(RADIATOR) PostAuthHook question.

Griff Hamlin griff3 at quik.com
Thu Jun 21 11:33:27 CDT 2001


Hello,

I'm in need of adding specific attributes to the reply packets for one
of the routers I have to authenticate (out of hundreds). Since I only
have need for one handler and we don't use realms, I figure the best
thing to do would be to have a little PostAuthHook that tested my
request for the right IP address and if it passes, add the apprpriate
attributes to the reply packet. I used to have a problem with
NAS-IP-Address fields not matching the actual IP address of the router
sending the packet, so now I have an 'identifier' in every client block
with the IP address that I want to be associated with each router (it's
actual IP address.) That 'identifier' is used in my AUthBy module that I
wrote to test various things about each router (allowing certain
customers access only on certain routers, etc.)

When I put in the following PostAuthHook, it won't compile, and quite
honestly I'm not sure if I've done this right. Any help would be
appreciated. I tried to steal this straight out of the manual, so I'm a
little surprised at the error I get.

<Handler>
  RewriteUsername s/^([^@]+).*/$1/
  <AuthBy GROUP>
    AuthByPolicy ContinueUntilAccept
    <AuthBy QuikRadAcct>
      # authorize by the module AuthQuikRadAcct.pm
    </AuthBy>
        <AuthBy QuikRad>
       # Fork
      # authorize by the module AuthQuikRad.pm
    </AuthBy>
  </AuthBy>

  # Handle the  Router 65.89.75.8
  PostAuthHook sub { if ${$_[2]} eq $main::ACCEPT && \
         ${$_[0]}->{Client}->{Identifier} eq "65.89.75.8" { \
            ${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward tcp
est'); \
            ${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward dstip
216.176.28.1/32'); \
            ${$_[1]}->add_attr('Ascend-Data-Filter','ip in drop tcp
dstport=25'); \
            ${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward'); \
            ${$_[1]}->change_attr('Service-Type','Framed'); \
       } \
    }
  # Log accounting to the detail file in LogDir/<client>
  AcctLogFileName  %L/%c/detail
# MaxSessions 1
</Handler>

The error in the log file is:

Thu Jun 21 10:10:35 2001: ERR: Compilation error in PostAuthHook: syntax
error at (eval 77) line 1, near "if $"
syntax error at (eval 77) line 2, at EOF
Missing right bracket at (eval 77) line 2, at end of line

Thu Jun 21 10:10:35 2001: ERR: Unknown keyword
'${$_[1]}->add_attr('Ascend-Data-Filter','ip' in /etc/radius.cfg line
109


It appears to be failing right away at my conditional. Are conditionals
unacceptable?

Griff Hamlin, III



===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list