Hi Jeremy, Most of the attributes you specify below should be in 'radgroupreply', not in 'radgroupcheck' (everything except AuthType, I believe).
In addition to fixing that, I posted a patch to this list on Jan 13th that allows you to specify more than one Attribute with the same name. The subject line of the message is: "Patch for using multiple group reply attributes from SQL." This patch has not made it into CVS yet. Maybe more people need to try it and comment on it. Alan? At 12:56 PM 1/25/2002 -0800, you wrote: >Alan, > >Thanks for the advice. I uninstalled the old version of FreeRADIUS on my >test server and grabbed the newest CVS snapshot this morning. radiusd -v >outputs: > >radiusd: FreeRADIUS Version 0.5, for host i686-pc-linux-gnu, built on Jan 25 >2002 at 09:46:13 > >The dates on both the radiusd executable and rlm_sql_mysql lib in /usr/lib >are from this morning, so I know they were updated. I then updated the MySQL >schema from the new db_mysql.sql file. > >My current MySQL radgroupcheck table schema looks like: >+----+-----------+-------------------------+---------------------------------------+------+ >| id | GroupName | Attribute | Value > | op | >+----+-----------+-------------------------+---------------------------------------+------+ >| 1 | default | Auth-Type | Crypt-Local > | = | >| 2 | default | Service-Type | Framed-User > | = | >| 3 | default | Framed-Protocol | PPP > | = | >| 4 | default | X-Ascend-Assign-IP-Pool | 0 > | = | >| 5 | default | X-Ascend-Data-Filter | ip input forward tcp est > | += | >| 6 | default | X-Ascend-Data-Filter | ip in forward dstip >216.237.152.16/28 | += | >| 7 | default | X-Ascend-Data-Filter | ip in drop tcp dstport = 25 > | += | >| 8 | default | X-Ascend-Data-Filter | ip in forward > | += | >| 9 | default | X-Ascend-Idle-Limit | 1800 > | = | >+----+-----------+-------------------------+---------------------------------------+------+ > >When I run a radtest, under radiusd -x it is printing the following as the >SELECT statements: > >SELECT id,uid,'Crypt-Password',c_passwd,'=' FROM user WHERE uid = 'test' >ORDER BY id LIMIT 10 >SELECT >radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op > > >FROM radgroupcheck,user WHERE user.uid = 'test' AND 'default' = >radgroupcheck.GroupName ORDER BY radgroupcheck.id LIMIT 10 >SELECT id,uid,'Crypt-Password',c_passwd,'=' FROM user WHERE uid = 'test' >ORDER BY id LIMIT 10 >SELECT >radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op > > >FROM radgroupreply,user WHERE user.uid = 'test' AND 'default' = >radgroupreply.GroupName ORDER BY radgroupreply.id LIMIT 10 > >I have replaced a couple of SELECT parts with '' constants, since all of the >users will have the same vaule for the appropriate column. > >However, I am still unable to get it to return more than one >X-Ascend-Data-Filter statement. A sample radtest: > >rad_recv: Access-Accept packet from host 10.1.1.5:1645, id=2, length=78 > Service-Type = Framed-User > Framed-Protocol = PPP > X-Ascend-Assign-IP-Pool = 0 > X-Ascend-Data-Filter = "ip input forward tcp" > X-Ascend-Idle-Limit = 1800 > >If I remove the first X-Ascend-Data-Filter statement in my radgroupcheck >table, then the second one outputs, but still only that one. > >My current incantation of RADIUS is using Cistron 1.5.x and a >/etc/raddb/users file. A sample user looks like: > >test Auth-Type = Local, Password = "1234" > Service-Type = Framed-User, > Framed-Protocol = PPP, > Ascend-Assign-IP-Pool = 0, > Ascend-Data-Filter = "ip in forward tcp est", > Ascend-Data-Filter = "ip in forward dstip 216.237.152.16/28", > Ascend-Data-Filter = "ip in drop tcp dstport = 25", > Ascend-Data-Filter = "ip in forward", > Ascend-Idle-Limit = 1800 > >And returns with radtest: > >Service-Type = Framed-User > Framed-Protocol = PPP > X-Ascend-Assign-IP-Pool = 0 > X-Ascend-Data-Filter = "ip input forward tcp" > X-Ascend-Data-Filter = "ip input forward 0 dstip 216.237.152.16/28" > X-Ascend-Data-Filter = "ip input drop tcp dstport = 25" > X-Ascend-Data-Filter = "ip input forward 0" > X-Ascend-Idle-Limit = 1800 > >As you can see, I'm not using "+=" with my current version and it's still >returning all four attributes. Although, I have put "+=" in my radgroupreply >table, because from what I can tell it's the proper syntax anyways. > >But, it's still only showing "=" in the radtest, not "+=" I have checked the >syntax of the SELECT statement and it looks ok to me. > >Sorry for the length of this e-mail, and I'm sure I'm missing something here. > Thanks again for the help and thanks for FreeRADIUS, it's about to make my >life a whole lot easier. :) > >Jeremy > >On Thursday 24 January 2002 01:24 pm, you wrote: > > Jeremy Brown <[EMAIL PROTECTED]> wrote: > > > Everything in the radgroupreply table comes back ok, except if I have to > > > different rows with the same Attribute name, in which case it is only > > > displaying the first instance of the attribute name. > > > > Grab the latest CVS snapshot, and update the SQL schema. > > > > The schema now supports operators, like the 'users' file. So you > > can add an entry to the row with "+=", to tell it to add multiple > > attributes of the same type. > > > > Alan DeKok. > > > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Randy Moore Axion Information Technologies, Inc. email [EMAIL PROTECTED] phone 301-408-1200 fax 301-445-3947 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
