Matching a value within an IP subnet

Alan DeKok aland at deployingradius.com
Tue Oct 19 14:11:06 CEST 2010


Brian Candler wrote:
> Indeed it is not. But NAS-IP-Address is (natively) not a string in RADIUS
> either, it's a 4-byte integer.

  To be pedantic: an IPv4 address.

>  Does FreeRADIUS let me treat it as if it
> were a string?

  The operator you have chosen to use is: "=~".

  That is defined as doing a *regex* match.

  Regexes work on strings.

  IPv4 addresses can be printed to strings.

  So... regexes can match strings.

  You tried to use "=~" for comparing a *network mask*.

  That won't work.

  Regex matching is not the same as matching a network mask.

> DEFAULT		NAS-IP-Address =~ /^192\.0\.2\.([0-9]|1[0-9]|2[0-9]|3[01])$/, NAS-Group := "ADSL-BRAS"

  That should work.

  Alan DeKok.



More information about the Freeradius-Users mailing list