Freeradius proxy: rewriting response messages
Simone Vendemia
metal at cuneo.linux.it
Thu May 8 14:51:33 CEST 2008
On Wed, May 7, 2008 at 10:19 PM, Alan DeKok <aland at deployingradius.com> wrote:
> See the "rewrite" module in radiusd.conf.
>
> In 2.0, you can update any attribute using "unlang".
>
> post-proxy {
> ...
> if (proxy-reply:Framed-IP-Address) {
> update proxy-reply {
> Framed-IP-Address := 1.2.3.4
> ...
> }
> }
> }
>
> Alan DeKok.
>
Thank you for the really useful information. We're now migrating to
2.0 in order to use that feature.
Could be possible to have the new Framed-IP-Address automatically
selected by querying the freeradius sql database?
For example, now our correct values for Framed-IP-Address and
Framed-Route are located in the table radreply:
mysql> select * from radreply;
+----+----------+-------------------+----+-------------------------------+
| id | UserName | Attribute | op | Value |
+----+----------+-------------------+----+-------------------------------+
| 19 | denisio | Framed-Route | += | 192.168.37.0/24 10.4.8.1/32 1 |
| 11 | test | Framed-IP-Address | = | 10.4.8.14 |
| 20 | denisio | Framed-IP-Address | = | 10.4.8.12 |
| 18 | denisio | Framed-Route | += | 192.168.36.0/24 10.4.8.1/32 1 |
+----+----------+-------------------+----+-------------------------------+
It would be really useful to have the route and ip address rewritten
depending on the username, but trying with sql queries directly placed
as an argument for "Framed-IP-Address :=" in update proxy-reply it's
not really working actually :-)
More information about the Freeradius-Users
mailing list