Matching a prefix in huntgroups file

Brian Candler b.candler at pobox.com
Fri Nov 4 17:31:52 CET 2016


What is the way to match a range of IPs in the preprocess huntgroups 
file?  This is with freeradius 3.0.12. Unfortunately, the sample 
huntgroups file doesn't show any example of matching a range.

Here's what I've tried:

network    NAS-IP-Address =~ ^10\.254\.

network    NAS-IP-Address =~ "^10\.254\."

network    NAS-IP-Address =~ "10\.254\..*"

network    NAS-IP-Address =~ /^10\.254\./

Those all don't match:

(0)       if (&Huntgroup-Name == "network") {
(0)       ERROR: Failed retrieving values required to evaluate condition

network    NAS-IP-Address == 10.254.0.0/16

gives a parse error:

/etc/raddb/mods-config/preprocess/huntgroups[5]: Parse error (check) for 
entry network: Invalid IPv4 mask length "/16".  Only "/32" permitted for 
non-prefix types

network    10.254.0.0/16 == NAS-IP-Address

gives a different parse error:

/etc/raddb/mods-config/preprocess/huntgroups[5]: Parse error (check) for 
entry network: Invalid vendor name in attribute name "10.254.0.0/16"

I know *something* is happening with the regexps, because I can get a 
compilation error if I make it invalid:

network NAS-IP-Address =~ ^10\.254\

/etc/raddb/mods-config/preprocess/huntgroups[5]: Parse error (check) for 
entry network: Error at offset 9 compiling regex for NAS-IP-Address: 
Pattern compilation failed: \ at end of pattern

But it won't match the supplied NAS-IP-Address. I have no problem with a 
simple == condition matching a single IP address though.

Any clues?

Thanks,

Brian.



More information about the Freeradius-Users mailing list