Mac address rejecting
Alex Sharaz
alex.sharaz at york.ac.uk
Wed Oct 19 18:02:29 CEST 2016
o.k. Found a thread about sending access rejects if a mac address is in a
file, so, on FR 3.0.12 I did
passwd rejectmac {
filename = ${confdir}/rejectmac
delimiter = ,
format = "*Calling-Station-Id"
}
put AA-BB-CC-DD-EE-FF in /etc/freeradius/rejectmac, new line at end
Edited /etc/sites-enabled/default to have
if(Calling-Station-Id) {
# if ("%{sql:SELECT count(*) from mac_addresses where
mac_address='%{Calling-Station-Id}'and device_type=26}" > 0) {
rejectmac
if(ok){
update control {
&Auth-Type := Reject
}
update reply {
&Reply-Message := "quarantined, contact ITSO"
}
}
}
#
...... and everything gets rejected!
remove everything from /etc/freeradius/rejectmac ...... and still things
get rejected.
More information about the Freeradius-Users
mailing list