Matching a prefix in huntgroups file
Alan DeKok
aland at deployingradius.com
Sun Nov 6 18:11:42 CET 2016
On Nov 6, 2016, at 11:53 AM, Brian Candler <b.candler at pobox.com> wrote:
>
> Here's something odd then when trying out the "<" operator to check for address within prefix.
>
> (0) policy foo {
> (0) if (10.254.1.1 < 10.254.0.0/16) {
> (0) if (10.254.1.1 < 10.254.0.0/16) -> FALSE
The parser assumes that most things are strings, unless told otherwise.
> It seems the operator behaves differently for a literal versus an attribute?
Yes. An attribute has a type. A literal string is just a string. There is no way to determine what "type" a string is. It's just a string.
> Making the literal explicitly an IPv4 prefix rather than IPv4 address doesn't change this.
>
> (0) policy foo {
> (0) if (10.254.1.1/32 < 10.254.0.0/16) {
> (0) if (10.254.1.1/32 < 10.254.0.0/16) -> FALSE
Try:
if (<ipv4prefix>10.254.1.1/32 < 10.254.0.0/16) {
Alan DeKok.
More information about the Freeradius-Users
mailing list