> > I don't know how to call the sql module for read the list users from mysql. > If I put in that section the sql instruction I don't know how compare the sql > results with the Calling-Station-Id that the NAS return in the request. > > Another thing is that I don't know why the authorization is made in post-auth > section.
Because technically authorisation should be performed after authentication, and the server really has it the wrong way round. Just change the files call in post-auth to be sql.authorize and check for the correct return code... Or use SQL XLAT... post-auth{ if(%{sql:SELECT COUNT(*) FROM `authorized_macs` WHERE `mac_address` == "%{Calling-Station-ID}"} > 0){ ok } else{ reject } } You'll have to build the tables yourself, but thats not hard... -Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html