On 08/04/13 14:47, Alex Sharaz wrote:
On 8 Apr 2013, at 14:24, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
In post-auth I want to
extract the nas-ip address and calling station-id of the client
device open a db connection and perform a query that'll let me
decide what vlan-id to send back in the access-accept packet
write radius attributes into the access-accept reply
one more comment...for somethign so 'trivial' I would seriously
consider using unlang to do this anyway eg
update reply { Tunnel-Private-Group-ID ="%{sql:SELECT vlan from
authtable where NAS='%{NAS-IP-Address}' and
csi='%{Calling-Station-Id}'}" Tunnel-Medium-Type = IEEE-802
Tunnel-Type = VLAN }
..or such…
looks neat, but getting the vlan associated with the switch and the
calling station id isn't that simple. but I'll have a look anyway
FWIW we use "unlang" and a simple stored procedure that returns a little
blob:
vlan,something,somemore
...which we split using a regexp in the next unlang statemenr. This is
also a handy place to check for an empty xlat result (which indicates
failure of the SQL lookup) and do logging, and possibly set
"Do-Not-Respond" to allow the other RADIUS server a chance to succeed
the auth.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
