Rewrite Rule

Maile Halatuituia maile.halatuituia at tcc.to
Thu Nov 1 01:52:55 CET 2018 

This is the exact portion

(3) # Executing section preacct from file /etc/freeradius/sites-enabled/default
(3)   preacct {
(3)     [preprocess] = ok
(3)     if ( &Cisco-AVPair ) {
(3)     if ( &Cisco-AVPair )  -> TRUE
(3)     if ( &Cisco-AVPair )  {
(3)       if ( &Cisco-AVPair[*]=~/\(client-mac-address\)=\([[:alnum:]]{4}\.[[:alnum:]]{4}\.[[:alnum:]]{4}\)/ ) {
(3)       if ( &Cisco-AVPair[*]=~/\(client-mac-address\)=\([[:alnum:]]{4}\.[[:alnum:]]{4}\.[[:alnum:]]{4}\)/ )  -> TRUE
(3)       if ( &Cisco-AVPair[*]=~/\(client-mac-address\)=\([[:alnum:]]{4}\.[[:alnum:]]{4}\.[[:alnum:]]{4}\)/ )  {
(3)         update request {
(3)           EXPAND %{2}
(3)              --> ae6e.0e71.2d61
(3)           &Client-MAC-Address := ae6e.0e71.2d61
(3)         } # update request = noop
(3)       } # if ( &Cisco-AVPair[*]=~/\(client-mac-address\)=\([[:alnum:]]{4}\.[[:alnum:]]{4}\.[[:alnum:]]{4}\)/ )  = noop
(3)       if ( &Cisco-AVPair[*]=~/\(acct-input-octets-ipv6\)=\(\d+)/ ) {
(3)       if ( &Cisco-AVPair[*]=~/\(acct-input-octets-ipv6\)=\(\d+)/ )  -> FALSE
(3)       if ( &Cisco-AVPair[*]=~/\(acct-output-octets-ipv6\)=\(\d+)/ ) {
(3)       if ( &Cisco-AVPair[*]=~/\(acct-output-octets-ipv6\)=\(\d+)/ )  -> FALSE

Note that the portion for MAC address is work ok but not the portion mentioned ealier on.

-----Original Message-----
From: Freeradius-Users <freeradius-users-bounces+maile.halatuituia=tcc.to at lists.freeradius.org> On Behalf Of Maile Halatuituia
Sent: Thursday, 1 November 2018 1:45 PM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Rewrite Rule

Hi I have this Cisco-AVPair = "acct-input-octets-ipv6=xxx" on my radius acct-request packet coming from my Cisco BRAS.
I want to rewrite it to something like this acct-input-octets-ipv6=xxx on my preacct section of my default server (/etc/freeradius/sites-available/default) config and update my request .....
I have this policy already

if( &Cisco-AVPair[*]=~/\(acct-input-octets-ipv6\)=\(\d+)/ ) {
                        update request {
                                &acct-input-octets-ipv6 := "%{2}"
                        }
                }

But seems it doing nothing. Maybe my regex above is wrong or something but that's why I ask .
Here is the portion of my freeradius -X I think it is relevant to this question.

# Executing section preacct from file /etc/freeradius/sites-enabled/default
(2)   preacct {
(2)     policy acct_counters64.preacct {
(2)       update request {
(2)         WARNING: Can't find &Acct-Input-Gigawords.  Using 0 as operand value
(2)         EXPAND %{expr:(&Acct-Input-Gigawords << 32) | &Acct-Input-Octets}
(2)            --> 52
(2)         &Acct-Input-Octets64 = 52
(2)         WARNING: Can't find &Acct-Output-Gigawords.  Using 0 as operand value
(2)         EXPAND %{expr:(&Acct-Output-Gigawords << 32) | &Acct-Output-Octets}
(2)            --> 92
(2)         &Acct-Output-Octets64 = 92
(2)       } # update request = noop
(2)     } # policy acct_counters64.preacct = noop
(2)     [preprocess] = ok
(2)     if ( &User-Name !~ /\@/ ) {
(2)     if ( &User-Name !~ /\@/ )  -> FALSE
(2)     update request {
(2)       EXPAND %{expr: %l - %{%{Acct-Session-Time}:-0} - %{%{Acct-Delay-Time}:-0}}
(2)          --> 1541032848
(2)       &FreeRADIUS-Acct-Session-Start-Time := Nov  1 2018 13:40:48 +13
(2)     } # update request = noop
(2)     policy acct_unique {
(2)       update request {
(2)         Tmp-String-9 := "ai:"
(2)       } # update request = noop
(2)       if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) &&       ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i)) {
(2)       EXPAND %{hex:&Class}
(2)          -->
(2)       EXPAND ^%{hex:&Tmp-String-9}
(2)          --> ^61693a
(2)       if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) &&       ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i))  -> FALSE
(2)       else {
(2)         update request {
(2)           EXPAND %{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}
(2)              --> 8022139d00768a562a41866693fa1427
(2)           &Acct-Unique-Session-Id := 8022139d00768a562a41866693fa1427
(2)         } # update request = noop
(2)       } # else = noop
(2)     } # policy acct_unique = noop
(2)     if ( &Cisco-AVPair[*]=~/\(acct-input-octets-ipv6\)=\(\d+)/ ) {
(2)     if ( &Cisco-AVPair[*]=~/\(acct-input-octets-ipv6\)=\(\d+)/ )  -> FALSE
(2)     if ( &Cisco-AVPair[*]=~/\(acct-output-octets-ipv6\)=\(\d+)/ ) {
(2)     if ( &Cisco-AVPair[*]=~/\(acct-output-octets-ipv6\)=\(\d+)/ )  -> FALSE
(2)   } # preacct = ok


Confidentiality Notice: This email (including any attachment) is intended for internal use only. Any unauthorized use, dissemination or copying of the content is prohibited. If you are not the intended recipient and have received this e-mail in error, please notify the sender by email and delete this email and any attachment.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Confidentiality Notice: This email (including any attachment) is intended for internal use only. Any unauthorized use, dissemination or copying of the content is prohibited. If you are not the intended recipient and have received this e-mail in error, please notify the sender by email and delete this email and any attachment.
Confidentiality Notice: This email (including any attachment) is intended for internal use only. Any unauthorized use, dissemination or copying of the content is prohibited. If you are not the intended recipient and have received this e-mail in error, please notify the sender by email and delete this email and any attachment.

More information about the Freeradius-Users mailing list