Rewriting realms
Jamie Orzechowski
jamie.orzechowski at gmail.com
Sat Jul 25 15:47:24 CEST 2015
Duh. Sorry it's too early
Radiusd starts now
filter_username {
# spaces at the start: reject
if (User-Name =~ /^ /) {
reject
}
# spaces at the end: reject
if (User-Name =~ / $$/) {
reject
}
# Mixed case: reject
if (User-Name != "%{tolower:%{User-Name}}") {
reject
}
if (User-Name =~ /^([^@]+)@dsl.myrealm.com/) {
update request {
User-Name := "%{1}@myrealm.com"
}
}
if (User-Name =~ /^([^@]+)@myrealm.net/) {
update request {
User-Name := "%{1}@myrealm.com"
}
}
if (User-Name !~ /@/ && NAS-IP-Address == "192.168.1.1") {
update request {
User-Name := "%{1}@myrealm.ca"
}
}
}
On 7/25/2015 9:32 AM, Nathan Ward wrote:
> For starters, you open a bunch of blocks ({) and don’t close them (}). You should also post debug (radius -xX) when asking questions like that, though in this case it’s pretty clear what’s going wrong.
>
> You have to define a policy by putting a block around your code:
>
> my_policy_name {
> <your code>
> }
>
> Then you have to reference my_policy_name in your configuration. See the existing policies and where/how they are used.
>
> --
> Nathan Ward
>
>> On 26/07/2015, at 01:24, Jamie Orzechowski <jamie.orzechowski at gmail.com> wrote:
>>
>> I added the following to policy.conf in the filter_username section but now radiusd fails to start. Where should this syntax go??
>>
>> if (User-Name =~ /^([^@]+)@dsl.myrealm/) {
>> update request {
>> User-Name := "%{1}@myrealm"
>> }
>>
>> if (User-Name =~ /^([^@]+)@myrealm.net/) {
>> update request {
>> User-Name := "%{1}@myrealm.com"
>>
>> if (User-Name !~ /@/, NAS-IP-Address == "192.168.1.1")
>> update request {
>> User-Name := "%{1}@myrealm.com"
>> }
>>
>>
>> On 7/25/2015 7:58 AM, Alan DeKok wrote:
>>> On Jul 24, 2015, at 9:17 PM, Jamie Orzechowski <jamie.orzechowski at gmail.com> wrote:
>>>
>>>> I am a fresh convert from Radiator to FreeRadius.
>>>> How do I strip off everything after the @ in the received username and append @newrealm.com?
>>> $ man unlang
>>>
>>> The simplest way is probably a regex:
>>>
>>>
>>> if (User-Name =~ /^([^@]+)@/) {
>>> update request {
>>> User-Name := "%{1}@newrealm.com"
>>> }
>>> }
>>>
>>> That's the basic idea. You'll have to customize it for any additional requirements.
>>>
>>> Alan DeKok.
>>>
>>>
>>> -
>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list