(RADIATOR) ReplyHook question
Alex Sharaz
A.Sharaz at hull.ac.uk
Wed Jun 21 10:56:59 CDT 2006
Chaps,
I'm writing a ReplyHook that'll return a Tunnel-Private-Group-Id (and
other attributes) based upon where the authentication request comes
from. For this I need the NAS-IP-Address attribute so that I can decide
what values to pass back.
In radius.cfg I've got
<Handler ConvertedFromEAPMSCHAPV2=1>
# Proxy to a non-EAP capable server
Identifier eap-mschapv2
<AuthBy RADIUS>
Host a.b.c.d
Secret <secret>
AuthPort 1812
AcctPort 1813
LocalAddress %{GlobalVar:myIp}
StripFromRequest ConvertedFromEAPMSCHAPV2
ReplyHook file:"%D/gen_wired_vlans_replyhook.pl"
</AuthBy>
AuthLog eaplog
PostAuthHook file:"%D/calling_station_hook_requests.pl"
</Handler>
And in the ReplyHook file I've got
my $vlanid='740';
#
my $p = ${$_[0]}; # proxy reply packet
my $rp = ${$_[1]}; # reply packet to NAS
my $op = ${$_[2]}; # original request packet
my $sp = ${$_[3]}; # packet sent to proxy
my $code = $p->code;
my $ASCIIvlan;
my $binaryvlan;
my $tag;
&main::log($main::LOG_DEBUG, "Calling
get_wired_vlans_replyhook.pl\n");
if ($code eq 'Access-Accept')
{
#
# get some info about the caller
#
my $callingid=$op->get_attr('Calling-Station-Id');
my $nasip1=$op->get_attr('NAS-IP-Address');
my $id=$op->get_attr('User-Name');
if(defined($callingid))
{
&main::log($main::LOG_DEBUG, "Calling-Station=$callingid");
}
if(defined($nasip1))
{
&main::log($main::LOG_DEBUG, "Nas-Ip=$nasip1");
}
if(defined($id))
{
&main::log($main::LOG_DEBUG, "User-Name=$id");
}
Looking in my log file, the calling station id is there and so is the
userid but the nas-ip-address isn't. Am I correct in assuming that its
because at that point the nas-ip-addresss isn't in the packet that gets
passed off to the radius proxy?
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20060621/d777d3f0/attachment.ksh>
More information about the radiator
mailing list