> Hello FreeRadius list:
>
> I'm having difficulty getting the attr_rewrite module to do...well,
> anything.
>
> I have a working RADIUS installation validating off of a mySQL database.
> Our existing NASs (Wireless APs) transmit mac addresses as 12 character
> lower case letter/number combos - this corresponds to username within
> RADIUS. A new NAS device is transmitting mac addresses in caps, with a
> colon between each octet. I am trying to filter the attributes coming from
> the new NAS so that they are of the correct format in our mySQL database.
>
> I have already gotten the case issue solved by making the following change
> in radiusd.conf:
>
> lower_user = before
>
> What I can't get to work: I have placed the following in radiusd.conf, just
> under the commented-out example of attr_rewrite concerning "sanecallerid"
>
>
> attr_rewrite mac_colons {
> attribute = User-Name
> searchin = packet
> searchfor = ":"
> replacewith = ""
> ignore_case = yes
> new_attribute = no
> max_matches = 10
> append = no
> }
>
> However, as I said, I don't see any indication that the RADIUS server is
> doing anything of the kind. This is the debug output, concerning an auth
> request from the new type of NAS:
>
> rad_recv: Access-Request packet from host 10.35.0.30:1034, id=50, length=60
> Service-Type = Framed-User
> NAS-Port-Id = "wlan1"
> User-Name = "00:0A:E9:06:29:07"
> User-Password = ""
> NAS-IP-Address = 10.35.0.30
> rlm_sql (sql): Reserving sql socket id: 4
> rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck
> WHERE Username = '00:0a:e9:06:29:07' ORDER BY id
> rlm_sql (sql): User 00:0a:e9:06:29:07 not found in radcheck
>
> Note how the User-Name comes into RADIUS as all caps, but is in lower case
> when it's checked against the db, this is the result of the "lower_user =
> before" command I mentioned previously. However, the attr_rewrite command
> doesn't appear to be functioning at all. I've tried several different
> syntaxes slightly different from the one listed above with no luck. Looking
> further around radiusd.conf, I saw the authorize section at the bottom of
> the file (thinking that I had to load the module, just as "preprocess"
> apparently has to be loaded):
>
> authorize {
> preprocess
> # auth_log
> # attr_filter
>
> attr_rewrite
>
> However, having "attr_rewrite" uncommented as it is above causes an error on
> load:
>
> Starting - reading configuration files ...
> Using deprecated naslist file. Support for this will go away soon.
> Module: Loaded exec
> rlm_exec: Wait=yes but no output defined. Did you mean output=none?
> Module: Instantiated exec (exec)
> Module: Loaded expr
> Module: Instantiated expr (expr)
> Module: Loaded PAP
> Module: Instantiated pap (pap)
> Module: Loaded CHAP
> Module: Instantiated chap (chap)
> Module: Loaded MS-CHAP
> Module: Instantiated mschap (mschap)
> Module: Loaded System
> Module: Instantiated unix (unix)
> Module: Loaded eap
> rlm_eap: Loaded and initialized type md5
> rlm_eap: Loaded and initialized type leap
> rlm_eap: Loaded and initialized type gtc
> rlm_eap: Loaded and initialized type mschapv2
> Module: Instantiated eap (eap)
> Module: Loaded preprocess
> Module: Instantiated preprocess (preprocess)
> ERROR: Cannot find a configuration entry for module "attr_rewrite".
>
> After which is returns to the command prompt (without loading the server).
> I don't really understand the error message on its face, as I would have
> thought the "attr_rewrite mac_colons " section I listed earlier in the file
> would be the "configuration entry" that the error output says it can't find.
>
> So...if anyone can get me any advice re: how to check the functionality of
> the attr_rewrite module I'd appreciate it.
>
> Thank you -
>
> Brian Ammons
>
>
Its because you defined the name of the module as mac_colons. Change
attr_rewrite to mac_colons in your authorize section.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
