WARNING: Unknown module "tolower" in string expansion "%"

Юра Фролов prostovrn at gmail.com
Fri Aug 7 07:15:13 CEST 2015


As an example for setting used http://wiki.freeradius.org/guide/Mac%20Auth
(on FreeRADIUS 2.1.12 it configuration works very well)


my policy.conf
.......
 mac-addr = ([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[
^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})

        rewrite.called_station_id {
                if((Called-Station-Id) && "%{Called-Station-Id}" =~
/^%{config:policy.mac-addr}(:(.+))?$/i) {
                        update request {
                                Called-Station-Id :=
"%{tolower:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}}"
                        }

                        if ("%{8}") {
                                update request {
                                        Called-Station-Id :=
"%{Called-Station-Id}:%{8}"
                                }
                        }
                        updated
                }
                else {
                        noop
                }
        }

        rewrite.calling_station_id {
                if((Calling-Station-Id) && "%{Calling-Station-Id}" =~
/^%{config:policy.mac-addr}$/i) {
                        update request {
                                Calling-Station-Id :=
"%{tolower:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}}"
                        }
                        updated
                }
                else {
                        noop
                }
        }

#       host-name = host\/[0-9a-f]*\.ww[0-9]{3}\.siemens\.net

        rewrite.host_name {
#               if((User-Name) && "%{User-Name}" =~
/^%{config:policy.host-name}$/i) {
                        update request {
                                Tmp-String-0 := "%{tolower:%{User-Name}}"
                        }
#               }
#               else {
#                       noop
#               }
        }
........

section in conf. file virtual server
.......
  authorize {

        preprocess

        if (!EAP-Message) {

                rewrite.calling_station_id
                authorized_mac

                if ( ok ) {
                        update control {
                                Auth-Type := Accept
                        }
                }
                else {
                        reject
                }
        }
        elsif ( (User-Name == "OpenStagePhone") || (User-Name =~ /^001a/)
|| (User-Name =~ /^0004/) ) {

                eap
        }
        else {
                rewrite.host_name
                authorized_name

                if (ok) {

                        eap
                }
                else {
                        reject
                }
        }
    }

    authenticate {

        eap
        authorized_mac

    }



    session {

    }
   post-auth {

        if ( (User-Name == "OpenStagePhone") || (User-Name =~ /^001a/) ||
(User-Name =~ /^0004/) ) {
                update reply {
                        Cisco-AVPair := "device-traffic-class=voice"
                }
        }

        Post-Auth-Type REJECT {
                attr_filter.access_reject
        }
    }

}



Add question: tolower this modul similarly rlm-eap or or the structure of
the language of programming?


More information about the Freeradius-Users mailing list