Modifying incoming packets with unlang
Matthew Newton
mcn at freeradius.org
Mon Mar 28 10:53:25 UTC 2022
On 28/03/2022 10:49, David le Roux wrote:
> I am migrating from an old raddb instance and one of the changes is that freeradius no longer uses the attr_rewrite module and instead relies on unlang.
> attr_rewrite copyusertocertcn {
> attribute = Cert-CN
> new_attribute = yes
> searchfor = ""
> searchin = packet
> replacewith = "%{User-Name}"
update request {
&Cert-CN := &User-Name
}
> attr_rewrite removehostportion {
> attribute = Cert-CN
> searchin = packet
> searchfor = "(host/)(.*)"
> replacewith = "%{2}"
> ignore_case = no
> new_attribute = no
> }
if (&Cert-CN =~ /^host\/(.*)$/) {
update request {
&Cert-CN := "%{1}"
}
}
Or, possibly better all in one depending on your needs, something like
if (&User-Name =~ /^host\/(.*)$/) {
update request {
&Cert-CN := "%{1}"
}
}
(which will leave Cert-CN unset if User-Name doesn't start with "host/")
--
Matthew
More information about the Freeradius-Users
mailing list