On Tue, Jun 17, 2003 at 03:05:07PM -0700, System Administrator wrote:
> Freeradius version 0.8.1
> FreeBSD version 4.8
>
> I am trying to rewrite the User-Name attribute using
>
> attr_rewrite add_realm {
> attribute = User-Name
> searchin = packet
> searchfor = "^[a-z0-9_\-]+$"
> replacewith = "@domain"
> ignore_case = yes
> max_matches = 1
> new_attribute = no
> append = yes
> }
First, you shouldn't escape '-' inside [], however it doesn't matter
here. Second, the end-of-string-match ('$') will not work because
the '$' character is always "eaten" by radius_xlat(), but that's
another story.
> This sort of works, but what the detail file contains is as follows
>
> Tue Jun 17 14:57:54 2003
> Acct-Session-Id = "EB000032"
> User-Name = "username"
> NAS-IP-Address = 10.10.10.1
> NAS-Port = 0
> NAS-Port-Type = Async
> Acct-Status-Type = Start
> Acct-Authentic = RADIUS
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Address = 10.10.10.2
> Acct-Delay-Time = 0
> Client-IP-Address = 10.10.10.1
> Stripped-User-Name = "[EMAIL PROTECTED]"
> Realm = "NULL"
> Acct-Unique-Session-Id = "e44b1b3600511703"
> Timestamp = 1055887074
>
> It modifies the Stripped-User-Name and not the User-Name attribute which
> is what I am after. Any suggestions would be most helpful, thank you.
Shit. That's all because rlm_realm makes request->username to point
to newly-appended Stripped-User-Name valuepair, and some code
does a smart-hack: when the User-Name valuepair is being searched,
it returns that pointer immediately...
Try one of the following:
1. add a realm NULL with "nostrip" option in proxy.conf
2. comment out instance of rlm_realm from your preacct {} section
(suffix or prefix)
3. disable proxying at all (proxy_requests = no, don't include
proxy.conf)
All three work well for me. Hope this helps.
--
Fduch M. Pravking
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
