Make sense of SQL Huntgroup HOWTO?
Matthew Newton
mcn4 at leicester.ac.uk
Fri Dec 18 16:26:31 CET 2015
On Fri, Dec 18, 2015 at 03:06:57PM +0000, Joel Bergmark wrote:
> In the sites-enabled/default I use as described in the HOWTO:
>
> update request {
> Huntgroup-Name := "%{sql:SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}'}" {
> }
> if (Huntgroup-Name == ''){
> reject
> }
So, reject if Huntgroup-Name is empty, right?
> I believe that the issue it the later of the above statement
> that supposed to match and reject that's the problem but as many
> others I can't figure out how to get this working.
> NAS-IP-Address = 46.23X.XX.170
...
> expand: SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}' -> SELECT groupname FROM radhuntgroup WHERE nasipaddress='46.23X.XX.170'
...
> expand: %{sql:SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}'} -> 3rdline
Huntgroup-Name is "3rdline"
> ++[request] returns ok
> ++? if (Huntgroup-Name == '')
> ? Evaluating (Huntgroup-Name == '') -> FALSE
> ++? if (Huntgroup-Name == '') -> FALSE
Doesn't reject because Huntgroup-Name isn't empty.
> Sending Access-Accept of id 105 to 46.23X.XX.170 port 1645
Can't see a problem here?
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list