thanks a lot Phil. >It was probably added by the "preprocess" module, if memory serves. > >Why would you want to stop it? > >If you do, just remove the "preprocess" module from the "authorize" >section - but it does a lot of other processing and cleanups too. > >The better option is to use attr_filter in the "pre-proxy" section, like so: > >pre-proxy { > attr_filter.preproxy >} > >...then in /etc/raddb/attrs.pre-proxy, edit the sample entries to >permit/deny attributes you want/don't want to send. > >You probably want the postproxy filter too, in case your upstream proxy >sends you junk you can't / don't want to handle.
Oh, I see. Surely I didn't think that "preprocess" added "NAS-IP-Address". I used "attr_filter", and could stop it. my settings... --- /etc/raddb/attrs.pre-proxy example.jp User-Name =* ANY, User-Password =* ANY, NAS-IP-Address !* ANY DEFAULT User-Name =* ANY, User-Password =* ANY, ... --- thanks for your help ichiro tanaka - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html