Arbitrary attributes for dynamic clients
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Fri Oct 10 04:17:39 CEST 2014
In latest v3.0.x HEAD the server will now process all attributes in the control list
when creating dynamic clients.
Attributes that are not consumed filling in the fields of the client, will be added as
config items which can be accessed using the "%{client:}" xlat.
For example:
(0) # Executing section authorize from file /usr/local/freeradius/etc/raddb/sites-enabled/dynamic-clients
(0) authorize {
(0) update control {
(0) &FreeRADIUS-Client-IP-Prefix = 127.0.0.0/8
(0) &FreeRADIUS-Client-Require-MA = no
(0) &FreeRADIUS-Client-Secret = 'testing123'
(0) EXPAND %{Packet-Src-IP-Address}
(0) --> 127.0.0.1
(0) &FreeRADIUS-Client-Shortname = "127.0.0.1"
(0) &Tmp-String-0 = 'foooooo'
(0) } # update control = noop
(0) [ok] = ok
(0) } # authorize = ok
} # server dynamic_clients
(0) Converting control list to client fields
(0) ipaddr = 127.0.0.0/8
(0) require_message_authenticator = no
(0) secret = 'testing123'
(0) shortname = '127.0.0.1'
(0) Tmp-String-0 = 'foooooo'
Adding client 127.0.0.0/8 with shared secret "testing123"
(0) EXPAND %{client:Tmp-String-0}
(0) --> foooooo
(0) Tmp-String-1 := "foooooo"
This allows easy caching of any information related to the NAS, such as its capabilities
and any information required for policy decisions.
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141009/1c5a668b/attachment.pgp>
More information about the Freeradius-Users
mailing list