[RADIATOR] Handler filtering "OR" instead of "AND"?

Wed, 01 Nov 2017 11:35:55 -0700 

Hi,

I'm trying to accomplish the following to simplify the config file.

Instead of having a whole lot of handlers that look something like.. (for 
example, we use the hostnames to spread the systems across different vlans)

<Handler 
Connect-Info="From_QManage",MS-CHAP2-Response=/.+/,User-Name=/^host\/0-/>
  <AuthBy LSA>
        EAPType MSCHAP-V2
        DefaultDomain domainname
        UsernameMatchesWithoutRealm
        Group Domain Computers
        AddToReply 
Tunnel-Type=1:VLAN,Tunnel-Medium-Type=1:Ether_802,Tunnel-Private-Group-ID=1:270
  </AuthBy>
</Handler>
<Handler 
Connect-Info="From_QManage",MS-CHAP2-Response=/.+/,User-Name=/^host\/1-/>
  <AuthBy LSA>
        EAPType MSCHAP-V2
        DefaultDomain domainname
        UsernameMatchesWithoutRealm
        Group Domain Computers
        AddToReply 
Tunnel-Type=1:VLAN,Tunnel-Medium-Type=1:Ether_802,Tunnel-Private-Group-ID=1:271
  </AuthBy>
</Handler>
<Handler 
Connect-Info="From_QManage",MS-CHAP2-Response=/.+/,User-Name=/(host\/).+(0\.)/>
  <AuthBy LSA>
        EAPType MSCHAP-V2
        DefaultDomain domainname
        UsernameMatchesWithoutRealm
        Group Domain Computers
        AddToReply 
Tunnel-Type=1:VLAN,Tunnel-Medium-Type=1:Ether_802,Tunnel-Private-Group-ID=1:270
  </AuthBy>
</Handler>
<Handler TunnelledByPEAP=1,User-Name=/^host\/0-/>
Authbylsa....
<Handler TunnelledByPEAP=1,User-Name=/^host\/1-/>
Authbylsa....
<Handler TunnelledByPEAP=1,User-Name=/(host\/).+(0\.)/>
Authbylsa....


I have about 30 of these handlers that clog up a lot of the config file

Is it possible to do something like: <Handler 
(Connect-Info="From_QManage",MS-CHAP2-Response=/.+/ | TunnelledByPEAP=1 
),User-Name=/^host\/0-/>  ?

I hope I don't have to keep using this old config logic was that created by my 
predecessor, because the config file is so long that it's so hard to read 
(especially since everything looks almost the same with just 1 or 2 numbers 
difference per section)
If it's not possible to do an "OR" comparison in the handler attributes list, 
is there any other way I could make an easier to understand configuration file 
where I have to send a VLAN ID as reply based on the computername.



Kind regards,
Stephan



_______________________________________________
radiator mailing list
radiator@lists.open.com.au
http://lists.open.com.au/mailman/listinfo/radiator

Reply via email to