Mac-auth

Dave Macias davama at gmail.com
Fri Feb 22 17:46:37 CET 2019


My 2 cents,

your authorized_macs looks closer to a DB.
Thought of sql? Might be neater maybe

First time i see mac-auth in this way. It is interesting. Though if not too
many clients a flat file should be ok.
If you want a custom reply msg you could do that in the default config. Or
if a log use the linelog module.

Not sure if you authorized_macs file which you "suggest/think" is possible.
Maybe someone more experience could chime in.
Be patient

Hope this helps
Dave

On Fri, Feb 22, 2019 at 2:40 AM Dmitriy Andryashin <
safokoi.sikrone at gmail.com> wrote:

> Help everyone!
>
> I'm working with Freeradius 3.0.15
> And trying to implement authentification by MAC and NAS-Port and
> NAS-IP-Address and files module.
>
> The solution i found by now is to assign key variable in
> mods-available/files
>
> files authorized_macs {
>     key = "%{Calling-Station-ID}-%{NAS-Port}-%{NAS-IP-Address}"
>     usersfile = ${confdir}/authorized_macs
> }
>
> And in authorized_macs have string
> 00-24-54-05-8D-CB-5002-192.168.100.2
>
> It works.
>
> Is there a neat way to do it? Check attributes separetelly.
>
> For example:
> authorized_macs contents:
>
> 00-24-54-05-8D-CB
>     Cleartext-Password := 00-24-54-05-8D-CB
>     NAS-Port == 5002
>     NAS-IP-Address = 192.168.100.2
>     Reply-Message = "Device with MAC Address %{Calling-Station-Id}
> authorized for network access"
>
> I appreciate any help)
>
> --
> Best regards, Dmitri
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list