(RADIATOR) More questions!
Hugh Irvine
hugh at open.com.au
Wed Aug 22 18:08:06 CDT 2007
Hello Adam -
Yes you can use both a PostAuthSelectHook followed by a PostAuthHook,
although it would probably be simpler to do this instead:
.....
<AuthBy SQL>
......
AuthSelect select PASSWORD, IP from SUBSCRIBERS \
where USERNAME = %0
AuthColumnDef 0, Password, check
AuthColumnDef 1, Framed-IP-Address, request
AddToReply Framed-IP-Netmask = 255.255.255.255
.....
</AuthBy>
PostAuthHook file:"%D/....."
.....
The PostAuthHook can look in the request packet and only add the
Framed-IP-Address to the reply if it exists in the request.
The request packet in this case is being used as a scratch pad area
to carry data between the AuthBy clause and the PostAuthHook.
You can use this technique to carry data between hooks as well.
hope that helps
regards
Hugh
On 23 Aug 2007, at 00:55, Adam Armstrong wrote:
> Hugh Irvine wrote:
>>
>> Hello Adam -
>>
>> I may have misunderstood exactly what you want to do.
>>
>> From what you show below, it would be easier to do something like
>> this in your configuration file:
>>
>> .....
>>
>> <AuthBy SQL>
>> ......
>> AuthSelect select PASSWORD, IP from SUBSCRIBERS \
>> where USERNAME = %0
>> AuthColumnDef 0, Password, check
>> AuthColumnDef 1, Framed-IP-Address, reply
>>
>> AddToReply Framed-IP-Netmask = 255.255.255.255
>>
>> .....
>> </AuthBy>
> This would add empty replies if there was no IP field? I only weant
> the field added if a static IP has been specified, so a dynamic one
> will be assigned by the LNS :)
>
>> .....
>>
>> The hook code you show below is adding the attributes to the
>> request, not the reply (only the request is availabe to the hook).
>>
>> If you do want to use a hook to do more complicated things, you
>> could use something like this to copy the attributes from the
>> request to the reply:
>>
>>
>> .....
>> <AuthBy SQL>
>> ......
>> # copy attributes from the request to the reply
>> AddToReply Framed-IP-Address = %{Framed-IP-Address}, \
>> Framed-IP-Netmask = %{Framed-IP-Netmask}
>> </AuthBy>
>> .....
>>
> Ahh, that seems like the way to do it!
>
> Can i get it to do this only if those attributes exist? Does a
> postauthhook have access to the request?
>
> Can i pass information from the postauthselecthook to the
> postauthhook?
>
> Thanks,
> adam.
>
>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list