summaryrefslogtreecommitdiffstats
path: root/raddb/mods-available/perl
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--raddb/mods-available/perl94
1 files changed, 94 insertions, 0 deletions
diff --git a/raddb/mods-available/perl b/raddb/mods-available/perl
new file mode 100644
index 0000000..99215b8
--- /dev/null
+++ b/raddb/mods-available/perl
@@ -0,0 +1,94 @@
+# -*- text -*-
+#
+# $Id$
+
+# Persistent, embedded Perl interpreter.
+#
+perl {
+ #
+ # The Perl script to execute on authorize, authenticate,
+ # accounting, xlat, etc. This is very similar to using
+ # 'rlm_exec' module, but it is persistent, and therefore
+ # faster.
+ #
+ filename = ${modconfdir}/${.:instance}/example.pl
+
+ #
+ # Options which are passed to the Perl interpreter.
+ # These are (mostly) the same options as are passed
+ # to the "perl" command line.
+ #
+ # The most useful flag is "-T". This sets tainting on, which
+ # makes it impossible to leverage bad User-Names into local
+ # command execution.
+ #
+ perl_flags = "-T"
+
+ #
+ # The following hashes are given to the module and
+ # filled with value-pairs (Attribute names and values)
+ #
+ # %RAD_CHECK Check items
+ # %RAD_REQUEST Attributes from the request
+ # %RAD_REPLY Attributes for the reply
+ # %RAD_REQUEST_PROXY Attributes from the proxied request
+ # %RAD_REQUEST_PROXY_REPLY Attributes from the proxy reply
+ #
+ # The interface between FreeRADIUS and Perl is strings.
+ # That is, attributes of type "octets" are converted to
+ # printable strings, such as "0xabcdef". If you want to
+ # access the binary values of the attributes, you should
+ # call the Perl "pack" function. Then to send any binary
+ # data back to FreeRADIUS, call the Perl "unpack" function,
+ # so that the contents of the hashes are printable strings.
+ #
+ # IP addresses are sent as strings, e.g. "192.0.2.25", and
+ # not as a 4-byte binary value. The same applies to other
+ # attribute data types.
+ #
+ # Attributes of type "string" are copied to Perl as-is.
+ # They are not escaped or interpreted.
+ #
+ # The return codes from functions in the perl_script
+ # are passed directly back to the server. These
+ # codes are defined in mods-config/example.pl
+ #
+
+ # You can define configuration items (and nested sub-sections) in perl "config" section.
+ # These items will be accessible in the perl script through %RAD_PERLCONF hash.
+ # For instance: $RAD_PERLCONF{'name'} $RAD_PERLCONF{'sub-config'}->{'name'}
+ #
+ #config {
+ # name = "value"
+ # sub-config {
+ # name = "value of name from config.sub-config"
+ # }
+ #}
+
+ #
+ # List of functions in the module to call.
+ # Uncomment and change if you want to use function
+ # names other than the defaults.
+ #
+ #func_authenticate = authenticate
+ #func_authorize = authorize
+ #func_preacct = preacct
+ #func_accounting = accounting
+ #func_checksimul = checksimul
+ #func_pre_proxy = pre_proxy
+ #func_post_proxy = post_proxy
+ #func_post_auth = post_auth
+ #func_recv_coa = recv_coa
+ #func_send_coa = send_coa
+ #func_xlat = xlat
+ #func_detach = detach
+
+ #
+ # Uncomment the following lines if you wish
+ # to use separate functions for Start and Stop
+ # accounting packets. In that case, the
+ # func_accounting function is not called.
+ #
+ #func_start_accounting = accounting_start
+ #func_stop_accounting = accounting_stop
+}