rest module to send simple API call to Infoblox for Mac Auth

dominic.stalder at unibe.ch dominic.stalder at unibe.ch
Wed Sep 25 05:40:39 UTC 2024 

Hi Matthew

Still struggling with assigning a value to the local / custom attribute:

1. added it to /etc/freeradius/dictionary like this:

--> does it need to have a naming like My-Local-xxx or are we completely free there?

ATTRIBUTE   My-Local-Calling-Station-Id-Colon   3000  string


2. tried to add a value to the local / custom attribute in /etc/freeradius/policy.d/canonicalization:

rewrite_calling_station_id {
   if (&Calling-Station-Id && (&Calling-Station-Id =~ /^${policy.mac-addr-regexp}$/i)) {
      update request {
         &Calling-Station-Id := "%{toupper:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}}"

         &My-Local-Calling-Station-Id-Colon := "Test"
      }

      updated
   }
   else {
      noop
   }
}

3. Not able to get the value into /etc/freeradius/mods-available/rest --> the local / custom attribute has an empty value

   authorize {
      uri = "${..connect_uri}/wapi/v2.11.3/record:host?network=172.25.8.0/21&mac=%{request:My-Local-Calling-Station-Id-Colon}"
      method = 'get'
      auth = 'basic'
      require_auth = 'yes'
      username = "id_svcinfobloxro_test"
      password = "h_rB*5i.Tkc$aCb"
      method = 'get'
      tls = ${..tls}
   }

I do not see any attribute with Name "My-Local-Calling-Station-Id-Colon" in the freeradius debug output as well.

Do I miss something else? Sorry to bother you again, but still a newbie.

Regards
Dominic

Am 24.09.24, 17:29 schrieb "Freeradius-Users im Auftrag von Matthew Newton via Freeradius-Users" <freeradius-users-bounces+dominic.stalder=unibe.ch at lists.freeradius.org <mailto:unibe.ch at lists.freeradius.org> im Auftrag von freeradius-users at lists.freeradius.org <mailto:freeradius-users at lists.freeradius.org>>:

On 24/09/2024 16:22, dominic.stalder at unibe.ch <mailto:dominic.stalder at unibe.ch> wrote:
> One last / simple step is missing; I need to send the MAC address in the format aa:bb:cc:dd:ee:ff instead of aa-bb-cc-dd-ee-ff. We call the function rewrite_calling_station_id in /etc/freeradius/sites-available, but for the REST API call we need it with colon as delimiter?
>
> Is there an easy way to replace chars in strings in unlang / freeradius?


If you always want colons, edit the rewrite_calling_station_id policy to
use those rather than hyphens. raddb/policy.d/canonicalization


If you want both, just add another local attribute to the dictionary
(raddb/dictionary) and then add that in the update section of the policy
too. Then use that attribute in your rest call.


--
Matthew
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html <http://www.freeradius.org/list/users.html>

More information about the Freeradius-Users mailing list