> Thomas Jalsovsky <[EMAIL PROTECTED]> wrote:
> > my nas sends:
> > ...
> > h323-ivr-out=transactionID:13880
> > h323-ivr-out=type:test.tcl
> > ...
> > I want to check by the h323-ivr-out line, so I would like to make
> > decision (about accept/reject) by the attribute h323-ivr-out which has
> > value 'type:<something>'.
> > When I test the attribute, the first line is tested and I don't
> > know how should I write a rule for this.
>
> Yes. The current code checks for the FIRST appearance of an
> attribute, and stops if it doesn't match.
>
> It *could* be changed to look for any other copy of an attribute, if
> the first one didn't match. That may be preferable, in fact.
>
> The code in src/main/valuepair.c, function paircmp() should be
> changed so that IF there isn't a match, it loops back to check for
> another copy of the same attribute. This will slow the server down a
> little, but not significantly.
>
> The patch would be fairly small, too. If people think it's terribly
> useful, I'll take a look at doing it in the next few days.
>
> Alan DeKok.
OK, I see that in the last CVS is the paircmp fix. I compiled the latest
CVS, and made som debugs. Unfortunately I can't make it working.
rad_recv: Access-Request packet from host 193.41.203.20:1645, id=181,
length=244
NAS-IP-Address = 193.41.203.20
Cisco-NAS-Port = "ISDN 3:D:31"
NAS-Port-Type = Async
User-Name = "160045"
h323-conf-id = "h323-conf-id=A0F37603 1AE911D6 B7E0FCCE C908BF0C"
Calling-Station-Id = "169"
Password = "********************"
Cisco-AVPair = "in-portgrp-id=(Local PBX)"
Cisco-AVPair = "h323-ivr-out=transactionID:16112"
Cisco-AVPair = "h323-ivr-out=type:pp"
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall: entering group redundant
rlm_sql: Reserving sql socket id: 19
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = '160045' ORDER BY id'
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = '160045' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = '160045' ORDER BY id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = '160045' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql: Released sql socket id: 19
rlm_sql: Pairs do not match []
modcall[authorize]: module "sql_primary" returns notfound
modcall: group redundant returns notfound
modcall: group authorize returns notfound
auth: No Auth-Type configuration for the request, rejecting the user
auth: Failed to validate the user.
I looked for the SQL queryes:
mysql> SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
-> Username = '160045' ORDER BY id;
+------+----------+----------------+-----------------------------+------+
| id | UserName | Attribute | Value | op |
+------+----------+----------------+-----------------------------+------+
| 1856 | 160045 | Crypt-Password | *************************** | NULL |
+------+----------+----------------+-----------------------------+------+
mysql> SELECT
->
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
-> FROM radgroupcheck,usergroup WHERE usergroup.Username = '160045'
AND
-> usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id;
+----+-----------+--------------+---------------+------+
| id | GroupName | Attribute | Value | op |
+----+-----------+--------------+---------------+------+
| 16 | prepaid | h323-ivr-out | type:pp | NULL |
+----+-----------+--------------+---------------+------+
mysql> SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
-> Username = '160045' ORDER BY id;
Empty set (0.00 sec)
mysql> SELECT
->
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
-> FROM radgroupreply,usergroup WHERE usergroup.Username = '160045'
AND
-> usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id;
+----+-----------+-------------------+---------------------+------+
| id | GroupName | Attribute | Value | op |
+----+-----------+-------------------+---------------------+------+
| 1 | prepaid | Exec-Program-Wait | /scripts/prepaid.pl | NULL |
| 3 | prepaid | Cisco-AVPair | h323-ivr-in=type:pp | NULL |
+----+-----------+-------------------+---------------------+------+
My tables:
mysql> select * from usergroup;
+----+------------+---------------+
| id | UserName | GroupName |
+----+------------+---------------+
| 2 | 160045 | prepaid |
+----+------------+---------------+
Something I do wrong or the paircmp fix doesn't solve this problem?
Thanks,
Thomas
p.s.: If I remove the
| 3 | prepaid | Cisco-AVPair | h323-ivr-in=type:pp | NULL |
line from radgroupreply, it is working fine, the Exec-Program-Wait is
started.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
