Converting MAC address formats
Mike Diggins
diggins at mcmaster.ca
Sat Apr 19 16:48:13 UTC 2025
I'm using MAC address authentication against a FreeRADIUS Version 3.0.20 (RHEL8) server. My WLAN controller sends the MAC in the format 2c-7b-a0-2f-bb-f1 but FR seems to convert it to 2c7ba02fbbf1. My SQL database has the MACs in the 2c-7b-a0-2f-bb-f1 format. I added this to sites-enabled/default in the authorize section. I've tried many formats but can't seem to get it right. Can it be fixed or am I crazy and should just update the database with the expected format?
# Check if User-Name is a MAC address in the correct format
if ("%{User-Name}" =~ /^([0-9A-Fa-f:-]{12,17})$/) {
update request {
# Convert to lowercase (optional)
Tmp-String-0 := "%{tolower:%{User-Name}}"
# Remove non-alphanumeric characters (colons, dashes) using expr
Tmp-String-1 := "%{expr:%{Tmp-String-0}:s/[-:]//g}"
# Assign cleaned MAC address to User-Name
User-Name := "%{Tmp-String-1}"
}
}
The debug output is:
(0) suffix: Checking for suffix after "@"
(0) suffix: No '@' in User-Name = "2c7ba02fbbf1", looking up realm NULL
(0) suffix: No such realm "NULL"
(0) [suffix] = noop
(0) if ("%{User-Name}" =~ /^([0-9A-Fa-f:-]{12,17})$/) {
(0) EXPAND %{User-Name}
(0) --> 2c7ba02fbbf1
(0) if ("%{User-Name}" =~ /^([0-9A-Fa-f:-]{12,17})$/) -> TRUE
(0) if ("%{User-Name}" =~ /^([0-9A-Fa-f:-]{12,17})$/) {
(0) update request {
(0) EXPAND %{tolower:%{User-Name}}
(0) --> 2c7ba02fbbf1
(0) Tmp-String-0 := 2c7ba02fbbf1
(0) Expected operator at "c7ba02fbbf1:s/[-:]//g"
(0) EXPAND %{expr:%{Tmp-String-0}:s/[-:]//g}
(0) -->
(0) Tmp-String-1 :=
(0) EXPAND %{Tmp-String-1}
(0) -->
(0) User-Name :=
(0) } # update request = noop
(0) } # if ("%{User-Name}" =~ /^([0-9A-Fa-f:-]{12,17})$/) = noop
(0) eap: No EAP-Message, not doing EAP
(0) [eap] = noop
(0) [files] = noop
(0) sql: EXPAND %{User-Name}
-Mike
More information about the Freeradius-Users
mailing list