Hi
I want to config MPD5 in such a way it uses external script for
authentication in L2TP service, so I added these lines to mpd.conf
Code:
startup:
set user admin 1234 admin
set web self 127.0.0.1 5006
set web open
set console self 127.0.0.1 5005
set console open
default:
load l2tp_server
l2tp_server:
set ippool add pool2 192.168.11.236 192.168.11.250
create bundle template D
set iface enable proxy-arp
set iface enable on-demand
set iface idle 1800
set iface enable tcpmssfix
set ipcp yes vjcomp
set ipcp ranges 192.168.11.2/32 ippool pool2
set ipcp dns 8.8.8.8
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless
create link template D-L l2tp
set link action bundle D
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 0
set link mtu 1460
set l2tp self 0.0.0.0 1701
set link enable incoming
set auth disable internal
set auth enable ext-auth
set auth extauth-script /root/CODE/test/fu.sh
On invocation extauth/extacct scripts receive on stdin set of request
attribute:value pairs terminated by empty line and must generate response
in same format on stdout.
Click to expand...
So for test my fu.sh I just added to it these lines:
Code:
!/usr/local/bin/bash
echo "AUTH_TYPE:"
echo ""
But in mpd.log file I got "undefine attribute "AUTH_TYPE" ". So I decided
to test other attribute but always get same result as before [image: :(]
Can anybody help me and say me how exactly I should use fu.sh?
i found my mistake :D . AUTH_TYPE is request attribute not response :D . but now i have other problem . how use external script for authentication i mean with stdin i can get some attribute from MPD and i have users and their passwords in text file but i don't know how i should response to MPD and check a username and password is valid or not for login ?????????????????
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Have you read this: http://mpd.sourceforge.net/doc5/mpd31.html#31 ? It may be short, but informative. For detailed description of those attributes you may look into RADIUS RFC, since most of them were taken from there. For the beginning I recommend you to just save and analyze all arguments submitted to script.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
let's clear my situation : on my FreeBSD system i have a service that it using MPD . this service have its users and passwords . now i should add to this system an L2TP service and i want to use MPD too . but older service is using mpd.secret for authentication so i decided to use external script but can't do it . also for some reason i can't use RADIUS . i saw that link you mentioned but still i don't no how write that script ??????? can you give me another start point ( or example )?
Is there another way so that this different service can work alongside together ( some solution that doesn't use RADIUS or external authentication ) ?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi
I want to config MPD5 in such a way it uses external script for
authentication in L2TP service, so I added these lines to mpd.conf
Code:
startup:
set user admin 1234 admin
set web self 127.0.0.1 5006
set web open
set console self 127.0.0.1 5005
set console open
default:
load l2tp_server
l2tp_server:
set ippool add pool2 192.168.11.236 192.168.11.250
create bundle template D
set iface enable proxy-arp
set iface enable on-demand
set iface idle 1800
set iface enable tcpmssfix
set ipcp yes vjcomp
set ipcp ranges 192.168.11.2/32 ippool pool2
set ipcp dns 8.8.8.8
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless
create link template D-L l2tp
set link action bundle D
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 0
set link mtu 1460
set l2tp self 0.0.0.0 1701
set link enable incoming
set auth disable internal
set auth enable ext-auth
set auth extauth-script /root/CODE/test/fu.sh
According to this http://mpd.sourceforge.net/doc5/mpd31.html#extauth my
script should work in this way:
On invocation extauth/extacct scripts receive on stdin set of request
attribute:value pairs terminated by empty line and must generate response
in same format on stdout.
Click to expand...
So for test my fu.sh I just added to it these lines:
Code:
!/usr/local/bin/bash
echo "AUTH_TYPE:"
echo ""
But in mpd.log file I got "undefine attribute "AUTH_TYPE" ". So I decided
to test other attribute but always get same result as before [image: :(]
Can anybody help me and say me how exactly I should use fu.sh?
i found my mistake :D . AUTH_TYPE is request attribute not response :D . but now i have other problem . how use external script for authentication i mean with stdin i can get some attribute from MPD and i have users and their passwords in text file but i don't know how i should response to MPD and check a username and password is valid or not for login ?????????????????
Have you read this: http://mpd.sourceforge.net/doc5/mpd31.html#31 ? It may be short, but informative. For detailed description of those attributes you may look into RADIUS RFC, since most of them were taken from there. For the beginning I recommend you to just save and analyze all arguments submitted to script.
let's clear my situation : on my FreeBSD system i have a service that it using MPD . this service have its users and passwords . now i should add to this system an L2TP service and i want to use MPD too . but older service is using mpd.secret for authentication so i decided to use external script but can't do it . also for some reason i can't use RADIUS . i saw that link you mentioned but still i don't no how write that script ??????? can you give me another start point ( or example )?
Is there another way so that this different service can work alongside together ( some solution that doesn't use RADIUS or external authentication ) ?