On 10/07/2013 08:40 AM, [email protected] wrote:
Hi,if (Service-Type == "NAS-Prompt-User") { if (NAS-IP-Address =~ /^172\.17\.107\./) { if (User-Name =~ /^wisms\-testing/) { update control { Auth-Type := Accept }ouch do you realise how dangerous that is? there should be no need to send an access accept packet back to these probes - a reject should suffice - and that would stop an end user subverting your system by simply using that UserName (if they are using wpa_supplicant they could add that NAS-Prompt-User attribute)
Er... wpa_supplicant speaks EAP, and Service-Type is a RADIUS attribute. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
