openwrt, freeradius

Thu Apr 14 08:54:32 CEST 2016

Mildok <mildok at mail.ru> writes:

> Function rewrite.calling_station_id has in the /etc/freeradius2/policy.conf:
> rewrite.calling_station_id {
>                 if((Calling-Station-Id) && "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) {
>                         update request {
>                                 Calling-Station-Id := "%{tolower:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}}"
>                         }
>                         updated
>                 }
>                 else {
>                         noop
>                 }
>         }
>
> "updated", if I correctly understand has in dictionary /usr/share/freeradius2/dictionary.freeradius.internal:
>
> ATTRIBUTE       Module-Return-Code                      1108    integer
>
> VALUE   Module-Return-Code              reject                  0
> VALUE   Module-Return-Code              fail                    1
> VALUE   Module-Return-Code              ok                      2
> VALUE   Module-Return-Code              handled                 3
> VALUE   Module-Return-Code              invalid                 4
> VALUE   Module-Return-Code              userlock                5
> VALUE   Module-Return-Code              notfound                6
> VALUE   Module-Return-Code              noop                    7
> VALUE   Module-Return-Code              updated                 8

Yes, they are all valid return codes.  But that is really irrelevant for
your usage above.  What you do there is calling modules with the names
"noop" and "updated". Which usually works fine ,and does what you
expect, because of something like this somewhere in the server config:

#
# The "always" module is here for debugging purposes. Each
# instance simply returns the same result, always, without
# doing anything.
always fail {
        rcode = fail
}
always reject {
        rcode = reject
}
always noop {
        rcode = noop
}
always handled {
        rcode = handled
}
always updated {
        rcode = updated
}
always notfound {
        rcode = notfound
}
always ok {
        rcode = ok
        simulcount = 0
        mpp = no
}

> So... why I get error:
>> Module: Checking authorize {...} for more modules to load
>> Module: Loading virtual module rewrite.calling_station_id
>> /etc/freeradius2/policy.conf[250]: Failed to find "updated" in the "modules" section.
>
> I misunderstand something.. sorry... 

So the reason is most likely exactly what it says (as usual with
FreeRadius):

 You are missing the "updated" module.

Locate the file where your "noop" module is defined and the problem
should be obvious.

Bjørn