Re: sql wont pass radtest
Robert Wilkinson wrote: I have uncommented all the SQL lines to no avail. No module is loaded. The debug log *clearly* shows which files it is reading, and which modules it is loading. It reads the SQL configuration files, but does *not* load the SQL module. Is it important to have a NAS installed at this stage? No. including configuration file /etc/freeradius/sites-enabled/default including configuration file /etc/freeradius/sites-enabled/inner-tunnel Did you edit these files? The answer is no. None of the debug log shows it loading the sql module. You have been editing *different* files, which is why the server isn't using SQL. So.. which files were you editing and why? Go back and edit the *real* files. You will know you have succeeded when it starts printing text like this: Module: Linked to module rlm_sql Until it prints that text, you are not editing the right files. Again, the *whole purpose* of debug mode is for people to *read* it. It is *telling* you which files it is reading. You have been editing *different* files. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS CN Check Question
David Mitchell wrote: I've encountered a similar issue I'm not sure how to deal with. Is there a place I can log any attributes of the certificate? Not at this moment. Patches are welcome. I log my accounting records via linelog, and as long as the configuration I end up with forces something reasonable into the User-Name value I do log a username. But it occurs to me it might be nice to have some kind of record of the certificate which was used. Either the CN, or serial number, or something. Is there a way to do this? Source code changes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: still about how to return some attributes only inAccess-Accept packet
Hi, However, the filter does not work. Can anyone tell me what the problem is? do you not read my emails? really, I side with Alan here - why bother replying if you keep asking the wrong questions. yes, that # cannot be on the same line as handled - obviously that config wasnt checked before submission. but the debug you posted just showed the CONFIG being read correctly...not the code actually being activated. do as I said in my last email - ie comment out the line which says 'eap' about 6 lines up and then that code will be activated alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: still about how to return some attributes onlyinAccess-Accept packet
hi Thanks a lot for your kindly help!!! It works now! Best Regards 2010-05-27 - Original Message - From: Alan Buxey To: weiw...@126.com,FreeRadius users mailing list Sent: 2010-05-27, 16:34:08 Subject: Re: Re: still about how to return some attributes onlyinAccess-Accept packet Hi, However, the filter does not work. Can anyone tell me what the problem is? do you not read my emails? really, I side with Alan here - why bother replying if you keep asking the wrong questions. yes, that # cannot be on the same line as handled - obviously that config wasnt checked before submission. but the debug you posted just showed the CONFIG being read correctly...not the code actually being activated. do as I said in my last email - ie comment out the line which says 'eap' about 6 lines up and then that code will be activated alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
expired user accounts between two dates
hello, i want to use expiration module to validate user account, but i need check the expirtation between two dates, init and finish date. somebody help me. thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: expired user accounts between two dates
Le 27/05/2010 10:46, Marco Jaraiz a écrit :
hello,
i want to use expiration module to validate user account, but i need check
the expirtation between two dates, init and finish date.
somebody help me.
As you already may know the expiration module only works for expiration
date.
When I had this need (a long time ago and with FR1) I just did the
following:
* I added a new personnal/local attribute in /etc./raddb/dictionnary
ATTRIBUTE My-Local-Date 3000string
* setup the hint module to add the Date for incomming requests:
DEFAULT NAS-IP-ADDRESS == 192.168.1.4
My-Local-Date = `%D`
* Then I use the local attribute to check the date (for instance if you
use the rlm_sql module):
mysql select UserName,Attribute,op,Value from radcheck where
UserName='myloginname';
+-++++
| UserName| Attribute | op | Value |
+-++++
| myloginname | NAS-IP-Address | =~ | 192.168.1.[4]{1} |
| myloginname | My-Local-Date | = | 20090731 |
| myloginname | My-Local-Date | = | 20090526 |
| myloginname | Login-Time | := | Wk0700-2200|
| myloginname | Cleartext-Password | := | THEPASS|
+-++++
5 rows in set (0.00 sec)
However, I think that FR now tags incoming access-request with an
internal Date-like attribute (i don't know the attribute name) so it
should be easy to add a test on this specific attribute.
The test could use unlang instead of users or rlm_sql check attributes.
Hope this helps,
Thibault
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Restricting certain users access to certain NAS devices
Sorry, I should have mentioned I already tried man rlm_passwd and couldn't
figure it out.
I've been through it again and have made the following changes:
1. created a file /etc/raddb/path_group
path_group:user1,user2,user3,user4,user5
2. Added the following to /etc/raddb/dictionary
ATTRIBUTE User_Group_Name 3003string
3. Added to modules/passwd
filename = /etc/raddb/path_group
hashsize = 20
allowmultiplekeys = yes
format = ~User_Group_Name:*,User-Name
4. Also edited modules/etc_group because I couldn't make out which file to put
these items in
passwd etc_group {
filename = /etc/raddb/path_group
format = ~User_Group_Name:*,User-Name
hashsize = 50
ignorenislike = no
allowmultiplekeys = yes
delimiter = :
}
5. Inserted this into the post-auth section of sites-enabled/default
if (%{User_Group_Name} == path_group) {
update reply {
Reply-Message := You are not allowed here
}
reject
}
Debug output is:
FreeRADIUS Version 2.1.6, for host i686-pc-linux-gnu, built on Nov 20 2009 at
09:43:24
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/inner-eap
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/detail.example.com
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc/raddb/modules/ntlm_auth
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/linelog
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/smsotp
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/ldap
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/expr
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/modules/wimax
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/otp
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/krb5
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/perl
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/policy.conf
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/control-socket
including configuration file /etc/raddb/sites-enabled/inner-tunnel
including configuration file /etc/raddb/sites-enabled/default
group = radiusd
user = radiusd
including dictionary file /etc/raddb/dictionary
main {
prefix = /usr
localstatedir = /var
logdir = /home/radlogs
libdir = /usr/lib/freeradius
radacctdir = /home/radlogs/radacct
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
allow_core_dumps = no
pidfile = /var/run/radiusd/radiusd.pid
checkrad = /usr/sbin/checkrad
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = yes
auth_badpass = no
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
github wiki
Hello Alan, I want to thank you for your services. Not just for myself but for everyone that you assisted over the years it seems. You are a tireless soldier. I have visited github made some notes on the Wiki there. I am dedicated to streamlining the process of installing FR. The present system of passing information and knowledge can be daunting to new users. I nearly gave up myself due the sheer amount of old and misleading sources that exist. By writing guides and docs I intend to learn more about FR and hopefully the community will benefit by having a greater number of users that will in turn help others along. I would like to thank the two Alans for your fine work. Please contact me if there are any additional matters that you think might be useful in increasing the knowledge base. Kind Regards, Robert Wilkinson ps I still have a few issues with sql but I am certainly going in the right direction now. I have now spent 5 days and I have been worn out. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: github wiki
Robert Wilkinson wrote: I want to thank you for your services. Not just for myself but for everyone that you assisted over the years it seems. You are a tireless soldier. I have visited github made some notes on the Wiki there. I am dedicated to streamlining the process of installing FR. Thanks, but we already *have* a Wiki. I would really prefer to not add yet *another* location for documentation. The present system of passing information and knowledge can be daunting to new users. I nearly gave up myself due the sheer amount of old and misleading sources that exist. Yes... the existing Wiki has a number of out-of-date pages. However, the documentation that *comes with the server* is largely up to date. ps I still have a few issues with sql but I am certainly going in the right direction now. I have now spent 5 days and I have been worn out. Can you say which documentation you were reading, and why it was unclear? We can't improve the existing documentation until we know what is wrong with it. There have been many complaints about bad documentation, which usually are because the person is reading 4 year-old guides on third party web sites. *Please* read the documentation that comes with the server. All of the configuration files are *extensively* commented. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Restricting certain users access to certain NAS devices
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
Sorry, I should have mentioned I already tried man rlm_passwd and couldn't
figure it out.
I've been through it again and have made the following changes:
1. created a file /etc/raddb/path_group
path_group:user1,user2,user3,user4,user5
2. Added the following to /etc/raddb/dictionary
ATTRIBUTE User_Group_Name 3003string
3. Added to modules/passwd
filename = /etc/raddb/path_group
hashsize = 20
allowmultiplekeys = yes
format = ~User_Group_Name:*,User-Name
4. Also edited modules/etc_group because I couldn't make out which file to
put these items in
passwd etc_group {
filename = /etc/raddb/path_group
format = ~User_Group_Name:*,User-Name
hashsize = 50
ignorenislike = no
allowmultiplekeys = yes
delimiter = :
}
5. Inserted this into the post-auth section of sites-enabled/default
if (%{User_Group_Name} == path_group) {
You should list etc_group in the post-auth section. The module will
be loaded, and will add the User_Group_Name attribute.
Debug output is:
Which shows that the etc_group module isn't used when a packet is
received.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
dynamic assignment of VLANs from LDAP via freeradius to WLAN-Clients doesn't work properly
Hello, we have freeradius-2.1.8 running, with openldap-2.3.43 as backend. in ldap we have three attributes (radiusTunnelMediumType=IEEE-802, radiusTunnelType=VLAN, and radiusTunnelPrivateGroupId=[vlan-id]), freeradius maps the ldap-attributes to radius-attributes. We have three vlans, one for staff, one for students and one for guests on the WLAN. after assigning the 1st VLAN on our cisco aironet 1242 accesspoints to the SSID - clicking Apply, assigning the 2nd VLAN - click Apply, assigning the 3rd VLAN, click Apply it works fine. (I mean manual assigning VLANs using web-interface) after reboot of the accesspoint it doesn't work anymore. after assign all three VLANs again, one after the other, it works. has anybody an idea about what I'm doing wrong ? the command aaa authorization network default group radius from the Cisco-site I tried, but it didn't help further. Thanks for some help, Frank Meister - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dynamic assignment of VLANs from LDAP via freeradius to WLAN-Clients doesn't work properly
Meister, Frank wrote: after assigning the 1st VLAN on our cisco aironet 1242 accesspoints to the SSID - clicking Apply, assigning the 2nd VLAN - click Apply, assigning the 3rd VLAN, click Apply it works fine. (I mean manual assigning VLANs using web-interface) ? This has nothing to do with RADIUS. after reboot of the accesspoint it doesn't work anymore. after assign all three VLANs again, one after the other, it works. This has nothing to do with RADIUS. has anybody an idea about what I'm doing wrong ? the command aaa authorization network default group radius from the Cisco-site I tried, but it didn't help further. I don't see why this is a question for this list. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: dynamic assignment of VLANs from LDAP via freeradius to WLAN-Clients doesn't work properly
Am Donnerstag, 27. Mai 2010 18:42:29 schrieb Meister, Frank: Hello, we have freeradius-2.1.8 running, with openldap-2.3.43 as backend. in ldap we have three attributes (radiusTunnelMediumType=IEEE-802, radiusTunnelType=VLAN, and radiusTunnelPrivateGroupId=[vlan-id]), freeradius maps the ldap-attributes to radius-attributes. We have three vlans, one for staff, one for students and one for guests on the WLAN. after assigning the 1st VLAN on our cisco aironet 1242 accesspoints to the SSID - clicking Apply, assigning the 2nd VLAN - click Apply, assigning the 3rd VLAN, click Apply it works fine. (I mean manual assigning VLANs using web-interface) after reboot of the accesspoint it doesn't work anymore. after assign all three VLANs again, one after the other, it works. Besides that this question doesn't have anything to do with this list, did you try: copy running-config startup-config ? Greetings, -- Dr. Michael Schwartzkopff MultiNET Services GmbH Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany Tel: +49 - 89 - 45 69 11 0 Fax: +49 - 89 - 45 69 11 21 mob: +49 - 174 - 343 28 75 mail: mi...@multinet.de web: www.multinet.de Sitz der Gesellschaft: 85630 Grasbrunn Registergericht: Amtsgericht München HRB 114375 Geschäftsführer: Günter Jurgeneit, Hubert Martens --- PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS CN Check Question
Alan DeKok wrote:
David Mitchell wrote:
I've encountered a similar issue I'm not sure how to deal with. Is there
a place I can log any attributes of the certificate?
Not at this moment. Patches are welcome.
I log my accounting
records via linelog, and as long as the configuration I end up with
forces something reasonable into the User-Name value I do log a
username. But it occurs to me it might be nice to have some kind of
record of the certificate which was used. Either the CN, or serial
number, or something. Is there a way to do this?
Source code changes.
I believe I've found a better workaround for my original problem. By
using the realm module, I can strip off the unwanted portion of the
User-Name attribute.
In sites-enabled/default enable the 'suffix' module as needed.
In proxy.conf:
# We don't actually care about the realm, we just need a match
realm ~.+$ {
authhost = LOCAL # not strictly necessary
accthost = LOCAL # not strictly necessary
}
In eap.conf:
# Check for either Stripped-User-Name or User-Name, as we don't know
# which format the client will use.
check_cert_cn = %{%{Stripped-User-Name}:-%{user-nam...@%{calling-station-id}
Then issue certificates with a CN of the form usern...@1122.3344.5566.
Most clients prompt the user for the value of User-Name, so they can
just enter 'username'. XP sends the actual value of CN, but the realm
strips the extra info back off so that we can do the comparison we want.
-David
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
-
| David Mitchell (mitch...@ucar.edu) Network Engineer IV |
| Tel: (303) 497-1845 National Center for |
| FAX: (303) 497-1818 Atmospheric Research |
-
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADDB 2.1.7 and /etc/shadow
shrug It's an error produces (sic) by the PAM subsystem. Ask them what it means. Sigh It turns out the error is caused by a typo in the radiusd file provided in /redhat/radiusd-pam, NOT by the pam subsystem. In fact, the pam subsystem was merely reporting the error in the freeradius file. The message module not found was because the radiusd-pam file was pointing to password.so NOT passwd.so Blaming FreeRADIUS is the same as blaming Dell Hmmm--rather defensive are we??? --Alan, no one is blaming anybody for anythingit was a simple and honest question that was also posted a few years ago and remained unanswered -- until now, by me as above. However I do find it interesting that you compare the customer service you provided on this to that provided by Dell -- if the shoe fits. I am part of a consortium of public and private universities and scientific research facilities and our internal listserv on radius frequently talks people off of freeradius solely because of the sarcastic and chip on the shoulder attitude of some of the developers. Quit being such a Mordac Alan, it scares the tourists and devalues the otherwise excellent work done by other people on this project. You can ban me now for such a ghastly breach of etiquette. Cheers! Alan DeKok-2 wrote: sbchem wrote: So the entry: pam_pass: function pam_authenticate FAILED for test. Reason: Module is unknown is obviously supposed to give me the clue I need but I have no idea what it means. shrug It's an error produces by the PAM subsystem. Ask them what it means. Blaming FreeRADIUS is the same as blaming Dell because the internet is slow. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- View this message in context: http://old.nabble.com/RADDB-2.1.7-and--etc-shadow-tp28640012p28699725.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Accounting to MySQL not working
hi,
according to the debug:
+- entering group accounting {...}
[detail]expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d -
+/var/log/freeradius/radacct/192.168.1.10/detail-20100527
[detail] /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to
+/var/log/freeradius/radacct/192.168.1.10/detail-20100527
[detail]expand: %t - Thu May 27 23:32:23 2010
++[detail] returns ok
++[unix] returns ok
[radutmp] expand: /var/log/freeradius/radutmp -
/var/log/freeradius/radutmp
[radutmp] expand: %{User-Name} - chrissql
++[radutmp] returns ok
[attr_filter.accounting_response] expand: %{User-Name} - chrissql
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 77 to 192.168.1.10 port 1646
Finished request 19.
so, its drops into accouting section...it does
detail
unix
radutmp
attr_filter.accounting_response
but where oh were was the SQL being called? hmm, from here is doesnt
look like you are calling it. check the sites-enabled/* files (I dont
know what virtual servers you have running or what you've called
them) and please uncomment the 'sql'
It comes after the lines that say:
#
# Log traffic to an SQL database.
#
# See Accounting queries in sql.conf
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: RADDB 2.1.7 and /etc/shadow
On 05/27/2010 04:51 PM, sbchem wrote: shrug It's an error produces (sic) by the PAM subsystem. Ask them what it means. Sigh It turns out the error is caused by a typo in the radiusd file provided in /redhat/radiusd-pam, NOT by the pam subsystem. In fact, the pam subsystem was merely reporting the error in the freeradius file. The message module not found was because the radiusd-pam file was pointing to password.so NOT passwd.so Glad you got it working and sorry for the frustration. Unfortunately the files in /redhat had serious bit rot and had not been maintained for a long time. When you want Red Hat specific files or RPM's it's really best to get them from us because we maintain them. The /etc/pam.d/radiusd is supplied in our freeradius RPM and isn't the same as was found in the freeradius tarball as you unfortunately discovered. FWIW, we just synced our files to /redhat directory in the freeradius 2.1.9 release. So for 2.1.9 they will be pretty close. But they will *diverge*. Why? Because in this instance that does not represent upstream (i.e. the definitive source), we are upstream for our own files. I have certain misgivings about upstream projects providing packaging files for their project because they inevitably diverge and have bit rot. I realize it's perceived to be friendly to supply packaging files in the upstream distribution, but it comes with a price (divergence bugs). Getting packaging files from the source (i.e. the specific Linux distribution) isn't that hard and would avoid some of these issues. By the way all this is documented in the FreeRADIUS wiki at http://wiki.freeradius.org/Red_Hat_FAQ Just my 2 cents ... -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Option 82 parse problems.
Good day.
I'm trying to set freeradius like dhcp server with option 82 parsing and SQL
data lookup. Now I use versions
2.1.8 and 2.1.9 with exactly the same configs and there is no SQL configuration
yet, only default dhcp
config with my test diff (see below). I have two questions for now:
1. In dictionary.dhcp there are two strings (version 2.1.8):
ATTRIBUTE DHCP-Agent-Circuit-Id 0x0152 octets
ATTRIBUTE DHCP-Agent-Remote-Id 0x0252 octets
but when I start radiusd -X I see only one whole string like:
DHCP-Relay-Agent-Information = 0x01060004006402080006000cce477c00
How can I get DHCP-Agent-Circuit-Id and DHCP-Agent-Remote-Id without using perl
post_auth ?
2. There is announced feature in 2.1.9 Add sub-option support for Option 82.
See dictionary.dhcp. When I
start radiusd -X (2.1.9) with its dictionary.dhcp it begin to eat 100% of CPU
with no any output in console
after the first dhcp packet received.
How to use this announced feature of sub-option for opt82 ?
How to find the reason why radiusd (2.1.9) eats 100% of CPU ?
My dhcp site config (with changed ip-addresses):
server dhcp {
listen {
ipaddr = 192.168.0.1
port = 67
type = dhcp
interface = eth0
}
dhcp DHCP-Discover {
update reply {
DHCP-DHCP-Server-Identifier = %{Packet-Dst-IP-Address}
}
linelog
update reply {
DHCP-Domain-Name-Server = 192.168.0.1
DHCP-Domain-Name-Server = 192.168.10.1
DHCP-Subnet-Mask = 255.255.255.240
DHCP-IP-Address-Lease-Time = 1800
}
mac2ip
linelog
ok
}
dhcp DHCP-Request {
update reply {
DHCP-DHCP-Server-Identifier = %{Packet-Dst-IP-Address}
}
linelog
update reply {
DHCP-Domain-Name-Server = 192.168.0.1
DHCP-Domain-Name-Server = 192.168.10.1
DHCP-Subnet-Mask = 255.255.255.224
DHCP-IP-Address-Lease-Time = 1800
}
linelog
ok
}
dhcp {
update reply {
DHCP-Message-Type = DHCP-NAK
}
}
}
passwd mac2ip {
filename = ${confdir}/mac2ip
format = *DHCP-Client-Hardware-Address:=DHCP-Your-IP-Address
delimiter = ,
}
--
Anton [WARM-RIPE]
Stack ltd division head
tel. 8 (3822) 555-797
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
