dhcp and rlm_python am i missing something?
Serge Krawczenko
skrawczenko at gmail.com
Thu May 8 16:34:10 CEST 2014
here we are
my module config
python {
mod_instantiate = radiusd_test
func_instantiate = instantiate
mod_dhcp = radiusd_test
func_dhcp = dhcp
mod_post_auth = radiusd_test
func_post_auth = post_auth
}
my "script", i'm just trying to get any function called
import radiusd
import os
import sys
def instantiate(p):
log = open ("/tmp/1","w")
print >> log, "open"
print >> log, p
print >> log, __name__
log.close()
radiusd.radlog(radiusd.L_DBG, "spam.py: instantiated")
return radiusd.RLM_MODULE_OK
def dhcp(p):
log = open ("/tmp/2","w")
print >> log, "open"
print >> log, os.environ
print >> log, p
radiusd.radlog(radiusd.L_DBG, "dhcp: called")
return (radiusd.RLM_MODULE_UPDATED,
(('Client-IP-Address','10.10.10.3'),))
def post_auth(p):
log = open ("/tmp/3","w")
print >> log, "open"
print >> log, p
print >> log, __name__
log.close()
return radiusd.RLM_MODULE_OK
radiusd config, all default except following:
dhcp DHCP-Discover {
update reply {
DHCP-Message-Type = DHCP-Offer
Packet-Dst-Port = 67
}
# The contents here are invented. Change them!
update reply {
DHCP-Domain-Name-Server = 8.8.8.8
# DHCP-Domain-Name-Server = 127.0.0.2
DHCP-Subnet-Mask = 255.255.255.0
DHCP-Router-Address = 10.10.10.2
DHCP-IP-Address-Lease-Time = 60
DHCP-DHCP-Server-Identifier = 10.45.5.233
}
python
# Do a simple mapping of MAC to assigned IP.
#
# See below for the definition of the "mac2ip"
....
and output -X:
server dhcp { # from file /usr/local/etc/raddb/radiusd.conf
modules {
Module: Checking dhcp DHCP-Discover {...} for more modules to load
Module: Linked to module rlm_always
Module: Instantiating module "ok" from file
/usr/local/etc/raddb/modules/always
always ok {
rcode = "ok"
simulcount = 0
mpp = no
}
Module: Checking dhcp DHCP-Request {...} for more modules to load
Module: Checking dhcp (null) {...} for more modules to load
/usr/local/etc/raddb/radiusd.conf[1070]: No name specified for
Post-Auth-Type block
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
listen {
type = "control"
listen {
socket = "/usr/local/var/run/radiusd/radiusd.sock"
}
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 18120
}
listen {
type = "dhcp"
ipaddr = 10.45.5.233
port = 67
}
.....
Ready to process requests.
Received DHCP-Discover of id 4d620942 from 10.45.5.230:68 to 10.45.5.233:67
DHCP-Opcode = Client-Message
DHCP-Hardware-Type = Ethernet
DHCP-Hardware-Address-Length = 6
DHCP-Hop-Count = 1
DHCP-Transaction-Id = 1298270530
DHCP-Number-of-Seconds = 0
DHCP-Flags = 0
DHCP-Client-IP-Address = 0.0.0.0
DHCP-Your-IP-Address = 0.0.0.0
DHCP-Server-IP-Address = 0.0.0.0
DHCP-Gateway-IP-Address = 10.45.5.230
DHCP-Client-Hardware-Address = 00:1a:92:e7:63:4a
DHCP-Message-Type += DHCP-Discover
DHCP-Hostname += "qinq"
DHCP-Parameter-Request-List += DHCP-Subnet-Mask
DHCP-Parameter-Request-List += DHCP-Broadcast-Address
DHCP-Parameter-Request-List += DHCP-Time-Offset
DHCP-Parameter-Request-List += DHCP-Router-Address
DHCP-Parameter-Request-List += DHCP-Domain-Name
DHCP-Parameter-Request-List += DHCP-Domain-Name-Server
DHCP-Parameter-Request-List += DHCP-Domain-Search
DHCP-Parameter-Request-List += DHCP-Hostname
DHCP-Parameter-Request-List += DHCP-NETBIOS-Name-Servers
DHCP-Parameter-Request-List += DHCP-NETBIOS
DHCP-Parameter-Request-List += DHCP-Interface-MTU-Size
DHCP-Parameter-Request-List += DHCP-Classless-Static-Route
DHCP-Parameter-Request-List += DHCP-NTP-Servers
DHCP-Relay-Circuit-Id = 0x000401bd0002
DHCP-Relay-Remote-Id = 0x00065cd998d4a3a0
server dhcp {
Trying sub-section dhcp DHCP-Discover {...}
+group DHCP-Discover {
++update reply {
++} # update reply = noop
++update reply {
++} # update reply = noop
++[python] = noop
++[ok] = ok
On Thu, May 8, 2014 at 5:13 PM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> On 08/05/14 14:42, Serge Krawczenko wrote:
>
>> Regarding the post-auth
>>
>> I've seen such an opinion somewhere and tested it, unfortunately
>> func_post_auth wasn't called.
>>
>
> Post a debug from "radiusd -X".
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140508/97f988d0/attachment.html>
More information about the Freeradius-Users
mailing list