Re: refresh variable after exec module
Ok. It's working...thanks a lot!! If I execute my script in wait-program-exec then all it's right and I can get out the variable but if I call an external script in exec module, no. Although I put the same sentence to get my goal...thanks for the lesson...curious :-) Alan DeKok escribió: bLn wrote: Because I do an update into radgroupreply but now I'm doing a "select" and save the result into a variable, like this: REPLY_MESSAGE="$(mysql -Ns -h$HOST -u$USER -p$PASS -e "SELECT Value FROM radgroupreply WHERE Attribute='Reply-Message' AND GroupName='$GROUP_NAME'" $BD)" That won't work. The environment variables are NOT passed back to the server when the script exits. The file program scripts/exec-program-wait contains examples of how to pass variables from the script to FreeRADIUS. but the results keep into the script and I don't know how I could get it out. The documentation and examples say how to do this. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: refresh variable after exec module
Because I do an update into radgroupreply but now I'm doing a "select"
and save the result into a variable, like this:
REPLY_MESSAGE="$(mysql -Ns -h$HOST -u$USER -p$PASS -e "SELECT Value FROM
radgroupreply WHERE Attribute='Reply-Message' AND
GroupName='$GROUP_NAME'" $BD)"
Butt this varibale I can't escape the script. I follow the man of "exec
echo" where says "Should we escape the envioronment variables?" and I
introduce 3 arguments:
program = "/usr/local/freeradius/etc/raddb/pre_script.sh %{User-Name}
%{Reply-Message} %{Session-Timeout}"
but the results keep into the script and I don't know how I could get it
out.
In the past post, also I said that I'm trying to play with Exit-Program
or Exit-Program-Wait. Is it possible?
For example, If I put "exit 2" (fail) or "exit 1" (reject), etc.
thanks
Ivan Kalik escribió:
My script sets into radgroupreply 2 differents values Session-Timeout or
Reply-Message, when the script or exec module is finished.
Then, in Post-Auth section I do the "update"
Why? Why are you writing them to the database and then trying to retrieve
them? Why don't you assign them to attributes in the script?
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: refresh variable after exec module
Hi,
I've reviewed those manuals (users and unlang) and I think I've got the
same way.
My script sets into radgroupreply 2 differents values Session-Timeout or
Reply-Message, when the script or exec module is finished.
Then, in Post-Auth section I do the "update", like this:
post-auth{
.
exec
update reply {
Session-Timeout:="%{reply:Session-Timeout}"
}
}
Post-Auth-Type REJECT {
attr_filter.access_reject
update reply {
Reply-Message := "%{reply:Reply-Message}"
}
sql
}
I've set in all places (op into radgroupreply and those sentences) with
":=" operator
mysql> select * from radgroupreply;
++---+-+++--+
| id | GroupName | Attribute | op | Value | prio |
++---+-+++--+
| 1 | Navega Gratis | Idle-Timeout| := | 300|0 |
| 2 | Navega Gratis | Mikrotik-Rate-Limit | := | 128k/512k |0 |
| 4 | Navega12meses | Idle-Timeout| := | 300|0 |
| 5 | Navega12meses | Mikrotik-Rate-Limit | := | 128k/6M|0 |
| 7 | NavegaMes | Idle-Timeout| := | 300|0 |
| 8 | NavegaMes | Mikrotik-Rate-Limit | := | 128k/3M|0 |
| 10 | Navega Hoy| Idle-Timeout| := | 300|0 |
| 11 | Navega Hoy| Mikrotik-Rate-Limit | := | 128k/3M|0 |
| 13 | Navega24horas | Idle-Timeout| := | 300|0 |
| 14 | Navega24horas | Mikrotik-Rate-Limit | := | 128k/3072k |0 |
| 3 | Navega Gratis | Session-Timeout | := | 1800 |0 |
| 15 | Navega24horas | Session-Timeout | := | 8938 |0 |
| 9 | NavegaMes | Reply-Message | := | NULL |0 |
| 16 | Navega24horas | Reply-Message | := | NULL |0 |
| 12 | Navega Gratis | Reply-Message | := | NULL |0 |
| 17 | Navega12meses | Reply-Message | := | NULL |0 |
| 18 | Navega Hoy| Reply-Message | := | NULL |0 |
++---+-+++--+
but the value is the same, the before one
I've got a dude.I've proved Reply-Message:="%{reply:Reply-Message}}" but
"%{reply:Reply-Message}}" is not the new value in Reply-Message
I think, my problem is the new value is being saved into database and
it's impossible get it again without a "select" query and I don't know
how I can exit the value out the script. I'm trying to salve this value
into a variable "Reply-Message" (however into the script is REPLY_MESSAGE).
Also I'm playing with the return value of the program run, ie:with exit
1 (reject), exit 2 (fail)...and then I'll do a conditional if with
Exit-Program...but unsuccessfully too
Alan DeKok escribió:
bLn wrote:
My script returns 2 possible values:
a) If all is correct (ie: an user has time and money to connect) then I
set in Session-Timeout with the time available to this user
b) If not, then I set Reply-Message with the exactly error.
Both of them are in radgroupreply in my database. For that, the value is
previously cached in auth section and I can't refresh or update the new
value after, in post-auth section
Yes, you can. See the documentation on the operators in "man users",
or "man unlang". The ":=" operator is likely what you want.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: refresh variable after exec module
Good morning,
My script returns 2 possible values:
a) If all is correct (ie: an user has time and money to connect) then I
set in Session-Timeout with the time available to this user
b) If not, then I set Reply-Message with the exactly error.
Both of them are in radgroupreply in my database. For that, the value is
previously cached in auth section and I can't refresh or update the new
value after, in post-auth section
Alan DeKok escribió:
bLn wrote:
but if I wanna update it with a variable that I got from external script
and I put this:
update reply {
Reply-Message := "%{reply:Reply-Message}"
Uh... that says "set the Reply-Message to the value of the Reply-Message".
What do you *really* want to do? What does the script return?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: refresh variable after exec module
Ok, I'm back with another cuestion.
now, if I put the variable in this way, I send the Reply-Message (pepe)
with Access-Reject connections
update reply {
Reply-Message := "pepe"
}
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> copaz...@prueba.com
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
++[reply] returns updated
Sending Access-Reject of id 46 to 192.168.1.10 port 32925
Reply-Message = "pepe"
but if I wanna update it with a variable that I got from external script
and I put this:
update reply {
Reply-Message := "%{reply:Reply-Message}"
+- entering group post-auth {...}
[exec] expand: %{User-Name} -> copaz...@prueba.com
[exec] expand: %{Reply-Message} ->
Exec-Program output: VALOR 1(Username) ES copaz...@prueba.com El usuario
ya esta cnectado El usuario ya esta conectado
Exec-Program-Wait: plaintext: VALOR 1(Username) ES copaz...@prueba.com
El usuario ya esta cnectado El usuario ya esta conectado
Exec-Program: returned: 255
++[exec] returns fail
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> copaz...@prueba.com
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
expand: %{reply:Reply-Message} -> NULL
++[reply] returns updated
Is it correct this way? Reply-Message := "%{reply:Reply-Message}"
thanks
bLn escribió:
Good morning,
I back with the same problem.
I've seeing past post for last week but I have any wrong because those
solutions don't work for me.
I have a script in exec module which set 2 values: Session-Timeout if
everything is correct for each user and it calculate his remaining
time to connect, and Reply-Message if there is any problem, to show
this message to the user
I've seen these values are cached before when mysql runs the queries
to radcheck, radgroupchek, radreply, etc...in authtorize section and
when I execute my script in post-auth module the new values aren't
replaced and sent together with Access-Accept or Access-Reject
I've done an update in post-auth section, like you said in last posts,
in two different modes:
first example:
Post-Auth-Type REJECT {
attr_filter.access_reject
update outer.reply {
Reply-Message := "%{reply:Reply-Message}"
}
sql
reply_log
}
Second example:
Post-Auth-Type REJECT {
attr_filter.access_reject
update outer.reply {
Reply-Message := "pepe"
}
sql
reply_log
}
I've set Reply-Message := "pepe" to try without a variable but
unsuccessfully because I'm not sure if I've set the variable
correctly but if I put the value of variable and this is not send
neither it is because my value is not replaced by the before one, ok?
why?
Post-Auth section
post-auth {
# Get an address from the IP Pool.
#main_pool
#
# If you want to have a log of authentication replies,
# un-comment the following line, and the 'detail reply_log'
# section, above.
reply_log
#
# After authenticating the user, do another SQL query.
#
# See "Authentication Logging Queries" in sql.conf
sql
#
# Instead of sending the query to the SQL server,
# write it into a log file.
#
sql_log
#
# Un-comment the following if you have set
# 'edir_account_policy_check = yes' in the ldap module sub-section of
# the 'modules' section.
#
#ldap
exec
update outer.reply {
Session-Timeout:="%{reply:Session-Timeout}"
}
#
# Access-Reject packets are sent through the REJECT sub-section of
the
# post-auth section.
#
# Add the ldap module name (or instance) if you have set
# 'edir_account_policy_check = yes' in the ldap module configuration
#
Post-Auth-Type REJECT {
attr_filter.access_reject
update outer.reply {
Reply-Message := "pepe"
}
sql
reply_log
}
}
I try with "update reply" too. I don't understand the different
between both modes. Can you say me where I can read the neccesary doc
to find this difference?
thanks in advance and I'm sorry to repeat this issue again
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
refresh variable after exec module
Good morning,
I back with the same problem.
I've seeing past post for last week but I have any wrong because those
solutions don't work for me.
I have a script in exec module which set 2 values: Session-Timeout if
everything is correct for each user and it calculate his remaining time
to connect, and Reply-Message if there is any problem, to show this
message to the user
I've seen these values are cached before when mysql runs the queries to
radcheck, radgroupchek, radreply, etc...in authtorize section and when I
execute my script in post-auth module the new values aren't replaced and
sent together with Access-Accept or Access-Reject
I've done an update in post-auth section, like you said in last posts,
in two different modes:
first example:
Post-Auth-Type REJECT {
attr_filter.access_reject
update outer.reply {
Reply-Message := "%{reply:Reply-Message}"
}
sql
reply_log
}
Second example:
Post-Auth-Type REJECT {
attr_filter.access_reject
update outer.reply {
Reply-Message := "pepe"
}
sql
reply_log
}
I've set Reply-Message := "pepe" to try without a variable but
unsuccessfully because I'm not sure if I've set the variable correctly
but if I put the value of variable and this is not send neither it is
because my value is not replaced by the before one, ok? why?
Post-Auth section
post-auth {
# Get an address from the IP Pool.
#main_pool
#
# If you want to have a log of authentication replies,
# un-comment the following line, and the 'detail reply_log'
# section, above.
reply_log
#
# After authenticating the user, do another SQL query.
#
# See "Authentication Logging Queries" in sql.conf
sql
#
# Instead of sending the query to the SQL server,
# write it into a log file.
#
sql_log
#
# Un-comment the following if you have set
# 'edir_account_policy_check = yes' in the ldap module sub-section of
# the 'modules' section.
#
#ldap
exec
update outer.reply {
Session-Timeout:="%{reply:Session-Timeout}"
}
#
# Access-Reject packets are sent through the REJECT sub-section of the
# post-auth section.
#
# Add the ldap module name (or instance) if you have set
# 'edir_account_policy_check = yes' in the ldap module configuration
#
Post-Auth-Type REJECT {
attr_filter.access_reject
update outer.reply {
Reply-Message := "pepe"
}
sql
reply_log
}
}
I try with "update reply" too. I don't understand the different between
both modes. Can you say me where I can read the neccesary doc to find
this difference?
thanks in advance and I'm sorry to repeat this issue again
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problem with eap-tls between FR and XP client
hi forum,
I'm trying to connect a Windows XP client (also I'm trying with Vista)
with freeradius with EAP-TLS. I made my set of certificates (from this
site http://www.linuxjournal.com/node/8095/print) and now, I have: CA,
radius_cert.pem, radius_key.pem, radius_keycert.pemradius_req.pem,
cliente_cert.p12, cliente_key.pem, cliente_cert.pem, cliente_req.pem,
dh, random, xpextensions, xpclient_ext, xpserver_ext
I've configured eap.conf of this way:
tls {
certdir = ${confdir}/certs2
cadir = ${confdir}/certs2
private_key_password = ***
private_key_file = ${certdir}/radius_keycert.pem
certificate_file = ${certdir}/radius_keycert.pem
CA_file = ${cadir}/cacert.pem
dh_file = ${certdir}/dh
random_file = ${certdir}/random
cipher_list = "DEFAULT"
make_cert_command = "${certdir}/bootstrap"
And I've installed my cacert.pem and cliente_cert.p12 into mmc into
Trusted Root Certification Authorities and Personal - certificates,
respectively.
When I try to connect with freeradius my log is this: (it's too long
because I see the same request again and again)
rad_recv: Access-Request packet from host 10.0.0.1 port 3072, id=159,
length=199
User-Name = "carlosg...@realmprueba.com"
NAS-IP-Address = 10.0.0.1
NAS-Port = 0
Called-Station-Id = "00116b3f0ce5"
Calling-Station-Id = "00215d9ade9a"
NAS-Identifier = "Realtek Access Point. 8181"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x021a016361726c6f7367617269407769746563682e636f6d
Message-Authenticator = 0xc6247c05f7aae962aecbc459c9416907
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "realmprueba.com" for User-Name =
"carlosg...@realmprueba.com"
[suffix] Found realm "realmprueba.com"
[suffix] Adding Realm = "realmprueba.com"
[suffix] Authentication realm is LOCAL.
++[suffix] returns ok
[eap] EAP packet type response id 0 length 26
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
[sql] expand: %{User-Name} -> carlosg...@realmprueba.com
[sql] sql_set_user escaped user --> 'carlosg...@realmprueba.com'
rlm_sql (sql): Reserving sql socket id: 4
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER
BY id -> SELECT id, username, attribute, value, op FROM
radcheck WHERE username =
'carlosg...@realmprueba.com' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT groupname FROM usergroup
WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT
groupname FROM usergroup WHERE username =
'carlosg...@realmprueba.com' ORDER BY id
[sql] expand: SELECT id, groupname, attribute, Value,
op FROM radgroupcheck WHERE groupname =
'%{Sql-Group}' ORDER BY id -> SELECT id, groupname,
attribute, Value, op FROM radgroupcheck
WHERE groupname = 'Navega Mes' ORDER BY id
[sql] User found in group Navega Mes
[sql] expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}'
ORDER BY id -> SELECT id, groupname, attribute, value, op FROM
radgroupreply WHERE groupname = 'Navega Mes' ORDER BY id
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type tls
[tls] Requiring client certificate
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 159 to 10.0.0.1 port 3072
EAP-Message = 0x010100060d20
Message-Authenticator = 0x
State = 0x84a02e6384a123686383961ecc8fb910
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.0.0.1 port 3072, id=160,
length=191
User-Name = "carlosg...@realmprueba.com"
NAS-IP-Address = 10.0.0.1
NAS-Port = 0
Called-Station-Id = "00116b3f0ce5"
Calling-Station-Id = "00215d9ade9a"
NAS-Identifier = "Realtek Access Point. 8181"
NAS-Port-Type = Wireless-802.11
Service-Type = Framed-User
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020100060319
State = 0x84a02e6384a123686383961ecc8fb910
Message-Authenticator = 0xe9335e399fadf61413fddd7e717c778f
+- entering group authorize {...
Re: refresh Session-Timeout in Access-Accept
t...@kalik.net escribió:
Hi again,
I use that operator :=
[exec] expand: %{User-Name} -> be...@wifiya.com
Exec-Program output: VALOR 1(Username) ES be...@wifiya.com
Session-Timeout = 79845
Exec-Program-Wait: plaintext: VALOR 1(Username) ES be...@wifiya.com
*Session-Timeout = 79845*
Exec-Program: returned: 0
Let's try again: use := as operator!!!
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
this *Session-Timeout = 79845* is just an echo from my script. In my
database, I have := as operator.
echo "Session-Timeout = $CONEXION_SEG"
exit 0
If you want I´ll post my script too but I think, rlm_sql is executed before
exec module and for that it send the value from sql query, but I´m not sure
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: refresh Session-Timeout in Access-Accept
t...@kalik.net escribió:
Hi again,
I use that operator :=
Post the debug then.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi again,
I post my debug:
**
Ready to process requests.
rad_recv: Access-Request packet from host xx.xx.xx.xx port 27230, id=27,
length=212
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00:15:C5:72:9E:D2"
Called-Station-Id = "hotspot1"
NAS-Port-Id = "ether2"
User-Name = "be...@wifiya.com"
NAS-Port = 2156920840
Acct-Session-Id = "8098"
Framed-IP-Address = 192.168.10.5
Mikrotik-Host-IP = 192.168.10.5
CHAP-Challenge = 0xcfb6c69e706cf277bacb734dbab2d57c
CHAP-Password = 0x80ade15e6b644f755e95c481630aee5393
Service-Type = Login-User
WISPr-Logoff-URL = "http://192.168.1.1/logout";
NAS-Identifier = "pruebas wiloc"
NAS-IP-Address = 192.168.1.11
+- entering group authorize {...}
++[preprocess] returns ok
[chap] Setting 'Auth-Type := CHAP'
++[chap] returns ok
++[mschap] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
[sql] expand: %{User-Name} -> be...@wifiya.com
[sql] sql_set_user escaped user --> 'be...@wifiya.com'
rlm_sql (sql): Reserving sql socket id: 4
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER
BY id -> SELECT id, username, attribute, value, op FROM
radcheck WHERE username = 'be...@wifiya.com' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT groupname FROM usergroup
WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT
groupname FROM usergroup WHERE username =
'be...@wifiya.com' ORDER BY id
[sql] expand: SELECT id, groupname, attribute, Value,
op FROM radgroupcheck WHERE groupname =
'%{Sql-Group}' ORDER BY id -> SELECT id, groupname,
attribute, Value, op FROM radgroupcheck
WHERE groupname = 'Navega24horas' ORDER BY id
[sql] User found in group Navega24horas
[sql] expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}'
ORDER BY id -> SELECT id, groupname, attribute, value, op FROM
radgroupreply WHERE groupname = 'Navega24horas'
ORDER BY id
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = CHAP
+- entering group CHAP {...}
[chap] login attempt by "be...@wifiya.com" with CHAP password
[chap] Using clear text password "***" for user be...@wifiya.com
authentication.
[chap] chap user be...@wifiya.com authenticated succesfully
++[chap] returns ok
Login OK: [be...@wifiya.com/] (from client malditaprueba
port 2156920840 cli 00:15:C5:72:9E:D2)
+- entering group post-auth {...}
[sql] expand: %{User-Name} -> be...@wifiya.com
[sql] sql_set_user escaped user --> 'be...@wifiya.com'
[sql] expand: %{User-Password} ->
[sql] expand: %{Chap-Password} -> 0x80ade15e6b644f755e95c481630aee5393
[sql] expand: INSERT INTO radpostauth
(username, pass, reply, authdate) VALUES
( '%{User-Name}',
'%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-Type}', '%S') -> INSERT INTO
radpostauth (username, pass, reply,
authdate) VALUES (
'be...@wifiya.com',
'0x80ade15e6b644f755e95c481630aee5393',
'Access-Accept', '2009-01-26 13:11:49')
rlm_sql (sql) in sql_postauth: query is INSERT INTO
radpostauth (username, pass, reply,
authdate) VALUES (
'be...@wifiya.com',
'0x80ade15e6b644f755e95c481630aee5393',
'Access-Accept', '2009-01-26 13:11:49')
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
[sql_log] Processing sql_log_postauth
[sql_log] expand: %{User-Name} -> be...@wifiya.com
[sql_log] expand: %{%{User-Name}:-DEFAULT} -> be...@wifiya.com
[sql_log] sql_set_user escaped user --> 'be...@wifiya.com'
[sql_log] WARNING: Deprecated conditional expansion ":-". See "man
unlang" for details
[sql_log] expand: INSERT INTO radpostauth
(username, pass, reply, authdate) VALUES
('%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', '%S'); -> INSERT INTO
Re: refresh Session-Timeout in Access-Accept
Marinko Tarlac escribió:
Hi... Can you help me please How did you set-up exec module ? In
FR1.1.7 it is enough to add Exec in acct_users and to call script on
Start, Stop and Interim-Update packet but the same trick in fr 2.1.3
doesn't work (at least for me).
I really don't know because my script is very simple. It follows
different roads (if-then-else) and executes queries in my database
depends of the client.
I set up in exec module
exec {
wait = yes
program = "/usr/local/freeradius/etc/raddb/pre_script.sh %{User-Name}"
input_pairs = request
shell_escape = yes
output = reply
}
Regards
PS: Thanks Ivan, I can't put my debug now but thanks anyway. I'll put it
as soon as possible.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: refresh Session-Timeout in Access-Accept
Hi again, I use that operator := regards t...@kalik.net escribió: My problem is the next: I have a script, executed in exec module, that calculate the variable "Session-Timeout" for each user, and another different cases. Well, in the debug of freeradius I see that exec is executed after sql queries (radgroupreply in this case) and if I change Session-Timeout variable, in my script, and previously freeradius has read Session-timeout from the database when freeradius sends Access-Accept to the NAS the value of Session-Timeout is not the recent value if not the previous data saved in the field Session-Timeout before have executed the script Use Session-Timeout := ... not =. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
refresh Session-Timeout in Access-Accept
Hi everyone! I have another problem with freeradius. I´m working with freeradius-server-2.1.3 and mysql-5.0. My problem is the next: I have a script, executed in exec module, that calculate the variable "Session-Timeout" for each user, and another different cases. Well, in the debug of freeradius I see that exec is executed after sql queries (radgroupreply in this case) and if I change Session-Timeout variable, in my script, and previously freeradius has read Session-timeout from the database when freeradius sends Access-Accept to the NAS the value of Session-Timeout is not the recent value if not the previous data saved in the field Session-Timeout before have executed the script There are any way to refresh this value??? I've try to do a commit or flush without success. I guess, the value is stored in the cache and if there isn't any way I'm gonna try to change this value, through a trigger, in the moment of close the connection in radacct, for give an example. Thanks in advance bLn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
