Hello to everyone. My scenario is simple. When I receive an authentication request for a user, I want to run an external program and if everything goes OK, return access-accept with some attributes, otherwise I want to return access-reject with other attributes.
I have done the following configuration in radiusd.conf: exec callerid { wait=yes program=/space/radius/callerid.sh input_pairs = request output_pairs = reply packet_type = Access-Request } in users I have CLIDACTIVATE Auth-Type := Local, Autz-Type := CLID and in the authorize section of radiusd.conf Autz-Type CLID{ callerid } In case my script terminates normally, I get the attribute value pairs appended to an access-accept message as I want. However, if I make an exit 1 at the end of the script, I do not get an access-reject with the output attribute-value pairs appended. I make the test with radtest radtest -d . CLIDACTIVATE 1760 localhost 123 testing123 and from radiusd -X I get rad_recv: Access-Request packet from host 127.0.0.1:64711, id=42, length=64 User-Name = "CLIDACTIVATE" User-Password = "1760" NAS-IP-Address = 255.255.255.255 NAS-Port = 123 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 modcall[authorize]: module "chap" returns noop for request 2 modcall[authorize]: module "mschap" returns noop for request 2 rlm_realm: No '/' in User-Name = "CLIDACTIVATE", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "realmslash" returns noop for request 2 rlm_realm: No '@' in User-Name = "CLIDACTIVATE", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 2 users: Matched CLIDACTIVATE at 74 modcall[authorize]: module "files" returns ok for request 2 modcall: group authorize returns ok for request 2 Processing the authorize section of radiusd.conf modcall: entering group Autz-Type for request 2 radius_xlat: '/space/radius/callerid.sh' Exec-Program: /space/radius/callerid.sh Exec-Program output: h323-return-code = "2" Exec-Program-Wait: value-pairs: h323-return-code = "2" Exec-Program: returned: 1 rlm_exec (callerid): External script failed modcall[authorize]: module "callerid" returns fail for request 2 modcall: group Autz-Type returns fail for request 2 Finished request 2 Going to the next request The module returns fail but no access-reject is sent back and radtest keeps retransmitting. What am I missing? Thanks for any help. Kostas -- Kostas Zorbadelos Currently at: Otenet IT Department mailto: [EMAIL PROTECTED] Out there in the darkness, out there in the night out there in the starlight, one soul burns brighter than a thousand suns. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html