> Hello FreeRadius list: > > I'm having difficulty getting the attr_rewrite module to do...well, > anything. > > I have a working RADIUS installation validating off of a mySQL database. > Our existing NASs (Wireless APs) transmit mac addresses as 12 character > lower case letter/number combos - this corresponds to username within > RADIUS. A new NAS device is transmitting mac addresses in caps, with a > colon between each octet. I am trying to filter the attributes coming from > the new NAS so that they are of the correct format in our mySQL database. > > I have already gotten the case issue solved by making the following change > in radiusd.conf: > > lower_user = before > > What I can't get to work: I have placed the following in radiusd.conf, just > under the commented-out example of attr_rewrite concerning "sanecallerid" > > > attr_rewrite mac_colons { > attribute = User-Name > searchin = packet > searchfor = ":" > replacewith = "" > ignore_case = yes > new_attribute = no > max_matches = 10 > append = no > } > > However, as I said, I don't see any indication that the RADIUS server is > doing anything of the kind. This is the debug output, concerning an auth > request from the new type of NAS: > > rad_recv: Access-Request packet from host 10.35.0.30:1034, id=50, length=60 > Service-Type = Framed-User > NAS-Port-Id = "wlan1" > User-Name = "00:0A:E9:06:29:07" > User-Password = "" > NAS-IP-Address = 10.35.0.30 > rlm_sql (sql): Reserving sql socket id: 4 > rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck > WHERE Username = '00:0a:e9:06:29:07' ORDER BY id > rlm_sql (sql): User 00:0a:e9:06:29:07 not found in radcheck > > Note how the User-Name comes into RADIUS as all caps, but is in lower case > when it's checked against the db, this is the result of the "lower_user = > before" command I mentioned previously. However, the attr_rewrite command > doesn't appear to be functioning at all. I've tried several different > syntaxes slightly different from the one listed above with no luck. Looking > further around radiusd.conf, I saw the authorize section at the bottom of > the file (thinking that I had to load the module, just as "preprocess" > apparently has to be loaded): > > authorize { > preprocess > # auth_log > # attr_filter > > attr_rewrite > > However, having "attr_rewrite" uncommented as it is above causes an error on > load: > > Starting - reading configuration files ... > Using deprecated naslist file. Support for this will go away soon. > Module: Loaded exec > rlm_exec: Wait=yes but no output defined. Did you mean output=none? > Module: Instantiated exec (exec) > Module: Loaded expr > Module: Instantiated expr (expr) > Module: Loaded PAP > Module: Instantiated pap (pap) > Module: Loaded CHAP > Module: Instantiated chap (chap) > Module: Loaded MS-CHAP > Module: Instantiated mschap (mschap) > Module: Loaded System > Module: Instantiated unix (unix) > Module: Loaded eap > rlm_eap: Loaded and initialized type md5 > rlm_eap: Loaded and initialized type leap > rlm_eap: Loaded and initialized type gtc > rlm_eap: Loaded and initialized type mschapv2 > Module: Instantiated eap (eap) > Module: Loaded preprocess > Module: Instantiated preprocess (preprocess) > ERROR: Cannot find a configuration entry for module "attr_rewrite". > > After which is returns to the command prompt (without loading the server). > I don't really understand the error message on its face, as I would have > thought the "attr_rewrite mac_colons " section I listed earlier in the file > would be the "configuration entry" that the error output says it can't find. > > So...if anyone can get me any advice re: how to check the functionality of > the attr_rewrite module I'd appreciate it. > > Thank you - > > Brian Ammons > >
Its because you defined the name of the module as mac_colons. Change attr_rewrite to mac_colons in your authorize section. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html