Conditional SQL module and server wide variables
Alan DeKok
aland at deployingradius.com
Fri Jun 26 17:58:55 CEST 2015
On Jun 25, 2015, at 10:07 PM, Ricardo LarraƱaga <ricardo.larranaga at gmail.com> wrote:
> Hello Guys. I am running freeradius 3.0.4 on centos 7, and have 2
> questions, i was wondering if someone can help me.
>
> 1) I use the file module and the sql module.
> On the users file, i might have an exact entry for a user, or a DEFAULT
> entry for a user.
The "files" module returns the same code for finding a normal user, and for the "DEFAULT" entry. So you can't tell those apart easily.
The way to fix this is to have the DEFAULT entry set a server-side attribute. Then, check for that attribute.
> What i would like to do is:
> -If i match an exact entry, do not run sql module
> -If i match a DEFAULT entry, run sql module.
> Is this possible? As far as i could see, File module returns [ok], both for
> exact and default match entries, so i am not sure on how to differentiate
> those.
Exactly. Do this:
DEFAULT Tmp-Integer-0 := 42, ...
...
And then:
files
if (control:Tmp-Integer-0 == 42) {
... matched default logic ...
}
> 2) Server Wide variables.
> I am about to implement copy-acct-to-home-server in order to replicate
> accounting between servers (cool feature!). Now, I understand that i am
> responsible of writing a policy to drop packets in case one of the servers
> i am copying accounting to goes down. What i would like to know is if i can
> define a server wide variable like a counter, where i could increment the
> number of times a server has not responded. If this goes over a threshold,
> i can start dropping packets, in order not to load the server.
That's already done. See request:Packet-Transmit-Counter. It's an integer attribute added by the detail file reader.
Alan DeKok.
More information about the Freeradius-Users
mailing list