Additional Restrictions for users

William Burnett burnett.w at
Mon Sep 27 19:59:02 CEST 2010


Thanks that helped I've got the conditions to match. However I've
setup multiple groups:


and want to use a regexp to match anything containing ssh-* to allow
those users to authenticate instead of multiple lines matching each
value. Can I use regex matching with SQL-Group ?

The following seems to be evaluated as "ssh.*" and not anything
containing "ssh......"

if (!SQL-Group =~ /ssh.*/ && (Service-Type == "Login-User")) {
.....reject.... }


William Burnett
burnett.w at

On Sat, Sep 25, 2010 at 12:09 AM, Alan DeKok <aland at> wrote:
> William Burnett wrote:
>> What is the best way to go about this? I was trying to use unlang to
>> query my database but can't seem to get the syntax right.
>  The "sql" module queries databases.
> ...
>>                 if ( %{group_membership_query} == "ssh") {
>  This won't do what you want.  Instead, use
>        if (SQL-Group == "ssh") {
>  This is documented in raddb/sql.conf.
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list