Mac-auth

Dmitriy Andryashin safokoi.sikrone at gmail.com
Fri Feb 22 18:08:45 CET 2019 

Flat text file seems to be acceptable, it's a lightweight and can be used
without need of another packages, and also can be gererated by a script.

Is there a way to  check 3 attributes separately in files module, to make
file became readible? Or it can only make decisions on a single key
parameter?

Thank you.

On Sat, Feb 23, 2019 at 12:46 AM Dave Macias <davama at gmail.com> wrote:

> My 2 cents,
>
> your authorized_macs looks closer to a DB.
> Thought of sql? Might be neater maybe
>
> First time i see mac-auth in this way. It is interesting. Though if not too
> many clients a flat file should be ok.
> If you want a custom reply msg you could do that in the default config. Or
> if a log use the linelog module.
>
> Not sure if you authorized_macs file which you "suggest/think" is possible.
> Maybe someone more experience could chime in.
> Be patient
>
> Hope this helps
> Dave
>
> On Fri, Feb 22, 2019 at 2:40 AM Dmitriy Andryashin <
> safokoi.sikrone at gmail.com> wrote:
>
> > Help everyone!
> >
> > I'm working with Freeradius 3.0.15
> > And trying to implement authentification by MAC and NAS-Port and
> > NAS-IP-Address and files module.
> >
> > The solution i found by now is to assign key variable in
> > mods-available/files
> >
> > files authorized_macs {
> >     key = "%{Calling-Station-ID}-%{NAS-Port}-%{NAS-IP-Address}"
> >     usersfile = ${confdir}/authorized_macs
> > }
> >
> > And in authorized_macs have string
> > 00-24-54-05-8D-CB-5002-192.168.100.2
> >
> > It works.
> >
> > Is there a neat way to do it? Check attributes separetelly.
> >
> > For example:
> > authorized_macs contents:
> >
> > 00-24-54-05-8D-CB
> >     Cleartext-Password := 00-24-54-05-8D-CB
> >     NAS-Port == 5002
> >     NAS-IP-Address = 192.168.100.2
> >     Reply-Message = "Device with MAC Address %{Calling-Station-Id}
> > authorized for network access"
> >
> > I appreciate any help)
> >
> > --
> > Best regards, Dmitri
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html



-- 
С уважением к Вам, Дмитрий.

More information about the Freeradius-Users mailing list