>
> You don't. You use sql groups.
>
> Create two groups, group1 and group2; add to radgroupcheck:
> Nas-IP-Address == nas1 address and Pool-Name := pool1 for group1 and
> Nas-IP-Address == nas2 address and Pool-Name := pool2 for group2. Add
> the user to both groups.
Thanks,
it seems, as if this is working...
But there seems to be another problem or even a bug:
What does this errormessage mean?
------------------------------------
rlm_sql_mysql: MYSQL check_error: 1064 received
sqlippool_command: database query error in: 'UPDATE radippool SET
nasipaddress = '', pool_key = 0, callingstationid = '', username = '',
expiry_time IS NULL WHERE expiry_time <= NOW() - INTERVAL 1 SECOND AND
nasipaddress = '10.98.6.33''
-------------------------------------
I tried the same statement in the mysql-console and received the following
error:
-------------------------
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use near 'IS
NULL WHERE expiry_time <= NOW() - INTERVAL 1 SECOND AND nasipaddress = '1'
at line 1
-------------------------
Here is the complete debug-output:
-----------------------
rad_recv: Access-Request packet from host 10.98.6.33 port 4356, id=23, length=67
User-Name = "peter2"
User-Password = "peter2"
Called-Station-Id = "xxx"
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand:
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d ->
/var/log/radius/radacct/10.98.6.33/auth-detail-20090128
[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /var/log/radius/radacct/10.98.6.33/auth-detail-20090128
[auth_log] expand: %t -> Wed Jan 28 13:10:04 2009
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "peter2", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 183
++[files] returns ok
[sql] expand: %{User-Name} -> peter2
[sql] sql_set_user escaped user --> 'peter2'
rlm_sql (sql): Reserving sql socket id: 1
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id ->
SELECT id, username, attribute, value, op FROM radcheck
WHERE username = 'peter2' ORDER BY id
rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = 'peter2' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op FROM
radreply WHERE username = '%{SQL-User-Name}' ORDER BY id ->
SELECT id, username, attribute, value, op FROM radreply
WHERE username = 'peter2' ORDER BY id
rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM
radreply WHERE username = 'peter2' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup WHERE
username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname
FROM radusergroup WHERE username = 'peter2' ORDER
BY priority
rlm_sql_mysql: query: SELECT groupname FROM radusergroup
WHERE username = 'peter2' ORDER BY priority
[sql] expand: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER
BY id -> SELECT id, groupname, attribute, Value, op FROM
radgroupcheck WHERE groupname = 'Deutschland' ORDER BY id
rlm_sql_mysql: query: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = 'Deutschland'
ORDER BY id
[sql] User found in group Deutschland
[sql] expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER
BY id -> SELECT id, groupname, attribute, value, op FROM
radgroupreply WHERE groupname = 'Deutschland' ORDER BY id
rlm_sql_mysql: query: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = 'Deutschland'
ORDER BY id
rlm_sql (sql): Released sql socket id: 1
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "peter2"
[pap] Using clear text password "peter2"
[pap] User authenticated successfully
++[pap] returns ok
+- entering group post-auth {...}
rlm_sql (sql): Reserving sql socket id: 0
[sqlippool] expand: %{User-Name} -> peter2
[sqlippool] sql_set_user escaped user --> 'peter2'
[sqlippool] expand: START TRANSACTION -> START TRANSACTION
rlm_sql_mysql: query: START TRANSACTION
[sqlippool] expand: UPDATE radippool SET nasipaddress = '', pool_key = 0,
callingstationid = '', username = '', expiry_time IS NULL WHERE
expiry_time <= NOW() - INTERVAL 1 SECOND AND nasipaddress =
'%{Nas-IP-Address}' -> UPDATE radippool SET nasipaddress = '', pool_key = 0,
callingstationid = '', username = '', expiry_time IS NULL WHERE
expiry_time <= NOW() - INTERVAL 1 SECOND AND nasipaddress = '10.98.6.33'
rlm_sql_mysql: query: UPDATE radippool SET nasipaddress = '', pool_key = 0,
callingstationid = '', username = '', expiry_time IS NULL WHERE
expiry_time <= NOW() - INTERVAL 1 SECOND AND nasipaddress = '10.98.6.33'
rlm_sql_mysql: MYSQL check_error: 1064 received
sqlippool_command: database query error in: 'UPDATE radippool SET
nasipaddress = '', pool_key = 0, callingstationid = '', username = '',
expiry_time IS NULL WHERE expiry_time <= NOW() - INTERVAL 1 SECOND AND
nasipaddress = '10.98.6.33''
[sqlippool] expand: SELECT framedipaddress FROM radippool WHERE pool_name
= '%{control:Pool-Name}' AND expiry_time < NOW() ORDER BY (username <>
'%{User-Name}'), (callingstationid <> '%{Calling-Station-Id}'), expiry_time
LIMIT 1 FOR UPDATE -> SELECT framedipaddress FROM radippool WHERE pool_name =
'poolDE' AND expiry_time < NOW() ORDER BY (username <> 'peter2'),
(callingstationid <> ''), expiry_time LIMIT 1 FOR UPDATE
rlm_sql_mysql: query: SELECT framedipaddress FROM radippool WHERE pool_name =
'poolDE' AND expiry_time < NOW() ORDER BY (username <> 'peter2'),
(callingstationid <> ''), expiry_time LIMIT 1 FOR UPDATE
[sqlippool] expand: UPDATE radippool SET nasipaddress =
'%{NAS-IP-Address}', pool_key = '%{NAS-Port}', callingstationid =
'%{Calling-Station-Id}', username = '%{User-Name}', expiry_time = NOW() +
INTERVAL 3600 SECOND WHERE framedipaddress = '192.168.1.4' -> UPDATE radippool
SET nasipaddress = '10.98.6.33', pool_key = '', callingstationid = '',
username = 'peter2', expiry_time = NOW() + INTERVAL 3600 SECOND WHERE
framedipaddress = '192.168.1.4'
rlm_sql_mysql: query: UPDATE radippool SET nasipaddress = '10.98.6.33',
pool_key = '', callingstationid = '', username = 'peter2', expiry_time =
NOW() + INTERVAL 3600 SECOND WHERE framedipaddress = '192.168.1.4'
[sqlippool] Allocated IP 192.168.1.4 [0401a8c0]
[sqlippool] expand: COMMIT -> COMMIT
rlm_sql_mysql: query: COMMIT
rlm_sql (sql): Released sql socket id: 0
[sqlippool] expand: Allocated IP: %{reply:Framed-IP-Address} from
%{control:Pool-Name} (did %{Called-Station-Id} cli %{Calling-Station-Id} port
%{NAS-Port} user %{User-Name}) -> Allocated IP: 192.168.1.4 from poolDE (did
xxx cli port user peter2)
Allocated IP: 192.168.1.4 from poolDE (did xxx cli port user peter2)
++[sqlippool] returns ok
++[exec] returns noop
Sending Access-Accept of id 23 to 10.98.6.33 port 4356
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Netmask = 255.255.255.0
Framed-IP-Address = 192.168.1.4
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 4 ID 23 with timestamp +7373
Ready to process requests.
------------------------------
Do you have any ideas?
Thanks
Sebastian
--
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen:
http://www.gmx.net/de/go/multimessenger
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
