Question on Unlang

Brian Candler b.candler at pobox.com
Sat Mar 25 18:36:36 CET 2017


On 25/03/2017 11:54, Olivier CALVANO wrote:
> but for me not a big difference between my actual config and regular 
> expressions.
> all line ar very very long

If you're only excluding three domains it seems a good enough solution 
to me.

If you want something "data driven" then you can look at the files module:

files subrealm {
   key = "%{Realm}"
   filename = ${moddir}/subrealm
}


# subrealm file
network.local    Tmp-String-0 := "Excluded"
admin.local    Tmp-String-0 := "Excluded"
wifi.local    Tmp-String-0 := "Excluded"

then check control:Tmp-String-0 in your policy. However that doesn't do 
*exactly* what your current config does, because your current config 
would match sub-subdomains like user at foo.network.local, and the above 
doesn't.




More information about the Freeradius-Users mailing list