Setting different IDLE-TIMEOUTS based on IP Address
Alan DeKok
aland at deployingradius.com
Tue Apr 16 22:26:40 CEST 2013
John Giordano wrote:
> Could you please speak to the interrelationship between the clients file
> and the huntgroups file?
The clients.conf file defines IP, secret, "type", etc. for the NASes.
The huntgroups file allows you to put clients into logical groups.
> These are the two different equipment types we would like to have
> different IDLE-TIMEOUTs for.
So key off of the equipment type, not the IP.
> I would rather not have to define 254 different entries in our
> huntgroups file (254 hosts in a Class C obviously). Can I use a netmask
> somehow in the huntgroups file?
Not really. The syntax of the huntgroups file is pretty limited.
> In pseudo parlance this is what I am trying to accomplish in huntgroups:
>
> MSP 7345’s NAS-IP-Address == 10.99.3.0/24
Yeah... that won't work.
You can use "unlang", though:
if ((NAS-IP-Address >= 10.99.3.0) && \
(NAS-IP-Address <= 10.99.3.255)) {
update reply {
Idle-Timeout := 1800
}
}
That's pretty straightforward.
Alan DeKok.
More information about the Freeradius-Users
mailing list