After a bit of work, I was able to solve it by running a php script in the
preacct process.
I added the external program with exec:
exec 1stlogin {
wait = yes
program = /usr/bin/php /root/1stlogin.php %{User-Name}
%{Calling-Station-Id}
input_pairs = request
}
Then in the preacct session I added
1stlogin
The script itself as follows:
?php
$link = mysql_connect('localhost', 'root', 'xx');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db('radius');
$result=mysql_query(SELECT * FROM radacct WHERE `UserName`='$argv[1]' order by
Username limit 1);
$val = mysql_num_rows($result);
if ($val 0) {
printf (Not first auth);
}
else {
mysql_query(INSERT into radcheck (UserName, Attribute, op,
Value) values ('$argv[1]', 'Calling-Station-Id', '==', '$argv[2]'));
}
?
I rarely write any php, so any improvement in the code is highly appreciated.
Do I need to return anything to freeradius in case of an error or something?
Cheers,
Kledi
On Feb 13, 2010, at 3:01 AM, EasyHorpak.com wrote:
Kledi Andoni wrote:
Hello,
I need a way to set the Calling-Station-Id attribute automatically for each
user after the first authorization request. In this way the user will be
allowed to authorize only from that mac address in the future.
I am using freeradius 1.1.7 with mysql. I do not have the expertise to write
a new module, but I believe the way to do it is:
- User tries to authorize and sends username/password/calling-station-id
- Radius verifies username/password (calling-station-id is not yet set)
- Check if a user has ever authorized, through a query on the radacct table.
If no rows exist for the specific username then its first login
- insert a row containing the calling-station-id for the specific user in
the radcheck table.
Is there a way to do this by configuring freeradius, or do I have to submit
it as a request for a feature?
Thank you,
K
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
you can use modules checkval to make calling-station-id check.
But for add calling-station-id on first login, you need more scripts to add
it.
you may use unlang. for me i use pppoe-server as nas. i use php to add it
after first login.
--
http://www.EasyHorpak.com - แหล่งค้นหาหอพัก,อพาร์ทเมนท์,แมนชั่น,คอนโด,โรงแรม
http://www.EasyZoneCorp.net - ซอฟแวร์จัดการ internet คุณภาพสูง Hotpsot และ
PPPoE ,Anti NetCut, Mac spoof
http://www.thai-school.net - เว็บไซต์โรงเรียน,ศิษย์เก่า สำเร็จรูป
EasyZone SuperLink - แลกหมื่นลิ้งคืในคลิ๊กเดียว
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html