Proxy based on User-Name with regex

ivaylosp ivaylosp at gmail.com
Sat Jun 11 11:28:26 CEST 2011


rad_recv: Access-Request packet from host 192.168.1.12 port 49733, id=242,
length=51
	User-Name = "1234abcdefg"
	User-Password = "test"
# Executing section authorize from file /etc/freeradius/sites-enabled/ims
+- entering group authorize {...}
++- entering policy api_addPrefix {...}
+++? if (User-Name =~ /[1-4]{4}[A-Za-z0-9]{6}/)
? Evaluating (User-Name =~ /[1-4]{4}[A-Za-z0-9]{6}/) -> TRUE
+++? if (User-Name =~ /[1-4]{4}[A-Za-z0-9]{6}/) -> TRUE
+++- entering if (User-Name =~ /[1-4]{4}[A-Za-z0-9]{6}/) {...}
++++[control] returns notfound
+++- if (User-Name =~ /[1-4]{4}[A-Za-z0-9]{6}/) returns notfound
++- policy api_addPrefix returns notfound
[sql] 	expand: %{User-Name} -> 1234abcdefg
[sql] sql_set_user escaped user --> '1234abcdefg'
rlm_sql (sql): Reserving sql socket id: 3
[sql] 	expand: SELECT id, username, attribute, value, op           FROM
radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id
-> SELECT id, username, attribute, value, op           FROM radcheck          
WHERE username = '1234abcdefg'           ORDER BY id
[sql] 	expand: SELECT groupname           FROM radusergroup           WHERE
username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT
groupname           FROM radusergroup           WHERE username =
'1234abcdefg'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
[sql] User 1234abcdefg not found
++[sql] returns notfound
WARNING: You set Proxy-To-Realm = ISE, but the realm does not exist! 
Cancelling invalid proxy request.
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting
the user
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/freeradius/sites-enabled/ims
+- entering group REJECT {...}
[attr_filter.access_reject] 	expand: %{User-Name} -> 1234abcdefg
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 242 to 192.168.1.12 port 49733
Waking up in 4.9 seconds.
Cleaning up request 0 ID 242 with timestamp +129


--
View this message in context: http://freeradius.1045715.n5.nabble.com/Proxy-based-on-User-Name-with-regex-tp4477408p4478402.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list