Hello list,
I am currently using FreeRADIUS as my AAA server for a WiMAX network.
Authentication is working perfectly, and the server is performing well.
As part of my infrastructure-design I need to be able to forcibly kick
users off the radiolink. As far as I have understood, this needs to be
done using CoA/Disconnect-Request packets forged to match the NAS
requirement.
So far, so good.
I have set up this query in my accounting section:
if("%{sql:SELECT value FROM radcheck WHERE UserName =
'%{SQL-User-Name}' and attribute = 'Acct-Logout-Now'}") {
update disconnect {
Reply-Message = "You have been closed."
}
}
as a small test. However, %{SQL-User-Name} is an encrypted version of
the username, which of course will not match anything in my database.
Thu Aug 26 11:16:42 2010 : Info: (2) expand: SELECT value FROM
radcheck WHERE UserName = '%{SQL-User-Name}' and attribute =
'Acct-Logout-Now' -> SELECT value FROM radcheck WHERE UserName =
'=8Ham=3D1=7A62345d3c567f85678749f233ebe4577fbad' and attribute =
'Acct-Logout-Now'
Thu Aug 26 11:16:42 2010 : Debug: rlm_sql (sql): Reserving sql socket id: 0
Thu Aug 26 11:16:42 2010 : Info: (2) SQL query did not return any results
Thu Aug 26 11:16:42 2010 : Debug: rlm_sql (sql): Released sql socket id: 0
Thu Aug 26 11:16:42 2010 : Info: (2) expand: %{sql:SELECT value FROM
radcheck WHERE UserName = '%{SQL-User-Name}' and attribute =
'Acct-Logout-Now'} ->
Thu Aug 26 11:16:42 2010 : Info: (2) ? Evaluating ("%{sql:SELECT value
FROM radcheck WHERE UserName = '%{SQL-User-Name}' and attribute =
'Acct-Logout-Now'}") -> FALSE
Thu Aug 26 11:16:42 2010 : Info: (2) ++? if ("%{sql:SELECT value FROM
radcheck WHERE UserName = '%{SQL-User-Name}' and attribute =
'Acct-Logout-Now'}") -> FALSE
How can I get the username in a cleartext format?
Thanks in advance,
- Kristoffer Milligan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
