[RADIATOR] Defining share secret per NASID instead of IP

Bengi Sağlam bengi at socialandbeyond.com
Thu Oct 30 05:10:13 CDT 2014 

Hi all,

I have been trying to fetch client details from the SQL database specified
by DBSource. I found <ClientListSQL> clause to load clients from the
DBSource with the GetClientQuery.


<ClientListSQL>

DBSource        dbi:Pg:dbname=test;host=127.0.0.1

DBUsername      testing

DBAuth          123456

GetClientQuery SELECT NAME, SECRET,NASID FROM CLIENTS

</ClientListSQL>


In database there is CLIENTS table. Basically this table has the IP as the
name, Secret and the Nasid for the router. Name always should be '0.0.0.0/0'
to avoid network restriction on the IP.


      name      |      secret      |       nasid

----------------+------------------+-------------------

 0.0.0.0/0     |  xxxxxxxxxxxx | 00-0C-42-FA-53-30

 0.0.0.0/0     |  yyyyyyyyyyyy | 00-27-22-9A-D9-A1

 0.0.0.0/0     |  zzzzzzzzzzzz | DC-9F-DB-34-3A-2E


With the given sample data above if the secret 'xxxxxxxxxxxx ' fails for
the client ' 00-0C-42-FA-53-30', radiator fetches the client
"00-0C-42-FA-53-30" with the any secret( yyyyyyyyyyyy or zzzzzzzzzzzz)
defined for the name '0.0.0.0/0' . What I want is secret to be fetched per
nasid not for the ip(name). So if the secret 'xxxxxxxxxxxx ' fails for the
client '00-0C-42-FA-53-30', then radiator should inform client with the
"Bad password".

I also tried to refactor my table by having only NASID and SECRET since the
radiator documentation says that *"**Your database table must include at
least the first and second fields (i.e. the NAS name or IP address or MAC
address and the shared secret). All the other fields are optional*"( see
radiator_doc <http://people.su.se/~kllin/radiator_doc/ref.html#pgfId=388046>).
However when radiator receives a SIGHUP signal always interprets NASID as
name and complains that "Could not resolve address 00-0C-42-FA-53-30 for
Client 00-0C-42-FA-53-30".

I have been looking forward to hear any solution.

Cheers,

Bengi.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20141030/37246c0a/attachment-0001.html

More information about the radiator mailing list