Matching a prefix in huntgroups file
Brian Candler
b.candler at pobox.com
Fri Nov 4 17:31:52 CET 2016
What is the way to match a range of IPs in the preprocess huntgroups
file? This is with freeradius 3.0.12. Unfortunately, the sample
huntgroups file doesn't show any example of matching a range.
Here's what I've tried:
network NAS-IP-Address =~ ^10\.254\.
network NAS-IP-Address =~ "^10\.254\."
network NAS-IP-Address =~ "10\.254\..*"
network NAS-IP-Address =~ /^10\.254\./
Those all don't match:
(0) if (&Huntgroup-Name == "network") {
(0) ERROR: Failed retrieving values required to evaluate condition
network NAS-IP-Address == 10.254.0.0/16
gives a parse error:
/etc/raddb/mods-config/preprocess/huntgroups[5]: Parse error (check) for
entry network: Invalid IPv4 mask length "/16". Only "/32" permitted for
non-prefix types
network 10.254.0.0/16 == NAS-IP-Address
gives a different parse error:
/etc/raddb/mods-config/preprocess/huntgroups[5]: Parse error (check) for
entry network: Invalid vendor name in attribute name "10.254.0.0/16"
I know *something* is happening with the regexps, because I can get a
compilation error if I make it invalid:
network NAS-IP-Address =~ ^10\.254\
/etc/raddb/mods-config/preprocess/huntgroups[5]: Parse error (check) for
entry network: Error at offset 9 compiling regex for NAS-IP-Address:
Pattern compilation failed: \ at end of pattern
But it won't match the supplied NAS-IP-Address. I have no problem with a
simple == condition matching a single IP address though.
Any clues?
Thanks,
Brian.
More information about the Freeradius-Users
mailing list