Proxying based on a regex

Arran Cudbard-Bell a.cudbardb at freeradius.org
Mon Jul 25 22:37:09 CEST 2011


Sorry only first one is fictitious, second one should work fine :)

-Arran


On 25 Jul 2011, at 22:33, Arran Cudbard-Bell wrote:

> Impressive, you've both made up entirely fictitious syntaxes for doing proxying... Um anyway.
> 
> 
> if(User-Name =~ /REGEX/){
> 	update control {
> 		Proxy-To-Realm := 'my_proxy_realm'
> 	}
> }
> 
> Then configure the realm in proxy.conf. Subcapture groups can provide you with parts of the User-Name string and can be accessed using the %{0}, %{1}, %{2}... etc variables
> 
> You don't need to do anything if you're just doing local authentication....
> 
> 
> -Arran
> 
> On 25 Jul 2011, at 22:20, Sallee, Stephen (Jake) wrote:
> 
>> We did this through our realms see code:
>> 
>> In your proxy.conf
>> 
>> realm "~.*umhb\\.edu$" {
>> #### some code here###
>> ###usually the virtual server you want to proxy them to###
>> }
>> 
>> If I am understanding your question right that should do it, but others may have a better way .. or I could be on crack ...
>> 
>> 
>> -----Original Message-----
>> From: freeradius-users-bounces+jake.sallee=umhb.edu at lists.freeradius.org [mailto:freeradius-users-bounces+jake.sallee=umhb.edu at lists.freeradius.org] On Behalf Of Charles Plater
>> Sent: Monday, July 25, 2011 3:05 PM
>> To: freeradius-users at lists.freeradius.org
>> Subject: Proxying based on a regex
>> 
>> I'm trying to configure our FreeRadius (2.1.9) server to proxy based on the format of the ID. I have a working regex that determines the domain to which the request should be sent, but I'm having a hard time figuring out the syntax of the proxy statement. Here's what I've tried:
>> 
>> if (User-Name !~ <REGEX>) {
>> 	proxy: domain.name
>> else {
>> 	proxy: LOCAL
>> 	}
>> }
>> 
>> FWIW, I can successfully authenticate do the "domain.name" realm by using userid at domain.name.
>> 
>> Can anyone offer any suggestions? Thanks in advance.
>> -- 
>> Charles Plater
>> Lead Application Technical Analyst
>> Internet Services
>> +1-313-577-4620
>> ab3189 at wayne.edu
>> 
>> 
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>> 
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>> 
> 
> Arran Cudbard-Bell
> a.cudbardb at freeradius.org
> 
> RADIUS - Half the complexity of Diameter
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 

Arran Cudbard-Bell
a.cudbardb at freeradius.org

RADIUS - Half the complexity of Diameter





More information about the Freeradius-Users mailing list