Re: Reply-Message

2010-01-17 Thread zhongwei feng 
Neville,您好!

so, security reasons. 8-(

1,modify the " sql_escape_func(char *out, size_t outlen, const char 
*in)" in rlm_sql.c, but there is bad idea.

2, expand rlm_sql and db driver,support parameter binding , and skip  
convert parameter.

=== 2010-01-18 您在来信中写道:===

>Thanks, this works a treat and its just what I needed.
>
>Is there anyway to strip the "\r\n" at the start and end of the 
>Reply-Message before writing the TABLE, as it ends up in the tables as:-
>
>"=0D=0AYou are already logged in - access denied=0D=0A=0A"
>
>Thx
>Nev

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Reply-Message

2010-01-17 Thread zhongwei feng 
hi,
configure postauth_query in dialup.conf,

postauth_query="UPDATE POSTREPLY SET REPLYMESSAGE='%{reply:Reply-Message}' 
WHERE USERNAME='%{SQL-User-Name}' "

than , you can query the message from DB SERVER.

BTW:
 if reject user, then  ...

#
#  Access-Reject packets are sent through the REJECT sub-section of the
#  post-auth section.
#
#  
Post-Auth-Type REJECT {
%{sql:UPDATE POSTREPLY SET 
REPLYMESSAGE='%{reply:Reply-Message}' WHERE USERNAME='%{SQL-User-Name}' }
}

>Message: 1
>Date: Sat, 16 Jan 2010 20:55:45 -
>From: "Neville" 
>Subject: Reply-Message
>To: 
>Message-ID: <1c54f0abdafe4ef7b9f3f9d4ec3ef...@nevpc>
>Content-Type: text/plain; charset="iso-8859-1"
>
>Hi,
>
>Is there any way to get the reply message loaded into a SQL TABLE, which a 
>user can then query on to see the last reply based on there username?
>
>Thx
>Nev
>-- next part --
>An HTML attachment was scrubbed...
>URL: 
>
>
>--
>
>Message: 2
>Date: Sat, 16 Jan 2010 13:15:58 -0800
>From: "Tim Sylvester" 
>Subject: RE: Reply-Message
>To: "'FreeRadius users mailing list'"
>   
>Message-ID: <4b522c99.101abc0a.1166.9...@mx.google.com>
>Content-Type: text/plain; charset="us-ascii"
>
>You can put an entry for the Reply-Message attribute in the radreply table.
>For example, if you want to send the message "Hi Bob" to user bob, you would
>add this entry to radreply:
>
> 
>
>usernameattribute op  value
>
>"bob"   "Reply-Message" ":=""Hi Bob"
>
> 
>
>The Reply-Message attribute will be sent back in the Access-Accept packet
>sent back to the NAS. Of course, this assumes that you have FreeRADIUS
>configured to use SQL, which is documented in the raddb/sql.conf file and
>http://wiki.freeradius.org/SQL_HOWTO.
>
> 
>
>Tim
>
> 

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re:A special user to matcheon all usernames

2010-01-16 Thread zhongwei feng 
hi, pang jiacai:

try this :

in authorize section :

redundant { 
sql
files
}

in users file :

DEFAULT Auth-Type := Accept
Session-Timeout := 300  



  
>
>Hi,all:
>   I want to kown how to configure a  special user to match  all usernames .I 
> just want to authorize sussessfully even though the username don't exist.this 
> is for emergency while my database is destoryed,I will let all user pass 
> through without authorizing.please give me the detail steps. thanks.
>
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Parsing IP and PHONE NUMBER from ACCOUNTING packet

2009-12-28 Thread zhongwei feng 
Hi, Michael Joyner:

  1, read   man unlang ,  more and more ;

2, understand regular express .. importance ; 
regular express can extract what you need .

3, mysql support regular express ,   or , use unlang .

processing maybe below:

accounting {
  
#Calling-Station-Id 
=";tag=20c013a8+1+99ff0002+fdf42201"  

if (Calling-Station-Id =~/@([^;]+);user=([a-z]+)>) {
update request {
orig_ip := %{1}
orig_phone := %{2}
}
}   

sql 
}

 

>
>Here are sample ATTRIBUTE VALUES:
>
> 
>
>Calling-Station-Id =
>";tag=20c013a8+1+99ff0002+fdf42201"
>
> 
>
>PHONE NUMBER  :  4784711856 ... To a
>variable %{orig_number}
>
>IP:
>192.168.32.19 ... To a variable %{orig_ip}
>
> 
>
>Called-Station-Id =
>""
>
> 
>
>PHONE NUMBER  :  14787458977   ... To a variable
>%{dest_number}
>
>IP:
>192.168.35.237... To a variable %{dest_ip}
>
> 
>
>My goal is to include the new values in the SQL statement :
>
> 
>
> the new fields above are in the UPDATE statement
>
>accounting_start_query_alt  = "UPDATE ${acct_table1} SET orig_ip =
>'%{orig_ip}', orig_phone = '%{orig_phone}', dest_ip = '%{dest_ip}',
>dest_phone = '%{dest_phone}', AcctStartTime = '%S', AcctStartDelay =
>'%{Acct-Delay-Time}', ConnectInfo_start = '%{Connect-Info}' WHERE
>AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND
>NASIPAddress = '%{NAS-IP-Address}'"
>
>Thanks in advance for your assistance.
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Rejecting User By their Calling-Station-Id (Mac Address)

2009-12-27 Thread zhongwei feng 
hi , 

try to exchange sequece ? 
  

>
>if (Calling-Station-Id == "%{sql: SELECT mac FROM `lrc_banlist` WHERE
>mac='%{Calling-Station-Id}'}") {
>update reply{
>Reply-Message := "Hello Hello Hello"
>   }

   reject

>
> }
>

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html