Conditional Auth Response?
Darren Ward (darrward)
darrward at cisco.com
Wed Feb 12 02:00:50 CET 2014
Looking for some unlang tutorials I think! :)
I'm trying to combine the two factors I need with is to have a macro entry for a common 'anonymous' set of users together with the ability to manipulate the response and so am trying to munge the two responses I received on the separate threads.
I am getting parse error - expecting operator on the first line so obviously the if +~ isn't an option
Any pointers for me?
if (User-Name =~ /192.168.+/) {
update control {
Cleartext-Password := "cisco"
}
if (Cisco-Control-Info = "QV*") {
update reply {
Cisco-Control-Info += "QV0"
}
}
else {
update reply {
Cisco-Control-Info += "QV50000000"
}
}
}
Darren
-----Original Message-----
From: freeradius-users-bounces+darrward=cisco.com at lists.freeradius.org [mailto:freeradius-users-bounces+darrward=cisco.com at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Tuesday, 11 February 2014 5:14 AM
To: FreeRadius users mailing list
Subject: Re: Conditional Auth Response?
Darren Ward (darrward) wrote:
> I'm looking for a way to change the response to an auth request based on the attributes in the request
$ man unlang
You can write the rules below pretty much as-is.
> - if I receive a request for user 'bob' with just the password then send the response with normal attributes and one that has 'Cisco-Control-Info += "QV50000000"
> - if I receive a request for user 'bob' with password and 'Cisco-Control-Info = QV<value>' then respond with 'Cisco-Control-Info += "QV0"
if (User-Name == 'bob') {
if (Cisco-Control-Info = QV123) {
update reply {
Cisco-Control-Info += "QV0
}
}
else {
update reply {
Cisco-Control-Info += "QV50000000
}
}
Alan Dekok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list