FR 2.1.6 add realm to User-Name before Proxy by listening port
Phil Mayers
p.mayers at imperial.ac.uk
Mon Dec 13 15:05:06 CET 2010
On 13/12/10 13:48, Mika wrote:
>
> Hello.
> How would i go about configuring the following with FreeRadius 2.1.6?
> I need to change the User-Name attribute by adding a realm to it based on
> incoming listening port, before the Access-Request is proxied
> (Proxy-To-Realm) to backend server.
Easy, use unlang (see "man unlang"):
authorize {
...
if (Packet-Dst-Port == xxx) {
update request {
User-Name := "%{User-Name}@therealm"
}
update control {
Proxy-To-Realm := PROXYREALM
}
}
...
}
Alternatively you could look the realm up in a database:
authorize {
..
update request {
Tmp-String-0 = "%{sql:select ... where port='%{Packet-Dst-Port}'
User-Name := "%{User-Name}@%{Tmp-String-0}"
}
update control {
Proxy-To-Realm := "%{Tmp-String-0}"
}
...
}
There are many variations on this.
More information about the Freeradius-Users
mailing list