Let me ask something about attr_rewrite in order to give the
possibility to work with my 6 APs, and to do a rewrite of MAC to
EAP-PEAP authentication.
Would it be possible to write in radius.conf and default files the
following, avoiding many entries in the hints file?
Scenario: AP1 -Send client MAC 00-18-E7-41-AD-C2
AP2,...,AP6-Send client MAC 0018e741adc2
In radius.conf,
attr_rewrite mac-phase1 {
attribute = Calling-Station-Id
new_attribute = no
searchin = packet
ignore_case = no
searchfor = - # Possible here doing a hyphen search
replacewith = # and replacing...
append = no
}
attr_rewrite mac-phase2 {
attribute = Calling-Station-Id
new_attribute = no
searchin = packet
ignore_case = no
searchfor = ??? # Possible here doing a
lowercase letters search
replacewith = ???# and replacing by uppercase
letters, a-A, c-C, d-D, e-E, etc... Apologize me for the ???
append = no
}
and in default:
authorize {
mac-phase1
mac-phase2
...
}
But the problem is, I do not know how to do the replacement.
Do you know how can I do this with an expression in mac-phase2?
And in mac-phase1 the hyphen search is correct?
The benefit would be one Calling-Station-Id with uppercase letters
without hyphens entry in MySQL radcheck table for each user...
The operator in MySQL radcheck table to work with Calling-Station-Id
string is == .
If MAC now is 0018E741ADC2, after running mac-phase2, the operator
must change?
Best regards,
Guaraldi
2009/9/13 Ivan Kalik t...@kalik.net:
Ok, it works, but a new problem emerged
I have 6 AP´s. One of them send the MAC in the following format:
00-18-E7-41-AD-C2. The others send 0018e741adc2... Here the letters
are in lowercase and if changed to uppercase the authentication fails
from 5 AP´s.
Rewrite Calling-Station-Id in hints file to the format you want (probably
best without separators). You have examples for regex rewriting mac
address in other threads on the list.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html