Thanks for the help. We have come up with the following example of a
working php
script. Here it is for anybody else who needs it.
One of the things we discovered is that is very important to include the line
feed after the write to stdout.
#!/usr/local/bin/php -q
<?php
/*
10-04-05 IMC
http://www.gnu.org/software/radius/manual/html_chapter/radius_11.html#SEC193
We write a filter program that reads its standard input line by line.
Each input line must consist of exactly two words: the user name and
the calling
station ID.
For each input line, the program prints 0 if the {user_name, id} is
found in the
database and 1 otherwise.
Then it will look like:
*/
//declare vars
$rad_mysql_server = "localhost";
$rad_mysql_db = "dbname";
$rad_mysql_user = "user";
$rad_mysql_pass = "pass";
$db_connect = true;
$MAX_PORTS = 100;
ob_start(); //buffer output so php doesn't barf into radius
//get IO handlers setup
$fp = fopen("/usr/local/etc/raddb/port_check_log", "a");
$stdout = fopen('php://stdout', 'w');
$stdin = fopen('php://stdin', 'r');
if( ! $rad_dbcp = mysql_connect($rad_mysql_server, $rad_mysql_user,
$rad_mysql_pass) )
{
fwrite($fp, "Database Connection Failer " . mysql_error($rad_dbcp) .
"\n");
$db_connect = false;
}
if ($stdin)
{
$i=0;
while (!feof($stdin))
{
//Filter Loop stdin as long as radiusd is running
$buffer = fgets($stdin, 4096);
fwrite($fp, ":$i:$buffer:\n");
$buffer = trim($buffer);
$username = strtok($buffer, " ");
//$second_parameter = strtok(" ");
$query_string = "whatever";
if($db_connect && $result =
mysql_db_query($rad_mysql_db,$query_string,$rad_dbcp))
{
//$num_ports = mysql_num_rows($result);
$row_array = mysql_fetch_array($result,
MYSQL_NUM);
$num_ports = $row_array[0];
fwrite($fp, "ports check:
$num_ports\n");
if($MAX_PORTS < $num_ports)
{
fwrite($fp, "reject
$username\n");
//Reject Login
fwrite($stdout, "1\n");
}
else
{
fwrite($fp, "accept
$username\n");
//Accept Login
fwrite($stdout, "0\n");
}
}else
{
//Unable to check so lets approve
fwrite($fp, "DB not connected or query
failed: $query_string ||" .
mysql_error($rad_dbcp) . "\n");
//Accept Login
fwrite($stdout, "0\n");
}
$i++;
//end while
}
fclose($stdin);
}
if($db_connect) { //if db connected close
mysql_close($rad_dbcp);
}
//close output handler
fclose($stdout);
//dump output buffer
$out = ob_get_clean();
fwrite($fp, "output buffer: $out\n");
fclose($fp);
//Clean Exit
exit(0);
?>
--
Quoting Sergey Poznyakoff <[EMAIL PROTECTED]>:
Bill Neely <[EMAIL PROTECTED]> wrote:
Does anyone have an example of a filter script written in PHP. I
can;t figure
out what to pass back to have the filter accept or reject the user.
--
Though I don't have a PHP example, I can suggest you to visit the
following page:
http://www.gnu.org/software/radius/manual/html_node/radius_103.html#SEC193
It contains a detailed discussion of Radius filters with a sample filter
written in Bourne shell. It should not be too hard to convert this
sample to PHP.
Regards,
Sergey
----------------------------------------------------------------
This message was sent using http://newwebmail.gct21.net
_______________________________________________
Help-gnu-radius mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-gnu-radius
