Reject Mac Address
Alan DeKok
aland at deployingradius.com
Wed Mar 12 15:38:06 CET 2014
Khapare Joshi wrote:
> I have list of MAC address which I want to reject. So the question is
> how do I tell freeradius server to the file rejectmacaddres.txt file
> which has banned mac addresses ?
See "man rlm_passwd". It can be configured to read data from a text file.
You probably want something like:
passwd rejectmac {
filename = ${confdir}/rejectmacaddress.txt
delimiter = ,
format = "*Calling-Station-Id"
}
Which looks up the Calling-Station-Id in the file. The contents of
the file MUST be MAC addresses in the SAME format as you see in the
Calling-Station-ID attribute when you read "radiusd -X".
Then in the "authorize" section, do:
authorize {
...
rejectmac
if (ok) {
reject
}
...
}
That says "look up the Calling-Station-Id in the file. If it's found,
reject the user".
Alan DeKok.
More information about the Freeradius-Users
mailing list