Re: Pool-Name woes with sqlippool
>>> I've tried adding to the radcheck table ( INSERT into `radcheck` SET
>>> `id` = 0, `username` = '447', `attribute` = 'Pool-Name' `op` =
>>> ':=', `value` =
>>> '%{control:Huntgroup-Name}`; )
>Sorry The result is still the same:
OK. sql safe characters in play. Then use unlang:
update control {
Pool-Name = '%{control:Hungroup-Name}'
}
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
Hi Ivan,
t...@kalik.net wrote:
I've tried adding to the radcheck table ( INSERT into `radcheck` SET
`id` = 0, `username` = '447', `attribute` = 'Pool-Name' `op` = ':=',
`value` =
'%{control:Huntgroup-Name}`; )
Sorry The result is still the same:
Wed Feb 18 16:53:34 2009 : Debug: rlm_sql (sql): Reserving sql socket id: 2
Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand:
%{Calling-Station-ID} -> 4477XX
Wed Feb 18 16:53:34 2009 : Info: [sqlippool] sql_set_user escaped user
--> '4477XX'
Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: START
TRANSACTION -> START TRANSACTION
Wed Feb 18 16:53:34 2009 : Debug: rlm_sql_mysql: query: START TRANSACTION
Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: UPDATE radippool
SET expiry_time = NOW() WHERE callingstationid = '%{Calling-Station-Id}'
AND pool_name = '%{control:Pool-Name}' -> UPDATE radippool SET
expiry_time = NOW() WHERE callingstationid = '447775777672' AND
pool_name = '=25=7Bcontrol:Huntgroup-Name=7D'
Wed Feb 18 16:53:34 2009 : Debug: rlm_sql_mysql: query: UPDATE
radippool SET expiry_time = NOW() WHERE callingstationid = '4477XX'
AND pool_name = '=25=7Bcontrol:Huntgroup-Name=7D'
Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: SELECT
framedipaddress FROM radippool WHERE pool_name =
'%{control:Pool-Name}' AND callingstationid = '%{Calling-Station-Id}'
LIMIT 1 FOR UPDATE -> SELECT framedipaddress FROM radippool WHERE
pool_name = '=25=7Bcontrol:Huntgroup-Name=7D' AND callingstationid =
''4477XX'' LIMIT 1 FOR UPDATE
Wed Feb 18 16:53:34 2009 : Debug: rlm_sql_mysql: query: SELECT
framedipaddress FROM radippool WHERE pool_name =
'=25=7Bcontrol:Huntgroup-Name=7D' AND callingstationid = ''4477XX''
LIMIT 1 FOR UPDATE
Wed Feb 18 16:53:34 2009 : Info: [sqlippool] SQL query did not return
any results
Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: COMMIT -> COMMIT
Wed Feb 18 16:53:34 2009 : Debug: rlm_sql_mysql: query: COMMIT
Wed Feb 18 16:53:34 2009 : Debug: rlm_sql (sql): Released sql socket id: 2
Wed Feb 18 16:53:34 2009 : Info: [sqlippool] IP address could not be
allocated.
Wed Feb 18 16:53:34 2009 : Info: [sqlippool]expand: IP Allocation
FAILED from %{control:Pool-Name} (did %{Called-Station-Id} cli
%{Calling-Station-Id} port %{NAS-Port} user %{User-Name}) -> IP
Allocation FAILED from %{control:Huntgroup-Name} (did eseye.co.uk cli
447775777672 port 12345 user searthrowl)
Wed Feb 18 16:53:34 2009 : Info: IP Allocation FAILED from
%{control:Huntgroup-Name} (did eseye.co.uk cli 4477XX port 12345
user searthrowl)
Wed Feb 18 16:53:34 2009 : Info: ++[sqlippool] returns noop
It looks as if the MySQL saved value is somehow transformed when it's
just been read, but when output during debug/log, is shown correctly;
albeit not transformed to the appropriate variable.
BTW I missed `attribute` = 'Pool-Name' earlier, the correct SQL is:
INSERT into `radcheck` SET `id` = 0, `username` = '4477XX',
`attribute` = 'Pool-Name', `op` = ':=', `value` =
'%{control:Huntgroup-Name}';
Is this a bug in expand?
Typo. It should be ' not ` at the end.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
>I've tried adding to the radcheck table ( INSERT into `radcheck` SET
>`id` = 0, `username` = '447', `op` = ':=', `value` =
>'%{control:Huntgroup-Name}`; )
Typo. It should be ' not ` at the end.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
Hi Ivan,
t...@kalik.net wrote:
Many thanks for your suggestion. However, (using 2.1.3) my
sqlippool.conf file is now:
sqlippool {
#
## SQL instance to use (from sql.conf) ##
#
sql-instance-name = "sql"
Pool-Name = %{control:Huntgroup-Name}
Where did that come from? That should be in the users entry (radcheck or
radgroupcheck).
I've tried adding to the radcheck table ( INSERT into `radcheck` SET
`id` = 0, `username` = '447', `op` = ':=', `value` =
'%{control:Huntgroup-Name}`; )
and then I get
...
Wed Feb 18 16:14:34 2009 : Info: [sqlippool]expand: SELECT
framedipaddress FROM radippool WHERE pool_name =
'%{control:Pool-Name}' AND callingstationid = '%{Calling-Station-Id}'
LIMIT 1 FOR UPDATE -> SELECT framedipaddress FROM radippool WHERE
pool_name = '=25=7Bcontrol:Huntgroup-Name=7D' AND callingstationid =
'447775777672' LIMIT 1 FOR UPDATE
Wed Feb 18 16:14:34 2009 : Debug: rlm_sql_mysql: query: SELECT
framedipaddress FROM radippool WHERE pool_name =
'=25=7Bcontrol:Huntgroup-Name=7D' AND callingstationid = '447XXX'
LIMIT 1 FOR UPDATE
Wed Feb 18 16:14:34 2009 : Info: [sqlippool] SQL query did not return
any results
The same result was obtained when radgroupcheck is used
Wed Feb 18 14:21:17 2009 : Info: +- entering group post-auth {...}
Wed Feb 18 14:21:17 2009 : *Info: [sqlippool] No Pool-Name defined.*
You haven't entered that Pool-Name (name of your huntgroup) in the
radippool table.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
>Many thanks for your suggestion. However, (using 2.1.3) my
>sqlippool.conf file is now:
>sqlippool {
>#
>## SQL instance to use (from sql.conf) ##
>#
>sql-instance-name = "sql"
>Pool-Name = %{control:Huntgroup-Name}
Where did that come from? That should be in the users entry (radcheck or
radgroupcheck).
>Wed Feb 18 14:21:17 2009 : Info: +- entering group post-auth {...}
>Wed Feb 18 14:21:17 2009 : *Info: [sqlippool] No Pool-Name defined.*
You haven't entered that Pool-Name (name of your huntgroup) in the
radippool table.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Pool-Name woes with sqlippool
Hi Ivan,
Many thanks for your suggestion. However, (using 2.1.3) my
sqlippool.conf file is now:
sqlippool {
#
## SQL instance to use (from sql.conf) ##
#
sql-instance-name = "sql"
Pool-Name = %{control:Huntgroup-Name}
## SQL table to use for ippool range and lease info
ippool_table = "radippool"
## IP lease duration. (Leases expire even if Acct Stop packet is
lost)
lease-duration = 3600
## Attribute which should be considered unique per NAS
## Using NAS-Port gives behaviour similar to rlm_ippool. (And ACS)
## Using Calling-Station-Id works for NAS that send fixed NAS-Port
## ONLY change this if you know what you are doing!
# pool-key = "%{NAS-Port}"
pool-key = "%{Calling-Station-Id}-%{control:Huntgroup-Name}"
# "%{request:Huntgroup-Name}"
$INCLUDE sql/mysql/ippool.conf
## Logging configuration. (Comment out to disable logging)
sqlippool_log_exists = "Existing IP: %{reply:Framed-IP-Address}
(did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port}
user %{User-Name})"
sqlippool_log_success = "Allocated IP:
%{reply:Framed-IP-Address} from %{control:Pool-Name} (did
%{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user
%{User-Name})"
sqlippool_log_clear = "Released IP %{Framed-IP-Address} (did
%{Called-Station-Id} cli %{Calling-Station-Id} user %{User-Name})"
sqlippool_log_failed = "IP Allocation FAILED from
%{control:Pool-Name} (did %{Called-Station-Id} cli %{Calling-Station-Id}
port %{NAS-Port} user %{User-Name})"
sqlippool_log_nopool = "No Pool-Name defined (did
%{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} user
%{User-Name} hunt %{Huntgroup-Name} pool %{Pool-Name})"
}
When running with debugging on, I get:
.
Wed Feb 18 14:21:03 2009 : Debug: (Loaded rlm_sqlippool, checking if
it's valid)
Wed Feb 18 14:21:03 2009 : Debug: Module: Linked to module rlm_sqlippool
Wed Feb 18 14:21:03 2009 : Debug: Module: Instantiating sqlippool
Wed Feb 18 14:21:03 2009 : Debug: sqlippool {
Wed Feb 18 14:21:03 2009 : Debug: sql-instance-name = "sql"
Wed Feb 18 14:21:03 2009 : Debug: lease-duration = 3600
Wed Feb 18 14:21:03 2009 : Debug: pool-name =
"%{control:Huntgroup-Name}"
Wed Feb 18 14:21:03 2009 : Debug: allocate-begin = "START TRANSACTION"
Wed Feb 18 14:21:03 2009 : Debug: allocate-clear = "UPDATE
radippool SET expiry_time = NOW() WHERE callingstationid =
'%{Calling-Station-Id}' AND pool_name = '%{control:Pool-Name}'"
Wed Feb 18 14:21:03 2009 : Debug: allocate-find = "SELECT
framedipaddress FROM radippool WHERE pool_name = '%{control:Pool-Name}'
AND callingstationid = '%{Calling-Station-Id}' LIMIT 1 FOR UPDATE"
Wed Feb 18 14:21:03 2009 : Debug: allocate-update = "UPDATE
radippool SET nasipaddress = '%{NAS-IP-Address}', username =
'%{User-Name}' WHERE framedipaddress = '%I'"
Wed Feb 18 14:21:03 2009 : Debug: allocate-commit = "COMMIT"
Wed Feb 18 14:21:03 2009 : Debug: allocate-rollback = "ROLLBACK"
Wed Feb 18 14:21:03 2009 : Debug: pool-check = ""
Wed Feb 18 14:21:03 2009 : Debug: start-begin = "START TRANSACTION"
Wed Feb 18 14:21:03 2009 : Debug: start-update = "UPDATE radippool
SET expiry_time = NOW() + INTERVAL 3600 SECOND WHERE
nasipaddress = '%{NAS-IP-Address}' AND pool_key =
'%{Calling-Station-Id}-%{control:Huntgroup-Name}'"
Wed Feb 18 14:21:03 2009 : Debug: start-commit = "COMMIT"
Wed Feb 18 14:21:03 2009 : Debug: start-rollback = "ROLLBACK"
Wed Feb 18 14:21:03 2009 : Debug: alive-begin = "START TRANSACTION"
Wed Feb 18 14:21:03 2009 : Debug: alive-update = "UPDATE radippool
SET expiry_time = NOW() + INTERVAL 3600 SECOND WHERE
nasipaddress = '%{Nas-IP-Address}' AND pool_key =
'%{Calling-Station-Id}-%{control:Huntgroup-Name}' AND username =
'%{User-Name}' AND callingstationid = '%{Calling-Station-Id}' AND
framedipaddress = '%{Framed-IP-Address}'"
Wed Feb 18 14:21:03 2009 : Debug: alive-commit = "COMMIT"
Wed Feb 18 14:21:03 2009 : Debug: alive-rollback = "ROLLBACK"
Wed Feb 18 14:21:03 2009 : Debug: stop-begin = "START TRANSACTION"
Wed Feb 18 14:21:03 2009 : Debug: stop-clear = "UPDATE radippool
SET nasipaddress = '', pool_key = 0, callingstationid = '', username =
'', expiry_time IS NULL WHERE nasipaddress = '%{Nas-IP-Address}' AND
pool_key = '%{Calling-Station-Id}-%{control:Huntgroup-Name}' AND
username = '%{User-Name}' AND callingstationid =
'%{Calling-Station-Id}' AND framedipaddress = '%{Framed-IP-Address}'"
Wed Feb 18 14:21:03 2009 : Debug: stop-commit = "COMMIT"
Wed Feb 18 14:21:03 2009 : Debug: stop-rollback = "ROLLBACK"
Wed Feb 18 14:21:03 2009 : Debug: on-begin = "START TRANSACTION"
Wed Feb 18 14:21:03
Re: Pool-Name woes with sqlippool
>What I would love to do is set up Huntgroups (OK so that bit works too!)
>and then in the sqlippool.conf just assign pool-name = %{Huntgroup-Name}
>
>This doesn't work, and all I get is pool-name is undefined.
>
>Does anyone have any ideas?
>
%{control:Huntgroup-Name}
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Pool-Name woes with sqlippool
Hi all,
I have, what I think is a simple problem, with a simple answer that
doesn't work.
The environment I am supply authentication requests to, require that I
respond with a fixed IP address in each NAS domain.
eg NAS-IP-Addresses 192.168.1.0/28 should get an IP from the pool
10.0.0.0/16
While
NAS-IP-Addresses 192.168.1.128/28 should get an IP from the 10.1.0.0/16
Users have no control from which of NASs they come into. All the normal
user name/password stuff works fine (many thanks!)
What I would love to do is set up Huntgroups (OK so that bit works too!)
and then in the sqlippool.conf just assign pool-name = %{Huntgroup-Name}
This doesn't work, and all I get is pool-name is undefined.
Does anyone have any ideas?
Kind regards
Simon
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
