very long regular expression...
Alan DeKok
aland at deployingradius.com
Wed Nov 22 18:03:29 CET 2006
Norbert Grochal wrote:
> I want to disallow login to access points for every hosts that are not
> in my network.
>
> So at the end of /usr/local/etc/raddb/users file I put regular
> expression that checks if Calling-Station-Id IS NOT in list of my hosts...
>
> DEFAULT Auth-Type := REJECT, Calling-Station-Id !~
> "008012323244|002938475473|<and many other macs...>"
Don't do that. It's ugly. Use rlm_passwd. See "man rlm_passwd".
That lets you list all of the MACs in one flat text file, which is a
LOT easier to manage by a script than the "users" file.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list