ramesh p wrote:
> i'm trying to replace username = '' with some username = "Usernamenull"
> in my test radius server.
>
> am using code as below:
>
> attr_rewrite attr_rewrite_username {
Why? Use "unlang". It's more powerfu
Hi,
i'm trying to replace username = '' with some username = "Usernamenull" in
my test radius server.
am using code as below:
attr_rewrite attr_rewrite_username {
attribute = User-Name
searchin = packet
radiusd.conf:
attr_rewrite User-Name {
...
new_attribute = yes
This means create a NEW attribute, not transform the existing one.
And append = no :)
Thanks!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Дмитрий wrote:
> Good afternoon! I have a problem. The user will be authorized with a login
> in the form of [EMAIL PROTECTED], it is necessary, that freeradius transformed
> its login [EMAIL PROTECTED] And so for all users. How to make? TRIED:
>
> radiusd.conf:
> attr
Good afternoon! I have a problem. The user will be authorized with a login
in the form of [EMAIL PROTECTED], it is necessary, that freeradius transformed
its login [EMAIL PROTECTED] And so for all users. How to make? TRIED:
radiusd.conf:
attr_rewrite User-Name
Ben Butler wrote:
> Hard as in nice text file I can edit replicating examples of what
already is
> there.
>
> Or Hard Hard as in C and compilers and what not.
Writing more C code.
> What would I have to edit to alter the way the SQL module functions.
See the hard-coded queries in rlm_sql.c
day, February 20, 2007 8:39 AM
Subject: Re: was Re: attr_rewrite - now RFC2867
Ben Butler wrote:
> I am getting the folllowing in my log files (plus other codes):
>
> Unsupported Acct-Status-Type = 12
That's likely from the SQL module. It helps to show *all* of the
message,
t; <[EMAIL PROTECTED]>
To: "Ben Butler" <[EMAIL PROTECTED]>; "FreeRadius users mailing list"
Sent: Tuesday, February 20, 2007 8:39 AM
Subject: Re: was Re: attr_rewrite - now RFC2867
Ben Butler wrote:
> I am getting the folllowing in my log files (plus other codes):
&g
Ben Butler wrote:
> I am getting the folllowing in my log files (plus other codes):
>
> Unsupported Acct-Status-Type = 12
That's likely from the SQL module. It helps to show *all* of the
message, rather than editing it.
> Despite these existing in my dictionary file:
The dictionaries defin
Hi Kevin,
That has worked a treat. It works in attr_rewrite as well, but I ended up
going with your hints file method as I also need to rewrite the password
attribute as well and could not see how this could be conditionally done
with the att_rewrite based on the value of the username
On Monday 19 February 2007 15:29, Ben Butler wrote:
> Hi,
>
> I am having some problems with attr_rewrite.
>
> What I want to do is the following at a pre authorisation phase:
>
> User-Name = [EMAIL PROTECTED]
>
> To
>
> User-Name = somedomain.com
>
> I wa
Hi,
I am having some problems with attr_rewrite.
What I want to do is the following at a pre authorisation phase:
User-Name = [EMAIL PROTECTED]
To
User-Name = somedomain.com
I want to call by attr_rewrite function for each of the domains that I want
to stip the username from prior to
Hi!
Is it possible to implement such functionality with the usage of attr_rewrite
module that whenever a packet arives to freeradius module will check if
particular parameter exists in a request and if it doesn't, it will try to
create it from other set of packet parameters? Maybe it c
eradius.org
Subject:Hints, Attr_rewrite - Add session timeout with
Framed IP?
Send reply to: [EMAIL PROTECTED]
Date sent: Mon, 23 Oct 2006 12:02:03 +0200
Hello
I'm looking for a solution to add in the accept packets
a session timeout value when fram
Hello
I'm looking for a solution to add in the accept packets
a session timeout value when framed ip address is assigned
in the users file.
I tried to add "hints" rules but doesn't seems to work.
I also tried to rewrite the packet : not works.
Can you help me to do this ?
-
List in
ed, before fr looks into the users file.
In analogy to sanecallerid in radiusd.conf I setup
attr_rewrite saneusername {
attribute = User-Name
# may be "packet", "reply", "proxy", "proxy_reply" or
"config"
I am using FreeRADIUS Version 1.1.0 on a Suse10.1 system and want to
rewrite the User-name in that way, that all ":" in that name are
dropped, before fr looks into the users file.
In analogy to sanecallerid in radiusd.conf I setup
attr_rewrite saneusername {
Quoting Alan DeKok <[EMAIL PROTECTED]>:
Dennis Skinner <[EMAIL PROTECTED]> wrote:
Any luck with this, Alan? Need any other info from me? Should I open a
bug report in bugzilla?
Try the following:
> #5 0x400e24f7 in preprocess_authorize (instance=0x0, request=0x8161638)
> at rlm_preproces
Dennis Skinner <[EMAIL PROTECTED]> wrote:
> Any luck with this, Alan? Need any other info from me? Should I open a
> bug report in bugzilla?
Try the following:
> > #5 0x400e24f7 in preprocess_authorize (instance=0x0, request=0x8161638)
> > at rlm_preprocess.c:550
That line in rlm_preproce
Any luck with this, Alan? Need any other info from me? Should I open a
bug report in bugzilla?
Since I sent this, I have updated the system via fedoralegacy (this
machine is redhat9) and recompiled. Still segfaults.
Going to play with the order of the items in radiusd.conf and see what I
can s
Alan DeKok wrote:
> When I test it with the above packet, it works for me. So I'm not
> sure what's going wrong. If you can get a core file, doc/bugs should
> help.
Here is the backtrace:
(gdb) bt
#0 0x4207a703 in strlen () from /lib/tls/libc.so.6
#1 0x420477ed in vfprintf () from /lib/tls/
Alan DeKok wrote:
> Then the problem isn't the "fix_realm" module. It's already
> returned.
Ah. Makes sense.
>
> There's no User-Name in the request. That's wrong, but it shouldn't
> cause the server to die.
My thoughts exactly.
> When I test it with the above packet, it works for me.
Dennis Skinner <[EMAIL PROTECTED]> wrote:
> rlm_attr_rewrite: Could not find value pair for attribute Realm
> modcall[authorize]: module "fix_realm" returns noop for request 2
>
> The very next line is the segfault.
Then the problem isn't the "fix_realm" module. It's already
returned.
> The
, or no User-Name. Ignoring.
modcall[authorize]: module "suffix" returns noop for request 2
rlm_attr_rewrite: Could not find value pair for attribute Realm
modcall[authorize]: module "fix_realm" returns noop for request 2
The very next line is the segfault. Here is my &q
* Alan DeKok
> Submit a bug on bugs.freeradius.org, sayign "Seimens NAS product X"
> is broken. Maybe public shame will push them to fix it.
I will, if I can conclude that this is indeed the problem. Right now
it's only a suspicion. I need to check out another loose end about how
it's in
Tore Anderson <[EMAIL PROTECTED]> wrote:
> > Huh? You don't configure reply attributes in radiusd.conf
>
> Sure I do. Relevant parts of my radiusd.conf:
>
> modules {
> attr_rewrite add_class {
Ah. You're configuring a module. Most module
* Tore Anderson
> If I add a verbatim null-byte in radiusd.conf
* Alan DeKok
> Huh? You don't configure reply attributes in radiusd.conf
Sure I do. Relevant parts of my radiusd.conf:
modules {
attr_rewrite add_class {
attribute = Class
searchfo
Tore Anderson <[EMAIL PROTECTED]> wrote:
> Hi. I'm using attr_rewrite to add a Class attribute in my auth-
> reply packets. I need to include a binary null-byte in the value, but
> I cannot figure out how to do so.
That's why the Class attribute is "
Hi. I'm using attr_rewrite to add a Class attribute in my auth-
reply packets. I need to include a binary null-byte in the value, but
I cannot figure out how to do so. If I add a verbatim null-byte in
radiusd.conf, the string is truncated there in the reply packet (seems
like the
Hi,
I try to rewrite User-Name attr. from "COMPUTER_NAME\\User-Name" to
"User-Name".
I prefer not to use the "proxy.conf" file because I've a lots of
differents "COMPUTER_NAME".
I think attr_rewrite will do the job, but I don't know (I'
change in the actual attribute, not just value and the idles-timeout
is not forwarded to the access-server.)
Modules {
if(idle-timeout == 30){
attr_rewrite test {
searchfor = ""
search
Denis Shaposhnikov <[EMAIL PROTECTED]> wrote:
> I'am trying to rewrite "--" to just "" with
> radtest but got:
>
> Thu Mar 31 11:41:27 2005 : Auth: Login incorrect: [-/12345678]
> (from client localhost port 0)
Hi!
I try to use attr_rewrite and a little confused. From my radiusd.conf:
modules {
...
attr_rewrite normalize_card {
attribute = User-Name
searchin = packet
searchfor = ".{4}-([0-9]{8})-.{4}"
r
David Manchado <[EMAIL PROTECTED]> wrote:
> I'm trying to rewrite User-Name attribute with attr_rewrite with no success.
It's a bug in attr_rewrite. The CVS snapshot from tomorrow has the
fix.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I'm trying to rewrite User-Name attribute with attr_rewrite with no success.
What I want to do is to rewrite the username in the form
[EMAIL PROTECTED] into [EMAIL PROTECTED] due to
limitations on the provider (let's say each realm has a charge ;D)
If the problem is the d
Hi, I need to do a attr_rewrite on the NAS-Identifier only for a
particular realm.
I currently have a attr_rewrite in the pre-proxy section which does the
rewrite for all realms.
Any ideas anybody?
Thanks in advance
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
eply message the text "LOCAL" (for
example (primary radius return : Reply-Message = " original text +
LOCAL"
is it possible ?
i have make that but it doens't work :
in primary radius,
radiusd.conf
attr_rewrite LOCAL {
attribute = Reply-Message
searchin = reply
On Mon, 24 Jan 2005, Nans Delrieu wrote:
hello all
I have a problem with attr_rewrite :
when a user is accepted, i have reply-message and reply-message 2.
when a user is reject, i have only reply-message.
I don't understand that ??
Only a few attributes are allowed in an access-reject.
--
K
hello all
I have a problem with attr_rewrite :
I have added an attribute in
/usr/share/freeradius/freeradius/dictionnary
Reply-Message-2 65string
I haven't added in /etc/freeradius/dictionnary because it doesn't work
!!
in radius.conf my configuration is:
at
"Nans Delrieu" <[EMAIL PROTECTED]> wrote:
> There is an error when i launch freeradius -x :
>
> radiusd.conf[1868] Unknown module rcode 'attribute'.
You are putting the module configuration in an "authorize" section,
not in the "modules" section.
Alan DeKok.
-
List info/subscribe/unsubscr
my configuration is that :
attr_rewrite cross_a_realm_company {
attribute = Reply-Message
searchin = proxy_reply
searchfor = "[+ ]"
replacewith = "through company.com"
#ignore_case = no
#new_attribute = yes # i don't know ???
max_matches = 1
a
[EMAIL PROTECTED] wrote:
By configuring a username and password in the accesspoint for
example. That way the NAS sends an access-request with the username
and password to the radius server.
The radius server can then 1) uniquely identify the accesspoints, 2)
reject
unknown accesspoints, 3) give the
> [EMAIL PROTECTED] wrote:
>> Yes, the NASs are wireless access points on steroids, and they get
>> bandwidth-throttling information from RADIUS along with
>> Accepts/Rejects.
>
> Do you perhaps now the vendor?
> Is bandwidth throttling the only configuration they get via radius?
The vendors are S
[EMAIL PROTECTED] wrote:
Yes, the NASs are wireless access points on steroids, and they get
bandwidth-throttling information from RADIUS along with
Accepts/Rejects.
Do you perhaps now the vendor?
Is bandwidth throttling the only configuration they get via radius?
Re: the NASs not identifying themse
Your comments are very interesting, I will consider them as much as I know
how.
Yes, the NASs are wireless access points on steroids, and they get
bandwidth-throttling information from RADIUS along with Accepts/Rejects.
Re: the NASs not identifying themselves - yes, I thought that being able
to s
Brian Ammons wrote:
We are a WISP, we have freeRadius running with mySQL. The NASs that
currently use RADIUS (SmartBridge XOs) transmit the CPE's MAC address
as
both UserName and Password. We have new and better NASs (MikroTik)
that transmit the CPE's mac address as the UserName, but with a
"null
x27;SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = '000ae9062907' ORDER BY id'
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username = '000ae9062907' ORDER BY id
radius_xlat: 'SELECT
radgroupreply.id,radgroupr
> > So...if anyone can get me any advice re: how to check the
> functionality of
> > the attr_rewrite module I'd appreciate it.
> >
> > Thank you -
> >
> > Brian Ammons
> >
>
> Its because you defined the name of the module as mac_colons
> Hello FreeRadius list:
>
> I'm having difficulty getting the attr_rewrite module to do...well,
> anything.
>
> I have a working RADIUS installation validating off of a mySQL database.
> Our existing NASs (Wireless APs) transmit mac addresses as 12 character
> lo
Hello FreeRadius list:
I'm having difficulty getting the attr_rewrite module to do...well,
anything.
I have a working RADIUS installation validating off of a mySQL database.
Our existing NASs (Wireless APs) transmit mac addresses as 12 character
lower case letter/number combos - this corres
Hiii everbody
I asked how is attr_write fuction works
I wrote
In radius.config
attr_rewrite MyCalledStationId {
attribute = Cisco-AVPair
# may be "packet", "reply", or "config"
searchin = packet
sea
Hi Mohammed,
That exactally what I needed thanks for the info!!
Trevor
- Original Message -
From: "Mohammed Petiwala" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 11, 2004 1:13 PM
Subject: Re: Pre-proxy attr_rewrite problems
> Hi Trevor
Hi Trevor:
why are you trying to use the attr_rewrite stuff for
proxying.
The simpler approach is to use the proxy.conf
and
use the 'strip' option
for e.g.
realm mydomain.net {
type= radius
authhost= anotherserver.mydomain.net
OS = Solaris 9
ver = freeradius-1.0.0-pre3
I'm trying to get FreeRadius to strip the realm
from the User-Name before it proxies to another server. My attr_rewrite is
as follows:
attr_rewrite RmRealm
{
attribute =
User-Name
searchin =
p
Hi,
I have serveral radius servers that will be receiving only accounting
data from a remote radius server. The remote radius server will
not be sending realm information. I am trying to use attr_rewrite
to add a realm to the username when the accounting data comes from
that specific server.
I
> > I noticed that the debug line has dropped the regex '$'
> > end-of-string character, so I tried escaping it, but to no avail:
> > One '\' does nothing to the debug output, whilst two '\\' gives:
>
> It's a bug in 0.9.3. The latest CVS snapshot should have it fixed.
Thanks, I can also confi
Spencer Stapleton <[EMAIL PROTECTED]> wrote:
> I can't figure out the regex syntax used in attr_rewrite, and am
> unable to find any useful docs pertaining to this anywhere
$ man regex
The regex engine used is whatever is already on your machine.
> I noticed tha
Ruslan A Dautkhanov <[EMAIL PROTECTED]> wrote:
> For unconditional change Nas-IP-Address to Client-IP-Address
Why?
> attr_rewrite set_real_nas_ip {
> attribute = NAS-IP-Address
> searchin = packet
>
Hi,
I can't figure out the regex syntax used in attr_rewrite, and am unable to find any
useful docs pertaining to this anywhere
I am trying to use the attr_rewrite module to append a postfix to the
User-Name if and only if the User-Name does not contain an '@' symbol.
This d
Hello !
For unconditional change Nas-IP-Address to Client-IP-Address
I have
modules {
attr_rewrite set_real_nas_ip {
attribute = NAS-IP-Address
searchin = packet
searchfor = "^.*$"
replacewith = "%{Cl
Hi,
Do you mean in the radius.conf file or in freeradius code?
I only see an useful "key" in the acct_unique module and I'd tested
before and it doesn't work, because it's only for acct packets, and we
need to assign the ip address in the auth req.
--
acct_unique {
Miguel Diez <[EMAIL PROTECTED]> wrote:
> We wanted our proxy radius server to assign ip address dinamically,
> but sometimes we don't have the NAS-Port attribute, and freeradius
> need it if you want it to assign ip address, so...
Modify the IP pool module to take a configurable "key".
Right
netmask = 255.255.255.224
cache-size = 16
session-db = ${raddbdir}/db.ippool_gprs
ip-index = ${raddbdir}/db.ipindex_gprs
override = yes
}
...
attr_rewrite rwnasport {
searchfor = NULL
se
63 matches
Mail list logo