Trying to apply a simple proxy_reply law
Marc Miranda (GOWEX)
mmiranda at iber-x.com
Fri May 11 08:57:30 CEST 2007
Hello freeRADIUS friends!
First of all, thank you all for your great labour developing such a great
software.
I have a doubt and it's very important for us to resolve it ASAP. We've
installed freeRADIUS in its Version 1.0.2.
Our problem is that we want to apply that rule:
ACCESS RADIUS --------> OUR PROXY -------------------> HOME RADIUS
<-----------------------------------------------------|
(Filter)
If an auth packet from a home RADIUS in our proxy it's been sent to the
access RADIUS, we want that Session-Timeout attribute has a maximum of 3600
seconds.
That's why we want to apply the following algorithm:
If Session-Timeout is null, we want to proxy it with a value of a 3600
seconds
If Session-Timeout is greater than 3600 we want forward it with 3600
seconds
If Session-Timeout is smaller or equals to 3600, we want to respect it
I'm sorry if that's trivial, but I've been a long time reading all kind of
forums and specs, docs and faqs and I can't find the solution:
The problem is:
* Users file only seems to work as a filter for incoming request,
not outcoming ones
* Attr_filter module doesn't allow to write an attribute if and only
if that's NULL (not even with '=' operand which hypothetically assigns a
value only when it does not exist [in users file])
* Attr_rewrite doesn't seem to work unless you put the new_attribute
parameter to yes (is that a bug) and I'm not sure if its possible to use it
if attribute is not attached per se
Hence my doubt. I will be very pleased if you could help me. Thanks a lot in
advance!!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070511/4b9b7534/attachment.html>
More information about the Freeradius-Users
mailing list