ippool_problem.May_this_be_a_good_fix >> "Pierluigi Frullani" <[EMAIL PROTECTED]> wrote: >> > Looking in the code I think I' ve found a "bug" that I fixed this >> > way: >> ... >> > Brief, when entering in this lines, if the user was missing the >> > Pool-Name attribute, there were no return and some unpredictable >> > Pool address was returned. >> >> Ah, that's a problem. > > Well actually that was a design decision. If the Pool-Name attribute > does not exist then the first module instance in the authorize section > will give out an IP address. That way we have a default behaviour when > the Pool-Name is missing. But this should be specified or in the docs, or somewhere else, because if you have multiple pools, and an user or a group don't fall in a group the module would return every time an address from the first pool. It is hard to immagine that the problem is a user misconfiguration when you get an ip address from a pool you don't immagine. Maybe is better to have a "default" pool that should be "needed" in config and checked at startup. If it is not there is should not start or at least should give a warning. Or at least, in debug mode you should give a warning that the user don't fall in "the first" pool. Keep in mind that if the user don't have a group, the IP returned is always from the first pool.
Hope my english is enough clear. Pigi - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
