Post-Auth: reply values
Hello all, I'm trying to write a script for the post-auth section. In this script I need the information if the Request was successful or if it was rejected. The sql module uses the following expression: %{reply:Packet-Type} But how could I use this in my script? I've written a short script shich should list all available Variables: #!/bin/bash printenv /tmp/radius/`date +%F_%H-%M-%S_%N` But it doesn't contain the reply values ... Any ideas or hints? bye Christian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Post-Auth: reply values
I'm trying to write a script for the post-auth section. In this script I need the information if the Request was successful or if it was rejected. The sql module uses the following expression: %{reply:Packet-Type} But how could I use this in my script? I've written a short script shich should list all available Variables: #!/bin/bash printenv /tmp/radius/`date +%F_%H-%M-%S_%N` But it doesn't contain the reply values ... Any ideas or hints? Only what's included in the Post-Auth-Type REJECT section in postauth is run when the request is about to be rejected. So that's a rather easy way of finding out if the request was successful or not. Yeah, that's true. In the meantime I solved the problem a different way. I created an exec module like this: [...] exec newclient { wait = yes program = /usr/local/etc/raddb/scripts/newclient.pl 172.16.21.174 %l %{reply:Packet-Type} } [...] bye Christian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to log rejected request
Hello all, I asked myself how to log rejected requests. For example: - Certificates which were revoked (CRL) - Wrong Certificates - or something else I thought about something like the post-auth procedure. Sure there is the possibility to scan the whole radius log file, but that's not what I want.. I hope this question isn't too crazy :) Thanks and bye Christian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
AW: How to log rejected request
Hello again, ok, ok, Reading often helps .. Here is an extract of radiusd.conf: [...] # Access-Reject packets are sent through the REJECT sub-section of the # post-auth section. # Uncomment the following and set the module name to the ldap instance # name if you have set 'edir_account_policy_check = yes' in the ldap # module sub-section of the 'modules' section. # Post-Auth-Type REJECT { # insert-module-name-here sql } [...] Sorry for this stupid question. Christian -Ursprüngliche Nachricht- Von: Gillmann, Christian [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 21. April 2005 09:27 An: 'freeradius-users@lists.cistron.nl' Betreff: How to log rejected request Hello all, I asked myself how to log rejected requests. For example: - Certificates which were revoked (CRL) - Wrong Certificates - or something else I thought about something like the post-auth procedure. Sure there is the possibility to scan the whole radius log file, but that's not what I want.. I hope this question isn't too crazy :) Thanks and bye Christian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html