Semantics of !~ operator

Gerald Vogt vogt at spamcop.net
Tue Apr 28 11:01:36 CEST 2015



On 28/04/15 10:31, Arran Cudbard-Bell wrote:
>
>> On 28 Apr 2015, at 08:52, Gerald Vogt <vogt at spamcop.net> wrote:
>>
>> On 28/04/15 09:06, Arran Cudbard-Bell wrote:
>>>
>>>>
>>>> ssid {
>>>>         if ( Called-Station-Id ) {
>>>>                 if ( Called-Station-Id =~ /^[-A-Fa-f0-9]+:(.*)$/ ) {
>>>>                         update {
>>>>                                 Local-SSID = "%{1}"
>>>>                         }
>>>>                 }
>>>>         }
>>>> }
>>>
>>> A similar policy already exists in policy.d Calling-Station-SSID is already defined.
>>
>> I found rewrite_called_station_id which does what I need. However, it modifies Called-Station-Id and removes the SSID from the attribute. Now Called-Station-Id is copied from the outer eap into the inner eap tunnel. Called-Station-SSID is not copied, i.e. I don't have the SSID in the inner tunnel.
>>
>> How can modify, which attributes are copied from the outer eap into the inner tunnel? Or how do I get the Called-Station-SSID into the inner tunnel?
>
> update request {
> 	Called-Station-SSID := &outer.Called-Station-SSID
> }

I tried that but it doesn't work.

I call rewrite_called_station_id after suffix in the authorize section 
of the default server. I can see it sets Called-Station-SSID correctly.

In the inner-tunnel I have added those three lines in the beginning of 
the authorize section but that doesn't do anything:

(10)    authorize {
(10)    update request {
(10)    } # update request = noop

If I replace &outer.Called-Station-SSID with "MYSSID" it works.

So I guess this means &outer.Called-Station-SSID is not set/seen in the 
inner tunnel..

Thanks,

Gerald


More information about the Freeradius-Users mailing list