attr_rewrite

[Ben Butler]

Hi,

I am having some problems with attr_rewrite.

What I want to do is the following at a pre authorisation phase:

User-Name = [EMAIL PROTECTED]

To

User-Name = somedomain.com

I want to call by attr_rewrite function for each of the domains that I want
to stip the username from prior to authorisation.

This is what I have in  radiusd.conf:

        attr_rewrite checkdomain1 {
                attribute = User-Name
                searchin = packet
                searchfor = "[EMAIL PROTECTED]"
                replacewith = "domain1.net"
                ignore_case = yes
                new_attribute = no
                max_matches = 10
                append = no

This is kind of working but =mMy problem is that I am not sure what to use
in the regular expersion for the match query:

I have tried [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL 
PROTECTED]

I have read the list history and trawlled google and I guess I am just not
bright enough to get these pesky (ir)regular expressions!

Can someone please tell me what I need to put in here:

searchfor = "[EMAIL PROTECTED]"

To match: [EMAIL PROTECTED]

Why Am I doing this???
----------------------

DSL Wholesale Layer2 Tunneling Switch - (LTS) 1 querries my Radius Server 1
for tunnel paramaters.

Radius Server 1 will then for:

[EMAIL PROTECTED] into various Tunnels / groups swtiched based on full
username to NAS1,2,3 etc

domain1.com classify any users at this domain into tunnel1 and switch to LTS
2

domain2.com classify any users at this domain into tunnel2 and switch to LTS
2

Because I dont know the users  in domain1&2, I cant authenticate using the
fully qualified username, and for other reasons it is not possible to set
LTS1 to athenticate its tunnels based on realm rather than username, it has
to use username.

So -tThis above is why I am trying to rewrite the user to be just a realm in
radius server 1 for domain 1&2.net

For those that are intersted, what happens next is...

LTS 2 then looks up in another radius server (radius 2) for the tunnel ID
where to switch the tunnel to for the terminating NAS for that
partner/reseller.  This NAS will then query its radius server (a third
party) to handle the actual user authentication and PPP paramaters.

For mydomain.com NAS1,2,3 will querry radius server 3 for the authentication
of my own users and PPP paramaters.

So: DSL Wholesale LTS -> In house NASes or In house LTS boxes

In house LTS boxes -> Partner NASes

Kind Regards

Ben

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html