Re: Pool-Name woes with sqlippool
>>> I've tried adding to the radcheck table ( INSERT into `radcheck` SET >>> `id` = 0, `username` = '447', `attribute` = 'Pool-Name' `op` = >>> ':=', `value` = >>> '%{control:Huntgroup-Name}`; ) >Sorry The result is still the same: OK. sql safe characters in play. Then use unlang: update control { Pool-Name = '%{control:Hungroup-Name}' } Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
Hi Ivan, t...@kalik.net wrote: I've tried adding to the radcheck table ( INSERT into `radcheck` SET `id` = 0, `username` = '447', `attribute` = 'Pool-Name' `op` = ':=', `value` = '%{control:Huntgroup-Name}`; ) Sorry The result is still the same: Wed Feb 18 16:53:34 2009 : Debug: rlm_sql (sql): Reserving sql socket id: 2 Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: %{Calling-Station-ID} -> 4477XX Wed Feb 18 16:53:34 2009 : Info: [sqlippool] sql_set_user escaped user --> '4477XX' Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: START TRANSACTION -> START TRANSACTION Wed Feb 18 16:53:34 2009 : Debug: rlm_sql_mysql: query: START TRANSACTION Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: UPDATE radippool SET expiry_time = NOW() WHERE callingstationid = '%{Calling-Station-Id}' AND pool_name = '%{control:Pool-Name}' -> UPDATE radippool SET expiry_time = NOW() WHERE callingstationid = '447775777672' AND pool_name = '=25=7Bcontrol:Huntgroup-Name=7D' Wed Feb 18 16:53:34 2009 : Debug: rlm_sql_mysql: query: UPDATE radippool SET expiry_time = NOW() WHERE callingstationid = '4477XX' AND pool_name = '=25=7Bcontrol:Huntgroup-Name=7D' Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: SELECT framedipaddress FROM radippool WHERE pool_name = '%{control:Pool-Name}' AND callingstationid = '%{Calling-Station-Id}' LIMIT 1 FOR UPDATE -> SELECT framedipaddress FROM radippool WHERE pool_name = '=25=7Bcontrol:Huntgroup-Name=7D' AND callingstationid = ''4477XX'' LIMIT 1 FOR UPDATE Wed Feb 18 16:53:34 2009 : Debug: rlm_sql_mysql: query: SELECT framedipaddress FROM radippool WHERE pool_name = '=25=7Bcontrol:Huntgroup-Name=7D' AND callingstationid = ''4477XX'' LIMIT 1 FOR UPDATE Wed Feb 18 16:53:34 2009 : Info: [sqlippool] SQL query did not return any results Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: COMMIT -> COMMIT Wed Feb 18 16:53:34 2009 : Debug: rlm_sql_mysql: query: COMMIT Wed Feb 18 16:53:34 2009 : Debug: rlm_sql (sql): Released sql socket id: 2 Wed Feb 18 16:53:34 2009 : Info: [sqlippool] IP address could not be allocated. Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: IP Allocation FAILED from %{control:Pool-Name} (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name}) -> IP Allocation FAILED from %{control:Huntgroup-Name} (did eseye.co.uk cli 447775777672 port 12345 user searthrowl) Wed Feb 18 16:53:34 2009 : Info: IP Allocation FAILED from %{control:Huntgroup-Name} (did eseye.co.uk cli 4477XX port 12345 user searthrowl) Wed Feb 18 16:53:34 2009 : Info: ++[sqlippool] returns noop It looks as if the MySQL saved value is somehow transformed when it's just been read, but when output during debug/log, is shown correctly; albeit not transformed to the appropriate variable. BTW I missed `attribute` = 'Pool-Name' earlier, the correct SQL is: INSERT into `radcheck` SET `id` = 0, `username` = '4477XX', `attribute` = 'Pool-Name', `op` = ':=', `value` = '%{control:Huntgroup-Name}'; Is this a bug in expand? Typo. It should be ' not ` at the end. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
>I've tried adding to the radcheck table ( INSERT into `radcheck` SET >`id` = 0, `username` = '447', `op` = ':=', `value` = >'%{control:Huntgroup-Name}`; ) Typo. It should be ' not ` at the end. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
Hi Ivan, t...@kalik.net wrote: Many thanks for your suggestion. However, (using 2.1.3) my sqlippool.conf file is now: sqlippool { # ## SQL instance to use (from sql.conf) ## # sql-instance-name = "sql" Pool-Name = %{control:Huntgroup-Name} Where did that come from? That should be in the users entry (radcheck or radgroupcheck). I've tried adding to the radcheck table ( INSERT into `radcheck` SET `id` = 0, `username` = '447', `op` = ':=', `value` = '%{control:Huntgroup-Name}`; ) and then I get ... Wed Feb 18 16:14:34 2009 : Info: [sqlippool]expand: SELECT framedipaddress FROM radippool WHERE pool_name = '%{control:Pool-Name}' AND callingstationid = '%{Calling-Station-Id}' LIMIT 1 FOR UPDATE -> SELECT framedipaddress FROM radippool WHERE pool_name = '=25=7Bcontrol:Huntgroup-Name=7D' AND callingstationid = '447775777672' LIMIT 1 FOR UPDATE Wed Feb 18 16:14:34 2009 : Debug: rlm_sql_mysql: query: SELECT framedipaddress FROM radippool WHERE pool_name = '=25=7Bcontrol:Huntgroup-Name=7D' AND callingstationid = '447XXX' LIMIT 1 FOR UPDATE Wed Feb 18 16:14:34 2009 : Info: [sqlippool] SQL query did not return any results The same result was obtained when radgroupcheck is used Wed Feb 18 14:21:17 2009 : Info: +- entering group post-auth {...} Wed Feb 18 14:21:17 2009 : *Info: [sqlippool] No Pool-Name defined.* You haven't entered that Pool-Name (name of your huntgroup) in the radippool table. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
>Many thanks for your suggestion. However, (using 2.1.3) my >sqlippool.conf file is now: >sqlippool { ># >## SQL instance to use (from sql.conf) ## ># >sql-instance-name = "sql" >Pool-Name = %{control:Huntgroup-Name} Where did that come from? That should be in the users entry (radcheck or radgroupcheck). >Wed Feb 18 14:21:17 2009 : Info: +- entering group post-auth {...} >Wed Feb 18 14:21:17 2009 : *Info: [sqlippool] No Pool-Name defined.* You haven't entered that Pool-Name (name of your huntgroup) in the radippool table. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
Hi Ivan, Many thanks for your suggestion. However, (using 2.1.3) my sqlippool.conf file is now: sqlippool { # ## SQL instance to use (from sql.conf) ## # sql-instance-name = "sql" Pool-Name = %{control:Huntgroup-Name} ## SQL table to use for ippool range and lease info ippool_table = "radippool" ## IP lease duration. (Leases expire even if Acct Stop packet is lost) lease-duration = 3600 ## Attribute which should be considered unique per NAS ## Using NAS-Port gives behaviour similar to rlm_ippool. (And ACS) ## Using Calling-Station-Id works for NAS that send fixed NAS-Port ## ONLY change this if you know what you are doing! # pool-key = "%{NAS-Port}" pool-key = "%{Calling-Station-Id}-%{control:Huntgroup-Name}" # "%{request:Huntgroup-Name}" $INCLUDE sql/mysql/ippool.conf ## Logging configuration. (Comment out to disable logging) sqlippool_log_exists = "Existing IP: %{reply:Framed-IP-Address} (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})" sqlippool_log_success = "Allocated IP: %{reply:Framed-IP-Address} from %{control:Pool-Name} (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})" sqlippool_log_clear = "Released IP %{Framed-IP-Address} (did %{Called-Station-Id} cli %{Calling-Station-Id} user %{User-Name})" sqlippool_log_failed = "IP Allocation FAILED from %{control:Pool-Name} (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name})" sqlippool_log_nopool = "No Pool-Name defined (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name} hunt %{Huntgroup-Name} pool %{Pool-Name})" } When running with debugging on, I get: . Wed Feb 18 14:21:03 2009 : Debug: (Loaded rlm_sqlippool, checking if it's valid) Wed Feb 18 14:21:03 2009 : Debug: Module: Linked to module rlm_sqlippool Wed Feb 18 14:21:03 2009 : Debug: Module: Instantiating sqlippool Wed Feb 18 14:21:03 2009 : Debug: sqlippool { Wed Feb 18 14:21:03 2009 : Debug: sql-instance-name = "sql" Wed Feb 18 14:21:03 2009 : Debug: lease-duration = 3600 Wed Feb 18 14:21:03 2009 : Debug: pool-name = "%{control:Huntgroup-Name}" Wed Feb 18 14:21:03 2009 : Debug: allocate-begin = "START TRANSACTION" Wed Feb 18 14:21:03 2009 : Debug: allocate-clear = "UPDATE radippool SET expiry_time = NOW() WHERE callingstationid = '%{Calling-Station-Id}' AND pool_name = '%{control:Pool-Name}'" Wed Feb 18 14:21:03 2009 : Debug: allocate-find = "SELECT framedipaddress FROM radippool WHERE pool_name = '%{control:Pool-Name}' AND callingstationid = '%{Calling-Station-Id}' LIMIT 1 FOR UPDATE" Wed Feb 18 14:21:03 2009 : Debug: allocate-update = "UPDATE radippool SET nasipaddress = '%{NAS-IP-Address}', username = '%{User-Name}' WHERE framedipaddress = '%I'" Wed Feb 18 14:21:03 2009 : Debug: allocate-commit = "COMMIT" Wed Feb 18 14:21:03 2009 : Debug: allocate-rollback = "ROLLBACK" Wed Feb 18 14:21:03 2009 : Debug: pool-check = "" Wed Feb 18 14:21:03 2009 : Debug: start-begin = "START TRANSACTION" Wed Feb 18 14:21:03 2009 : Debug: start-update = "UPDATE radippool SET expiry_time = NOW() + INTERVAL 3600 SECOND WHERE nasipaddress = '%{NAS-IP-Address}' AND pool_key = '%{Calling-Station-Id}-%{control:Huntgroup-Name}'" Wed Feb 18 14:21:03 2009 : Debug: start-commit = "COMMIT" Wed Feb 18 14:21:03 2009 : Debug: start-rollback = "ROLLBACK" Wed Feb 18 14:21:03 2009 : Debug: alive-begin = "START TRANSACTION" Wed Feb 18 14:21:03 2009 : Debug: alive-update = "UPDATE radippool SET expiry_time = NOW() + INTERVAL 3600 SECOND WHERE nasipaddress = '%{Nas-IP-Address}' AND pool_key = '%{Calling-Station-Id}-%{control:Huntgroup-Name}' AND username = '%{User-Name}' AND callingstationid = '%{Calling-Station-Id}' AND framedipaddress = '%{Framed-IP-Address}'" Wed Feb 18 14:21:03 2009 : Debug: alive-commit = "COMMIT" Wed Feb 18 14:21:03 2009 : Debug: alive-rollback = "ROLLBACK" Wed Feb 18 14:21:03 2009 : Debug: stop-begin = "START TRANSACTION" Wed Feb 18 14:21:03 2009 : Debug: stop-clear = "UPDATE radippool SET nasipaddress = '', pool_key = 0, callingstationid = '', username = '', expiry_time IS NULL WHERE nasipaddress = '%{Nas-IP-Address}' AND pool_key = '%{Calling-Station-Id}-%{control:Huntgroup-Name}' AND username = '%{User-Name}' AND callingstationid = '%{Calling-Station-Id}' AND framedipaddress = '%{Framed-IP-Address}'" Wed Feb 18 14:21:03 2009 : Debug: stop-commit = "COMMIT" Wed Feb 18 14:21:03 2009 : Debug: stop-rollback = "ROLLBACK" Wed Feb 18 14:21:03 2009 : Debug: on-begin = "START TRANSACTION" Wed Feb 18 14:21:03
Re: Pool-Name woes with sqlippool
>What I would love to do is set up Huntgroups (OK so that bit works too!) >and then in the sqlippool.conf just assign pool-name = %{Huntgroup-Name} > >This doesn't work, and all I get is pool-name is undefined. > >Does anyone have any ideas? > %{control:Huntgroup-Name} Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Pool-Name woes with sqlippool
Hi all, I have, what I think is a simple problem, with a simple answer that doesn't work. The environment I am supply authentication requests to, require that I respond with a fixed IP address in each NAS domain. eg NAS-IP-Addresses 192.168.1.0/28 should get an IP from the pool 10.0.0.0/16 While NAS-IP-Addresses 192.168.1.128/28 should get an IP from the 10.1.0.0/16 Users have no control from which of NASs they come into. All the normal user name/password stuff works fine (many thanks!) What I would love to do is set up Huntgroups (OK so that bit works too!) and then in the sqlippool.conf just assign pool-name = %{Huntgroup-Name} This doesn't work, and all I get is pool-name is undefined. Does anyone have any ideas? Kind regards Simon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html