(RADIATOR) PostAuthHook & AuthLog SQL

jason at freemotion.bb jason at freemotion.bb
Wed Oct 12 13:20:39 CDT 2005 

i have built a post auth hook to check to see if people are logging into where
they are suppose to be and it works a treet but i have one problem, when it
rejects some one and gose to log an error with AuthLog SQL it dos not give a
reason the %1 veriable returns a Null.

here is the hook and a trace

i hope some one can tell me how to get this to log a reason..

--------- hook code---------------------------------------------------------

sub {
    &main::log($main::LOG_DEBUG, "Entering PostAuthHook");

    my $p = ${$_[0]};
    my $rp = ${$_[1]};
    my $result = ${$_[2]};

    my $porttype = $p->get_attr('NAS-Port-Type');
    my $uname = $p->get_attr('User-Name');

    &main::log($main::LOG_DEBUG, "PostAuthHook$porttype, $uname");

    my $dbh = DBI->connect( qq[DBI:ODBC:XXXXXXX],'XXXXX','XXXXXXX' )
	or die &main::log($main::LOG_DEBUG,qq[PreAuth cliCheck(): $DBI::errstr\n]);

    my $sql = qq[select login, PortTypeAllowed from SubAccounts where
login=\'$uname'];

    my $sth = $dbh->prepare($sql); $sth->execute;

    while (my @r = $sth->fetchrow_array) {
    if (@r) {
               my ($u, $r) = @r;
               &main::log($main::LOG_DEBUG,qq[Checking Port type allowance for
$uname]);
               if (($result == $main::ACCEPT) && ($porttype ne $r))
		{
		&main::log($main::LOG_DEBUG,qq[Warning: User $uname port type wrong.]);
		${$_[2]} = $main::REJECT;
		${$_[1]}->change_attr('Reply-Message' , 'Sorry you are not allowed on that
port.')

		}
            }
     }

   $dbh->disconnect;
   return;
}


-------------- trace -------------------------------

Wed Oct 12 14:04:46 2005: DEBUG: Radius::AuthSQL ACCEPT:
Wed Oct 12 14:04:46 2005: DEBUG: Entering PostAuthHook
Wed Oct 12 14:04:46 2005: DEBUG: PostAuthHook Ethernet, jason
Wed Oct 12 14:04:46 2005: DEBUG: Checking Port type allowance for jason
Wed Oct 12 14:04:46 2005: DEBUG: Warning: User jason port type wrong.
Wed Oct 12 14:04:46 2005: INFO: Access rejected for jason:
Wed Oct 12 14:04:46 2005: DEBUG: do query is: 'INSERT into RadLogs (RadLogMsgID,
LogDate,Username,Data,NASIdentifier,NASport,CallerID) values (NULL,GETDATE(),'ja
son','','xxx.xxx.xxx.50','179','00:0D:60:7A:0C:FE')':

Wed Oct 12 14:04:46 2005: DEBUG: Packet dump:
*** Sending to 200.50.75.50 port 1032 ....
Code:       Access-Reject
Identifier: 71
Authentic:  ZgA):<194>N<210><220><149>H<171><217><241><127><138>
Attributes:
        MS-CHAP2-Success = "<1>S=B7207EDDAD07494EFB69F35F7FE7074498A0BDA8"
        Session-Timeout = 887640
        Service-Type = 2
        Framed-Protocol = 1
        Framed-Compression = 1
        Reply-Message = "Sorry you are not allowed on that port."

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list