Using the class attribute

Stefan A. a.freeradius at premit.de
Thu Jul 31 21:15:24 CEST 2008


Gurus,

I will use the class attribute to pass information from Authentication to
Accounting Processes.

I'm doing this in my users file:

DEFAULT 	Auth-Type := Accept
	Class = "DDF%{ContractInfo}"

Where ContractInfo is a number like '123456'



In the hints file on the accounting server, I try to evaluate, using

DEFAULT	Acct-Status-Type =~".*", Class =~"^DDF(.*)"
	ContractInfo = "%{1}",
	Fall-Through = Yes

But the class will be expanded to something like %{Class} ->
0x44444631323334...., which does not match ^DDF.*


For testing, I started my hints file with
DEFAULT	Acct-Status-Type =~".*"
	Class = "DDF:123456",
	Fall-Through = Yes

But the same, it will be expanded to %{Class} -> 0x44444631323334....

As a workaround, I'm currently matching on the hex value, which works, but
does not look nice and my ContractInfoHex has to be evaluated later....
DEFAULT	Acct-Status-Type =~".*", Class =~"^0x444446(.*)"
	ContractInfoHex = "%{1}",
	Fall-Through = Yes

What's wrong here? I'd expect, that the class attribute would be readable in
hints file.


A second Issue:

The proxy server beween me and the NAS will request a second radius server
in case I have previously accepted the Request.
If this second server Accepts the call and adds a class to the accept
packet, than it comes to the situation, that I will see the two classes
hitting my accounting server. Beside the proxy-state, the order of
attributes is not guaranteed...
Will 
	DEFAULT	Acct-Status-Type =~".*", Class =~"^DDF:(.*)"
Match my class, or will it see the first class in the packet and will then
not macht?
How can I match for multiple instances of a single attribute?

Wold an entry in attr file help... Like this one?:

DEFAULT
	...
	Class =~"^0x444446.*"


Thank you.

Stefan





More information about the Freeradius-Users mailing list