rest module to send simple API call to Infoblox for Mac Auth

dominic.stalder at unibe.ch dominic.stalder at unibe.ch
Tue Sep 24 15:22:12 UTC 2024 

Hi guys

In the meantime I got a little clue about the rest module and got it (almost) working.

One last / simple step is missing; I need to send the MAC address in the format aa:bb:cc:dd:ee:ff instead of aa-bb-cc-dd-ee-ff. We call the function rewrite_calling_station_id in /etc/freeradius/sites-available, but for the REST API call we need it with colon as delimiter?

Is there an easy way to replace chars in strings in unlang / freeradius?

Regards
Dominic

Von: "Stalder, Dominic (ID)" <dominic.stalder at unibe.ch>
Datum: Montag, 23. September 2024 um 17:50
An: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Betreff: rest module to send simple API call to Infoblox for Mac Auth

Hi guys

Im am trying to combine (1) Mac Auth and (2) 802.1x on FreeRADIUS 3.2.

So far, with simple check on a fixed Calling-Station-Id, it works. Now I would like to implement an GET API call to our IPAM (Infoblox) in the following format:

https://xyz.domain.com/wapi/v2.11.3/record:host?network=172.25.8.0/21&mac=aa:bb:cc:dd:ee:ff

First things first, I enabled the rest module: ln -s ../mods-available/rest /etc/freeradius/mods-enabled/rest

1. With the default configuration, I get the following output:

rlm_rest (rest): Opening additional connection (0), 1 of 32 pending slots used
rlm_rest (rest): Connecting to http://127.0.0.1/
rlm_rest (rest): Connection failed: 7 - Couldn't connect to server
rlm_rest (rest): Opening connection failed (0)
rlm_rest (rest): Removing connection pool

2. When I comment the corresponding “connect_uri” like mentioned in the rest module comment, I get the next error:

# rlm_rest will open a connection to the server specified in connect_uri
# to populate the connection cache, ready for the first request.
# The server will not start if the server specified is unreachable.
#
# If you wish to disable this pre-caching and reachability check,
# comment out the configuration item below.
# connect_uri = http://127.0.0.1/

including configuration file /etc/freeradius/sites-enabled/control-socket
/etc/freeradius/mods-enabled/rest[188]: Reference "${..connect_uri}" not found
Errors reading or parsing /etc/freeradius/radiusd.conf

As I stated, I would like to start very simple and go step by step from there because I have absolutely no clue how to implement the requested API call so far. But if anyone has a hint to “overcome” this error and maybe has a simple example of an GET API call, I would appreciate.

Thanks and best regards
Dominic
_________________________________
Universität Bern
Abteilung Informatikdienste

Dominic Stalder
Network Engineer

Hochschulstrasse 6
CH-3012 Bern
Tel. +41 (0)31 684 38 18
dominic.stalder at unibe.ch<mailto:dominic.stalder at unibe.ch>
www.id.unibe.ch
_________________________________

More information about the Freeradius-Users mailing list