Confused about ssl caching

Leszek Komor leszek at wsb.torun.pl
Thu Jul 18 03:07:04 CEST 2019


W dniu 2019-07-17 15:21, Sven Hartge napisaƂ(a):

> even start to use this feature. I've been staring at the configuration,
> the documentation (which essentially said the same as the comment in 
> the
> configuration) and the code and had no idea when and how to use
> "Cached-Session-Policy". Do I set it to the name of the policy used to
> add the VLAN attributes? Do I just add the resulting attributes
> directly? Is it a string or an array?
> 

Hi Sven

I'm using Cached-Session-Policy and its part of my working configuration 
(i changed only vlan to number to better view) - this idea to use regexp 
is taken from some source (i dont remember where it was - maybe 
somewhere in networkradius.com?). It works as expected.

Regards,
Leszek

#
# inner tunnel server
#--------------------

post-auth {
      update reply {
         &Cached-Session-Policy := "rid=%{wsb:SELECT 
nextval('rid_seq')}cui=%{control:WSB-CUI}vlan=500"
  	...

#
# outer server for requests from nas
#
#-----------------

post-auth {
     if(&reply:Cached-Session-Policy) {
         if(&reply:Cached-Session-Policy =~ /rid=(.+)cui=(.+)vlan=(.+)/) 
{
             update reply {
                 &Class := "%{1}"
                 &Chargeable-User-Identity := "%{2}"
                 &Tunnel-Private-Group-ID := "%{3}"
		...
#
# outer server for requests from eduroam proxy servers
#
#-----------------

post-auth {
     if(&reply:Cached-Session-Policy) {
         if(&reply:Cached-Session-Policy =~ /rid=(.+)cui=(.+)vlan=(.+)/) 
{
		if(&request:Chargeable-User-Identity) {
             		update reply {
                 		&Chargeable-User-Identity := "%{2}"
				# remove User-Name etc.
				...






More information about the Freeradius-Users mailing list