 192.168.1.35 port 1812
Sending Access-Request of id 95 to 192.168.1.35 port 1812
User-Name = "tester"
User-Password = "suckit"
NAS-IP-Address = 192.168.1.136
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x313331
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Accept packet from host 192.168.1.35 port 1812, id=95,
length=25
Proxy-State = 0x313331
# Executing section post-proxy from file /etc/raddb/sites-enabled/default
+group post-proxy {
[eap] No pre-existing handler found
++[eap] = noop
[cache] expand: %{User-Name} -> tester
[cache] expand: reply:Reply-Message -> reply:Reply-Message
[cache] expand: Cache last updated at %t -> Cache last updated at Fri Jun
13 18:58:10 2014
[cache] expand: ssssssssssssssssssssssssssssssss ->
ssssssssssssssssssssssssssssssss
[cache] expand: %{randstr:ssssssssssssssssssssssssssssssss} ->
IwEpAi6ylyNZ8zQoYOtW2xjHN.h52sgi
rlm_cache: Adding entry for "tester", with TTL of 10
++[cache] = updated
+} # group post-proxy = updated
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+group post-auth {
++[exec] = noop
+} # group post-auth = noop
Sending Access-Accept of id 131 to 127.0.0.1 port 48539
Reply-Message += "reply:Reply-Message"
Reply-Message += "Cache last updated at Fri Jun 13 18:58:10 2014"
Class := 0x49774570416936796c794e5a387a516f594f745732786a484e2e683532736769
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 131 with timestamp +40
Ready to process requests.
On Sat, Jun 14, 2014 at 3:23 PM, Arran Cudbard-Bell <
a.cudbardb at freeradius.org> wrote:
>
> On 14 Jun 2014, at 20:13, Arran Cudbard-Bell <a.cudbardb at freeradius.org>
> wrote:
>
> >
> > On 14 Jun 2014, at 19:53, Brandon Jozsa <bjozsa at gmail.com> wrote:
> >
> >> Ok, so now that I have this working...rlm_cache is loading just fine,
> but I think I may be making an error (based on what I want to achieve
> anyway). I've taken information from the article
> http://wiki.freeradius.org/modules/Rlm_cache#Two-call-caching, and i see
> the cache working, but is it in the wrong place?
> >
> > Yes. The second call should go in Post-Proxy.
>
> authorize {
> sql
> if (notfound) {
> update control {
> Cache-Status-Only = 'yes'
> }
> cache
> update control {
> Cache-Status-Only !* ANY
> }
>
> # Not found - Proxy request
> if (!notfound) {
> update control {
> Proxy-To-Realm := <realm>
> }
> }
> # Found - Merge proxy response
> else {
> cache
> }
> }
> }
>
> post-proxy {
> cache
> }
>
> Or 3rd call... v3.0.4 is simpler.
>
> Arran Cudbard-Bell <a.cudbardb at freeradius.org>
> FreeRADIUS Development Team
>
> FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
--
Brandon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140614/d074004e/attachment.html>
More information about the Freeradius-Users
mailing list