Correct operator in radcheck

tnt at kalik.net tnt at kalik.net
Mon Mar 23 19:29:37 CET 2009


>  I am several years working woth freeradius, bit recently I surgeg me a question: I do not want that johndoe account never connect from NASES with Client IP:
>
>* 195.56.53.23
>
>* 96.53.26.59
>
>* 56.15.86.35
>
>* 56.15.86.36
>
> I know I have to use the attribute Client-IP-Address, so radckech will content:
>
>      username    attribute               op     value
>
>      ------------------------------------------------
>
>       johndoe      Cleartext-Password :=   mypassword
>
>       johndoe      Client-IP-Address    ??   195.56.53.23
>
>       johndoe      Client-IP-Address    ??   96.53.26.59
>
>       johndoe      Client-IP-Address    ??   56.15.86.35
>
>       johndoe      Client-IP-Address    ??   56.15.86.36
>
> 
>
>What is the correct op that I have to write?

That can't work. You have to put those client IPs into a hungroup:

nojohndoe     Client-IP-Address == 195.56.53.23
nojohndoe     Client-IP-Address == 96.53.26.59
etc.

Then use:

johndoe     Hungroup-Name == nojohndoe

If you don't want to use hungroups file you can create hungroups with
sql and unlang:

http://wiki.freeradius.org/SQL_Huntgroup_HOWTO

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list