Semantics of !~ operator
Gerald Vogt
vogt at spamcop.net
Tue Apr 28 11:01:36 CEST 2015
On 28/04/15 10:31, Arran Cudbard-Bell wrote:
>
>> On 28 Apr 2015, at 08:52, Gerald Vogt <vogt at spamcop.net> wrote:
>>
>> On 28/04/15 09:06, Arran Cudbard-Bell wrote:
>>>
>>>>
>>>> ssid {
>>>> if ( Called-Station-Id ) {
>>>> if ( Called-Station-Id =~ /^[-A-Fa-f0-9]+:(.*)$/ ) {
>>>> update {
>>>> Local-SSID = "%{1}"
>>>> }
>>>> }
>>>> }
>>>> }
>>>
>>> A similar policy already exists in policy.d Calling-Station-SSID is already defined.
>>
>> I found rewrite_called_station_id which does what I need. However, it modifies Called-Station-Id and removes the SSID from the attribute. Now Called-Station-Id is copied from the outer eap into the inner eap tunnel. Called-Station-SSID is not copied, i.e. I don't have the SSID in the inner tunnel.
>>
>> How can modify, which attributes are copied from the outer eap into the inner tunnel? Or how do I get the Called-Station-SSID into the inner tunnel?
>
> update request {
> Called-Station-SSID := &outer.Called-Station-SSID
> }
I tried that but it doesn't work.
I call rewrite_called_station_id after suffix in the authorize section
of the default server. I can see it sets Called-Station-SSID correctly.
In the inner-tunnel I have added those three lines in the beginning of
the authorize section but that doesn't do anything:
(10) authorize {
(10) update request {
(10) } # update request = noop
If I replace &outer.Called-Station-SSID with "MYSSID" it works.
So I guess this means &outer.Called-Station-SSID is not set/seen in the
inner tunnel..
Thanks,
Gerald
More information about the Freeradius-Users
mailing list