Hello
I'm getting myself confused with unlang and hoping somebody can help.
I have read the docs but just don't fully get it.
I'm trying to filter requests by part of the calling-station-id and
update/rewrite the reply depending on what group it is in. The below
is what I've got in the config
post-auth {
if(Calling-Station-Id >= "foo") {
if(SQL-Group == "SR1"){
update reply {
Tunnel-Server-Endpoint := 192.168.1.1
Tunnel-Type := L2TP
Tunnel-Medium-Type := IP
Cisco-AVPair := vpdn:tunnel-id=provider.net
Cisco-AVPair := vpdn:l2tp-tunnel-password=abc
Framed-Protocol -= PPP
Service-Type -= Framed-User
Port-Limit -= 32
}
}
}
if(Calling-Station-Id >= "bar") {
if(SQL-Group == "SR1"){
update reply {
Tunnel-Server-Endpoint := 192.168.1.2
Tunnel-Type := L2TP
Tunnel-Medium-Type := IP
Cisco-AVPair := vpdn:tunnel-id=provider.net
Cisco-AVPair := vpdn:l2tp-tunnel-password=abc
Framed-Protocol -= PPP
Service-Type -= Framed-User
Port-Limit -= 32
}
}
}
The provider is sending "foo" or "bar" (depends on the LTS) and a ID
number in the calling-station-id which is why I used ">=". The request
is accepted and the reply is updated as expected. The trouble I'm
having now is that if the users are not in group SR1 I need to reply
with the below.
Tunnel-Server-Endpoint := 172.16.1.1
Tunnel-Type := L2TP
Tunnel-Medium-Type := IP
Cisco-AVPair := vpdn:tunnel-id=provider.net
Cisco-AVPair := vpdn:l2tp-tunnel-password=abc
Framed-Protocol -= PPP
Service-Type -= Framed-User
Port-Limit -= 32
Further to that, when the provider sends bar and the user is not in
group SR1 i need to reply with a different tunnel-server-endpoint.
I understand why it's not working due to the use of ">=" but I don't
know how to fix it, I've tried using else statements/clauses but I'm
lost. We are using multiple LNS's (some dedicated for customers or
service).
Also is it possible to define multiple groups in the SQL-Group section
otherwise I can see the config becoming a mess?
Thanks for reading
Wayne
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
