Hi Alan Dekok, The problem still existed. I have fully tested on my side, here is the test cases: 1. Using if (User-Name =~ /Windows Phone\(.*)/) ====================================================================== rad_recv: Access-Request packet from host my_ip port 56949, id=128, le ngth=177 User-Name = "Windows Phone\\test" NAS-Port-Type = Virtual Service-Type = Framed-User NAS-Port = 119 NAS-Port-Id = "radius" NAS-IP-Address = my_ip Called-Station-Id = "my_ip[4500]" Calling-Station-Id = "115.192.212.93[10001]" EAP-Message = 0x020000190157696e646f77732050686f6e655c6b697269746f NAS-Identifier = "strongSwan" Message-Authenticator = 0xe912c0d73c326349470205370aa8d85f # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/defau lt +group authorize { ++[preprocess] = ok ++[chap] = noop ++[mschap] = noop ++[digest] = noop [suffix] No '@' in User-Name = "Windows Phone\test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] = noop ++? if (User-Name =~ /Windows Phone\(.*)/) ? Evaluating (User-Name =~ /Windows Phone\(.*)/) -> TRUE ++? if (User-Name =~ /Windows Phone\(.*)/) -> TRUE ++if (User-Name =~ /Windows Phone\(.*)/) { +++update request { expand: %{1} -> \\test +++} # update request = noop ++} # if (User-Name =~ /Windows Phone\(.*)/) = noop [eap] EAP packet type response id 0 length 25 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] = updated [sql] expand: %{Stripped-User-Name} -> \\test ====================================================================== 2. Using if (User-Name =~ /Windows Phone\\(.*)/) ====================================================================== rad_recv: Access-Request packet from host my_ip port 56949, id=131, le ngth=177 User-Name = "Windows Phone\\test" NAS-Port-Type = Virtual Service-Type = Framed-User NAS-Port = 120 NAS-Port-Id = "radius" NAS-IP-Address = my_ip Called-Station-Id = "my_ip[4500]" Calling-Station-Id = "115.192.212.93[10001]" EAP-Message = 0x020000190157696e646f77732050686f6e655c6b697269746f NAS-Identifier = "strongSwan" Message-Authenticator = 0x6cc94e3db93e9276138dfeadfd5b4fb3 # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/defau lt +group authorize { ++[preprocess] = ok ++[chap] = noop ++[mschap] = noop ++[digest] = noop [suffix] No '@' in User-Name = "Windows Phone\test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] = noop ++? if (User-Name =~ /Windows Phone\\(.*)/) ? Evaluating (User-Name =~ /Windows Phone\\(.*)/) -> FALSE ++? if (User-Name =~ /Windows Phone\\(.*)/) -> FALSE ====================================================================== 3.Using if (User-Name =~ /Windows Phone\\\\(.*)/) ====================================================================== rad_recv: Access-Request packet from host my_ip port 56949, id=134, le ngth=177 User-Name = "Windows Phone\\test" NAS-Port-Type = Virtual Service-Type = Framed-User NAS-Port = 121 NAS-Port-Id = "radius" NAS-IP-Address = my_ip Called-Station-Id = "my_ip[4500]" Calling-Station-Id = "115.192.212.93[10001]" EAP-Message = 0x020000190157696e646f77732050686f6e655c6b697269746f NAS-Identifier = "strongSwan" Message-Authenticator = 0xd4cc436ce370efc9cc15580c228bcec5 # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/defau lt +group authorize { ++[preprocess] = ok ++[chap] = noop ++[mschap] = noop ++[digest] = noop [suffix] No '@' in User-Name = "Windows Phone\test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] = noop ++? if (User-Name =~ /Windows Phone\\\\(.*)/) ? Evaluating (User-Name =~ /Windows Phone\\\\(.*)/) -> TRUE ++? if (User-Name =~ /Windows Phone\\\\(.*)/) -> TRUE ++if (User-Name =~ /Windows Phone\\\\(.*)/) { +++update request { expand: %{1} -> \test +++} # update request = noop ++} # if (User-Name =~ /Windows Phone\\\\(.*)/) = noop [eap] EAP packet type response id 0 length 25 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] = updated [sql] expand: %{Stripped-User-Name} -> \\test [sql] expand: %{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> \\test [sql] sql_set_user escaped user --> '\\test' ====================================================================== I'm using 'Windows Phone\\\\(.*)' or 'Windows Phone\\(.*)', all worked and returned me 'test'. But what's wrong on unlang regex?(version: 2.2.5) -----Original Message----- From: freeradius-users-bounces+knightluffy=live.com@lists.freeradius.org [mailto:freeradius-users-bounces+knightluffy=live.com@lists.freeradius.org] On Behalf Of Xin Sent: 2014年10月8日 21:47 To: 'FreeRadius users mailing list' Subject: RE: strange regex question I have found my mistake, it should be \\\\ not \\ :) -----Original Message----- From: freeradius-users-bounces+knightluffy=live.com@lists.freeradius.org [mailto:freeradius-users-bounces+knightluffy=live.com@lists.freeradius.org] On Behalf Of Xin Sent: Wednesday, October 08, 2014 9:43 PM To: 'FreeRadius users mailing list' Subject: strange regex question Hi Alan Dekok, I'm looking your reply on: http://lists.freeradius.org/pipermail/freeradius-users/2008-April/027737.htm l And I found you give an example as the following below:
e.g. for : DOMAIN\randy.hall
if (User-Name =~ /^DOMAIN\\(.*)/) { update request { Stripped-User-Name := "%{1}" } }
But it fails in my case: rad_recv: Access-Request packet from host my_ip port 56949, id=250, le ngth=175 User-Name = "Windows Phone\\test" NAS-Port-Type = Virtual .... # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/defau lt +group authorize { ++? if (User-Name =~ /Windows Phone\\(.*)/) ? Evaluating (User-Name =~ /Windows Phone\\(.*)/) -> FALSE ++? if (User-Name =~ /Windows Phone\\(.*)/) -> FALSE I really don't know why it fails. I have tested my case in RegexBuddy, and it worked in POSIX ERE, but POSIX BRE failed. My FreeRadius version is 2.2.5. Appreciate for your help. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html