Post-Auth: reply values
Hello all,
I'm trying to write a script for the post-auth section.
In this script I need the information if the Request was successful or if it
was rejected.
The sql module uses the following expression: %{reply:Packet-Type}
But how could I use this in my script?
I've written a short script shich should list all available Variables:
#!/bin/bash
printenv /tmp/radius/`date +%F_%H-%M-%S_%N`
But it doesn't contain the reply values ...
Any ideas or hints?
bye
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Post-Auth: reply values
I'm trying to write a script for the post-auth section.
In this script I need the information if the Request was
successful or if it
was rejected.
The sql module uses the following expression: %{reply:Packet-Type}
But how could I use this in my script?
I've written a short script shich should list all available
Variables:
#!/bin/bash
printenv /tmp/radius/`date +%F_%H-%M-%S_%N`
But it doesn't contain the reply values ...
Any ideas or hints?
Only what's included in the Post-Auth-Type REJECT section in
postauth is run
when the request is about to be rejected. So that's a rather
easy way of
finding out if the request was successful or not.
Yeah, that's true.
In the meantime I solved the problem a different way. I created an exec
module like this:
[...]
exec newclient {
wait = yes
program = /usr/local/etc/raddb/scripts/newclient.pl 172.16.21.174 %l
%{reply:Packet-Type}
}
[...]
bye
Christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to log rejected request
Hello all, I asked myself how to log rejected requests. For example: - Certificates which were revoked (CRL) - Wrong Certificates - or something else I thought about something like the post-auth procedure. Sure there is the possibility to scan the whole radius log file, but that's not what I want.. I hope this question isn't too crazy :) Thanks and bye Christian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
AW: How to log rejected request
Hello again,
ok, ok,
Reading often helps ..
Here is an extract of radiusd.conf:
[...]
# Access-Reject packets are sent through the REJECT sub-section of
the
# post-auth section.
# Uncomment the following and set the module name to the ldap
instance
# name if you have set 'edir_account_policy_check = yes' in the
ldap
# module sub-section of the 'modules' section.
#
Post-Auth-Type REJECT {
# insert-module-name-here
sql
}
[...]
Sorry for this stupid question.
Christian
-Ursprüngliche Nachricht-
Von: Gillmann, Christian [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 21. April 2005 09:27
An: 'freeradius-users@lists.cistron.nl'
Betreff: How to log rejected request
Hello all,
I asked myself how to log rejected requests. For example:
- Certificates which were revoked (CRL)
- Wrong Certificates
- or something else
I thought about something like the post-auth procedure.
Sure there is the possibility to scan the whole radius log
file, but that's
not what I want..
I hope this question isn't too crazy :)
Thanks and bye
Christian
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
