(RADIATOR) Can't set certain attributes from PostAuthHook

Hugh Irvine hugh at open.com.au
Fri Oct 12 22:18:30 CDT 2001 

Hello Jo -

You really don't need a PostAuthHook to do this, just an AddToReply.

Of course you also need to reference the AuthBy clause in the Handler.

# define AuthBy clause

<AuthBy SQL>
        NoDefault
        Identifier      db_users
        DBSource        dbi:mysql:database=users;host=xxx
        DBUsername      xxx
        DBAuth          xxx
        AddToReply       Framed-Routing = None, \
                        Framed-Compression = Van-Jacobson-TCP-IP, \
                        Framed-MTU = 1500
</AuthBy>

# define Handler (don't forget to reference the AuthBy clause)

<Handler Request-Type=Access-Request>
        AuthBy db_users
        AuthLog myauthlogger
</Handler>


For suggested reading I always recommend the RFC's and the reference manual 
included in the "doc" directory of the distribution.

hth

Hugh


On Saturday 13 October 2001 08:06, needle-mls at world-online.no wrote:
> Hi,
>
> I'm looking into switching from radius to Radiator, but I've run into
> a problem with not being able to set certain attributes from a
> PostAuthHook. I have a really simple setup, or so I thought, so there
> isn't really much that can go wrong but it just won't work
> nevertheless.
>
> In the PostAuthHook I do this, after successfully authenticating the
> user:
>
> # Service-Type = Framed-User
> $reply->addAttrByNum(
>     $Radius::Radius::SERVICE_TYPE, 2);
>
> # Framed-Protocol = PPP
> $reply->addAttrByNum(
>     $Radius::Radius::FRAMED_PROTOCOL, "PPP");
>
> (...) (framed_ip_address and framed_ip_netmask here) (...)
>
> # Framed-Routing = None
> $reply->addAttrByNum(
>     $Radius::Radius::FRAMED_ROUTING, 'None');
>
> # Framed-Compression = Van-Jacobson-TCP-IP
> $reply->addAttrByNum(
>     $Radius::Radius::FRAMED_COMPRESSION, 'Van-Jacobson-TCP-IP');
>
> # Framed-MTU = 1500
> $reply->addAttrByNum(
>     $Radius::Radius::FRAMED_MTU, '1500');
>
> Service-type, protocol, ip_address and netmask are set just fine but
> routing, compression and mtu are ignored. That doesn't really surprise
> me, seeing how they aren't defined in Radius.pm, but I can't set these
> attributes by any other means either! I've tried putting
> AddToReply / AddToReplyIfNotExist / DefaultReply Framed-Routing=None,
> Framed-Compression=Van-Jacobson-TCP-IP ... various places in my
> configuration file without any noticable effect.
>
> Just using one of the Reply options in the configuration file, and
> removing the attributes from my hook, this is what Radiator logged
> (trace level 4):
>
> Attributes:
>         Service-Type = 2
>         Framed-Protocol = PPP
>         Framed-IP-Address = 10.47.11.1
>         Framed-IP-Netmask = 255.255.255.255
>
> If I set the attributes in my hook, as mentioned above, I get this:
>
> Fri Oct 12 22:20:54 2001: ERR: Attribute number  (vendor ) is not
> defined in your dictionary
> Fri Oct 12 22:20:54 2001: ERR: Attribute number  (vendor ) is not
> defined in your dictionary
> Fri Oct 12 22:20:54 2001: ERR: Attribute number  (vendor ) is not
> defined in your dictionary
> Fri Oct 12 22:20:54 2001: DEBUG: Access accepted for test32
> Fri Oct 12 22:20:54 2001: WARNING: No such attribute Unknown
> Fri Oct 12 22:20:54 2001: WARNING: No such attribute Unknown
> Fri Oct 12 22:20:54 2001: WARNING: No such attribute Unknown
> (...)
> Attributes:
>         Service-Type = 2
>         Framed-Protocol = PPP
>         Framed-IP-Address = 10.47.11.1
>         Framed-IP-Netmask = 255.255.255.255
>         Unknown = None
>         Unknown = Van-Jacobson-TCP-IP
>         Unknown = 1500
>
> I haven't connected Radiator with a NAS yet, so the above has been
> generated with a radiust test program. That shouldn't make any
> difference, though, because radius replies correctly when testing with
> this program.
>
> Relevant bits from my configuration:
> Radiator version: 2.18.4
> Dial in equippment: Cisco
>
> radiator.cfg:
>
> DbDir           /usr/local/etc/radiator/
> (Which only contains a dictionary file since an sql database is used
> for customer information.)
>
> <Client DEFAULT>
>         Secret  xxx
>         DupInterval 0
> </Client>
>
> <AuthBy SQL>
>         NoDefault
>         Identifier      db_users
>         DBSource        dbi:mysql:database=users;host=xxx
>         DBUsername      xxx
>         DBAuth          xxx
>         AddToReply	Framed-Routing = None, \
>                         Framed-Compression = Van-Jacobson-TCP-IP, \
>                         Framed-MTU = 1500
> </AuthBy>
>
> <Handler Request-Type=Access-Request>
>         PostAuthHook file:"/usr/local/etc/radiator/auth.hook"
>         AuthLog myauthlogger
> </Handler>
>
> It's been a rather long day at work, so I might have overlooked
> something obvious. Pointers to documentation I should read, or things
> I should test are welcome. :-)
>
> Thanks in advance,
>
> Jo

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list