> Hello FreeRadius list:
>
> I'm having difficulty getting the attr_rewrite module to do...well,
> anything.
>
> I have a working RADIUS installation validating off of a mySQL database.
> Our existing NASs (Wireless APs) transmit mac addresses as 12 character
> lower case letter/number combos - this corresponds to username within
> RADIUS.  A new NAS device is transmitting mac addresses in caps, with a
> colon between each octet.  I am trying to filter the attributes coming from
> the new NAS so that they are of the correct format in our mySQL database.
>
> I have already gotten the case issue solved by making the following change
> in radiusd.conf:
>
>       lower_user = before
>
> What I can't get to work:  I have placed the following in radiusd.conf, just
> under the commented-out example of attr_rewrite concerning "sanecallerid"
>
>
>         attr_rewrite mac_colons {
>                 attribute = User-Name
>                 searchin = packet
>                 searchfor = ":"
>                 replacewith = ""
>                 ignore_case = yes
>                 new_attribute = no
>                 max_matches = 10
>                 append = no
>         }
>
> However, as I said, I don't see any indication that the RADIUS server is
> doing anything of the kind.  This is the debug output, concerning an auth
> request from the new type of NAS:
>
> rad_recv: Access-Request packet from host 10.35.0.30:1034, id=50, length=60
>         Service-Type = Framed-User
>         NAS-Port-Id = "wlan1"
>         User-Name = "00:0A:E9:06:29:07"
>         User-Password = ""
>         NAS-IP-Address = 10.35.0.30
> rlm_sql (sql): Reserving sql socket id: 4
> rlm_sql_mysql: query:  SELECT id,UserName,Attribute,Value,op FROM radcheck
> WHERE Username = '00:0a:e9:06:29:07' ORDER BY id
> rlm_sql (sql): User 00:0a:e9:06:29:07 not found in radcheck
>
> Note how the User-Name comes into RADIUS as all caps, but is in lower case
> when it's checked against the db, this is the result of the "lower_user =
> before" command I mentioned previously.  However, the attr_rewrite command
> doesn't appear to be functioning at all.  I've tried several different
> syntaxes slightly different from the one listed above with no luck.  Looking
> further around radiusd.conf, I saw the authorize section at the bottom of
> the file (thinking that I had to load the module, just as "preprocess"
> apparently has to be loaded):
>
> authorize {
>         preprocess
> #       auth_log
> #       attr_filter
>
>         attr_rewrite
>
> However, having "attr_rewrite" uncommented as it is above causes an error on
> load:
>
> Starting - reading configuration files ...
> Using deprecated naslist file.  Support for this will go away soon.
> Module: Loaded exec
> rlm_exec: Wait=yes but no output defined. Did you mean output=none?
> Module: Instantiated exec (exec)
> Module: Loaded expr
> Module: Instantiated expr (expr)
> Module: Loaded PAP
> Module: Instantiated pap (pap)
> Module: Loaded CHAP
> Module: Instantiated chap (chap)
> Module: Loaded MS-CHAP
> Module: Instantiated mschap (mschap)
> Module: Loaded System
> Module: Instantiated unix (unix)
> Module: Loaded eap
> rlm_eap: Loaded and initialized type md5
> rlm_eap: Loaded and initialized type leap
> rlm_eap: Loaded and initialized type gtc
> rlm_eap: Loaded and initialized type mschapv2
> Module: Instantiated eap (eap)
> Module: Loaded preprocess
> Module: Instantiated preprocess (preprocess)
> ERROR: Cannot find a configuration entry for module "attr_rewrite".
>
> After which is returns to the command prompt (without loading the server).
> I don't really understand the error message on its face, as I would have
> thought the "attr_rewrite mac_colons " section I listed earlier in the file
> would be the "configuration entry" that the error output says it can't find.
>
> So...if anyone can get me any advice re: how to check the functionality of
> the attr_rewrite module I'd appreciate it.
>
> Thank you -
>
> Brian Ammons
>
>


Its because you defined the name of the module as mac_colons.  Change
attr_rewrite to mac_colons in your authorize section.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to