Exec and dropped attributes between v2.0 and 3.0

Alan DeKok aland at deployingradius.com
Wed Dec 4 17:45:20 CET 2019

On Dec 4, 2019, at 11:35 AM, Luke Cameron <lukessi at gmail.com> wrote:
> Sorry I did misunderstand here is a copy of the debug log...

  The web page Matthew pointed you to is VERY clear.  VERY VERY VERY clear.  As was my original message.

  The web page ALSO points to a page which gives explicit instructions on how to read the debug output.

  It is very frustrating to write documentation and then have people ignore it.  Especially when they ignore it after being told explicitly to follow it.

> FreeRADIUS Version 3.0.13

  You should really upgrade.

  And PLEASE don't post double-spaced text.  It's annoying. 

  And PLEASE, there's no need to post the SAME debug output TWICE.

  Again, every time you make it hard for us to help you, we're inclined to give up and go away.

> Ready to process requests
> (0) Received Access-Request Id 31 from xxx.xxx.40.10:49430 to
> xxx.xxx.40.10:1812 length 78
> (0)   User-Name = "testuser"
> (0)   User-Password = "testuser"
> (0)   NAS-IP-Address = xxx.xxx.40.10
> (0)   NAS-Port = 1812
> (0)   Message-Authenticator = 0x4ea342f707f8b90e09291fe54a2e09e2
> (0) # Executing section authorize from file /etc/raddb/sites-enabled/default
> (0)   authorize {

  There's no Framed-IP-Address in the input packet.

  Where do you expect the server to get a Framed-IP-Address from, if it's not in the packet?

  And why do you think that one-letter variable expansions have anything to do with Framed-IP-Address?

  If the server receives a packet with a Framed-IP-Address attribute, then you can look at the value of that attribute.  If there's no Framed-IP-Address attribute in the packet, then the server can't look at the value.  Because it doesn't exist.

  Alan DeKok.

More information about the Freeradius-Users mailing list