I was thinking of having radrelay pass Client-IP-Address as if it were a
protocol attribute, then not call preprocess from preacct in the target
server. If that doesn't work, then I could use a similar check in preprocess
as is done for NAS-IP-Address so that if Client-IP-Address is there, then it
is not overwritten. I'm looking for the quickest solution, since it's just
for a (hopefully short) transition phase.
I also realised that it can be done in config by having the source server
write a copy of Client-IP-Address into another attribute using hints, then
write it back in the target server using attr_rewrite. However my source
server is running an old freeradius (0.8.x) which doesn't seem to support
%{Client-IP-Address} type substitutions in the hints file.
Thanks anyway for the info,
Simon.
---
On Thursday 22 July 2004 17:49, Alan DeKok wrote:
> Simon Bryden <[EMAIL PROTECTED]> wrote:
> > The problem is that I need the resulting Client-IP-Address attribute
> > to be the address of the original client, not of my radrelay source.
>
> That can't happen. Client-IP-Address is the address of the client,
> and nothing else.
>
> The only way to do what you want is to hack radrelay to take the
> Client-IP-Address, and put it into a RADIUS packet as another
> (probably vendor-specific) attribute. That way the other server can
> see the address of the real client.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
