Hi,
I'm working on setting up a radius environment for wifi authentication with an LDAP backend. It is a multi-location deal and I'm going to have over 500 different SSIDs each requiring different LDAP attributes to match. So, there will be a long list something like the below. Anybody think that is going to cause significant delays or make freeradius poop itself?
post-auth {
ldap.authorize if ( Called-Station-Id =~ /AC-86-74-76-21-.*:SSID1/ && reply:My-Local-String == "140599" ) { noop } elsif ( Called-Station-Id =~ /AC-86-74-90-AD-.*:SSID2/ && reply:My-Local-String == "330492" ) { noop } .....Repeat 500 times else { reject }
my opinion? use a DB for the Called-Station-Id/SSId/My-Local-String check. alan