I have a small problem that I do not know how to solve. Freeradius works correctly as DHCP server delivering static IPs, but I need to write a log in the PostAuth database if the transaction finalizes with a DHCP-Ack.
Currently when transaction ends with a DHCP-Ack, this configuration log a "DHCP-Request" instead of "DHCP-Ack". This is my setup: server dhcp { listen { type = dhcp ipaddr = 255.255.255.255 port = 67 interface = eth1.2 broadcast = yes } dhcp DHCP-Discover { update reply { DHCP-Message-Type = DHCP-Offer } update reply { DHCP-Domain-Name-Server = 0.0.0.0 DHCP-IP-Address-Lease-Time = 7200 DHCP-DHCP-Server-Identifier = 172.31.1.1 } deselabs_dhcp_cpes.authorize ok } dhcp DHCP-Request { update reply { # Is not the type supposed to be changed here? DHCP-Message-Type = DHCP-Ack } update reply { DHCP-Domain-Name-Server = 0.0.0.0 DHCP-IP-Address-Lease-Time = 7200 DHCP-DHCP-Server-Identifier = 172.31.1.1 Reply-Message = "Framed protocol is" } deselabs_dhcp_cpes.authorize deselabs_dhcp_cpes.post-auth ok } dhcp { # send a DHCP NAK. reject } } This is the debug output: Received DHCP-Discover of id 7ca9d708 from 0.0.0.0:68 to 255.255.255.255:67 DHCP-Opcode = Client-Message DHCP-Hardware-Type = Ethernet DHCP-Hardware-Address-Length = 6 DHCP-Hop-Count = 0 DHCP-Transaction-Id = 2091505416 DHCP-Number-of-Seconds = 0 DHCP-Flags = Broadcast DHCP-Client-IP-Address = 0.0.0.0 DHCP-Your-IP-Address = 0.0.0.0 DHCP-Server-IP-Address = 0.0.0.0 DHCP-Gateway-IP-Address = 0.0.0.0 DHCP-Client-Hardware-Address = 00:50:c2:31:24:4f DHCP-Message-Type = DHCP-Discover DHCP-Client-Identifier = 0x010050c231244f00 DHCP-IP-Address-Lease-Time = 4294967040 DHCP-IP-Address-Lease-Time = 4294967295 DHCP-Parameter-Request-List = DHCP-Subnet-Mask DHCP-Parameter-Request-List = DHCP-Router-Address DHCP-Parameter-Request-List = DHCP-Domain-Name-Server DHCP-Parameter-Request-List = DHCP-Domain-Name DHCP-Parameter-Request-List = DHCP-Bootp-Extensions-Path DHCP-Parameter-Request-List = DHCP-TFTP-Server-Name DHCP-Parameter-Request-List = DHCP-SIP-Servers-DHCP-Option DHCP-Parameter-Request-List = DHCP-HTTP-Proxy DHCP-Parameter-Request-List = 213 DHCP-Parameter-Request-List = 214 DHCP-Parameter-Request-List = 215 server dhcp { Trying sub-section dhcp DHCP-Discover {...} +- entering group DHCP-Discover {...} ++[reply] returns noop ++[reply] returns noop [deselabs_dhcp_cpes] expand: %{DHCP-Client-Hardware-Address} -> 00:50:c2:31:24:4f [deselabs_dhcp_cpes] sql_set_user escaped user --> '00:50:c2:31:24:4f' rlm_sql (deselabs_dhcp_cpes): Reserving sql socket id: 4 [deselabs_dhcp_cpes] expand: SELECT '1', mac_address, 'Cleartext-Password', REPLACE('%{SQL-User-Name}', ':', ''), ':=' FROM cpes WHERE mac_address = REPLACE('%{SQL-User-Name}', ':', '') UNION SELECT '2', mac_address, 'Auth-Type', 'Accept', ':=' FROM cpes WHERE mac_address = REPLACE('%{SQL-User-Name}', ':', '') -> SELECT '1', mac_address, 'Cleartext-Password', REPLACE('00:50:c2:31:24:4f', ':', ''), ':=' FROM cpes WHERE mac_address = REPLACE('00:50:c2:31:24:4f', ':', '') UNION SELECT '2', mac_address, 'Auth-Type', 'Accept', ':=' FROM cpes WHERE mac_address = REPLACE('00:50:c2:31:24:4f', ':', '') [deselabs_dhcp_cpes] User found in radcheck table [deselabs_dhcp_cpes] expand: SELECT '1', mac_address as username, 'DHCP-Your-IP-Address' AS attribute, CONCAT_WS('.', nets.net_prefix, cpes.ip_host) AS value, '=' AS op FROM cpes LEFT OUTER JOIN nets ON cpes.net=nets.net_id WHERE cpes.mac_address = REPLACE('%{SQL-User-Name}', ':', '') UNION SELECT '2' as id, mac_address, 'DHCP-Subnet-Mask' AS attribute, nets.netmask AS value, '=' AS op FROM cpes LEFT OUTER JOIN nets ON cpes.net=nets.net_id WHERE cpes.mac_address = REPLACE('%{SQL-User-Name}', ':', '') UNION SELECT '3' as id, mac_address, 'DHCP-Router-Address' AS attribute, nets.gateway AS value, '=' AS op FROM cpes LEFT OUTER JOIN nets ON cpes.net=nets.net_id WHERE cpes.mac_address = REPLACE('%{SQL-User-Name}', ':', '') UNION SELECT '4' as id, mac_address, 'DHCP-Bootp-Extensions-Path' AS attribute, cpes_profiles.acf_name AS value, '=' AS op FROM cpes LEFT OUTER JOIN cpes_profiles ON cpes.profile=cpes_profiles.profile_id WHERE cpes.mac_address = REPLACE('%{SQL-User-Name}', ':', ' rlm_sql (deselabs_dhcp_cpes): Released sql socket id: 4 ++[deselabs_dhcp_cpes.authorize] returns ok ++[ok] returns ok } # server dhcp DHCP-Subnet-Mask = 255.255.255.0 DHCP-Router-Address = 172.31.1.1 DHCP-Domain-Name-Server = 0.0.0.0 DHCP-Bootp-Extensions-Path = "slave_clear.acf" DHCP-IP-Address-Lease-Time = 7200 DHCP-DHCP-Server-Identifier = 172.31.1.1 DHCP-TFTP-Server-Name = "172.31.1.1" Sending DHCP-Offer of id 7ca9d708 to 255.255.255.255:68 Finished request 0. Cleaning up request 0 ID 2091505416 with timestamp +6 Going to the next request Ready to process requests. Received DHCP-Request of id 7da9d708 from 0.0.0.0:68 to 255.255.255.255:67 DHCP-Opcode = Client-Message DHCP-Hardware-Type = Ethernet DHCP-Hardware-Address-Length = 6 DHCP-Hop-Count = 0 DHCP-Transaction-Id = 2108282632 DHCP-Number-of-Seconds = 0 DHCP-Flags = Broadcast DHCP-Client-IP-Address = 0.0.0.0 DHCP-Your-IP-Address = 0.0.0.0 DHCP-Server-IP-Address = 0.0.0.0 DHCP-Gateway-IP-Address = 0.0.0.0 DHCP-Client-Hardware-Address = 00:50:c2:31:24:4f DHCP-Message-Type = DHCP-Request DHCP-Client-Identifier = 0x010050c231244f00 DHCP-IP-Address-Lease-Time = 4294967040 DHCP-Requested-IP-Address = 172.31.1.12 DHCP-DHCP-Server-Identifier = 172.31.1.1 DHCP-IP-Address-Lease-Time = 4294967295 DHCP-Parameter-Request-List = DHCP-Subnet-Mask DHCP-Parameter-Request-List = DHCP-Router-Address DHCP-Parameter-Request-List = DHCP-Domain-Name-Server DHCP-Parameter-Request-List = DHCP-Domain-Name DHCP-Parameter-Request-List = DHCP-Bootp-Extensions-Path DHCP-Parameter-Request-List = DHCP-TFTP-Server-Name DHCP-Parameter-Request-List = DHCP-SIP-Servers-DHCP-Option DHCP-Parameter-Request-List = DHCP-HTTP-Proxy DHCP-Parameter-Request-List = 213 DHCP-Parameter-Request-List = 214 DHCP-Parameter-Request-List = 215 server dhcp { Trying sub-section dhcp DHCP-Request {...} +- entering group DHCP-Request {...} ++[reply] returns noop ++[reply] returns noop [deselabs_dhcp_cpes] expand: %{DHCP-Client-Hardware-Address} -> 00:50:c2:31:24:4f [deselabs_dhcp_cpes] sql_set_user escaped user --> '00:50:c2:31:24:4f' rlm_sql (deselabs_dhcp_cpes): Reserving sql socket id: 3 [deselabs_dhcp_cpes] expand: SELECT '1', mac_address, 'Cleartext-Password', REPLACE('%{SQL-User-Name}', ':', ''), ':=' FROM cpes WHERE mac_address = REPLACE('%{SQL-User-Name}', ':', '') UNION SELECT '2', mac_address, 'Auth-Type', 'Accept', ':=' FROM cpes WHERE mac_address = REPLACE('%{SQL-User-Name}', ':', '') -> SELECT '1', mac_address, 'Cleartext-Password', REPLACE('00:50:c2:31:24:4f', ':', ''), ':=' FROM cpes WHERE mac_address = REPLACE('00:50:c2:31:24:4f', ':', '') UNION SELECT '2', mac_address, 'Auth-Type', 'Accept', ':=' FROM cpes WHERE mac_address = REPLACE('00:50:c2:31:24:4f', ':', '') [deselabs_dhcp_cpes] User found in radcheck table [deselabs_dhcp_cpes] expand: SELECT '1', mac_address as username, 'DHCP-Your-IP-Address' AS attribute, CONCAT_WS('.', nets.net_prefix, cpes.ip_host) AS value, '=' AS op FROM cpes LEFT OUTER JOIN nets ON cpes.net=nets.net_id WHERE cpes.mac_address = REPLACE('%{SQL-User-Name}', ':', '') UNION SELECT '2' as id, mac_address, 'DHCP-Subnet-Mask' AS attribute, nets.netmask AS value, '=' AS op FROM cpes LEFT OUTER JOIN nets ON cpes.net=nets.net_id WHERE cpes.mac_address = REPLACE('%{SQL-User-Name}', ':', '') UNION SELECT '3' as id, mac_address, 'DHCP-Router-Address' AS attribute, nets.gateway AS value, '=' AS op FROM cpes LEFT OUTER JOIN nets ON cpes.net=nets.net_id WHERE cpes.mac_address = REPLACE('%{SQL-User-Name}', ':', '') UNION SELECT '4' as id, mac_address, 'DHCP-Bootp-Extensions-Path' AS attribute, cpes_profiles.acf_name AS value, '=' AS op FROM cpes LEFT OUTER JOIN cpes_profiles ON cpes.profile=cpes_profiles.profile_id WHERE cpes.mac_address = REPLACE('%{SQL-User-Name}', ':', ' rlm_sql (deselabs_dhcp_cpes): Released sql socket id: 3 ++[deselabs_dhcp_cpes.authorize] returns ok [deselabs_dhcp_cpes] expand: %{DHCP-Client-Hardware-Address} -> 00:50:c2:31:24:4f [deselabs_dhcp_cpes] sql_set_user escaped user --> '00:50:c2:31:24:4f' [deselabs_dhcp_cpes] expand: %{User-Password} -> [deselabs_dhcp_cpes] ... expanding second conditional [deselabs_dhcp_cpes] expand: %{Chap-Password} -> [deselabs_dhcp_cpes] expand: INSERT INTO radius_postauth (username, password, reply, authdate) VALUES (UPPER(REPLACE('%{SQL-User-Name}', ':', '')), '%{%{User-Password}:-%{Chap-Password}}', '%{DHCP-Message-Type}', '%S') -> INSERT INTO radius_postauth (username, password, reply, authdate) VALUES (UPPER(REPLACE('00:50:c2:31:24:4f', ':', '')), '', 'DHCP-Request', '2013-03-25 12:53:15') rlm_sql (deselabs_dhcp_cpes) in sql_postauth: query is INSERT INTO radius_postauth (username, password, reply, authdate) VALUES (UPPER(REPLACE('00:50:c2:31:24:4f', ':', '')), '', 'DHCP-Request', '2013-03-25 12:53:15') rlm_sql (deselabs_dhcp_cpes): Reserving sql socket id: 2 rlm_sql (deselabs_dhcp_cpes): Released sql socket id: 2 ++[deselabs_dhcp_cpes.post-auth] returns ok ++[ok] returns ok } # server dhcp DHCP-Subnet-Mask = 255.255.255.0 DHCP-Router-Address = 172.31.1.1 DHCP-Domain-Name-Server = 0.0.0.0 DHCP-Bootp-Extensions-Path = "slave_clear.acf" DHCP-IP-Address-Lease-Time = 7200 DHCP-DHCP-Server-Identifier = 172.31.1.1 DHCP-TFTP-Server-Name = "172.31.1.1" Sending DHCP-Ack of id 7da9d708 to 255.255.255.255:68 Finished request 1. Cleaning up request 1 ID 2108282632 with timestamp +7 Going to the next request Ready to process requests. What should I change in my config if I want to change the DHCP-Message-Type to "DHCP-Ack" in order to get the correct log information? I tried using the ":=" operator with no luck. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html