reject request in post-proxy
Matt Zagrabelny
mzagrabe at d.umn.edu
Tue Aug 25 04:23:41 CEST 2020
On Mon, Aug 24, 2020 at 9:18 PM Alan DeKok <aland at deployingradius.com> wrote:
> > Here is the single line:
> >
> > (2) ERROR: Mapping "Access-Reject" -> "Packet-Type" invalid in
> > this context
>
> Hmm... then this should work:
>
> update reply {
> Packet-Type := Access-Reject
> }
I don't get the ERROR, but I also don't get rejected:
(0) Received Access-Accept Id 112 from 10.0.0.1:1812 to
192.168.0.1:44740 length 53
(0) Reply-Message = "Success. Logging you in..."
(0) Proxy-State = 0x323033
(0) # Executing section post-proxy from file
/etc/freeradius/3.0/sites-enabled/default
(0) post-proxy {
(0) eap: No pre-existing handler found
(0) [eap] = noop
(0) if (User-Name == 'mzagrabe') {
(0) if (User-Name == 'mzagrabe') -> TRUE
(0) if (User-Name == 'mzagrabe') {
(0) update reply {
(0) Packet-Type := Access-Reject
(0) } # update reply = noop
(0) } # if (User-Name == 'mzagrabe') = noop
(0) } # post-proxy = noop
(0) Found Auth-Type = Accept
(0) Auth-Type = Accept, accepting the user
(0) # Executing section post-auth from file
/etc/freeradius/3.0/sites-enabled/default
(0) post-auth {
(0) update {
(0) No attributes updated
(0) } # update = noop
(0) [exec] = noop
(0) policy remove_reply_message_if_eap {
(0) if (&reply:EAP-Message && &reply:Reply-Message) {
(0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
(0) else {
(0) [noop] = noop
(0) } # else = noop
(0) } # policy remove_reply_message_if_eap = noop
(0) } # post-auth = noop
(0) Sent Access-Accept Id 203 from 192.168.0.1:1812 to
192.168.0.2:33745 length 0
(0) Reply-Message = "Success. Logging you in..."
(0) Finished request
Thanks for the help!
-m
More information about the Freeradius-Users
mailing list