Return codes in policies

Jonathan Gazeley Jonathan.Gazeley at bristol.ac.uk
Wed Oct 28 11:35:46 CET 2015


Hi folks,

I am porting my FreeRADIUS config from 2.x to 3.x and I've run into an 
issue I don't understand. I have this policy "wism-checks" which allows 
the server to respond to probes sent by the WLAN controllers. It is 
invoked in the authorize section of my virtual servers.

wism-checks {
         if (Service-Type == "NAS-Prompt-User") {
                 if (NAS-IP-Address =~ /^172\.17\.107\./) {
                         if (User-Name =~ /^wism\-probe/) {
                                 update control {
                                         Auth-Type := Accept
                                 }
                                 updated
                         }
                         else {
                                 reject
                         }
                 }
                 updated = return
         }
}

This works quite happily on FR2 but chokes on FR3 with the following:

/etc/raddb/policy.d/policies[178] Invalid return code assigment inside 
of a if section
/etc/raddb/policy.d/policies[166]: Failed to parse "if" subsection.

Line 178 is the "updated = return" line. I've read the Fail-over docs[1] 
but that seems to deal with overriding return codes from modules rather 
than setting them explicitly in a policy. What's the best way to tweak this?

Thanks,
Jonathan


[1] http://wiki.freeradius.org/config/Fail-over


More information about the Freeradius-Users mailing list