Scott Lambert wrote: > lrad_packet_list_socket_add() is called with a pointer to the radius > request packet list structure and the socket file descriptor of the > socket which has been created with the call to socket() and bound to an > IP and port by bind() during the prior call to lrad_socket(). Is that > correct?
Yes. In the jail, it asks to bind to 0.0.0.0, but the socket *actually* binds to the jail IP. This is why the "inaddr_any" check doesn't match. > So, should we be looking for != in the above if() from > lrad_packet_list_socket_add()? ... no. The issue is that when udpfromto is used, we have: a) socket binds to 0.0.0.0 (really, outside of the jail) b) the server doesn't know which IP is used to send a packet c) the server DOES know which IP the response is sent to Since the "received" IP doesn't match the "source" IP, there's a little bit of tweaking that has to be done to match the response to an outstanding request. That's what that check is for. > I flipped that to a != comparison and it seems to work inside or outside > the jail with or without specifying the "Packet_Src-IP-Address". I have no idea why that would work... > Problem solved? Or, is this going to break other things? It should really break things... > =================================== > jail with Packet-Src-IP-Address: But that tells the server which IP to use for the source IP, so the whole "inaddr_any" checks don't apply. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
