On 10/03/11 14:21, Brian Candler wrote:
With freeradius 2.1.10 I can configure failover for SQL lookups like this:
# in policy.conf
sql_foo {
redundant {
sql_foo_local
sql_foo_remote
}
}
# in sites-available/foo
authorize {
sql_foo
}
However, it looks like I can't use this redundant module inside a string
expansion:
authorize {
update request {
Huntgroup-Name = "%{sql_foo:SELECT groupname FROM radhuntgroup where
nasipaddress='%{NAS-IP-Address}' limit 1}"
}
}
Correct. Virtual modules (e.g. "redundant") do not implement the "xlat"
function.
How could I get the same level of redundancy for string expansions? Could I
do the expansion multiple times inside a redundant section? I am thinking of
perhaps:
Unfortunately the "xlat" functions in FR don't return error/success
codes. They return "length of result string", and 0 for any failure
condition, which means it's impossible to distinguish a failure from an
empty result, and also that you can't use "if (ok)" constructs.
You will probably need something like this:
update request {
Attrib := "%{sql1:select ...}"
}
if (!Attrib) {
update request {
Attrib := "%{sql2:select ...}"
}
}
...and you will obviously need to ensure that a working SQL module never
returns an empty string for your query, else you'll just double the work up.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
