Error while initializing freeradius during instantiate phase for attr_filter

Saurabh Lahoti saurabh.astronomy at gmail.com
Tue May 15 13:40:52 CEST 2018 

Hi,

While initializing freeradius, below error is received during instantiate
phase:

  # Instantiating module "attr_filter.access_reject" from file
/usr/app/radius-new2/prod-corp-internal/etc/raddb/mods-enabled/attr_filter
reading pairlist file
/usr/app/radius-new2/prod-corp-internal/etc/raddb/mods-config/attr_filter/access_reject
/usr/app/radius-new2/prod-corp-internal/etc/raddb/mods-config/attr_filter/access_reject[18]:
Entry does not begin with a user name
Errors reading
/usr/app/radius-new2/prod-corp-internal/etc/raddb/mods-config/attr_filter/access_reject
/usr/app/radius-new2/prod-corp-internal/etc/raddb/mods-enabled/attr_filter[28]:
Instantiation failed for module "attr_filter.access_reject"


attr_filter:
# attr_filter - filters the attributes received in replies from
# proxied servers, to make sure we send back to our RADIUS client
# only allowed attributes.
attr_filter attr_filter.post-proxy {
#       key = "%{Realm}"
        filename = ${modconfdir}/${.:name}/post-proxy
}

# attr_filter - filters the attributes in the packets we send to
# the RADIUS home servers.
attr_filter attr_filter.pre-proxy {
#       key = "%{Realm}"
        filename = ${modconfdir}/${.:name}/pre-proxy
}

# Enforce RFC requirements on the contents of Access-Reject
# packets.  See the comments at the top of the file for
# more details.
#
attr_filter attr_filter.access_reject {
        key = "%{User-Name}"
        filename = ${modconfdir}/${.:name}/access_reject
}

# Enforce RFC requirements on the contents of Access-Challenge
# packets.  See the comments at the top of the file for
# more details.
#
attr_filter attr_filter.access_challenge {
        key = "%{User-Name}"
        filename = ${modconfdir}/${.:name}/access_challenge
}


#  Enforce RFC requirements on the contents of the
#  Accounting-Response packets.  See the comments at the
#  top of the file for more details.
#
attr_filter attr_filter.accounting_response {
        key = "%{User-Name}"
        filename = ${modconfdir}/${.:name}/accounting_response
}

Access.reject content:
DEFAULT
        EAP-Message =* ANY,
        State =* ANY,
        Message-Authenticator =* ANY,
        Error-Cause =* ANY,
        Reply-Message =* ANY
#       MS-CHAP-Error =* ANY,
        Proxy-State =* ANY,
#       FreeRADIUS-Response-Delay =* ANY,
#       FreeRADIUS-Response-Delay-USec =* ANY


Can you please help us in here..?

----

*Thanks & Kind Regards,*
Saurabh LAHOTI.
*Mob: +32.499.82.37.88*
*Ideas enlighten Innovation**!!!*
Please consider the environment before printing this mail..!!

More information about the Freeradius-Users mailing list