Hello,
I'm running FreeRADIUS 2.1.7 on CentOS 5, and trying to configure MAC
Auth Bypass. I got everything functioning correctly using the Mac-Auth
Wiki page as a guide, including placement of the actual CSID
authentication code in the post-auth section. However, I just enabled
SQL in the post-auth section, and everything is getting logged to SQL
with reply Access-Accept, even if it matched the "reject" statement.
It seems to me that it's pretty logical that post-auth would be entered
with Auth-Type == Access-Accept, the SQL log would happen, and *then*
the "reject" statement would get executed. What I don't understand is
why I shouldn't move the actual authentication
(authorized_macs.authorize) to the auth { } section, or else how I go
about logging rejected requests.
Any advice or guidance would be greatly appreciated.
Thanks,
Jason Antman
--
Jason Antman
System Administrator
Rutgers University
OIT Central Systems & Services / NetOps
Office: 732-445-6363
Cell: 732-983-7256
[email protected]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
