Paul Hampson wrote: > > In fact I posted on freeradius-devel a set of patches: one adds > > support for "Post-Auth-Type REJECT" > > I'll get on to adding this to CVS over the weekend. Sorry, I've > been a little busy with the 0.9.1 release, and then the stuff I > was ignoring while worrying about the 0.9.1 release. :-)
You don't have to apology. You did a great job with the 0.9.1 release and we (I and my coworkers in Cegetel) are really grateful. > There's only one issue for me to resolve, which is the same thing > holding up the documentation... What happens when there's no section > found or the Post-Auth-Type is not set? This is an issue for backwards > compatibility. :-) I read the patch again and I didn't see any problem. It looks for a "Post-Auth-Type REJECT" subsection before invoking rad_postauth() function. If not found, it keeps the previous behaviour: it doesn't do anything. > > and an other provides an "authlog_query" in sql.conf > > I'd have to go dig this patch up again, but wouldn't a postauth-query > work better? That way it's more general than just logging. The only > provisio is that the return value gets chucked, so INSERT, DELETE or > UPDATE are the only sensible options. You're absolutely right. It can do what you describe but I mess up the name of the option. It should be renamed "postauth_query". Minor things should be changed too (since Alan patched xlat.c later I have to modify the sample table I provided, and the sample query as well). I'm going to fix this and post the patch again as soon as possible. -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html