Skip policy check if there is no outer request
Alan DeKok
aland at deployingradius.com
Wed Nov 16 20:10:30 CET 2016
On Nov 16, 2016, at 1:57 PM, Adam Bishop <Adam.Bishop at jisc.ac.uk> wrote:
>
> I'm using the 'filter_inner_identity' policy to check if a user is trying to do nasty things with their outer/inner id's.
>
> However, it has the side effect of preventing me from doing such things.
>
> I can whitelist the NAI easily enough, but for this situation I can rely on there not being an outer request (I'm poking the inner-tunnel port directly with radclient).
>
> Can I test for the existence of an outer request using unlang?
Sure.
if (&outer.request:)
should work..
Alan DeKok.
More information about the Freeradius-Users
mailing list