well, looking from the log, your virtual_server doesnt appear to set any
attribute
in its post-auth stage. calling the right thing or SQL table?
post-auth, yes, see the virtual server config below. Remember TEST1 and
TEST2 are the same virtual server, just proxying to them via different
methods. That's why I was getting confused, They behave differently if
you proxy to them in different ways.
my initial thought was your attr_filter wasnt allowing that attribute
through from the virtual_server (much like it would strip it out
if the domain/realm wasnt allowed - check pre-proxy and post-proxy parts)
No attr filters.
Ok I think we're getting somewhere with the pre- and post- proxy parts.
When I tried having the sql methods in there I got the following (Note 2
starts in debug 1 for pre, 1 for post)
Module: Checking pre-proxy {...} for more modules to load
/etc/freeradius/sites-enabled/test[59]: "SQL" modules aren't allowed in
'pre-proxy' sections -- they have no such method.
/etc/freeradius/sites-enabled/test[58]: Errors parsing pre-proxy section.
Module: Checking post-proxy {...} for more modules to load
/etc/freeradius/sites-enabled/test[62]: "SQL" modules aren't allowed in
'post-proxy' sections -- they have no such method.
/etc/freeradius/sites-enabled/test[61]: Errors parsing post-proxy section.
server test {
listen {
# ipaddr = *
ipaddr = 127.0.0.1
port = 11812
type = auth
}
listen {
# ipaddr = *
ipaddr = 127.0.0.1
port = 11813
type = acct
}
authorize {
# preprocess
sql
expiration
logintime
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type MD5 {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
unix
eap
}
preacct {
preprocess
acct_unique
files
}
accounting {
detail
unix
radutmp
}
session {
radutmp
# See "Simultaneous Use Checking Queries" in sql.conf
# sql
}
post-auth {
sql
}
pre-proxy {
# sql
}
post-proxy {
# sql
# attr_rewrite
eap
}
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
