Post-Auth-Type reject not insert in radpostauth table
Muhammed Buvaydani
muhammed.buvaydani at netcom.com.tr
Sun Sep 13 20:43:53 CEST 2020
hi there,I have freeradius version3 which has an external authentication script in the users file
this is the users file content
DEFAULT Auth-Type := accept
Exec-Program-Wait="/usr/bin/php /var/www/html/cloudradius/captiveportal/auth.php \"%{User-Name}\" \"%{User-Password}\" \"%{Calling-Station-Id}\" \"%{NAS-Port}\" \"%{NAS-IP-Address}\"
and this is the post auth section in default file under sites-enables
post-auth {
reply_log
exec
sql
Post-Auth-Type reject {
sql
attr_filter.access_reject
}
}
and this is the output which is returned from my external script in reject status
Reply-Message="User not found"
the problem is when I get rejected user it is not insert in radpost auth rable but it insert without any problem when I get accepted user
this is the debug when I get rejected user
(0) # Executing section post-auth from file /usr/local/etc/raddb/sites-enabled/default
(0) post-auth {
(0) reply_log: EXPAND /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d
(0) reply_log: --> /usr/local/var/log/radius/radacct/127.0.0.1/reply-detail-20200913
(0) reply_log: /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/127.0.0.1/reply-detail-20200913
(0) reply_log: EXPAND %t
(0) reply_log: --> Sun Sep 13 23:40:40 2020
(0) [reply_log] = ok
(0) exec: Executing: /usr/bin/php /var/www/html/cloudradius/captiveportal/auth.php "28:C6:8E:3F:6E:dB1" "1234" "28:C6:8E:3F:6E:BB" "102" "103.81.214.233" "PPP" "192.168.0.1" "" "nas":
(0) exec: ERROR: Program returned code (1) and output 'Reply-Message="User not found"'
(0) [exec] = reject
(0) } # post-auth = reject
(0) EXPAND User : %{User-Name}, MAC : %{Calling-Station-Id}, Nas : %{NAS-IP-Address}, Nas Port : %{NAS-Port-Id}, Ip : %{Framed-IP-Address}
(0) --> User : 28:C6:8E:3F:6E:dB1, MAC : 28:C6:8E:3F:6E:BB, Nas : 103.81.214.233, Nas Port : , Ip : 192.168.0.1
(0) Rejected in post-auth: [28:C6:8E:3F:6E:dB1/1234] (from client localhost port 102 cli 28:C6:8E:3F:6E:BB) User : 28:C6:8E:3F:6E:dB1, MAC : 28:C6:8E:3F:6E:BB, Nas : 103.81.214.233, Nas Port : , Ip : 192.168.0.1
(0) EXPAND User : %{User-Name}, MAC : %{Calling-Station-Id}, Nas : %{NAS-IP-Address}, Nas Port : %{NAS-Port-Id}, Ip : %{Framed-IP-Address}
(0) --> User : 28:C6:8E:3F:6E:dB1, MAC : 28:C6:8E:3F:6E:BB, Nas : 103.81.214.233, Nas Port : , Ip : 192.168.0.1
(0) Login incorrect (exec: Program returned code (1) and output 'Reply-Message="User not found"'): [28:C6:8E:3F:6E:dB1/1234] (from client localhost port 102 cli 28:C6:8E:3F:6E:BB) User : 28:C6:8E:3F:6E:dB1, MAC : 28:C6:8E:3F:6E:BB, Nas : 103.81.214.233, Nas Port : , Ip : 192.168.0.1
(0) Delaying response for 1.000000 seconds
Waking up in 0.2 seconds.
More information about the Freeradius-Users
mailing list