Mac-auth. authorized_macs file sintax

Roberto Ortega Ramiro roberto.ortega at escuelassj.com
Fri Jun 21 14:06:53 CEST 2013


Thank you for your fast response.

I have found the problem, i have insert a space before  the mac address.

Sorry and thank you for you time.


2013/6/21 Roberto Ortega Ramiro <roberto.ortega at escuelassj.com>

> Hello, I have configured freeradius for accept one host conection over
> host mac address
>
> This is the log, at the end appear the error:
>
>     Called-Station-Id = "00-90-0B-23-2E-BF:EquiposPortatiles"
>     Calling-Station-Id = "98-0C-82-B5-00-F2"
>     Framed-MTU = 1250
>     NAS-Port-Type = Wireless-802.11
>     Framed-Compression = None
>     Connect-Info = "CONNECT 802.11g"
>     EAP-Message = 0x02010010016c756e612e20626f726a61
>     Message-Authenticator = 0xa4425334968358101505d6ea0a22f5d8
> Fri Jun 21 12:25:22 2013 : Info: # Executing section authorize from file
> /etc/raddb/sites-enabled/default
> Fri Jun 21 12:25:22 2013 : Info: +- entering group authorize {...}
> Fri Jun 21 12:25:22 2013 : Info: ++[preprocess] returns ok
> Fri Jun 21 12:25:22 2013 : Info: ++- entering policy
> rewrite.calling_station_id {...}
> Fri Jun 21 12:25:22 2013 : Info: +++? if ((Calling-Station-Id) &&
> "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i)
> Fri Jun 21 12:25:22 2013 : Info: ?? Evaluating (Calling-Station-Id) -> TRUE
> Fri Jun 21 12:25:22 2013 : Info:     expand: %{Calling-Station-Id} ->
> 98-0C-82-B5-00-F2
> Fri Jun 21 12:25:22 2013 : Info:     expand: policy.mac-addr ->
> policy.mac-addr
> Fri Jun 21 12:25:22 2013 : Info:     expand: ^%{config:policy.mac-addr}$
> ->
> ^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$
> Fri Jun 21 12:25:22 2013 : Info: ? Evaluating ("%{Calling-Station-Id}" =~
> /^%{config:policy.mac-addr}$/i) -> TRUE
> Fri Jun 21 12:25:22 2013 : Info: +++? if ((Calling-Station-Id) &&
> "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) -> TRUE
> Fri Jun 21 12:25:22 2013 : Info: +++- entering if ((Calling-Station-Id) &&
> "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) {...}
> Fri Jun 21 12:25:22 2013 : Info:     expand: %{1}-%{2}-%{3}-%{4}-%{5}-%{6}
> -> 98-0C-82-B5-00-F2
> Fri Jun 21 12:25:22 2013 : Info:     expand:
> %{tolower:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}} -> 98-0c-82-b5-00-f2
> Fri Jun 21 12:25:22 2013 : Info: ++++[request] returns ok
> Fri Jun 21 12:25:22 2013 : Info: ++++[updated] returns updated
> Fri Jun 21 12:25:22 2013 : Info: +++- if ((Calling-Station-Id) &&
> "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) returns updated
> Fri Jun 21 12:25:22 2013 : Info: +++ ... skipping else for request 3:
> Preceding "if" was taken
> Fri Jun 21 12:25:22 2013 : Info: ++- policy rewrite.calling_station_id
> returns updated
> Fri Jun 21 12:25:22 2013 : Info: [authorized_macs]     expand:
> %{Calling-Station-ID} -> 98-0c-82-b5-00-f2
> Fri Jun 21 12:25:22 2013 : Info: ++[authorized_macs] returns noop
>
>
> I have this authorized_macs file:
>
>  98-0c-82-b5-00-f2
>         Reply-Message = "Device with MAC Address %{Calling-Station-Id}
> authorized for network access"
>
>
> What's wrong?
>
> I have try with:
>
>  98-0c-82-b5-00-f2 Expiration := "10 Jul 2013"
>
>  98-0c-82-b5-00-f2
>             Auth-Type := Accept
>
>
> But nothing runs.
>
> Thank you.
>
>
>
> --
> Un saludo.
> ____________________
>
> Roberto Ortega
> Profesor de Informática.
> http://www.proyectoret.es
>
> Escuelas San José Valencia
> Avd.Cortes Valencianas nº1
> 46015 Valencia
> R4600489A
> Tf:963499011 ext. 262
> Fax:963488835
> http://www.escuelassj.com
>
> No imprimas este correo si no es necesario. Protejamos el medio ambiente.
>



-- 
Un saludo.
____________________

Roberto Ortega
Profesor de Informática.
http://www.proyectoret.es

Escuelas San José Valencia
Avd.Cortes Valencianas nº1
46015 Valencia
R4600489A
Tf:963499011 ext. 262
Fax:963488835
http://www.escuelassj.com

No imprimas este correo si no es necesario. Protejamos el medio ambiente.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130621/07e91288/attachment-0001.html>


More information about the Freeradius-Users mailing list