[authorized_macs.authorize] returns noop

Thu, 06 Jan 2011 04:57:11 -0800 

Dear experts,
I setup mac_auth as in the freeradius wiki and its not working, am unable to debug further. 
requesting for help!
It correctly sets Auth-Type to CSID. but authorized_macs.authorize] returns noop 
I have pasted debug output and the relevant files below.

## Debug output of radiusd:
rad_recv: Access-Request packet from host 158.144.55.107 port 3072, id=62, length=175 
       User-Name = "TEST\\test"
       NAS-IP-Address = 158.144.55.107
       NAS-Port = 0
       Called-Station-Id = "001f1fd74ce9"
       Calling-Station-Id = "001a734337c9"
       NAS-Identifier = "Realtek Access Point. 8181"
       Framed-MTU = 1400
       NAS-Port-Type = Wireless-802.11
       Service-Type = Framed-User
       Connect-Info = "CONNECT 11Mbps 802.11b"
       EAP-Message = 0x0200000e01544553545c74657374
       Message-Authenticator = 0x1b88a63d48cd003d10945139139bbcac
+- entering group authorize {...}
++[control] returns notfound
Found Auth-Type = CSID
+- entering group CSID {...}
++? if (Chap-Password)
? Evaluating (Chap-Password) -> FALSE
++? if (Chap-Password) -> FALSE
++- entering else else {...}
+++[ok] returns ok
++- else else returns ok
+- entering group post-auth {...}
++? if (control:Auth-Type == 'CSID')
? Evaluating (control:Auth-Type == 'CSID') -> TRUE
++? if (control:Auth-Type == 'CSID') -> TRUE
++- entering if (control:Auth-Type == 'CSID') {...}
[authorized_macs]       expand: %{Calling-Station-ID} -> 001a734337c9
+++[authorized_macs.authorize] returns noop
+++? if (!ok)
? Evaluating !(ok) -> TRUE
+++? if (!ok) -> TRUE
+++- entering if (!ok) {...}
++++[reject] returns reject
+++- if (!ok) returns reject
++- if (control:Auth-Type == 'CSID') returns reject
Using Post-Auth-Type Reject
WARNING: Unknown value specified for Post-Auth-Type. Cannot perform requested action. 

###### cat sites-available/default
authorize {
#eap
       update control {
               Auth-Type = 'CSID'
       }
}

authenticate {
  Auth-Type CSID {
       if(Chap-Password){
               update control {
                       Cleartext-Password := "%{User-Name}"
               }
               chap
       }
       else{
               ok
       }
  }
}

post-auth {
  if(control:Auth-Type == 'CSID'){
       # Authorization happens here
       authorized_macs.authorize
       if(!ok){
               reject
       }
  }
}

##### cat modules/file
files authorized_macs {
       key = "%{Calling-Station-ID}"
       usersfile = ${confdir}/authorized_macs
       compat = no
}


#### cat {confdir}/authorized_macs
001a734337c9 Reply-Message = "OK"



Thank you for helping!

--

+----------------------------------+--------------------------------------+
Nagaraj Panyam                     | Office tel: +91-22-22782126
Dept of High Energy Physics | Office fax: +91-22-22804610 Tata Instt. of Fundamental Research| Home tel : +91-22-22804936 Mumbai - 400 005, INDIA | **Email** : [email protected] +----------------------------------+--------------------------------------+ 

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to