According to what I see turning on cisco vsa hack can overwrite any
existing attributes that happen to match the value in the avpair and
also seems to possibly delete information from the avpair -- its not
clear to me exactly what it does.
In any event, I just need to solve this "little" problem and all will be
well.
Thanks,
Joe
Bryan Campbell wrote:
See the following link and the associated reference posts.
What you need is already built-in. It takes two steps (5 minutes) to get
access to the attributes. The only question then is how you will format
your SQL statements to write the attributes out to the database (another
5 minutes).
http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-December/msg00367.html
bbc -
Alan DeKok wrote:
Joe Maimon wrote:
I have searched. I am unsatisfied with the results.
The cisco_vsa_hack may have unintended consequences.
Like... ?
unlang should properly loop over the vp list, like other paircompares
do.
I would prefer that behavior to be *explicit* rather than *implicit*.
I have patched this kind of oversight before elsewhere, not sure if
thats the right approach here.
Maybe something like:
if (*Cisco-AVpair =~ /^client-mac-address=(.+)$/) {
i.e. "*" means "any one matches"
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
