On Tue, Oct 14, 2008 at 4:39 AM, <[EMAIL PROTECTED]> wrote: >>How do I test if Auth-Type is not set? >> >>I tried with: >> >>if (!Auth-Type) { >> > > That should work (I don't have 2.1.1 installed but I have tested that in > 2.0.5 some time ago). You have added that in authorize (not > authenticate) after pap entry? Post the debug.
The problem is that if (!Auth-Type) returns true even when the user is valid. Here is a debug when the user is valid. ++[sql] returns ok ++[pap] returns updated ++? if (!Auth-Type) ? Evaluating !(Auth-Type) -> FALSE ++? if (!Auth-Type) -> TRUE ++- entering if (!Auth-Type) {...} +++? if (!NAS-IP-Address == 196.12.161.237) ? Evaluating !(NAS-IP-Address == 196.12.161.237) -> FALSE +++? if (!NAS-IP-Address == 196.12.161.237) -> TRUE +++- entering if (!NAS-IP-Address == 196.12.161.237) {...} ++++[reply] returns updated ++++[control] returns updated +++- if (!NAS-IP-Address == 196.12.161.237) returns updated ++- if (!Auth-Type) returns updated Found Auth-Type = Accept Auth-Type = Accept, accepting the user +- entering group post-auth {...} I am using the following in the authorize section right after pap: if (!Auth-Type) { if (!NAS-IP-Address == X.X.X.X) { update reply { Reply-Message = "Restricted Access" MS-Primary-DNS-Server = X.X.X.X MS-Secondary-DNS-Server = X.X.X.X RP-Max-Sessions-Per-User = 100 } update control { Auth-Type := "Accept" Pool-Name := "invaliduser_pool" } } } > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html