[RADIATOR] How to Extract Vendor Attribute in PostAuth Hook

Hugh Irvine hugh at open.com.au
Thu Dec 11 02:12:08 CST 2008 

Hello Michael -

You just need to use this:


my $etherport = ${$p}->{outerRequest}->get_attr('Cisco-NAS-Port');


See my examples in "goodies/hooks.txt".

regards

Hugh


On 11 Dec 2008, at 18:58, Michael Harlow wrote:

>
> Hi,
>
> I'm trying to make some changes to our logging. I'm trying to  
> extract some attributes from an Access-Request whilst in a postauth  
> hook script. The existing code seems to refer to some standard  
> attributes, but I wish to extract a vendor value, specifically the  
> Cisco switch port string (Cisco-NAS-Port = "FastEthernet0/1") so I  
> can store it in the DB.
>
> In the dictionary NAS-Port is defined thus:
> ATTRIBUTE	NAS-Port			5	integer
>
> But the one I want is defined thus:
> VENDORATTR      9 	Cisco-NAS-Port          	2  	string
>
>
> I don't think I can do as detailed below, as the string  
> CISCO_NAS_PORT is not defined in any source file or header or  
> dictionary. How can I extract the parameter/value? I'm not that perl  
> savvy. I'm a cut'n'paste sort of guy.
>
> Thanks, Michael
>
> ####################
> Eap_anon_hook.pl (Part)
>
> my $nasidentifier = $dbh->quote(${$p}->{outerRequest}->getNasId());
> my $nasport = ${$p}->{outerRequest}- 
> >getAttrByNum($Radius::Radius::NAS_PORT);
> my $stationid = $dbh->quote(${$p}->{outerRequest} ->
>                          
> getAttrByNum($Radius::Radius::CALLING_STATION_ID));
> my $radioid = $dbh->quote(${$p}->{outerRequest} ->
>                          
> getAttrByNum($Radius::Radius::CALLED_STATION_ID));
> my $vlanid = ${$p}->{outerRequest}->getAttrByNum(81);
> my $etherport = ${$p}->{outerRequest} ->
>                         getAttrByNum($Radius::Radius::CISCO_NAS_PORT);
>                                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^  
> Wrong
>
>
> #########################
> Code:       Access-Request
> Identifier: 43
> Authentic:   
> 7*_<210><246><179><129><13><162>t<220><234><205><4><1><182>
> Attributes:
> 	User-Name = "COMMTECH-C800\mike"
> 	Service-Type = Framed-User
> 	Framed-MTU = 1500
> 	Called-Station-Id = "00-1F-27-A3-09-01"
> 	Calling-Station-Id = "00-04-76-43-C8-11"
> 	EAP-Message =  
> < 
> 2 
> > 
> '< 
> 0><29><25><0><23><3><1><0><18><5>NR<218><154>h&<182>F<133>j^<8><247>/ 
> o<240><159>
> 	Message-Authenticator = <189><135><158><10><200>  
> ZO<141><198><28><168>|T<229><8>
> 	NAS-Port-Type = Ethernet
> 	Cisco-NAS-Port = "FastEthernet0/1"
> 	NAS-Port = 50001
> 	NAS-IP-Address = 172.31.4.88
> 	Acct-Session-Id = "AC1F045800000017"
>
> #########################
> Dictionary
>
> VENDORATTR      9 	cisco-avpair            	1       string
> VENDORATTR      9 	Cisco-NAS-Port          	2  	string
> VENDORATTR      9 	cisco-h323-remote-address       23 	string
> VENDORATTR      9 	cisco-h323-conf-id      	24      string
> VENDORATTR      9 	cisco-h323-setup-time   	25      string
> VENDORATTR      9 	cisco-h323-call-origin  	26      string
>
>
> -----------------------------------------------------------------
> Yesterday is history, tomorrow is a mystery, but today is a gift.
> That is why it is called the present. [Oogway - Kungfu Panda]
> -----------------------------------------------------------------
> Michael Harlow                     Private Bag 69
> Network Engineer                   Hobart Tasmania 7001
> IT Resources                       Ph  03 6226 1812
> University of Tasmania             Mob 0438 26 1812
> Michael.Harlow at utas.edu.au         Fx  03 6226 7171
> -----------------------------------------------------------------
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

More information about the radiator mailing list