modify NAS-Port in incoming messages
Alan DeKok
aland at deployingradius.com
Mon Dec 26 18:52:32 UTC 2022
On Dec 26, 2022, at 1:32 PM, Volodymyr Litovka via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> I tried with this:
>
> update request {
> Tmp-Octets-0 := "%{md5:%{Acct-Session-ID}}"
> NAS-Port := "%{integer:Tmp-Octets-0}"
> }
>
> and received the following errors: "ERROR: Type 'octets' of length 32 cannot be converted to integer" which is correct because md5 produces 128 bits while documentation says that integer operates with 64-bit values, but this code:
The MD5 output is coming in as 22 hex characters. The "integer" expansion should grab the lowest bytes, and ignore the rest, but OK.
> update request {
> Tmp-Octets-0 := "%{md5:%{Acct-Session-ID}}"
> Tmp-Octets-1 := "%{lpad:&Tmp-Octets-0 19}"
> NAS-Port := "%{integer:Tmp-Octets-1}"
> }
>
> does the job - it truncates md5 hash to 64-bit representation which can be converted to integer. The result is:
>
> root at vpn01:/etc/freeradius/3.0# radwho -r
> doka,doka,shell,S859124016,Mon 17:40,xxx.xxx.xx.xx,100.100.2.1
That's good.
Alan DeKok.
More information about the Freeradius-Users
mailing list