RLM_Perl Question
Arnab Roy
arnabroy at mail.com
Tue Feb 7 21:51:34 CET 2017
Hi Alan,
I have done exactly that for the sql module and it works fine but not
for the perl module. I know you havent asked for this but I can only
see the following variables in radiusd -X
(0) perl: $RAD_REQUEST{'User-Name'} = &request:User-Name ->
'username at domain.com'
(0) perl: $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address ->
'10.24.1.3'
(0) perl: $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
(0) perl: $RAD_REQUEST{'Framed-IP-Address'} =
&request:Framed-IP-Address -> '10.24.1.17'
(0) perl: $RAD_REQUEST{'Called-Station-Id'} =
&request:Called-Station-Id -> '000B866E18BC'
(0) perl: $RAD_REQUEST{'Calling-Station-Id'} =
&request:Calling-Station-Id -> '98B8E34E1CAF'
(0) perl: $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type ->
'Wireless-802.11'
(0) perl: $RAD_REQUEST{'Acct-Status-Type'} =
&request:Acct-Status-Type -> 'Stop'
(0) perl: $RAD_REQUEST{'Acct-Delay-Time'} = &request:Acct-Delay-Time
-> '0'
(0) perl: $RAD_REQUEST{'Acct-Input-Octets'} =
&request:Acct-Input-Octets -> '4701'
(0) perl: $RAD_REQUEST{'Acct-Output-Octets'} =
&request:Acct-Output-Octets -> '4678'
(0) perl: $RAD_REQUEST{'Acct-Session-Id'} = &request:Acct-Session-Id
-> 'arnab.ro98B8E34E1CAF-589A307E'
(0) perl: $RAD_REQUEST{'Acct-Session-Time'} =
&request:Acct-Session-Time -> '41'
(0) perl: $RAD_REQUEST{'Acct-Input-Packets'} =
&request:Acct-Input-Packets -> '24'
(0) perl: $RAD_REQUEST{'Acct-Output-Packets'} =
&request:Acct-Output-Packets -> '19'
(0) perl: $RAD_REQUEST{'Acct-Terminate-Cause'} =
&request:Acct-Terminate-Cause -> 'NAS-Request'
(0) perl: $RAD_REQUEST{'Acct-Multi-Session-Id'} =
&request:Acct-Multi-Session-Id -> '98B8E34E1CAF-0000000434'
(0) perl: $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp
-> 'Feb 7 2017 20:40:07 GMT'
(0) perl: $RAD_REQUEST{'Aruba-User-Role'} = &request:Aruba-User-Role
-> 'authenticated'
(0) perl: $RAD_REQUEST{'Aruba-User-Vlan'} = &request:Aruba-User-Vlan
-> '1025'
(0) perl: $RAD_REQUEST{'Aruba-Essid-Name'} =
&request:Aruba-Essid-Name -> 'eduroam'
(0) perl: $RAD_REQUEST{'Aruba-Location-Id'} =
&request:Aruba-Location-Id -> '00:0b:86:8e:b0:35'
(0) perl: $RAD_REQUEST{'Aruba-AP-Group'} = &request:Aruba-AP-Group ->
'default'
(0) perl: $RAD_REQUEST{'Aruba-Device-Type'} =
&request:Aruba-Device-Type -> 'iPad'
(0) perl: $RAD_REQUEST{'Stripped-User-Name'} =
&request:Stripped-User-Name -> 'username'
(0) perl: $RAD_REQUEST{'Realm'} = &request:Realm -> 'domain.com'
(0) perl: $RAD_REQUEST{'Acct-Unique-Session-Id'} =
&request:Acct-Unique-Session-Id -> '0fc1fdf003e0982f25a4df81c5efeb4f'
(0) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'domain.com'
(0) perl: &request:Acct-Session-Id = $RAD_REQUEST{'Acct-Session-Id'} ->
'arnab.ro98B8E34E1CAF-589A307E'
(0) perl: &request:Stripped-User-Name =
$RAD_REQUEST{'Stripped-User-Name'} -> 'username'
(0) perl: &request:Aruba-Location-Id =
$RAD_REQUEST{'Aruba-Location-Id'} -> '00:0b:86:8e:b0:35'
(0) perl: &request:Acct-Input-Packets =
$RAD_REQUEST{'Acct-Input-Packets'} -> '24'
(0) perl: &request:Acct-Delay-Time = $RAD_REQUEST{'Acct-Delay-Time'} ->
'0'
(0) perl: &request:Acct-Terminate-Cause =
$RAD_REQUEST{'Acct-Terminate-Cause'} -> 'NAS-Request'
(0) perl: &request:Acct-Multi-Session-Id =
$RAD_REQUEST{'Acct-Multi-Session-Id'} -> '98B8E34E1CAF-0000000434'
(0) perl: &request:Acct-Status-Type = $RAD_REQUEST{'Acct-Status-Type'}
-> 'Stop'
(0) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} ->
'username at domain.com'
(0) perl: &request:Aruba-AP-Group = $RAD_REQUEST{'Aruba-AP-Group'} ->
'default'
(0) perl: &request:Aruba-User-Vlan = $RAD_REQUEST{'Aruba-User-Vlan'} ->
'1025'
(0) perl: &request:Framed-IP-Address =
$RAD_REQUEST{'Framed-IP-Address'} -> '10.24.1.17'
(0) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
(0) perl: &request:Acct-Output-Octets =
$RAD_REQUEST{'Acct-Output-Octets'} -> '4678'
(0) perl: &request:Aruba-Device-Type =
$RAD_REQUEST{'Aruba-Device-Type'} -> 'iPad'
(0) perl: &request:Aruba-User-Role = $RAD_REQUEST{'Aruba-User-Role'} ->
'authenticated'
(0) perl: &request:Calling-Station-Id =
$RAD_REQUEST{'Calling-Station-Id'} -> '98B8E34E1CAF'
(0) perl: &request:Acct-Input-Octets =
$RAD_REQUEST{'Acct-Input-Octets'} -> '4701'
(0) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
'10.24.1.3'
(0) perl: &request:Called-Station-Id =
$RAD_REQUEST{'Called-Station-Id'} -> '000B866E18BC'
(0) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} ->
'Wireless-802.11'
(0) perl: &request:Acct-Unique-Session-Id =
$RAD_REQUEST{'Acct-Unique-Session-Id'} ->
'0fc1fdf003e0982f25a4df81c5efeb4f'
(0) perl: &request:Acct-Session-Time =
$RAD_REQUEST{'Acct-Session-Time'} -> '41'
(0) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} ->
'Feb 7 2017 20:40:07 GMT'
(0) perl: &request:Acct-Output-Packets =
$RAD_REQUEST{'Acct-Output-Packets'} -> '19'
(0) perl: &request:Aruba-Essid-Name = $RAD_REQUEST{'Aruba-Essid-Name'}
-> 'eduroam'
(10) perl: $RAD_REQUEST{'User-Name'} = &request:User-Name ->
'username at domain.com'
(10) perl: $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address
-> '10.24.1.3'
(10) perl: $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
(10) perl: $RAD_REQUEST{'Service-Type'} = &request:Service-Type ->
'Framed-User'
(10) perl: $RAD_REQUEST{'Framed-MTU'} = &request:Framed-MTU -> '1100'
(10) perl: $RAD_REQUEST{'State'} = &request:State ->
'0xb4ac9a30b5a680e1e06ae9d02f4b3a06'
(10) perl: $RAD_REQUEST{'Called-Station-Id'} =
&request:Called-Station-Id -> '000B866E18BC'
(10) perl: $RAD_REQUEST{'Calling-Station-Id'} =
&request:Calling-Station-Id -> '98B8E34E1CAF'
(10) perl: $RAD_REQUEST{'NAS-Identifier'} = &request:NAS-Identifier
-> '10.24.1.3'
(10) perl: $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type ->
'Wireless-802.11'
(10) perl: $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp
-> 'Feb 7 2017 20:40:10 GMT'
(10) perl: $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message ->
'0x020a00061a03'
(10) perl: $RAD_REQUEST{'Chargeable-User-Identity'} =
&request:Chargeable-User-Identity -> '0x00'
(10) perl: $RAD_REQUEST{'Aruba-Essid-Name'} =
&request:Aruba-Essid-Name -> 'eduroam'
(10) perl: $RAD_REQUEST{'Aruba-Location-Id'} =
&request:Aruba-Location-Id -> '00:0b:86:8e:b0:35'
(10) perl: $RAD_REQUEST{'Aruba-AP-Group'} = &request:Aruba-AP-Group
-> 'default'
(10) perl: $RAD_REQUEST{'Aruba-Device-Type'} =
&request:Aruba-Device-Type -> 'iPad'
(10) perl: $RAD_REQUEST{'FreeRADIUS-Proxied-To'} =
&request:FreeRADIUS-Proxied-To -> '127.0.0.1'
(10) perl: $RAD_REQUEST{'EAP-Type'} = &request:EAP-Type -> 'MSCHAPv2'
(10) perl: $RAD_REQUEST{'Stripped-User-Name'} =
&request:Stripped-User-Name -> 'username'
(10) perl: $RAD_REQUEST{'Realm'} = &request:Realm -> 'domain.com'
(10) perl: $RAD_REQUEST{'Cache-Entry-Hits'} =
&request:Cache-Entry-Hits -> '4'
(10) perl: $RAD_REPLY{'EAP-Message'} = &reply:EAP-Message ->
'0x030a0004'
(10) perl: $RAD_REPLY{'Message-Authenticator'} =
&reply:Message-Authenticator -> '0x00000000000000000000000000000000'
(10) perl: $RAD_REPLY{'MS-MPPE-Encryption-Policy'} =
&reply:MS-MPPE-Encryption-Policy -> 'Encryption-Required'
(10) perl: $RAD_REPLY{'MS-MPPE-Encryption-Types'} =
&reply:MS-MPPE-Encryption-Types -> '4'
(10) perl: $RAD_REPLY{'MS-MPPE-Send-Key'} = &reply:MS-MPPE-Send-Key
-> '0x193e4482d7e6f569e67acf728665e09e'
(10) perl: $RAD_REPLY{'MS-MPPE-Recv-Key'} = &reply:MS-MPPE-Recv-Key
-> '0x81fd648b675807d94834eb58e9adea82'
(10) perl: $RAD_REPLY{'Stripped-User-Name'} =
&reply:Stripped-User-Name -> 'username'
(10) perl: $RAD_CHECK{'Auth-Type'} = &control:Auth-Type -> 'eap'
(10) perl: $RAD_CHECK{'LDAP-Group'}[0] = &control:LDAP-Group ->
'CN=ps-security,OU=Groups,OU=asdasd,DC=domain,DC=com'
(10) perl: $RAD_CHECK{'LDAP-Group'}[1] = &control:LDAP-Group ->
'ps-security'
(10) perl: $RAD_CHECK{'LDAP-Group'}[2] = &control:LDAP-Group ->
'CN=Professional Services Team,CN=Users,DC=domain,DC=com'
(10) perl: $RAD_CONFIG{'Auth-Type'} = &control:Auth-Type -> 'eap'
(10) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'domain.com'
(10) perl: &request:Stripped-User-Name =
$RAD_REQUEST{'Stripped-User-Name'} -> 'username'
(10) perl: &request:EAP-Type = $RAD_REQUEST{'EAP-Type'} -> 'MSCHAPv2'
(10) perl: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} ->
'10.24.1.3'
(10) perl: &request:Aruba-Location-Id =
$RAD_REQUEST{'Aruba-Location-Id'} -> '00:0b:86:8e:b0:35'
(10) perl: &request:State = $RAD_REQUEST{'State'} ->
'0xb4ac9a30b5a680e1e06ae9d02f4b3a06'
(10) perl: &request:EAP-Message = $RAD_REQUEST{'EAP-Message'} ->
'0x020a00061a03'
(10) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} ->
'username at domain.com'
(10) perl: &request:Aruba-AP-Group = $RAD_REQUEST{'Aruba-AP-Group'} ->
'default'
(10) perl: &request:FreeRADIUS-Proxied-To =
$RAD_REQUEST{'FreeRADIUS-Proxied-To'} -> '127.0.0.1'
(10) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
(10) perl: &request:Service-Type = $RAD_REQUEST{'Service-Type'} ->
'Framed-User'
(10) perl: &request:Aruba-Device-Type =
$RAD_REQUEST{'Aruba-Device-Type'} -> 'iPad'
(10) perl: &request:Calling-Station-Id =
$RAD_REQUEST{'Calling-Station-Id'} -> '98B8E34E1CAF'
(10) perl: &request:Cache-Entry-Hits = $RAD_REQUEST{'Cache-Entry-Hits'}
-> '4'
(10) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
'10.24.1.3'
(10) perl: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1100'
(10) perl: &request:Called-Station-Id =
$RAD_REQUEST{'Called-Station-Id'} -> '000B866E18BC'
(10) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} ->
'Wireless-802.11'
(10) perl: &request:Chargeable-User-Identity =
$RAD_REQUEST{'Chargeable-User-Identity'} -> '0x00'
(10) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'}
-> 'Feb 7 2017 20:40:10 GMT'
(10) perl: &request:Aruba-Essid-Name = $RAD_REQUEST{'Aruba-Essid-Name'}
-> 'eduroam'
(10) perl: &reply:Stripped-User-Name = $RAD_REPLY{'Stripped-User-Name'}
-> 'username'
(10) perl: &reply:MS-MPPE-Recv-Key = $RAD_REPLY{'MS-MPPE-Recv-Key'} ->
'0x81fd648b675807d94834eb58e9adea82'
(10) perl: &reply:Message-Authenticator =
$RAD_REPLY{'Message-Authenticator'} ->
'0x00000000000000000000000000000000'
(10) perl: &reply:MS-MPPE-Encryption-Types =
$RAD_REPLY{'MS-MPPE-Encryption-Types'} -> '4'
(10) perl: &reply:MS-MPPE-Encryption-Policy =
$RAD_REPLY{'MS-MPPE-Encryption-Policy'} -> 'Encryption-Required'
(10) perl: &reply:EAP-Message = $RAD_REPLY{'EAP-Message'} ->
'0x030a0004'
(10) perl: &reply:MS-MPPE-Send-Key = $RAD_REPLY{'MS-MPPE-Send-Key'} ->
'0x193e4482d7e6f569e67acf728665e09e'
(10) perl: &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'eap'
(11) perl: $RAD_REQUEST{'User-Name'} = &request:User-Name ->
'username at domain.com'
(11) perl: $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address
-> '10.24.1.3'
(11) perl: $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
(11) perl: $RAD_REQUEST{'Service-Type'} = &request:Service-Type ->
'Framed-User'
(11) perl: $RAD_REQUEST{'Framed-MTU'} = &request:Framed-MTU -> '1100'
(11) perl: $RAD_REQUEST{'State'} = &request:State ->
'0xbc16ac72b51db56b528c5ed1e008d82b'
(11) perl: $RAD_REQUEST{'Called-Station-Id'} =
&request:Called-Station-Id -> '000B866E18BC'
(11) perl: $RAD_REQUEST{'Calling-Station-Id'} =
&request:Calling-Station-Id -> '98B8E34E1CAF'
(11) perl: $RAD_REQUEST{'NAS-Identifier'} = &request:NAS-Identifier
-> '10.24.1.3'
(11) perl: $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type ->
'Wireless-802.11'
(11) perl: $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp
-> 'Feb 7 2017 20:40:10 GMT'
(11) perl: $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message ->
'0x020b002b190017030100200f78b226c7b9c68967f8bf7df8cf85950812b06d45036a
f1fac12de1a1bf7ce9'
(11) perl: $RAD_REQUEST{'Message-Authenticator'} =
&request:Message-Authenticator -> '0x99de93553cae0d7d796ac27cf85a2c8a'
(11) perl: $RAD_REQUEST{'Chargeable-User-Identity'} =
&request:Chargeable-User-Identity -> '0x00'
(11) perl: $RAD_REQUEST{'Aruba-Essid-Name'} =
&request:Aruba-Essid-Name -> 'eduroam'
(11) perl: $RAD_REQUEST{'Aruba-Location-Id'} =
&request:Aruba-Location-Id -> '00:0b:86:8e:b0:35'
(11) perl: $RAD_REQUEST{'Aruba-AP-Group'} = &request:Aruba-AP-Group
-> 'default'
(11) perl: $RAD_REQUEST{'Aruba-Device-Type'} =
&request:Aruba-Device-Type -> 'iPad'
(11) perl: $RAD_REQUEST{'EAP-Type'} = &request:EAP-Type -> 'PEAP'
(11) perl: $RAD_REQUEST{'Stripped-User-Name'} =
&request:Stripped-User-Name -> 'username'
(11) perl: $RAD_REQUEST{'Realm'} = &request:Realm -> 'domain.com'
(11) perl: $RAD_REPLY{'EAP-Message'} = &reply:EAP-Message ->
'0x030b0004'
(11) perl: $RAD_REPLY{'Message-Authenticator'} =
&reply:Message-Authenticator -> '0x00000000000000000000000000000000'
(11) perl: $RAD_REPLY{'Aruba-User-Role'} = &reply:Aruba-User-Role ->
'authenticated'
(11) perl: $RAD_REPLY{'MS-MPPE-Send-Key'} = &reply:MS-MPPE-Send-Key
-> '0x533d4e5a8fb97b8f2ea98818e275718d92a3f883e6ed7d4c032f6a0f46b8d262'
(11) perl: $RAD_REPLY{'MS-MPPE-Recv-Key'} = &reply:MS-MPPE-Recv-Key
-> '0xc8378fcef4a6a611aac47826096e2c4629bc61809e70bdd5b05dd1e631646884'
(11) perl: $RAD_REPLY{'Stripped-User-Name'}[0] =
&reply:Stripped-User-Name -> 'username'
(11) perl: $RAD_REPLY{'Stripped-User-Name'}[1] =
&reply:Stripped-User-Name -> 'username'
(11) perl: $RAD_REPLY{'EAP-MSK'} = &reply:EAP-MSK ->
'0xc8378fcef4a6a611aac47826096e2c4629bc61809e70bdd5b05dd1e631646884533d
4e5a8fb97b8f2ea98818e275718d92a3f883e6ed7d4c032f6a0f46b8d262'
(11) perl: $RAD_REPLY{'EAP-EMSK'} = &reply:EAP-EMSK ->
'0xd1b0de8b80f4aaac6cbf47a09820373aaef24d2d4b7bfd4d199c28309b717b24e73a
7472cc19f9565e33a4bfad2d8bab0adc9caf06ede720f5f9a790ea0ee403'
(11) perl: $RAD_REPLY{'EAP-Session-Id'} = &reply:EAP-Session-Id ->
'0x19589a30a9974ada812b304e6f08428eb423346f5a0867ca707276e7b5364677e45e
6fe25843d1422e6a9a9db0dab1bd89fe49e7b2da4ac260d546cc2398b770bc'
(11) perl: $RAD_CHECK{'Auth-Type'} = &control:Auth-Type -> 'eap'
(11) perl: $RAD_CONFIG{'Auth-Type'} = &control:Auth-Type -> 'eap'
(11) perl: $RAD_STATE{'EAP-Message'} = &session-state:EAP-Message ->
'0x030a0004'
(11) perl: $RAD_STATE{'Message-Authenticator'} =
&session-state:Message-Authenticator ->
'0x00000000000000000000000000000000'
(11) perl: $RAD_STATE{'Aruba-User-Role'} =
&session-state:Aruba-User-Role -> 'authenticated'
(11) perl: $RAD_STATE{'MS-MPPE-Encryption-Policy'} =
&session-state:MS-MPPE-Encryption-Policy -> 'Encryption-Required'
(11) perl: $RAD_STATE{'MS-MPPE-Encryption-Types'} =
&session-state:MS-MPPE-Encryption-Types -> '4'
(11) perl: $RAD_STATE{'MS-MPPE-Send-Key'} =
&session-state:MS-MPPE-Send-Key -> '0x193e4482d7e6f569e67acf728665e09e'
(11) perl: $RAD_STATE{'MS-MPPE-Recv-Key'} =
&session-state:MS-MPPE-Recv-Key -> '0x81fd648b675807d94834eb58e9adea82'
(11) perl: $RAD_STATE{'Stripped-User-Name'} =
&session-state:Stripped-User-Name -> 'username'
(11) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'domain.com'
(11) perl: &request:Stripped-User-Name =
$RAD_REQUEST{'Stripped-User-Name'} -> 'username'
(11) perl: &request:EAP-Type = $RAD_REQUEST{'EAP-Type'} -> 'PEAP'
(11) perl: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} ->
'10.24.1.3'
(11) perl: &request:Aruba-Location-Id =
$RAD_REQUEST{'Aruba-Location-Id'} -> '00:0b:86:8e:b0:35'
(11) perl: &request:State = $RAD_REQUEST{'State'} ->
'0xbc16ac72b51db56b528c5ed1e008d82b'
(11) perl: &request:EAP-Message = $RAD_REQUEST{'EAP-Message'} ->
'0x020b002b190017030100200f78b226c7b9c68967f8bf7df8cf85950812b06d45036a
f1fac12de1a1bf7ce9'
(11) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} ->
'username at domain.com'
(11) perl: &request:Aruba-AP-Group = $RAD_REQUEST{'Aruba-AP-Group'} ->
'default'
(11) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
(11) perl: &request:Service-Type = $RAD_REQUEST{'Service-Type'} ->
'Framed-User'
(11) perl: &request:Aruba-Device-Type =
$RAD_REQUEST{'Aruba-Device-Type'} -> 'iPad'
(11) perl: &request:Calling-Station-Id =
$RAD_REQUEST{'Calling-Station-Id'} -> '98B8E34E1CAF'
(11) perl: &request:Message-Authenticator =
$RAD_REQUEST{'Message-Authenticator'} ->
'0x99de93553cae0d7d796ac27cf85a2c8a'
(11) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
'10.24.1.3'
(11) perl: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1100'
(11) perl: &request:Called-Station-Id =
$RAD_REQUEST{'Called-Station-Id'} -> '000B866E18BC'
(11) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} ->
'Wireless-802.11'
(11) perl: &request:Chargeable-User-Identity =
$RAD_REQUEST{'Chargeable-User-Identity'} -> '0x00'
(11) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'}
-> 'Feb 7 2017 20:40:10 GMT'
(11) perl: &request:Aruba-Essid-Name = $RAD_REQUEST{'Aruba-Essid-Name'}
-> 'eduroam'
(11) perl: &reply:EAP-MSK = $RAD_REPLY{'EAP-MSK'} ->
'0xc8378fcef4a6a611aac47826096e2c4629bc61809e70bdd5b05dd1e631646884533d
4e5a8fb97b8f2ea98818e275718d92a3f883e6ed7d4c032f6a0f46b8d262'
(11) perl: &reply:Stripped-User-Name +=
$RAD_REPLY{'Stripped-User-Name'} -> 'username'
(11) perl: &reply:Stripped-User-Name +=
$RAD_REPLY{'Stripped-User-Name'} -> 'username'
(11) perl: &reply:Aruba-User-Role = $RAD_REPLY{'Aruba-User-Role'} ->
'authenticated'
(11) perl: &reply:Message-Authenticator =
$RAD_REPLY{'Message-Authenticator'} ->
'0x00000000000000000000000000000000'
(11) perl: &reply:EAP-Session-Id = $RAD_REPLY{'EAP-Session-Id'} ->
'0x19589a30a9974ada812b304e6f08428eb423346f5a0867ca707276e7b5364677e45e
6fe25843d1422e6a9a9db0dab1bd89fe49e7b2da4ac260d546cc2398b770bc'
(11) perl: &reply:EAP-Message = $RAD_REPLY{'EAP-Message'} ->
'0x030b0004'
(11) perl: &reply:MS-MPPE-Recv-Key = $RAD_REPLY{'MS-MPPE-Recv-Key'} ->
'0xc8378fcef4a6a611aac47826096e2c4629bc61809e70bdd5b05dd1e631646884'
(11) perl: &reply:EAP-EMSK = $RAD_REPLY{'EAP-EMSK'} ->
'0xd1b0de8b80f4aaac6cbf47a09820373aaef24d2d4b7bfd4d199c28309b717b24e73a
7472cc19f9565e33a4bfad2d8bab0adc9caf06ede720f5f9a790ea0ee403'
(11) perl: &reply:MS-MPPE-Send-Key = $RAD_REPLY{'MS-MPPE-Send-Key'} ->
'0x533d4e5a8fb97b8f2ea98818e275718d92a3f883e6ed7d4c032f6a0f46b8d262'
(11) perl: &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'eap'
(11) perl: &session-state:Stripped-User-Name =
$RAD_STATE{'Stripped-User-Name'} -> 'username'
(11) perl: &session-state:Aruba-User-Role =
$RAD_STATE{'Aruba-User-Role'} -> 'authenticated'
(11) perl: &session-state:Message-Authenticator =
$RAD_STATE{'Message-Authenticator'} ->
'0x00000000000000000000000000000000'
(11) perl: &session-state:MS-MPPE-Encryption-Policy =
$RAD_STATE{'MS-MPPE-Encryption-Policy'} -> 'Encryption-Required'
(11) perl: &session-state:EAP-Message = $RAD_STATE{'EAP-Message'} ->
'0x030a0004'
(11) perl: &session-state:MS-MPPE-Recv-Key =
$RAD_STATE{'MS-MPPE-Recv-Key'} -> '0x81fd648b675807d94834eb58e9adea82'
(11) perl: &session-state:MS-MPPE-Encryption-Types =
$RAD_STATE{'MS-MPPE-Encryption-Types'} -> '4'
(11) perl: &session-state:MS-MPPE-Send-Key =
$RAD_STATE{'MS-MPPE-Send-Key'} -> '0x193e4482d7e6f569e67acf728665e09e'
(13) perl: $RAD_REQUEST{'User-Name'} = &request:User-Name ->
'username at domain.com'
(13) perl: $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address
-> '10.24.1.3'
(13) perl: $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
(13) perl: $RAD_REQUEST{'Framed-IP-Address'} =
&request:Framed-IP-Address -> '10.24.1.17'
(13) perl: $RAD_REQUEST{'Called-Station-Id'} =
&request:Called-Station-Id -> '000B866E18BC'
(13) perl: $RAD_REQUEST{'Calling-Station-Id'} =
&request:Calling-Station-Id -> '98B8E34E1CAF'
(13) perl: $RAD_REQUEST{'NAS-Port-Type'} = &request:NAS-Port-Type ->
'Wireless-802.11'
(13) perl: $RAD_REQUEST{'Acct-Status-Type'} =
&request:Acct-Status-Type -> 'Start'
(13) perl: $RAD_REQUEST{'Acct-Delay-Time'} = &request:Acct-Delay-Time
-> '0'
(13) perl: $RAD_REQUEST{'Acct-Session-Id'} = &request:Acct-Session-Id
-> 'arnab.ro98B8E34E1CAF-589A30AC'
(13) perl: $RAD_REQUEST{'Acct-Authentic'} = &request:Acct-Authentic
-> 'RADIUS'
(13) perl: $RAD_REQUEST{'Acct-Multi-Session-Id'} =
&request:Acct-Multi-Session-Id -> '98B8E34E1CAF-0000000435'
(13) perl: $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp
-> 'Feb 7 2017 20:40:12 GMT'
(13) perl: $RAD_REQUEST{'Aruba-User-Role'} = &request:Aruba-User-Role
-> 'authenticated'
(13) perl: $RAD_REQUEST{'Aruba-User-Vlan'} = &request:Aruba-User-Vlan
-> '1025'
(13) perl: $RAD_REQUEST{'Aruba-Essid-Name'} =
&request:Aruba-Essid-Name -> 'eduroam'
(13) perl: $RAD_REQUEST{'Aruba-Location-Id'} =
&request:Aruba-Location-Id -> '00:0b:86:8e:b0:35'
(13) perl: $RAD_REQUEST{'Aruba-AP-Group'} = &request:Aruba-AP-Group
-> 'default'
(13) perl: $RAD_REQUEST{'Aruba-Device-Type'} =
&request:Aruba-Device-Type -> 'iPad'
(13) perl: $RAD_REQUEST{'Stripped-User-Name'} =
&request:Stripped-User-Name -> 'username'
(13) perl: $RAD_REQUEST{'Realm'} = &request:Realm -> 'domain.com'
(13) perl: $RAD_REQUEST{'Acct-Unique-Session-Id'} =
&request:Acct-Unique-Session-Id -> 'f758c752f3da5ef3c091e9722939c220'
(13) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'domain.com'
(13) perl: &request:Acct-Session-Id = $RAD_REQUEST{'Acct-Session-Id'}
-> 'arnab.ro98B8E34E1CAF-589A30AC'
(13) perl: &request:Stripped-User-Name =
$RAD_REQUEST{'Stripped-User-Name'} -> 'username'
(13) perl: &request:Aruba-Location-Id =
$RAD_REQUEST{'Aruba-Location-Id'} -> '00:0b:86:8e:b0:35'
(13) perl: &request:Acct-Delay-Time = $RAD_REQUEST{'Acct-Delay-Time'}
-> '0'
(13) perl: &request:Acct-Authentic = $RAD_REQUEST{'Acct-Authentic'} ->
'RADIUS'
(13) perl: &request:Acct-Multi-Session-Id =
$RAD_REQUEST{'Acct-Multi-Session-Id'} -> '98B8E34E1CAF-0000000435'
(13) perl: &request:Acct-Status-Type = $RAD_REQUEST{'Acct-Status-Type'}
-> 'Start'
(13) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} ->
'username at domain.com'
(13) perl: &request:Aruba-AP-Group = $RAD_REQUEST{'Aruba-AP-Group'} ->
'default'
(13) perl: &request:Aruba-User-Vlan = $RAD_REQUEST{'Aruba-User-Vlan'}
-> '1025'
(13) perl: &request:Framed-IP-Address =
$RAD_REQUEST{'Framed-IP-Address'} -> '10.24.1.17'
(13) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
(13) perl: &request:Aruba-Device-Type =
$RAD_REQUEST{'Aruba-Device-Type'} -> 'iPad'
(13) perl: &request:Aruba-User-Role = $RAD_REQUEST{'Aruba-User-Role'}
-> 'authenticated'
(13) perl: &request:Calling-Station-Id =
$RAD_REQUEST{'Calling-Station-Id'} -> '98B8E34E1CAF'
(13) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
'10.24.1.3'
(13) perl: &request:Called-Station-Id =
$RAD_REQUEST{'Called-Station-Id'} -> '000B866E18BC'
(13) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} ->
'Wireless-802.11'
(13) perl: &request:Acct-Unique-Session-Id =
$RAD_REQUEST{'Acct-Unique-Session-Id'} ->
'f758c752f3da5ef3c091e9722939c220'
(13) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'}
-> 'Feb 7 2017 20:40:12 GMT'
(13) perl: &request:Aruba-Essid-Name = $RAD_REQUEST{'Aruba-Essid-Name'}
-> 'eduroam'
My config for the inner server post auth looks like this
post-auth {
$INCLUDE /etc/raddb/outer-post-auth/
perl
sql
stash
Post-Auth-Type REJECT {
sql
stash
attr_filter.access_reject
remove_reply_message_if_eap
update reply {
Reply-Message := "Inner EAP Reject"
}
}
}
Your help is appreciated.
Many Thanks
Arnab
Sent: Tuesday, February 07, 2017 at 7:34 PM
From: "Alan DeKok" <aland at deployingradius.com>
To: "FreeRadius users mailing list"
<freeradius-users at lists.freeradius.org>
Subject: Re: RLM_Perl Question
On Feb 7, 2017, at 12:18 PM, Arnab Roy <arnabroy at mail.com> wrote:
> I trying to write out if the request was accepted or rejected using
RLM
> perl into a json file. I am able to get everything under the sun for
> the request apart from this simple thing.
>
> Looking at how this is done in the sql module it appears its just a
> simple expansion of %{reply:Packet-Type}, but cant find a way to do
the
> same in RLM perl.
The reply type isn't set until after all of the modules are run.
You can instead use the post-auth section to do this logging. The main
post-auth section is for Access-Accept. The "Post-Auth-Type Reject"
section is for Access-Reject.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
[1]http://www.freeradius.org/list/users.html
References
1. http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list