Johan Meiring wrote:
On 2010/07/21 11:00 AM, Alan DeKok wrote:
authorize {
...
if (ADSL-Agent-Circuit-Id \
(%{sql: select ...})) {
update control {
Auth-Type := Accept
}
}
else {
reject
}
}
I disagree with the logic
, July 28, 2010 3:37 PM
To: FreeRadius users mailing list
Subject: Re: freeradius and ADSL-Agent-Circuit-Id
Johan Meiring wrote:
On 2010/07/21 11:00 AM, Alan DeKok wrote:
authorize {
...
if (ADSL-Agent-Circuit-Id \
(%{sql: select ...})) {
update control
Tim Sylvester wrote:
Try the following:
Add this to the top of the Authorize section:
if ADSL-Agent-Circuit-Id {
update request {
User-Name := %{ADSL-Agent-Circuit-Id}
User-Password := %{ADSL-Agent-Circuit-Id}
Tim Sylvester wrote:
Try the following:
Add this to the top of the Authorize section:
if ADSL-Agent-Circuit-Id {
update request {
User-Name := %{ADSL-Agent-Circuit-Id}
User-Password :=
On 2010/07/20 10:50 PM, Mike wrote:
authorize {
if %{ADSL-Agent-Circuit-Id} {
update request {
User-Name := %{ADSL-Agent-Circuit-Id}
Password := %{ADSL-Agent-Circuit-Id}
}
}
Make sure that to add the User-Name (ADSL-Agent-Circuit-Id) to
radcheck and
set the password to the value of
Johan Meiring wrote:
I'm 100% sure my syntax is wrong today (I'm not an unlang master yet), but
the idea should work.
Opinions?
Close.
- You need to update a specific list.
- you need double quotes around string values
- the parser is *very* specific.
Follow the examples in man unlang
On 2010/07/21 11:00 AM, Alan DeKok wrote:
authorize {
...
if (ADSL-Agent-Circuit-Id \
(%{sql: select ...})) {
update control {
Auth-Type := Accept
}
}
else {
reject
Johan Meiring wrote:
I disagree with the logic slightly.
In my opinion it will also be rejected if ADSL-Agent-Circuit-Id does not
exist.
Yes. It all depends on what you want.
As fas as I understand, the desireable result is:
If the ADSL-Agent-Circuit-Id does *not* exist, normal
Greetings,
I would like to be able to incorporate processing of
ADSL-Agent-Circuit-Id into my freeradius / mysql environment. I have a
stock debian / freeradius2 server with a local mysql database, and my
bras is correctly getting this attribute to me and I see it under
freeradius -X. I
+tim.sylvester=networkradius@lists.freeradius.org] On Behalf
Of Mike
Sent: Tuesday, July 20, 2010 12:37 PM
To: FreeRadius users mailing list
Subject: freeradius and ADSL-Agent-Circuit-Id
Greetings,
I would like to be able to incorporate processing of
ADSL-Agent-Circuit-Id into my
Tim Sylvester wrote:
Ad this into the authorize section:
authorize {
if %{ADSL-Agent-Circuit-Id} {
update request {
User-Name := %{ADSL-Agent-Circuit-Id}
Password := %{ADSL-Agent-Circuit-Id}
}
}
This opens up a security hole I wish to avoid - if someone knows what
my
circuit Id's look like, and that database is used in any context where
a
user can send an id/password to authenticate that does NOT have
ADSL-Agent-Cirtcuit-Id in it, then I've created a bunch of known user
id's for
This opens up a security hole I wish to avoid - if someone knows what
my
circuit Id's look like, and that database is used in any context where
a
user can send an id/password to authenticate that does NOT have
ADSL-Agent-Cirtcuit-Id in it, then I've created a bunch of known user
id's for
13 matches
Mail list logo