Hi,
I'm wondering why it is prohibited to have a particular NAS-IP-Address in more than one huntgroup. I want to use huntgroups for roaming blocking: huntgroups: DE.HDN NAS-IP-Address == 10.0.0.1 DE NAS-IP-Address == 10.0.0.1 EMEA NAS-IP-Address == 10.0.0.1 DE.FRM NAS-IP-Address == 10.0.0.2 DE NAS-IP-Address == 10.0.0.2 EMEA NAS-IP-Address == 10.0.0.2 DE.DTM NAS-IP-Address == 10.0.0.3 DE NAS-IP-Address == 10.0.0.3 EMEA NAS-IP-Address == 10.0.0.3 UK.LND NAS-IP-Address == 10.0.1.1 UK NAS-IP-Address == 10.0.1.1 EMEA NAS-IP-Address == 10.0.1.1 UK.CBG NAS-IP-Address == 10.0.1.2 UK NAS-IP-Address == 10.0.1.2 EMEA NAS-IP-Address == 10.0.1.2 BE.BRU NAS-IP-Address == 10.0.2.1 BE NAS-IP-Address == 10.0.2.1 EMEA NAS-IP-Address == 10.0.2.1 users: user1 User-Password == "test", Huntgroup-Name == "EMEA" ... ... user2 User-Password == "test", Huntgroup-Name == "DE" ... ... user3 User-Password == "test", Huntgroup-Name == "DE.FRM" ... ... But this doesn't work, since only the first huntgroup name for a particular IP is considered. I'm wondering especially since the multiple huntgroup names for one NAS-IP-Address are considered when the huntgroups file is read into the data structure of rlm_preprocess, but they are not considered when an user is checked using huntgroup_access. Accordingly simple is the patch to achieve this MANY_HUNTGROUP_NAMES_FOR_ONE_IP "feature": --- rlm_preprocess.c 2004-10-07 22:52:31.000000000 +0200 +++ rlm_preprocess.c-patched 2005-05-06 12:56:50.000000000 +0200 @@ -362,8 +362,13 @@ * We've matched the huntgroup, so add it in * to the list of request pairs. */ +#define MANY_HUNTGROUP_NAMES_FOR_ONE_ADDRESS 1 +#ifndef MANY_HUNTGROUP_NAMES_FOR_ONE_ADDRESS vp = pairfind(request_pairs, PW_HUNTGROUP_NAME); if (!vp) { +#else + { +#endif vp = paircreate(PW_HUNTGROUP_NAME, PW_TYPE_STRING); if (!vp) { @@ -379,7 +384,9 @@ } r = RLM_MODULE_OK; } +#ifndef MANY_HUNTGROUP_NAMES_FOR_ONE_ADDRESS break; +#endif } return r; Wouldn't it be an useful enhancement to be able to have one NAS-IP-Address in many huntgroups? Or is anything against the "feature" I propose, which I do not see at the moment? Thanks, Wolfgang - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html