User-Id and Calling-Station-Id matching
Alexander Clouter
alex at digriz.org.uk
Sun Feb 22 21:51:17 CET 2009
* tech.subscriptions at shepherdhill.biz <tech.subscriptions at shepherdhill.biz> [Sun, 22 Feb 2009 20:11:54 +0100]:
>
> To prevent impersonation, we need to match User-Id and
> Calling-Station-Id during authentication.
>
> User-Id of the form 4371104 and Calling-Station-Id of the 234001014371104.
>
> Please how do I achieve this?
>
You have given *no* details about how or why or where this is coming
from but I'm guessing from your single example you are looking for:
---- /etc/freeradius/users ----
DEFAULT Calling-Station-Id !~ "[0-9]+%{User-Id}$", Auth-Type := Reject
----
This assumes:
1) User-Id is an attribute, I'm guessing you actually mean UserName
2) Calling-Station-Id is not something a user can influence (I can
change the MAC address on my laptop to whatever I want)
Cheers
--
Alexander Clouter
.sigmonster says: It don't mean a THING if you ain't got that SWING!!
More information about the Freeradius-Users
mailing list