post-auth language for two requirements
Jorge Pereira
jpereira at freeradius.org
Fri Apr 30 02:15:51 CEST 2021
Please, next time share the error with us as described in https://wiki.freeradius.org/guide/Users-Mailing-List <https://wiki.freeradius.org/guide/Users-Mailing-List> and https://wiki.freeradius.org/guide/radiusd-X <https://wiki.freeradius.org/guide/radiusd-X>
--
Jorge Pereira
jpereira at freeradius.org
> On 29 Apr 2021, at 17:33, Jessica Cohen <Jessica.Cohen at sentrics.net> wrote:
>
> I am trying to configure post-auth to require both the NAS-IP-address and a script. I don't think AND works in post-auth. At least that's my guess because it's keeps failing. That or my syntax is incorrect. Looking for suggestions or alternatives. Thanks!
>
> Example:
>
> # Post-Authentication
> # Once we KNOW that the user has been authenticated, there are
> # additional steps we can take.
> post-auth {
>
> if (%{NAS-IP-Address} = 10.100.17.52) AND (`/bin/sh /etc/doscripts/get.sh %{User-Name}` =~ /foo-admin/) {
> update reply {
> Service-Type == "guest"
> }
> noop
> }
> else {
> reject
> }
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list