Proxy help

David Mitchell mitchell at ucar.edu
Thu Jun 26 23:21:21 CEST 2008 

Ivan Kalik wrote:
> Update reply with unlang:
> 
> http://freeradius.org/radiusd/man/unlang.html

Sure, but where? In the 'attrs' file? I tried adding something there and
it complains:

DEFAULT
        Service-Type := %{proxy-request:Service-Type},
#       Service-Type == Framed-User,
#       Service-Type == Login-User,
        Login-Service == Telnet,

results in
/home/mitchell/fr/etc/raddb/attrs[104]: Parse error (reply) for entry
DEFAULT: Expected end of line or comma
Errors reading /home/mitchell/fr/etc/raddb/attrs

Is attrs not using unlang? If not, what should I be using instead? It
does look like unlang gives me what I want, but it's not clear where I
can use it.

-David

> 
> Ivan Kalik
> Kalik Informatika ISP
> 
> 
> Dana 26/6/2008, "David Mitchell" <mitchell at ucar.edu> piše:
> 
>> I should probably add that I can get the Service-Type added using the
>> 'attrs' file in the post-proxy section. But I want to set the
>> Service-Type based on the user and huntgroup so that users have either
>> Administrative-User or Login-User access depending on the user and
>> device. This doesn't seem to be possible in the attrs file.
>>
>> -David
>>
>> David Mitchell wrote:
>>> I've having a problem getting the proper attributes set on my response
>>> packets when using a proxy.
>>>
>>> If I authenticate locally with something like this in users:
>>> username Cleartext-Password password
>>>         Service-Type = Administrative-User,
>>>         Reply-Message = "Authorized Users Only",
>>>
>>> it works fine. The Service-Type and Reply-Message get sent off to the
>>> NAS and life is good. However, if I activate a NULL realm and proxy the
>>> authentications out, it no longer works. My users file looks more like this:
>>> DEFAULT
>>>         Service-Type = Administrative-User,
>>>         Reply-Message = "Authorized Users Only",
>>>
>>> Judging from the post-proxy-detail and reply-detail logs it looks like
>>> the proxy server is dropping all the attributes and my server doesn't
>>> put them back? Is that correct? And is that the way it's supposed to
>>> work? Thanks in advance,
>>>
>>> -David Mitchell
>>>
>>>
>>
>> --
>> -----------------------------------------------------------------
>> | David Mitchell (mitchell at ucar.edu)       Network Engineer IV  |
>> | Tel: (303) 497-1845                      National Center for  |
>> | FAX: (303) 497-1818                      Atmospheric Research |
>> -----------------------------------------------------------------
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>>
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-- 
-----------------------------------------------------------------
| David Mitchell (mitchell at ucar.edu)       Network Engineer IV  |
| Tel: (303) 497-1845                      National Center for  |
| FAX: (303) 497-1818                      Atmospheric Research |
-----------------------------------------------------------------

More information about the Freeradius-Users mailing list