confused with unlang
Alan DeKok
aland at deployingradius.com
Wed Oct 20 18:13:52 CEST 2010
Wayne Lee wrote:
> I'm getting myself confused with unlang and hoping somebody can help.
> I have read the docs but just don't fully get it.
"unlang" is just a simple set of comparisons and logic.
> I'm trying to filter requests by part of the calling-station-id and
> update/rewrite the reply depending on what group it is in. The below
> is what I've got in the config
>
>
> post-auth {
>
> if(Calling-Station-Id >= "foo") {
You're doing "greater than or equal" checks on a string?
> if(SQL-Group == "SR1"){
> update reply {
> Tunnel-Server-Endpoint := 192.168.1.1
> Tunnel-Type := L2TP
> Tunnel-Medium-Type := IP
> Cisco-AVPair := vpdn:tunnel-id=provider.net
> Cisco-AVPair := vpdn:l2tp-tunnel-password=abc
> Framed-Protocol -= PPP
> Service-Type -= Framed-User
> Port-Limit -= 32
It's always better *not* add attributes, rather than adding them and
later deleting them.
> The provider is sending "foo" or "bar" (depends on the LTS) and a ID
> number in the calling-station-id which is why I used ">=".
Regexes are better at string matches than numerical comparison operators.
> Further to that, when the provider sends bar and the user is not in
> group SR1 i need to reply with a different tunnel-server-endpoint.
> I understand why it's not working due to the use of ">=" but I don't
> know how to fix it, I've tried using else statements/clauses but I'm
> lost. We are using multiple LNS's (some dedicated for customers or
> service).
Use regexes. Run the server in debugging mode to see what is being
matched, and why.
Alan DeKok.
More information about the Freeradius-Users
mailing list