CallingStation ID
Ben Humpert
ben at an3k.de
Tue Jun 23 02:03:40 CEST 2015
I have this policy using ulang and regex. It is based on the standard
coming with eg. FR 3.0.7
mac-addr-regexp =
'([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})'
policy.sanitize_calling-station-id {
if (&Calling-Station-Id && (&Calling-Station-Id =~
/^${policy.mac-addr-regexp}$/i)) {
update request {
&Calling-Station-Id :=
"%{toupper:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}}"
}
updated
}
else {
noop
}
}
This rewrites incoming Calling-Station-Id to the correct format
11-22-33-44-55-66. However, you still have to place
policy.sanitize_calling-station-id into site-enabled/default in the
authorize section at the beginning so that for all following
auth-types or checks (eg. with ulang) the correct MAC format is
available.
authorize {
policy.sanitize_calling-station-id
chap
...
...
}
You don't have to modify that regex but in case you want but have
problems with understanding it you can use
http://www.freeformatter.com/regex-tester.html Put the value of
mac-addr-regexp (without '') in the "Regular expression" field, enter
eg. 904e2b61bfe3 into the "Entry to test against" text area and put
$1-$2-$3-$4-$5-$6 into the "Replace with (Optional)" field and click
"REPLACE" and you'll see how your malformed mac address turns into a
valid one :) The one thing this website is not doing is
90-4e-2b-61-bf-e3 -> 90-4E-2B-61-BF-E3 but the above ulang code does.
And because you have a policy.conf I guess you use FR version 2.x.x
and I know what Alan would say: "Update to a newer version" :) It is
much easier to administrate and would already came with all the regex
ulang stuff you need.
Best regards,
Ben
2015-06-22 22:36 GMT+02:00 Andrés Gómez <andres.gomez.ruiz at gmail.com>:
> Hi everybody!!
>
> I'm trying to do a web based authentication and a MAC auth with the same
> NAS, so I plan to take the data in the table raddacct (calingstationid) in
> the first login of each user, to create a new user in the radcheck table
> for the MAC auth in the next sessions of the same user.
>
> Example.
>
> User1 -> web based auth -> radacct data -> callingstationid (MAC)
> taking callingstationid -> radcheck username
>
> I made it manually and it works, but I have an issue.
>
> The CallingStationID is written in this way: 90-4E-2B-61-BF-E3
>
> But, the MAC auth request is arriving in this way: 904e2b61bfe3
>
> So If I copy the callingstationid from raddacct table, to the radcheck
> table, the MAC auth won't work; because the formats of data are differents.
>
> How can I modify the calling station ID that will be written in the radacct
> table?
> I have read that there are some ulang lines in the policy.conf file, but I
> don't understand how to use them.
>
> Regards,
>
> --
> *C. Andrés Gómez R.*
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list