Alan Dekok wrote: > Arran Cudbard-Bell wrote: > ... >> if(("%{2}" == "") || ("%{2}" == "sussex.ac.uk")){ > > You don't need to check if strings are empty like that. You can do: > > if (!"%{2}" || ... > > which may be easier to read. > >> Oh and empty case statements screw things up in strange and weird ways... > > I think much of that is just an issue with it not printing the right > thing in debug mode. > >> case local with content >> >> ++- entering switch %{Realm} >> +++- entering case local >> expand: %{Packet-Src-IP-Address} -> 139.184.6.42 >> expand: %{Packet-Src-IP-Address} -> 139.184.6.42 > ... > > Not sure why that's happening... > >> But thats pretty minor compared with the bus issue... still trying to >> track down whats causing it ... = works fine := breaks ... > > I just don't see that. Can you narrow it down to a particular packet, > and a 5-6 line config?
rad_recv: Access-Request packet from host 139.184.6.42 port 1141, id=42, length=151 User-Name = "ac221" NAS-IP-Address = 127.0.0.1 NAS-Port = 1 Called-Station-Id = "00-14-C2-B6-7D-32:eduroam" Calling-Station-Id = "00-19-E3-0C-CD-58" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x0200000a016163323231 Message-Authenticator = 0xae11e154e1819b9fde40d27a0147ad04 Processing the authorize section of radiusd.conf +- entering group authorize ++? if ("%{NAS-IP-Address}" == "127.0.0.1") expand: %{NAS-IP-Address} -> 127.0.0.1 ? Evaluating ("%{NAS-IP-Address}" == "127.0.0.1") -> TRUE ++? if ("%{NAS-IP-Address}" == "127.0.0.1") -> TRUE ++- entering if ("%{NAS-IP-Address}" == "127.0.0.1") expand: %{Packet-Src-IP-Address} -> 139.184.6.42 Bus error *narrowed* authorize { # Some devices send their loopback address as Nas IP Address, overwrite this with packet source. if("%{NAS-IP-Address}" == "127.0.0.1"){ update request { NAS-IP-Address := "%{Packet-Src-IP-Address}" } } } > > >> HP530s Don't send a service-type in the request, they also send their >> loopback address as NAS-IP-Address ?! And they do a weird thing with >> appending the SSID to the called-station-id ... > > That last bit is actually supposed to happen. > Ah, ok. >> HP 2626 switches, with firmware revision H.10.35 get the first 10 chars >> of their own mac address right, then screw up the last two ... > > Wow... Yes, last two octets bare no resemblance what-so-ever to the base mac *impressed* -- Arran Cudbard-Bell ([EMAIL PROTECTED]) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html