Verify that the user belongs to a specific ipv4 network

[Dzmitry Shykuts]

Hello!

In additionto the password, Ineedto verifythat theuserbelongstoa 
specificipv4network.

Idon'tuseanydatabases.

1. I'm tryingto dothisinthe usersfile:

test         Cleartext-Password := "password", NAS-IP-Address == 10.1.1.0/24
                Cisco-AVPair = "shell:priv-lvl=1",
                Service-Type = Administrative-User

Got error:

/etc/freeradius/3.0/mods-config/files/authorize[227]: Parse error 
(check) for entry test: Invalid IPv4 mask length "/24". Only "/32" 
permitted for non-prefix types Failed reading 
/etc/freeradius/3.0/mods-config/files/authorize 
/etc/freeradius/3.0/mods-enabled/files[9]: Instantiation failed for 
module "files"

2. I'm tryingto dothisinthe usersfile:

test         Cleartext-Password := "password", NAS-IP-Address < 10.1.1.0/24
                Cisco-AVPair = "shell:priv-lvl=1",
                Service-Type = Administrative-User

Got error:

/etc/freeradius/3.0/mods-config/files/authorize[227]: Parse error 
(check) for entry test: Invalid IPv4 mask length "/24". Only "/32" 
permitted for non-prefix types Failed reading 
/etc/freeradius/3.0/mods-config/files/authorize 
/etc/freeradius/3.0/mods-enabled/files[9]: Instantiation failed for 
module "files"

3. I'm tryingto dothisinthe usersfile:

test         Cleartext-Password := "password", NAS-IP-Address =~ 
/10\.1\.1\..+/
                Cisco-AVPair = "shell:priv-lvl=1",
                Service-Type = Administrative-User

Got error:

(0) files: EXPAND /10\.1\.1\..+/ (0) files: --> /10\.1\.1\..+/ (0) 
[files] = noop (0) [expiration] = noop (0) [logintime] = noop (0) pap: 
WARNING: No "known good" password found for the user. Not setting 
Auth-Type (0) pap: WARNING: Authentication will fail unless a "known 
good" password is available (0) [pap] = noop (0) } # authorize = ok (0) 
ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = 
Reject (0) Failed to authenticate the user (0) Using Post-Auth-Type 
Reject (0) # Executing group from file 
/etc/freeradius/3.0/sites-enabled/default (0) Post-Auth-Type REJECT { 
(0) attr_filter.access_reject: EXPAND %{User-Name} (0) 
attr_filter.access_reject: --> test (0) attr_filter.access_reject: 
Matched entry DEFAULT at line 11 (0) [attr_filter.access_reject] = 
updated (0) [eap] = noop (0) policy remove_reply_message_if_eap { (0) if 
(&reply:EAP-Message && &reply:Reply-Message) { (0) if 
(&reply:EAP-Message && &reply:Reply-Message) -> FALSE (0) else { (0) 
[noop] = noop (0) } # else = noop (0) } # policy 
remove_reply_message_if_eap = noop (0) } # Post-Auth-Type REJECT = 
updated (0) Login incorrect (No Auth-Type found: rejecting the user via 
Post-Auth-Type = Reject): [test] (from client net port 0) (0) Delaying 
response for 1.000000 seconds

Is it possible to make such a check for belonging to an ipv4 network? 
How to do this correctly? This check is very important for me...