On Mon, 3 Nov 2003, ZORBADELOS KONSTANTINOS wrote: > > Hello to everyone. > This is my first post to the list. I want to have a user that is > allowed to have ISDN or PSTN access and another that should have PSTN > access only. I am using the attribute NAS-Port-Type in the check list > to accomplish this. In the first user I want the NAS-Port-Type to have > values Async or ISDN and in the second I want to have Async only. I am > also using the sql module so my users' authorization data are stored > in an Oracle database. Freeradius version 0.9.2 (latest for now). > My radcheck table looks like > > +--+--------------+------------------+-----+----------- > id username attribute op value > +--+--------------+------------------+-----+----------- > 1 kzorba User-Password == xxxx > 2 kzorba NAS-Port-Type == Async > 3 kzorba NAS-Port-Type == ISDN > 4 mitg User-Password == yyyy > 5 mitg NAS-Port-Type == Async > +--+--------------+------------------+-----+----------- > > I am using the NTradping test utility (as descibed in the O'Reilly > book) but the results are the same when I use a Cisco 3640 > router. When I > am sending one of the 2 allowed values in an > Access-Request for kzorba I always get reject. I tried to put as a > value for NAS-Port-Type "Async-ISDN" in one record instead of 2 and I > always got accept no matter what I sent (even a value besides ISDN or > Async). I only managed to get accept when I have one record with a > specific value (in this case everything works as expected). So the > question is: > How can I express the fact that I want to accept the user when the > attribute has value a OR b? By generalizing can I have boolean > expressions in check items? > Thank you in advance
I think that the AND relation of the check items is rather strongly established in the check functions of freeradius. The way i see it you have two choises: 1. Use a regular expression 2. Use the checkval module (check raddb/experimental.conf) > > Kostas > > > ====================================================== > Kostas Zorbadelos > Currently at: Otenet IT Department > mailto: [EMAIL PROTECTED] > > Out there in the darkness, out there in the night > out there in the starlight, one soul burns brighter > than a thousand suns. > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
