dhcp and rlm_python am i missing something?

Serge Krawczenko skrawczenko at gmail.com
Thu May 8 16:34:10 CEST 2014


here we are

my module config

        python {
                mod_instantiate = radiusd_test
                func_instantiate = instantiate

                mod_dhcp = radiusd_test
                func_dhcp = dhcp

                mod_post_auth = radiusd_test
                func_post_auth = post_auth

        }

my "script", i'm just trying to get any function called

import radiusd
import os
import sys

def instantiate(p):

    log = open ("/tmp/1","w")
    print >> log, "open"
    print >> log, p
    print >> log, __name__
    log.close()

    radiusd.radlog(radiusd.L_DBG, "spam.py: instantiated")

    return radiusd.RLM_MODULE_OK

def dhcp(p):

    log = open ("/tmp/2","w")
    print >> log, "open"
    print >> log, os.environ
    print >> log, p

    radiusd.radlog(radiusd.L_DBG, "dhcp: called")
    return (radiusd.RLM_MODULE_UPDATED,
(('Client-IP-Address','10.10.10.3'),))

def post_auth(p):
    log = open ("/tmp/3","w")
    print >> log, "open"
    print >> log, p
    print >> log, __name__
    log.close()
    return radiusd.RLM_MODULE_OK

radiusd config, all default except following:

dhcp DHCP-Discover {
        update reply {
               DHCP-Message-Type = DHCP-Offer
                Packet-Dst-Port = 67

        }

        #  The contents here are invented.  Change them!
        update reply {
                DHCP-Domain-Name-Server = 8.8.8.8
#               DHCP-Domain-Name-Server = 127.0.0.2
                DHCP-Subnet-Mask = 255.255.255.0
                DHCP-Router-Address = 10.10.10.2
                DHCP-IP-Address-Lease-Time = 60
                DHCP-DHCP-Server-Identifier = 10.45.5.233
        }

        python

        #  Do a simple mapping of MAC to assigned IP.
        #
        #  See below for the definition of the "mac2ip"
....

and output -X:
server dhcp { # from file /usr/local/etc/raddb/radiusd.conf
 modules {
 Module: Checking dhcp DHCP-Discover {...} for more modules to load
 Module: Linked to module rlm_always
 Module: Instantiating module "ok" from file
/usr/local/etc/raddb/modules/always
  always ok {
        rcode = "ok"
        simulcount = 0
        mpp = no
  }
 Module: Checking dhcp DHCP-Request {...} for more modules to load
 Module: Checking dhcp (null) {...} for more modules to load
/usr/local/etc/raddb/radiusd.conf[1070]: No name specified for
Post-Auth-Type block
 } # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
        type = "auth"
        ipaddr = *
        port = 0
}
listen {
        type = "acct"
        ipaddr = *
        port = 0
}
listen {
        type = "control"
 listen {
        socket = "/usr/local/var/run/radiusd/radiusd.sock"
 }
}
listen {
        type = "auth"
        ipaddr = 127.0.0.1
        port = 18120
}
listen {
        type = "dhcp"
        ipaddr = 10.45.5.233
        port = 67
}
.....

Ready to process requests.







Received DHCP-Discover of id 4d620942 from 10.45.5.230:68 to 10.45.5.233:67
        DHCP-Opcode = Client-Message
        DHCP-Hardware-Type = Ethernet
        DHCP-Hardware-Address-Length = 6
        DHCP-Hop-Count = 1
        DHCP-Transaction-Id = 1298270530
        DHCP-Number-of-Seconds = 0
        DHCP-Flags = 0
        DHCP-Client-IP-Address = 0.0.0.0
        DHCP-Your-IP-Address = 0.0.0.0
        DHCP-Server-IP-Address = 0.0.0.0
        DHCP-Gateway-IP-Address = 10.45.5.230
        DHCP-Client-Hardware-Address = 00:1a:92:e7:63:4a
        DHCP-Message-Type += DHCP-Discover
        DHCP-Hostname += "qinq"
        DHCP-Parameter-Request-List += DHCP-Subnet-Mask
        DHCP-Parameter-Request-List += DHCP-Broadcast-Address
        DHCP-Parameter-Request-List += DHCP-Time-Offset
        DHCP-Parameter-Request-List += DHCP-Router-Address
        DHCP-Parameter-Request-List += DHCP-Domain-Name
        DHCP-Parameter-Request-List += DHCP-Domain-Name-Server
        DHCP-Parameter-Request-List += DHCP-Domain-Search
        DHCP-Parameter-Request-List += DHCP-Hostname
        DHCP-Parameter-Request-List += DHCP-NETBIOS-Name-Servers
        DHCP-Parameter-Request-List += DHCP-NETBIOS
        DHCP-Parameter-Request-List += DHCP-Interface-MTU-Size
        DHCP-Parameter-Request-List += DHCP-Classless-Static-Route
        DHCP-Parameter-Request-List += DHCP-NTP-Servers
        DHCP-Relay-Circuit-Id = 0x000401bd0002
        DHCP-Relay-Remote-Id = 0x00065cd998d4a3a0
server dhcp {
Trying sub-section dhcp DHCP-Discover {...}
+group DHCP-Discover {
++update reply {
++} # update reply = noop
++update reply {
++} # update reply = noop
++[python] = noop
++[ok] = ok






On Thu, May 8, 2014 at 5:13 PM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:

> On 08/05/14 14:42, Serge Krawczenko wrote:
>
>> Regarding the post-auth
>>
>> I've seen such an opinion somewhere and tested it, unfortunately
>> func_post_auth wasn't called.
>>
>
> Post a debug from "radiusd -X".
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140508/97f988d0/attachment.html>


More information about the Freeradius-Users mailing list