very long regular expression...

Norbert Grochal norboro at celpol.pl
Thu Nov 23 17:46:20 CET 2006


> > I want to disallow login to access points for every hosts that are not
> > in my network.
> >
> > So at the end of /usr/local/etc/raddb/users file I put regular
> > expression that checks if Calling-Station-Id IS NOT in list of my
hosts...
> >
> > DEFAULT Auth-Type := REJECT, Calling-Station-Id !~
> > "008012323244|002938475473|<and many other macs...>"
>
>   Don't do that.  It's ugly.  Use rlm_passwd.  See "man rlm_passwd".
>
>   That lets you list all of the MACs in one flat text file, which is a
> LOT easier to manage by a script than the "users" file.

I still haven't idea how to do it, may you show me any example?

Is it possible to 'mark' good request and then at the end of users file
write

DEFAULT Auth-Type := REJECT, REQUEST_NOT_MARKED

??

Norboro




More information about the Freeradius-Users mailing list