Hi all, we are facing a issue with rewriting NAS-Port AVP before passing it to the rlm_ippool module. As our NAS system is a little bit dump and always sets NAS-Port to 0. (we won`t get a fix from the NAS vendor in a timly manner) we have to rewrite the NAS-Port on the Freeradius server, before passing the packet to rlm_ippool module.
>From log output it seems that the rewrite is more or less going fine, but then the rlm_ippool module takes the NAS-Port or the original request (which is not unique in our setup) Here is what we have configured in radiusd.conf attr_rewrite unique-nas-port { attribute = NAS-Port searchin = packet searchfor = "(.*)" replacewith = "%{Calling-Station-Id}" ignore_case = yes new_attribute = no max_matches = 1 append = no } authorize { # REWRITE non-unique NAS-Port values from Cisco GGSN unique-nas-port } preacct { # REWRITE non-unique NAS-Port values from Cisco GGSN unique-nas-port } and this is what we see in "radiusd -X" debug : rad_recv: Access-Request packet from host 10.0.224.101:1645, id=211, length=129 NAS-IP-Address = 10.0.224.101 NAS-Port = 0 Cisco-NAS-Port = "GigabitEthernet0/0" NAS-Port-Type = Virtual User-Name = "IPS4-vmsc1" Called-Station-Id = "l4-vmsc1-l2tp" Calling-Station-Id = "491725600000" User-Password = "password" Framed-IP-Address = 2.4.0.2 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "chap" returns noop for request 3 modcall[authorize]: module "mschap" returns noop for request 3 rlm_realm: No '@' in User-Name = "IPS4-vmsc1", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 3 users: Matched IPS4-vmsc1 at 314 radius_xlat: 'IPS4-vmsc1' radius_xlat: 'l4-vmsc1-l2tp' radius_xlat: '491725600000' modcall[authorize]: module "files" returns ok for request 3 modcall: group authorize returns ok for request 3 auth: type Local auth: user supplied User-Password matches local User-Password Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 3 radius_xlat: '(.*)' radius_xlat: '491725600000' rlm_attr_rewrite: Changed value for attribute NAS-Port from '' to '491725600000' rlm_attr_rewrite: Could not find value pair for attribute NAS-Port modcall[post-auth]: module "unique-nas-port" returns ok for request 3 rlm_ippool: Searching for an entry for nas/port: 10.0.224.101/0 rlm_ippool: Found a stale entry for ip/port: 1.82.8.9/0 rlm_ippool: num: 0 rlm_ippool: Searching for an entry for nas/port: 10.0.224.101/0 rlm_ippool: Allocating ip to nas/port: 10.0.224.101/0 rlm_ippool: num: 1 rlm_ippool: Allocated ip 1.82.197.103 to client on nas 10.0.224.101,port 0 modcall[post-auth]: module "l4_onnet_p_pool" returns ok for request 3 modcall[post-auth]: module "l4_onnet_pool" returns noop for request 3 modcall[post-auth]: module "l2_onnet_p_pool" returns noop for request 3 modcall[post-auth]: module "l2_onnet_pool" returns noop for request 3 modcall[post-auth]: module "l2_ms_pool1" returns noop for request 3 modcall[post-auth]: module "l2_ms_pool2" returns noop for request 3 modcall[post-auth]: module "l1_vmsc2_pool" returns noop for request 3 modcall[post-auth]: module "l1_vmsc4_pool" returns noop for request 3 modcall[post-auth]: module "l2_vmsc2_pool" returns noop for request 3 modcall[post-auth]: module "l2_vmsc4_pool" returns noop for request 3 modcall[post-auth]: module "l3_vmsc2_pool" returns noop for request 3 modcall[post-auth]: module "l3_vmsc4_pool" returns noop for request 3 modcall[post-auth]: module "l4_vmsc2_pool" returns noop for request 3 modcall[post-auth]: module "l4_vmsc4_pool" returns noop for request 3 modcall[post-auth]: module "l5_vmsc2_pool" returns noop for request 3 modcall[post-auth]: module "l5_vmsc4_pool" returns noop for request 3 modcall[post-auth]: module "l6_vmsc2_pool" returns noop for request 3 modcall[post-auth]: module "l6_vmsc4_pool" returns noop for request 3 modcall: group post-auth returns ok for request 3 Sending Access-Accept of id 211 to 10.0.224.101:1645 User-Name = "IPS4-vmsc1" Called-Station-Id = "l4-vmsc1-l2tp" Calling-Station-Id = "491725600000" Framed-Protocol = PPP Framed-IP-Address = 1.82.197.103 Framed-IP-Netmask = 255.255.0.0 Finished request 3 Going to the next request Waking up in 6 seconds... Somebody has a idea what is going wrong , and why it is going wrong ? Regards Michael -- DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen! AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html