Lookup lists / arrays?

Alan DeKok aland at deployingradius.com
Wed Nov 2 18:03:07 CET 2016 

> On Nov 2, 2016, at 12:42 PM, David Hartburn <D.J.Hartburn at kent.ac.uk> wrote:
> I think that is one thing I keep failing to get the correct way round with FreeRADIUS, you do not do 'if (do something)', you do something then check the result with an if.

  Yes.  It's not a real language, and there are no functions.  Which makes it a bit weird.

> Once you are in the right mind set, it does make some quite neat and tidy configs.
> 
> It is not quite working though, do you think I'm specifying my file correctly? It certainly seems to be reading it in, running with -X:
>  # Loading module "eduroam_static_ip" from file /etc/raddb-kent/mods-enabled/files
>  files eduroam_static_ip {
>  	usersfile = "/etc/raddb-kent/eduroam_static_ip"
>  	key = "%{Calling-Station-ID}"
>  }
> .....
>  # Instantiating module "eduroam_static_ip" from file /etc/raddb-kent/mods-enabled/files
> reading pairlist file /etc/raddb-kent/eduroam_static_ip
> 
> Then during an auth test:
> (10) eduroam_static_ip: EXPAND %{Calling-Station-ID}
> (10) eduroam_static_ip:    --> 42-42-42-42-42-42
> (10)       [eduroam_static_ip] = noop

  Which means it didn't match.

> (10)       if (ok) {
> (10)       if (ok)  -> FALSE
> 
> I had tried following closely the MacAuth guide on the wiki (https://wiki.freeradius.org/guide/mac-auth), so I added the Reply-To after my MACs just to see if having an attribute in there made a difference. With a few different formats thrown in, that now reads:
> # eduroam_static_ip
> #
> # Contains a list of MAC addresses to be assigned to a particular VLAN
> # so they can obtain a static IP address.
> 42-42-42-42-42-42
> 	Reply-Message = "Moooo"
> 424242424242
> 	Reply-Message = "Quack"
> '42-42-42-42-42-42'

  You should't need (or use) quotes.

> 	Reply-Message = "Oink"
> "42-42-42-42-42-42"
> 	Reply-Message = "Woof"
> 
> I was expecting only the first one to work, but it is still failing to match.

  Again, reading the FULL debug log helps.  Maybe the Calling-Station-Id has spaces in it?

  Alan DeKok.

More information about the Freeradius-Users mailing list