Setting different IDLE-TIMEOUTS based on IP Address
Matthew Newton
mcn4 at leicester.ac.uk
Wed Apr 17 21:38:36 CEST 2013
Hi,
On Wed, Apr 17, 2013 at 12:32:32PM -0500, John Giordano wrote:
> So in huntgroups I have:
>
> ### RADIUS HUNTGROUP TEST - jg ###
>
> MSP7345 NAS-IP-Address =~ /^10\.99\.3\./
> SNJ7000 NAS-IP-Address =~ /^10\.3\.99\./
> LAB7000 NAS-IP-Address =~ /^192\.168\.0./
Testing it here, I'm not convinced that =~ is working in the
huntgroups file, which slightly surprises me.
To test, what happens if you temporarily add this instead
LAB7000 NAS-IP-Address == 192.168.0.15
?
If you put the following after the 'preprocess' line in
sites-enabled/default, you should get the Huntgroup-Name expand
and display in the debug output... is it being set?
if ("%{Huntgroup-Name}") {
}
> +- entering group authorize {...}
> [preprocess] expand: %{NAS-IP-Address} -> 192.168.0.15
> [preprocess] expand: %{NAS-IP-Address} -> 192.168.0.15 <--------------- Does this mean that the huntgroups file is being checked? Perhaps a regex thing?
> [preprocess] expand: %{NAS-IP-Address} -> 192.168.0.15
> ++[preprocess] returns ok
huntgroups is definitely being read (it's read by preprocess), but
the lines might not be being matched.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list