regexp in huntgroup

Peter Balsianok balsianok.peter at gmail.com
Tue Apr 14 16:12:52 CEST 2015 

Hi,

I have configuration file (huntgroup):

LNS   NAS-IP-Address =~ /^213\.151\.231\./
LNS   NAS-IP-Address =~ /^213\.151\.232\./
LNS   NAS-IP-Address == 213.151.235.230

Why freeradius does not set Huntgroup-Name to LNS (based on first regexp if
NAS-IP-Address=213.151.231.112) ?

If i use LNS   NAS-IP-Address == 213.151.231.112, freeradius sets
Huntgroup-Name correct.

Debug output:
Copyright (C) 1999-2015 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Starting - reading configuration files ...
including dictionary file
/app/radius/freeradius-3.0.7/share/freeradius/dictionary
including dictionary file
/app/radius/freeradius-3.0.7/share/freeradius/dictionary.dhcp
including dictionary file
/app/radius/freeradius-3.0.7/share/freeradius/dictionary.vqp
including dictionary file ../../raddb/auth/dictionary
including configuration file ../../raddb/auth/radiusd.conf
including configuration file ../../raddb/auth/templates.conf
including configuration file ../../raddb/auth/proxy.conf
including configuration file ../../raddb/auth/clients.conf
including files in directory ../../raddb/auth/mods-enabled/
including configuration file ../../raddb/auth/mods-enabled/realm
including configuration file ../../raddb/auth/mods-enabled/files
including configuration file ../../raddb/auth/mods-enabled/unpack
including configuration file ../../raddb/auth/mods-enabled/attr_filter
including configuration file ../../raddb/auth/mods-enabled/chap
including configuration file ../../raddb/auth/mods-enabled/expr
including configuration file ../../raddb/auth/mods-enabled/linelog
including configuration file ../../raddb/auth/mods-enabled/pap
including configuration file ../../raddb/auth/mods-enabled/detail
including configuration file ../../raddb/auth/mods-enabled/preprocess
including configuration file ../../raddb/auth/mods-enabled/always
including files in directory ../../raddb/auth/policy.d/
including configuration file ../../raddb/auth/policy.d/nas
including configuration file ../../raddb/auth/policy.d/operator-name
including configuration file ../../raddb/auth/policy.d/username
including configuration file ../../raddb/auth/policy.d/cui
including configuration file ../../raddb/auth/policy.d/dhcp
including configuration file ../../raddb/auth/policy.d/filter
including configuration file ../../raddb/auth/policy.d/abfab-tr
including configuration file ../../raddb/auth/policy.d/eap
including configuration file ../../raddb/auth/policy.d/accounting
including configuration file ../../raddb/auth/policy.d/control
including configuration file ../../raddb/auth/policy.d/canonicalization
including configuration file ../../raddb/auth/policy.d/debug
including files in directory ../../raddb/auth/sites-enabled/
including configuration file ../../raddb/auth/sites-enabled/default
main {
name = "radiusd"
prefix = "/app/radius/freeradius-3.0.7"
localstatedir = "/app/radius/freeradius-3.0.7/var"
sbindir = "/app/radius/freeradius-3.0.7/sbin"
logdir = "/app/radius/freeradius-3.0.7/var/log/radius"
run_dir = "/app/radius/freeradius-3.0.7/var/run/radiusd"
libdir = "/app/radius/freeradius-3.0.7/lib"
radacctdir = "/app/radius/freeradius-3.0.7/var/log/radius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/app/radius/freeradius-3.0.7/var/run/radiusd/radiusd.pid"
checkrad = "/app/radius/freeradius-3.0.7/sbin/checkrad"
debug_level = 0
proxy_requests = yes
 log {
  stripped_names = no
  auth = no
  auth_badpass = no
  auth_goodpass = no
  colourise = yes
  msg_denied = "You are already logged in - access denied"
 }
 resources {
 }
 security {
  max_attributes = 200
  reject_delay = 1.000000
  status_server = yes
  allow_vulnerable_openssl = "yes"
 }
}
radiusd: #### Loading Realms and Home Servers ####
...
radiusd: #### Loading Clients ####
 client localhost {
  ipaddr = 127.0.0.1
  require_message_authenticator = no
  secret = <<< secret >>>
  nas_type = "other"
  proto = "*"
  limit {
  max_connections = 16
  lifetime = 0
  idle_timeout = 30
  }
 }
 client localhost_ipv6 {
  ipv6addr = ::1
  require_message_authenticator = no
  secret = <<< secret >>>
  limit {
  max_connections = 16
  lifetime = 0
  idle_timeout = 30
  }
 }
...
Found debugger attached
radiusd: #### Instantiating modules ####
 instantiate {
 }
 modules {
  # Loaded module rlm_realm
  # Instantiating module "IPASS" from file
../../raddb/auth/mods-enabled/realm
  realm IPASS {
  format = "prefix"
  delimiter = "/"
  ignore_default = no
  ignore_null = no
  }
  # Instantiating module "suffix" from file
../../raddb/auth/mods-enabled/realm
  realm suffix {
  format = "suffix"
  delimiter = "@"
  ignore_default = no
  ignore_null = no
  }
  # Instantiating module "realmpercent" from file
../../raddb/auth/mods-enabled/realm
  realm realmpercent {
  format = "suffix"
  delimiter = "%"
  ignore_default = no
  ignore_null = no
  }
  # Instantiating module "ntdomain" from file
../../raddb/auth/mods-enabled/realm
  realm ntdomain {
  format = "prefix"
  delimiter = "\\"
  ignore_default = no
  ignore_null = no
  }
  # Loaded module rlm_files
  # Instantiating module "files" from file
../../raddb/auth/mods-enabled/files
  files {
  filename = "../../raddb/auth/mods-config/files/authorize"
  usersfile = "../../raddb/auth/mods-config/files/authorize"
  acctusersfile = "../../raddb/auth/mods-config/files/accounting"
  preproxy_usersfile = "../../raddb/auth/mods-config/files/pre-proxy"
  compat = "cistron"
  }
reading pairlist file ../../raddb/auth/mods-config/files/authorize
[../../raddb/auth/mods-config/files/authorize]:182 Cistron compatibility
checks for entry DEFAULT ...
[../../raddb/auth/mods-config/files/authorize]:189 Cistron compatibility
checks for entry DEFAULT ...
[../../raddb/auth/mods-config/files/authorize]:195 Cistron compatibility
checks for entry DEFAULT ...
reading pairlist file ../../raddb/auth/mods-config/files/authorize
[../../raddb/auth/mods-config/files/authorize]:182 Cistron compatibility
checks for entry DEFAULT ...
[../../raddb/auth/mods-config/files/authorize]:189 Cistron compatibility
checks for entry DEFAULT ...
[../../raddb/auth/mods-config/files/authorize]:195 Cistron compatibility
checks for entry DEFAULT ...
reading pairlist file ../../raddb/auth/mods-config/files/accounting
reading pairlist file ../../raddb/auth/mods-config/files/pre-proxy
  # Loaded module rlm_unpack
  # Instantiating module "unpack" from file
../../raddb/auth/mods-enabled/unpack
  # Loaded module rlm_attr_filter
  # Instantiating module "attr_filter.post-proxy" from file
../../raddb/auth/mods-enabled/attr_filter
  attr_filter attr_filter.post-proxy {
  filename = "../../raddb/auth/mods-config/attr_filter/post-proxy"
  key = "%{Realm}"
  relaxed = no
  }
reading pairlist file ../../raddb/auth/mods-config/attr_filter/post-proxy
  # Instantiating module "attr_filter.pre-proxy" from file
../../raddb/auth/mods-enabled/attr_filter
  attr_filter attr_filter.pre-proxy {
  filename = "../../raddb/auth/mods-config/attr_filter/pre-proxy"
  key = "%{Realm}"
  relaxed = no
  }
reading pairlist file ../../raddb/auth/mods-config/attr_filter/pre-proxy
  # Instantiating module "attr_filter.access_reject" from file
../../raddb/auth/mods-enabled/attr_filter
  attr_filter attr_filter.access_reject {
  filename = "../../raddb/auth/mods-config/attr_filter/access_reject"
  key = "%{User-Name}"
  relaxed = no
  }
reading pairlist file ../../raddb/auth/mods-config/attr_filter/access_reject
  # Instantiating module "attr_filter.access_challenge" from file
../../raddb/auth/mods-enabled/attr_filter
  attr_filter attr_filter.access_challenge {
  filename = "../../raddb/auth/mods-config/attr_filter/access_challenge"
  key = "%{User-Name}"
  relaxed = no
  }
reading pairlist file
../../raddb/auth/mods-config/attr_filter/access_challenge
  # Instantiating module "attr_filter.accounting_response" from file
../../raddb/auth/mods-enabled/attr_filter
  attr_filter attr_filter.accounting_response {
  filename = "../../raddb/auth/mods-config/attr_filter/accounting_response"
  key = "%{User-Name}"
  relaxed = no
  }
reading pairlist file
../../raddb/auth/mods-config/attr_filter/accounting_response
  # Loaded module rlm_chap
  # Instantiating module "chap" from file ../../raddb/auth/mods-enabled/chap
  # Loaded module rlm_expr
  # Instantiating module "expr" from file ../../raddb/auth/mods-enabled/expr
  expr {
  safe_characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:
/��������������������������������������a����������������������������������������"
  }
  # Loaded module rlm_linelog
  # Instantiating module "linelog" from file
../../raddb/auth/mods-enabled/linelog
  linelog {
  filename = "/app/radius/freeradius-3.0.7/var/log/radius/linelog"
  permissions = 384
  format = "This is a log message for %{User-Name}"
  reference = "messages.%{%{Packet-Type}:-default}"
  }
  # Instantiating module "log_accounting" from file
../../raddb/auth/mods-enabled/linelog
  linelog log_accounting {
  filename =
"/app/radius/freeradius-3.0.7/var/log/radius/linelog-accounting"
  permissions = 384
  format = ""
  reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}"
  }
  # Instantiating module "log_acct_bras" from file
../../raddb/auth/mods-enabled/linelog
  linelog log_acct_bras {
  filename = "/app/radius/freeradius-3.0.7/var/log/radius/bdsl-%D.log"
  permissions = 384
  format = ""
  reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}"
  }
  # Instantiating module "log_acct_common" from file
../../raddb/auth/mods-enabled/linelog
  linelog log_acct_common {
  filename = "/app/radius/freeradius-3.0.7/var/log/radius/common-%D.log"
  permissions = 384
  format = ""
  reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}"
  }
  # Loaded module rlm_pap
  # Instantiating module "pap" from file ../../raddb/auth/mods-enabled/pap
  pap {
  normalise = yes
  }
  # Loaded module rlm_detail
  # Instantiating module "detail" from file
../../raddb/auth/mods-enabled/detail
  detail {
  filename =
"/app/radius/freeradius-3.0.7/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
  header = "%t"
  permissions = 384
  locking = no
  escape_filenames = no
  log_packet_header = no
  }
  # Loaded module rlm_preprocess
  # Instantiating module "preprocess" from file
../../raddb/auth/mods-enabled/preprocess
  preprocess {
  huntgroups = "../../raddb/auth/mods-config/preprocess/huntgroups"
  hints = "../../raddb/auth/mods-config/preprocess/hints"
  with_ascend_hack = no
  ascend_channels_per_line = 23
  with_ntdomain_hack = no
  with_specialix_jetstream_hack = no
  with_cisco_vsa_hack = no
  with_alvarion_vsa_hack = no
  }
reading pairlist file ../../raddb/auth/mods-config/preprocess/huntgroups
reading pairlist file ../../raddb/auth/mods-config/preprocess/hints
  # Loaded module rlm_always
  # Instantiating module "reject" from file
../../raddb/auth/mods-enabled/always
  always reject {
  rcode = "reject"
  simulcount = 0
  mpp = no
  }
  # Instantiating module "fail" from file
../../raddb/auth/mods-enabled/always
  always fail {
  rcode = "fail"
  simulcount = 0
  mpp = no
  }
  # Instantiating module "ok" from file ../../raddb/auth/mods-enabled/always
  always ok {
  rcode = "ok"
  simulcount = 0
  mpp = no
  }
  # Instantiating module "handled" from file
../../raddb/auth/mods-enabled/always
  always handled {
  rcode = "handled"
  simulcount = 0
  mpp = no
  }
  # Instantiating module "invalid" from file
../../raddb/auth/mods-enabled/always
  always invalid {
  rcode = "invalid"
  simulcount = 0
  mpp = no
  }
  # Instantiating module "userlock" from file
../../raddb/auth/mods-enabled/always
  always userlock {
  rcode = "userlock"
  simulcount = 0
  mpp = no
  }
  # Instantiating module "notfound" from file
../../raddb/auth/mods-enabled/always
  always notfound {
  rcode = "notfound"
  simulcount = 0
  mpp = no
  }
  # Instantiating module "noop" from file
../../raddb/auth/mods-enabled/always
  always noop {
  rcode = "noop"
  simulcount = 0
  mpp = no
  }
  # Instantiating module "updated" from file
../../raddb/auth/mods-enabled/always
  always updated {
  rcode = "updated"
  simulcount = 0
  mpp = no
  }
 } # modules
radiusd: #### Loading Virtual Servers ####
server { # from file ../../raddb/auth/radiusd.conf
} # server
server default { # from file ../../raddb/auth/sites-enabled/default
 # Loading authenticate {...}
 # Loading authorize {...}
Ignoring "sql" (see raddb/mods-available/README.rst)
Ignoring "ldap" (see raddb/mods-available/README.rst)
 # Loading preacct {...}
 # Loading accounting {...}
 # Loading post-auth {...}
} # server default
radiusd: #### Opening IP addresses and Ports ####
listen {
  type = "auth"
  ipaddr = *
  port = 0
   limit {
    max_connections = 16
    lifetime = 0
    idle_timeout = 30
   }
}
listen {
  type = "acct"
  ipaddr = *
  port = 0
   limit {
    max_connections = 16
    lifetime = 0
    idle_timeout = 30
   }
}
listen {
  type = "auth"
  ipv6addr = ::
  port = 0
   limit {
    max_connections = 16
    lifetime = 0
    idle_timeout = 30
   }
}
listen {
  type = "acct"
  ipv6addr = ::
  port = 0
   limit {
    max_connections = 16
    lifetime = 0
    idle_timeout = 30
   }
}
Listening on auth address * port 1812 bound to server default
Listening on acct address * port 1813 bound to server default
Listening on auth address :: port 1812 bound to server default
Listening on acct address :: port 1813 bound to server default
Opening new proxy socket 'proxy address * port 0'
Listening on proxy address * port 44433
Ready to process requests
(0) Received Accounting-Request Id 230 from 127.0.0.1:42714 to
127.0.0.1:1813 length 278
(0)   NAS-Port-Type = ISDN
(0)   Acct-Status-Type = Interim-Update
(0)   Connect-Info = '4294967295/0'
(0)   Acct-Output-Packets = 55646737
(0)   NAS-IP-Address = 213.151.231.112
(0)   Acct-Output-Octets = 2287091997
(0)   Acct-Session-Time = 4044432
(0)   User-Name = 'foo at orangenet.sk'
(0)   Acct-Input-Packets = 35210049
(0)   Acct-Input-Octets = 2507619532
(0)   Acct-Session-Id = '01F157C4'
(0)   Acct-Output-Gigawords = 17
(0)   Service-Type = Framed-User
(0)   Acct-Authentic = RADIUS
(0)   NAS-Port-Id = 'Uniq-Sess-ID21041'
(0)   Calling-Station-Id = '#FINT_C210_01#90847724#
Slot:205,Port:25,VPI:1,VCI:32'
(0)   Framed-Protocol = PPP
(0)   Acct-Input-Gigawords = 0
(0)   NAS-Port = 41041
(0)   Acct-Delay-Time = 0
(0) # Executing section preacct from file
../../raddb/auth/sites-enabled/default
(0)   preacct {
(0) preprocess: EXPAND /^213\.151\.231\./
(0) preprocess:    --> /^213\.151\.231\./
(0) preprocess: EXPAND /^213\.151\.232\./
(0) preprocess:    --> /^213\.151\.232\./
(0)     [preprocess] = ok
....
(0)     [detail] = ok
(0)     if (&Huntgroup-Name) {
(0)     if (&Huntgroup-Name)  -> FALSE
(0)     if (&Huntgroup-Name)  {
...

Thank you

More information about the Freeradius-Users mailing list