Re: Authenticating and Blocking per client

Thu, 31 Mar 2005 08:51:38 -0800 

On Mar 30, 2005 5:02 AM, Peter Nixon <[EMAIL PROTECTED]> wrote:
> Yes. Huntgroups is exactly what you what...

I'm trying to get this working now.  Our current setup uses sql, so I
created the Huntgroup in the /etc/raddb/huntgroups file, then
specified Huntgroup-Name == testgroup in the radgroupcheck table of
the radius database.

Is this correct?  I restarted radiusd and I'm still able to connect to
the redback even though the user is pointed to huntrgroup that does
not contain the NAS-IP-Address of the redback...

Is == correct, or should I be using := in the database (I tried both
and neither seems to have an effect) ...

Here is the output from radiusd -X

rad_recv: Access-Request packet from host 10.0.0.50:1812, id=6, length=102
        User-Name = "testuser"
        User-Password = "testpass"
        NAS-Identifier = "agg0.example.com"
        NAS-IP-Address = 10.0.0.50
        NAS-Real-Port = 402653185
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 3892314151
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 14
  modcall[authorize]: module "preprocess" returns ok for request 14
  modcall[authorize]: module "chap" returns noop for request 14
  modcall[authorize]: module "mschap" returns noop for request 14
    rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 14
    rlm_realm: No '\' in User-Name = "testuser", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "ntdomain" returns noop for request 14
radius_xlat:  'testuser'
rlm_sql (sql): sql_set_user escaped user --> 'testuser'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username = 'testuser' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 0
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
 FROM radgroupcheck,usergroup WHERE usergroup.Username = 'testuser'
AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username = 'testuser' ORDER BY id'
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
 FROM radgroupreply,usergroup WHERE usergroup.Username = 'testuser'
AND usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id'
rlm_sql (sql): Released sql socket id: 0
  modcall[authorize]: module "sql" returns ok for request 14
modcall: group authorize returns ok for request 14
auth: type Crypt
  Processing the session section of radiusd.conf
modcall: entering group session for request 14
  modcall[session]: module "sql" returns noop for request 14
modcall: group session returns noop for request 14
Login OK: [testuser/testpass] (from client RedbackSMS port 3892314151)
Sending Access-Accept of id 6 to 10.0.0.50:1812
        Framed-IP-Address := 255.255.255.254
Finished request 14


 
> --
> 
> Peter Nixon
> http://www.peternixon.net/
> PGP Key: http://www.peternixon.net/public.asc

-- 
Jason 'XenoPhage' Frisvold
[EMAIL PROTECTED]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to