doing this policy test in postauth policy add_inter_vrf { reply .= { Cisco-Avpair += "ip:ip-unnumbered=l10" Cisco-Avpair += "ip:vrf-id=CHL-PRIVATE" Cisco-Avpair += "ip:addr-pool=privatepool" } } policy intervrf { # if ( (request:Client-Short-Name =~ "noc08rt1[45]") && # (request:Hint == "CHL-PRIVATE") # ) if ( control:Hint == "CHL-PRIVATE") { add_inter_vrf() pool_conflict_ipaddr() } } policy post-auth { intervrf() } segfaults. below patch seems to correct and match when expected to. ( Hint += check line in users file) The segfault is at valuepair.c:78 which could probably use a check for NULL This is on CVS 10/29, kindly ignore if CVS head addresses this. (Off to check) diff -u ../../debian5/freeradius-1.1.0/src/modules/rlm_policy/evaluate.c src/modules/rlm_policy/evaluate.c --- ../../debian5/freeradius-1.1.0/src/modules/rlm_policy/evaluate.c 2005-11-07 14:51:16.000000000 -0500 +++ src/modules/rlm_policy/evaluate.c 2005-11-22 22:04:46.000000000 -0500 @@ -612,9 +612,13 @@ * error codes than "comparison is less * than, equal to, or greater than zero". */ - compare = simplepaircmp(state->request, - vp, myvp); - pairfree(&myvp); + if (myvp) { + compare = simplepaircmp(state->request, + vp, myvp); + pairfree(&myvp); + } + else + compare = -1; } else { /*