Rewrite Rule

Maile Halatuituia maile.halatuituia at tcc.to
Thu Nov 1 01:45:02 CET 2018


Hi I have this Cisco-AVPair = "acct-input-octets-ipv6=xxx" on my radius acct-request packet coming from my Cisco BRAS.
I want to rewrite it to something like this acct-input-octets-ipv6=xxx on my preacct section of my default server (/etc/freeradius/sites-available/default) config and update my request .....
I have this policy already

if( &Cisco-AVPair[*]=~/\(acct-input-octets-ipv6\)=\(\d+)/ ) {
                        update request {
                                &acct-input-octets-ipv6 := "%{2}"
                        }
                }

But seems it doing nothing. Maybe my regex above is wrong or something but that's why I ask .
Here is the portion of my freeradius -X I think it is relevant to this question.

# Executing section preacct from file /etc/freeradius/sites-enabled/default
(2)   preacct {
(2)     policy acct_counters64.preacct {
(2)       update request {
(2)         WARNING: Can't find &Acct-Input-Gigawords.  Using 0 as operand value
(2)         EXPAND %{expr:(&Acct-Input-Gigawords << 32) | &Acct-Input-Octets}
(2)            --> 52
(2)         &Acct-Input-Octets64 = 52
(2)         WARNING: Can't find &Acct-Output-Gigawords.  Using 0 as operand value
(2)         EXPAND %{expr:(&Acct-Output-Gigawords << 32) | &Acct-Output-Octets}
(2)            --> 92
(2)         &Acct-Output-Octets64 = 92
(2)       } # update request = noop
(2)     } # policy acct_counters64.preacct = noop
(2)     [preprocess] = ok
(2)     if ( &User-Name !~ /\@/ ) {
(2)     if ( &User-Name !~ /\@/ )  -> FALSE
(2)     update request {
(2)       EXPAND %{expr: %l - %{%{Acct-Session-Time}:-0} - %{%{Acct-Delay-Time}:-0}}
(2)          --> 1541032848
(2)       &FreeRADIUS-Acct-Session-Start-Time := Nov  1 2018 13:40:48 +13
(2)     } # update request = noop
(2)     policy acct_unique {
(2)       update request {
(2)         Tmp-String-9 := "ai:"
(2)       } # update request = noop
(2)       if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) &&       ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i)) {
(2)       EXPAND %{hex:&Class}
(2)          -->
(2)       EXPAND ^%{hex:&Tmp-String-9}
(2)          --> ^61693a
(2)       if (("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/) &&       ("%{string:&Class}" =~ /^ai:([0-9a-f]{32})/i))  -> FALSE
(2)       else {
(2)         update request {
(2)           EXPAND %{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}
(2)              --> 8022139d00768a562a41866693fa1427
(2)           &Acct-Unique-Session-Id := 8022139d00768a562a41866693fa1427
(2)         } # update request = noop
(2)       } # else = noop
(2)     } # policy acct_unique = noop
(2)     if ( &Cisco-AVPair[*]=~/\(acct-input-octets-ipv6\)=\(\d+)/ ) {
(2)     if ( &Cisco-AVPair[*]=~/\(acct-input-octets-ipv6\)=\(\d+)/ )  -> FALSE
(2)     if ( &Cisco-AVPair[*]=~/\(acct-output-octets-ipv6\)=\(\d+)/ ) {
(2)     if ( &Cisco-AVPair[*]=~/\(acct-output-octets-ipv6\)=\(\d+)/ )  -> FALSE
(2)   } # preacct = ok


Confidentiality Notice: This email (including any attachment) is intended for internal use only. Any unauthorized use, dissemination or copying of the content is prohibited. If you are not the intended recipient and have received this e-mail in error, please notify the sender by email and delete this email and any attachment.


More information about the Freeradius-Users mailing list