Huntgroups and Network of Clients

tnt at kalik.net tnt at kalik.net
Tue Mar 10 20:28:19 CET 2009


>Is that possible that I keep my huntgroups for all clients with
>IP-Addresses and write a conditions only for network masks?

That would probably be the best. You might benefit from using sql
huntgroup implementation (pull IP's from the database):

http://wiki.freeradius.org/SQL_Huntgroup_HOWTO

>What will be
>the configuration then?
>
>DEFAULT Huntgroup-Name==testldap, Ldap-Group == employee, Auth-Type := Pam
>        Fall-Through = no
>
>DEFAULT if (NAS-IP-Address >z.z.z.z && NAS-IP-Address< y.y.y.y) {
>Auth-Type:= Pam} else
>{
>
>       Auth-Type := Reject
>       Reply-Message = "Please call the helpdesk."
>}
>
>Does that make sense?
>

Not really. Sick to one thing - users file or unlang. I would recommend
unlang. What you posted is a mixture of both but the essence is OK. Just
use regex for checking subnets.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list