Attribute evaluation IF the attribute exists

Alan DeKok aland at deployingradius.com
Wed Jun 15 18:17:25 CEST 2011


Tiberiu Breana wrote:
> Thank you, but where exactly do I specify my authorization policy?
> In the sites-available/default file, or in radiusd.conf? In what
> (sub)section?
> 
> I'm trying a simpler policy for now:
> 
> if(%{request:SDP-Bandwidth}<=2000) { Auth-Type := Accept }
>         else { Auth-Type := Reject }

$ man unlang

  This won't work.  It's wrong on a number of levels.

> I've tried this in default's post-auth section, but it doesn't seem to
> work (the server runs fine, but this condition is never verified).
> I've tried it in radiusd.conf's post-auth section, but the server won't
> start:
> 
> /etc/freeradius/radiusd.conf[2129]: EOF reached without closing brace
> for section post-auth starting at line 2032

  Yes... the documentation says that the parse is bad.  You need to put
the statements on individual lines, not all mashed together.

  See the examples.  They work.  There's a reason they work.

  Alan DeKok.



More information about the Freeradius-Users mailing list