Semantics of !~ operator
Alan DeKok
aland at deployingradius.com
Tue Apr 28 14:07:15 CEST 2015
On Apr 28, 2015, at 7:36 AM, Gerald Vogt <vogt at spamcop.net> wrote:
> The default server has the Called-Station-Id attribute, it does correctly extract the SSID from the Id and it correctly puts it into the Called-Station-SSID. I even do some checks in unlang based on that SSID in the outer server and they show results as expected.
Hmm... the TTLS / PEAP code only copies over RADIUS *protocol* attributes. It doesn't copy anything else. I suppose that should be documented better.
> So I suppose in that context the attribute exists. But it doesn't go into the inner tunnel. Neither by means of the eap module copy_request_to_tunnel=yes nor by the added "update request" in the inner tunnel.
You should be able to do:
update request {
Called-Station-SSID := &outer.request:Called-Station-SSID
}
If that doesn't work, it's likely a bug.
> Yes. I know that. That's how I did it in the beginning. My own "ssid" policy does not modify Called-Station-Id and thus I could extract the SSID in the inner tunnel as well.
Just run the policy in the inner tunnel, not the outer one.
Alan DeKok.
More information about the Freeradius-Users
mailing list