Thank you, but where exactly do I specify my authorization policy?
In the sites-available/default file, or in radiusd.conf? In what (sub)section?

I'm trying a simpler policy for now:

if(%{request:SDP-Bandwidth}<=2000) { Auth-Type := Accept }
        else { Auth-Type := Reject }

I've tried this in default's post-auth section, but it doesn't seem to work (the server runs fine, but this condition is never verified).
I've tried it in radiusd.conf's post-auth section, but the server won't start:

/etc/freeradius/radiusd.conf[2129]: EOF reached without closing brace for section post-auth starting at line 2032

although I've checked, and every brace is matched. (By the way, SDP-Bandwidth is a custom defined attribute, type integer)
What am I doing wrong?


On 10 June 2011 14:19, Alan DeKok <aland@deployingradius.com> wrote:
Tiberiu Breana wrote:
> Is it possible to authenticate users based on an attribute, if it exists
> (in their request), but ignore it if it doesn't?
> I've read the 'man users', but haven't found anything suitable.

$ man unlang

 Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html