radius proxy senario

piston pistonic at yahoo.com
Mon Mar 9 05:58:40 CET 2009


Hi

I'm putting the following code under /etc/freeradius/site-available/default, authorize section just after preproccess

 if (User-Name =~ "^ABC\/") {
                update control {
                Realm == "%another_realm"}
        }


But i'm getting such error:

Expected regular expression at: "^ABC\/")
/etc/freeradius/sites-enabled/default[62]: Errors parsing authorize section.
 }

Need some guidance, this is the first time using unlang.

Thank you very much.

Piston



----- Original Message ----
From: "A.L.M.Buxey at lboro.ac.uk" <A.L.M.Buxey at lboro.ac.uk>
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Sent: Saturday, March 7, 2009 6:15:02 PM
Subject: Re: radius proxy senario

Hi,

> 1. I have a local realm (suffix), xyz.com. I'm using freeradius 2.1.3+mysql.
> 
> 2. My own user's username in mysql radcheck table is store in username at xyz.com format
> 
> 3. A person want me to proxy his prefix ABC/his-customer-username at myrealm to his radius server, i.e: ABC/his-customer-username at xyz.com

nasty. same realm but needs to be handled differently. okay. i'd say use unlang
for this.  before prefix, realm etc are called in the auth stage, have a check ie

quick pseudo-code whilst i have a coffee

if (user-name =~ "^ABC\/") {
     update realm == "another_realm"
  }

then in proxy.conf


another_realm {
  blah blah
}

ie 'fake' the realm within the FreeRADIUS engine so that its got its own special
entry in proxy.conf

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



      



More information about the Freeradius-Users mailing list