Patch for >1 match in hints file
Phil Mayers
p.mayers at imperial.ac.uk
Wed Aug 22 13:52:26 CEST 2007
All,
I would appreciate comments on:
http://bugs.freeradius.org/show_bug.cgi?id=477
This allows slightly more flexibility. Obviously tricks like this are
obsolete in 2.x but we're not there yet. We'll be running this locally -
I'd very much like it accepted upstream if possible.
Usage would be:
/etc/raddb/hints:
# lookup the machine zone in SQL
DEFAULT
Zone = `%{sql:...}`,
Fall-Through = yes
# strip the leading 3 bytes from MAC addresses
DEFAULT Calling-Station-Id =~ "(..):(..):(..):..:..:.."
Vendor = `%{1}-%{2}-%{3}`
/etc/raddb/eth2name (used in a "passwd" to map Vendor to VendorName):
00-0c-29:virtual-vmware
00-16-3e:virtual-xen
/etc/raddb/users:
# don't send banned vlan to virtual machines
DEFAULT VendorName =~ "virtual.*", Zone == "banned", Auth-Type := Reject
# real machines get a banned vlan as opposed to rejection
DEFAULT Zone == "banned"
Tunnel-Medium-Type = IEEE-802,
Tunnel-Type = VLAN,
Tunnel-Private-Group-Id = `%{sql:...}`
More information about the Freeradius-Users
mailing list