(RADIATOR) Accessing pool from CheckPoolQuery

Thu Feb 26 14:58:32 CST 2004

Hello Andrew -

Of course my example below should include the PoolHint in the Class 
attribute, not the Framed-IP-Address.

<AddressAllocator SQL>
	......
	DeallocateQuery update RADPOOL set STATE=0,TIME_STAMP=%t \
		where YIADDR='%0' and POOL='%{Class}'
</AddressAllocator>

<AuthBy DYNADDRESS>
	.....
	AddToReply Class = _your_pool_hint_
</AuthBy>

Where _your_pool_hint_ is whatever you have used as the value of your 
PoolHint.

Apologies for any confusion.

regards

Hugh

On 26 Feb 2004, at 18:12, Hugh Irvine wrote:

>
> Hello Andrew -
>
> There is currently no integration between the AuthBy DYNADDRESS and 
> the session database.
>
> I'm not sure how this could be done in the production code (I suspect 
> that Mike would not want to do it anyway).
>
> As you say, you may be able to store the PoolHint in the session 
> database, or you could also put a copy of the PoolHint into a Class 
> attribute when you do the authentication, then use it when you do the 
> deallocation (this assumes that you aren't using the Class attribute 
> for anything else).
>
> It would be fairly simple to do:
>
> <AddressAllocator SQL>
> 	......
> 	DeallocateQuery update RADPOOL set STATE=0,TIME_STAMP=%t \
> 		where YIADDR='%0' and POOL='%{Class}'
> </AddressAllocator>
>
> <AuthBy DYNADDRESS>
> 	.....
> 	AddToReply Class = %{Reply:Framed-IP-Address}
> </AuthBy>
>
> Hope that helps.
>
> regards
>
> Hugh
>
>
> On 26 Feb 2004, at 17:48, Andrew Stevenson wrote:
>
>> On Thu, 26 Feb 2004, Hugh Irvine wrote:
>>
>>> As mentioned in my previous mail - in this case I would use multiple
>>> AddressAllocator SQL clauses and multiple AuthBy DYNADDRESS clauses,
>>> one for each VPN.
>>
>> OK I'll do that for now but could I put this in as a feature request 
>> as
>> duplicating the config obviously doesn't scale? I suspect there will 
>> need
>> to be more integration between DYNADDRESS and the session DB.
>>
>> Thanks for your help,
>>
>> Andrew
>>
>>
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.