On 2010/05/14 10:35 AM, Alan DeKok wrote:
Johan Meiring wrote:
The "dynamic clients' code runs modules before the packet is
decoded... but that's only because it doesn't *receive* the packet. So
any "raw" access to the packet will return nothing.
What are you doing with the module? I can't for the life of me see
why it would be useful in *any* situation.
Its dynamic clients.
I use it inside dynamic clients to look up the client via the Nas-Identifier.
My clients don't have fixed IPs. The only way to give different Nas's
different shared secrets is by doing this.
You made a modification to dynamic clients a while ago where you could get
hold of the whole packet inside dynamic clients.
Dont know if you remember this.
You sent a mail to me about it on Wed, 27 May 2009 14:05:31 +0200
============================SNIP===================================
I've made some changes in revision control that should help you. The
"dynamic client" virtual server will now receive the *full* RADIUS
packet. Before, it was impossible to look at the contents.
You will *still* need to use the "rlm_raw" module to look at the raw
packet contents. The contents are *not* decoded into attributes, as
happens when receiving normal packets.
See http://git.freeradius.org/pre for a tar file that contains the
code changes. You will need to add rlm_raw to the build. But after
that, something like the following should work:
authorize {
...
if ("%{raw:NAS-Identifier}" == "foo") {
...
}
...
}
============================SNIP===================================
It is definately usefull to me!
--
Johan Meiring
Cape PC Services CC
Tel: (021) 883-8271
Fax: (021) 886-7782
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
