Re: check item problem
On Wed, 2 Apr 2003, Brian Leung wrote: > Hi all, > > i don't know whether it have a bug or not? > when i used checkval module and radiusCalledStationid, it is prefer. > But, when i used radiusCheckItem: NAS-IP-Address := 202.14.68.51, it seems > have problem. > the NAS 202.14.68.50 still can pass the radius although i have the above > restriction. > You can see that the nas-ip module return ok. > but if i change radiusCheckItem: NAS-IP-Address to 192.168.0.1, it will > reject as normal if i dial from 202.14.68.50 > it seems can't recognize the ip address except for the first octet Do a cvs update on rlm_checkval. It should now work better. > > rad_recv: Access-Request packet from host 202.14.68.50:1025, id=235, > length=105 > User-Name = "brianlk" > User-Password = "" > NAS-IP-Address = 202.14.68.50 > NAS-Port = 20312 > NAS-Port-Type = Async > Service-Type = Framed-User > Framed-Protocol = PPP > State = 0x > Calling-Station-Id = "21519330" > Called-Station-Id = "34234418" > Acct-Session-Id = "377180294" > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > radius_xlat: '@test.com' > rlm_attr_rewrite: No match found for attribute User-Name with value > 'brianlk' > modcall[authorize]: module "fixusername1" returns ok > radius_xlat: '@test.com' > rlm_attr_rewrite: No match found for attribute User-Name with value > 'brianlk' > modcall[authorize]: module "fixusername2" returns ok > modcall: entering group redundant > rlm_ldap: - authorize > rlm_ldap: performing user authorization for brianlk > radius_xlat: '(uid=brianlk)' > radius_xlat: 'o=test.com' > ldap_get_conn: Got Id: 0 > rlm_ldap: performing search in o=test.com, with filter (uid=brianlk) > rlm_ldap: Added password {crypt}asdasfsdgdfg in check items > rlm_ldap: looking for check items in directory... > rlm_ldap: extracted attribute NAS-IP-Address from generic item > NAS-IP-Address := 202.14.68.51 > rlm_ldap: looking for reply items in directory... > rlm_ldap: user brianlk authorized to use remote access > ldap_release_conn: Release Id: 0 > modcall[authorize]: module "LDAP1" returns ok > modcall: group redundant returns ok > rlm_checkval: Item Name: NAS-IP-Address, Value: 202.14.68.50 > rlm_checkval: Value Name: NAS-IP-Address, Value: 202.14.68.51 > modcall[authorize]: module "nas-ip" returns ok > > the config inside radiusd.conf: > > checkval nas-ip { > # The attribute to look for in the request > item-name = NAS-IP-Address > > # The attribute to look for in check items. Can be multi > valued > check-name = NAS-IP-Address > > # The data type. Can be > # string,integer,ipaddr,date,abinary,octets > data-type = ipaddr > > # If set to yes and we dont find the item-name attribute in > the > # request then we send back a reject > # DEFAULT is no > #notfound-reject = no > } > > > Brian > > - Original Message - > From: "Dustin Doris" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, April 01, 2003 10:22 PM > Subject: Re: check item problem > > > > Do you see how the Called-Station-Id is not coming in with the auth > > request? > > > > > The following is the whole debug when i used "compare_check_items", > > > > > > Listening on IP address *, ports 1645/udp and 1646/udp, with proxy on > > > 1647/udp. > > > Ready to process requests. > > > rad_recv: Access-Request packet from host 127.0.0.1:33291, id=223, > length=59 > > > User-Name = "brianlk" > > > User-Password = "123jseff" > > > NAS-IP-Address = 192.168.0.2 > > > NAS-Port = 10 > > > modcall: entering group authorize > > > rlm_ldap: looking for check items in directory... > > > rlm_ldap: extracted attribute NAS-IP-Address from generic item > > > NAS-IP-Address == "192.168.0.1" > > > rlm_ldap: looking for reply items in directory... > > > Invalid operator for item User-Password: reverting to '==' > > > rlm_ldap: Pairs do not match. Rejecting user. > > > ldap_release_conn: Release Id: 0 > > > > You need to make sure the NAS is s
Re: check item problem
hi Alan, Thx for your help. but although i use radiusCheckItem: NAS-IP-Address == 202.14.68.51, it still have the problem. Brian - Original Message - From: "Alan DeKok" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 02, 2003 11:53 PM Subject: Re: check item problem > "Brian Leung" <[EMAIL PROTECTED]> wrote: > > i don't know whether it have a bug or not? > > when i used checkval module and radiusCalledStationid, it is prefer. > > But, when i used radiusCheckItem: NAS-IP-Address := 202.14.68.51 > > See the 'man' page for the 'users' file. That last line tells me > you're doing something wrong. > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: check item problem
"Brian Leung" <[EMAIL PROTECTED]> wrote: > i don't know whether it have a bug or not? > when i used checkval module and radiusCalledStationid, it is prefer. > But, when i used radiusCheckItem: NAS-IP-Address := 202.14.68.51 See the 'man' page for the 'users' file. That last line tells me you're doing something wrong. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: check item problem
Hi all, i don't know whether it have a bug or not? when i used checkval module and radiusCalledStationid, it is prefer. But, when i used radiusCheckItem: NAS-IP-Address := 202.14.68.51, it seems have problem. the NAS 202.14.68.50 still can pass the radius although i have the above restriction. You can see that the nas-ip module return ok. but if i change radiusCheckItem: NAS-IP-Address to 192.168.0.1, it will reject as normal if i dial from 202.14.68.50 it seems can't recognize the ip address except for the first octet rad_recv: Access-Request packet from host 202.14.68.50:1025, id=235, length=105 User-Name = "brianlk" User-Password = "" NAS-IP-Address = 202.14.68.50 NAS-Port = 20312 NAS-Port-Type = Async Service-Type = Framed-User Framed-Protocol = PPP State = 0x Calling-Station-Id = "21519330" Called-Station-Id = "34234418" Acct-Session-Id = "377180294" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok radius_xlat: '@test.com' rlm_attr_rewrite: No match found for attribute User-Name with value 'brianlk' modcall[authorize]: module "fixusername1" returns ok radius_xlat: '@test.com' rlm_attr_rewrite: No match found for attribute User-Name with value 'brianlk' modcall[authorize]: module "fixusername2" returns ok modcall: entering group redundant rlm_ldap: - authorize rlm_ldap: performing user authorization for brianlk radius_xlat: '(uid=brianlk)' radius_xlat: 'o=test.com' ldap_get_conn: Got Id: 0 rlm_ldap: performing search in o=test.com, with filter (uid=brianlk) rlm_ldap: Added password {crypt}asdasfsdgdfg in check items rlm_ldap: looking for check items in directory... rlm_ldap: extracted attribute NAS-IP-Address from generic item NAS-IP-Address := 202.14.68.51 rlm_ldap: looking for reply items in directory... rlm_ldap: user brianlk authorized to use remote access ldap_release_conn: Release Id: 0 modcall[authorize]: module "LDAP1" returns ok modcall: group redundant returns ok rlm_checkval: Item Name: NAS-IP-Address, Value: 202.14.68.50 rlm_checkval: Value Name: NAS-IP-Address, Value: 202.14.68.51 modcall[authorize]: module "nas-ip" returns ok the config inside radiusd.conf: checkval nas-ip { # The attribute to look for in the request item-name = NAS-IP-Address # The attribute to look for in check items. Can be multi valued check-name = NAS-IP-Address # The data type. Can be # string,integer,ipaddr,date,abinary,octets data-type = ipaddr # If set to yes and we dont find the item-name attribute in the # request then we send back a reject # DEFAULT is no #notfound-reject = no } Brian - Original Message - From: "Dustin Doris" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, April 01, 2003 10:22 PM Subject: Re: check item problem > Do you see how the Called-Station-Id is not coming in with the auth > request? > > > The following is the whole debug when i used "compare_check_items", > > > > Listening on IP address *, ports 1645/udp and 1646/udp, with proxy on > > 1647/udp. > > Ready to process requests. > > rad_recv: Access-Request packet from host 127.0.0.1:33291, id=223, length=59 > > User-Name = "brianlk" > > User-Password = "123jseff" > > NAS-IP-Address = 192.168.0.2 > > NAS-Port = 10 > > modcall: entering group authorize > > rlm_ldap: looking for check items in directory... > > rlm_ldap: extracted attribute NAS-IP-Address from generic item > > NAS-IP-Address == "192.168.0.1" > > rlm_ldap: looking for reply items in directory... > > Invalid operator for item User-Password: reverting to '==' > > rlm_ldap: Pairs do not match. Rejecting user. > > ldap_release_conn: Release Id: 0 > > You need to make sure the NAS is sending the Called-Station-Id for this to > work for you. The attributes that come in the Access-Request packet are > compared against what is in your LDAP directory. So its comparing > Called-Station-Id in your ldap directory to nothing. > > > > > > > > > > > hi all, > > > > i wanna to add some rules in freeradius so the user just can access the > > system from the Calledstationid 123456, for example > > > > my ldif is like that: > > > > > > > > dn: uid=brianlk,ou=dialup,o=test > > > > objectClass: top > > > > objectClass: person >
Re: check item problem
Do you see how the Called-Station-Id is not coming in with the auth request? > The following is the whole debug when i used "compare_check_items", > > Listening on IP address *, ports 1645/udp and 1646/udp, with proxy on > 1647/udp. > Ready to process requests. > rad_recv: Access-Request packet from host 127.0.0.1:33291, id=223, length=59 > User-Name = "brianlk" > User-Password = "123jseff" > NAS-IP-Address = 192.168.0.2 > NAS-Port = 10 > modcall: entering group authorize > rlm_ldap: looking for check items in directory... > rlm_ldap: extracted attribute NAS-IP-Address from generic item > NAS-IP-Address == "192.168.0.1" > rlm_ldap: looking for reply items in directory... > Invalid operator for item User-Password: reverting to '==' > rlm_ldap: Pairs do not match. Rejecting user. > ldap_release_conn: Release Id: 0 You need to make sure the NAS is sending the Called-Station-Id for this to work for you. The attributes that come in the Access-Request packet are compared against what is in your LDAP directory. So its comparing Called-Station-Id in your ldap directory to nothing. > > > > > hi all, > > > i wanna to add some rules in freeradius so the user just can access the > system from the Calledstationid 123456, for example > > > my ldif is like that: > > > > > > dn: uid=brianlk,ou=dialup,o=test > > > objectClass: top > > > objectClass: person > > > objectClass: organizationalPerson > > > objectClass: inetOrgPerson > > > objectClass: inetLocalMailRecipient > > > objectClass: radiusprofile > > > objectClass: posixAccount > > > objectClass: PureFTPdUser > > > sn: brianlk > > > ou: dialup > > > description:: IFBQUF9VWFBX > > > uid: brianlk > > > uidNumber: 15385 > > > gidNumber: 1001 > > > homeDirectory: /home/brianlk > > > loginShell: /sbin/nologin > > > userPassword:: e2NyeXB0fTEwVGtiQVlpT3hlNDI= > > > cn: brianlk > > > radiusCalledStationId: 123456 > > > > > > However, the radiusCalledStationId haven't checked when i login. So, i > can access system from any Calledstationid. How can i fix? > > > And, did i need to enable "compare_check_items = yes"? > > > I have tried to enable, but i was rejected when i login. Anyone knows > how to use "compare_check_items"? Thank you > > > the debug: > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: check item problem
Hi Kostas, The following is the whole debug when i used "compare_check_items", Listening on IP address *, ports 1645/udp and 1646/udp, with proxy on 1647/udp. Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:33291, id=223, length=59 User-Name = "brianlk" User-Password = "123jseff" NAS-IP-Address = 192.168.0.2 NAS-Port = 10 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok radius_xlat: '@testing.com' rlm_attr_rewrite: No match found for attribute User-Name with value 'brianlk' modcall[authorize]: module "fixusername1" returns ok radius_xlat: '@testing.com' rlm_attr_rewrite: No match found for attribute User-Name with value 'brianlk' modcall[authorize]: module "fixusername2" returns ok modcall: entering group redundant rlm_ldap: - authorize rlm_ldap: performing user authorization for brianlk radius_xlat: '(uid=brianlk)' radius_xlat: 'o=pacific.net.hk' ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to ldap.testing.com:389, authentication 0 rlm_ldap: bind as / to ldap.testing.com:389 rlm_ldap: waiting for bind result ... rlm_ldap: performing search in o=testing.com, with filter (uid=brianlk) rlm_ldap: Added password {crypt}1234455xe42 in check items rlm_ldap: looking for check items in directory... rlm_ldap: extracted attribute NAS-IP-Address from generic item NAS-IP-Address == "192.168.0.1" rlm_ldap: looking for reply items in directory... Invalid operator for item User-Password: reverting to '==' rlm_ldap: Pairs do not match. Rejecting user. ldap_release_conn: Release Id: 0 modcall[authorize]: module "LDAP1" returns reject modcall: group redundant returns reject modcall: group authorize returns reject Invalid user (rlm_ldap: Pairs do not match): [brianlk] (from client localhost port 10) Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 223 to 127.0.0.1:33291 Waking up in 7 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 223 with timestamp 3e88e269 Nothing to do. Sleeping until we see a request. anyway i think i will try the your checkbval suggestion, thanks a lot. Brian - Original Message - From: "Kostas Kalevras" <[EMAIL PROTECTED]> To: "freeradius" <[EMAIL PROTECTED]> Sent: Monday, March 31, 2003 10:19 PM Subject: Re: check item problem > On Mon, 31 Mar 2003, Brian Leung wrote: > > > hi all, > > i wanna to add some rules in freeradius so the user just can access the system from the Calledstationid 123456, for example > > my ldif is like that: > > > > dn: uid=brianlk,ou=dialup,o=test > > objectClass: top > > objectClass: person > > objectClass: organizationalPerson > > objectClass: inetOrgPerson > > objectClass: inetLocalMailRecipient > > objectClass: radiusprofile > > objectClass: posixAccount > > objectClass: PureFTPdUser > > sn: brianlk > > ou: dialup > > description:: IFBQUF9VWFBX > > uid: brianlk > > uidNumber: 15385 > > gidNumber: 1001 > > homeDirectory: /home/brianlk > > loginShell: /sbin/nologin > > userPassword:: e2NyeXB0fTEwVGtiQVlpT3hlNDI= > > cn: brianlk > > radiusCalledStationId: 123456 > > > > However, the radiusCalledStationId haven't checked when i login. So, i can access system from any Calledstationid. How can i fix? > > And, did i need to enable "compare_check_items = yes"? > > I have tried to enable, but i was rejected when i login. Anyone knows how to use "compare_check_items"? Thank you > > the debug: > > Try using the checkval module instead of enabling compare_check_items > > > > > rlm_ldap: waiting for bind result ... > > rlm_ldap: performing search in o=test, with filter (uid=brianlk) > > rlm_ldap: Added password {crypt}10Tkdsdfasfsfrwefxe42 in check items > > rlm_ldap: looking for check items in directory... > > rlm_ldap: Adding radiusCalledStationId as Called-Station-Id, value 123456 & op=21 > > rlm_ldap: looking for reply items in directory... > > Invalid operator for item User-Password: reverting to '==' > > rlm_ldap: Pairs do not match. Rejecting user. > > ldap_release_conn: Release Id: 0 > > modcall[authorize]: module "LDAP1" returns reject > > modcall: group redundant returns reject > > modcall: group authorize returns reject > > Invalid user (rlm_ldap: Pairs d
Re: check item problem
> the ldap.attrmap is : > checkItem $GENERIC$ radiusCheckItem > replyItem $GENERIC$ radiusReplyItem > > checkItem Auth-Type radiusAuthType > checkItem Simultaneous-UseradiusSimultaneousUse > checkItem Called-Station-Id radiusCalledStationId > checkItem Calling-Station-Id radiusCallingStationId > checkItem LM-Password lmPassword > checkItem NT-Password ntPassword > checkItem SMB-Account-CTRL-TEXT acctFlags > checkItem Expiration radiusExpiration > checkItem Ldap-Group radiusGroupName > That looks right. > debug: > rlm_ldap: waiting for bind result ... > rlm_ldap: performing search in o=test, with filter (uid=brianlk) > rlm_ldap: Added password {crypt}10Tkdsdfasfsfrwefxe42 in check items > rlm_ldap: looking for check items in directory... > rlm_ldap: Adding radiusCalledStationId as Called-Station-Id, value 123456 & > op=21 > rlm_ldap: looking for reply items in directory... Can you go up further, when the packet comes in. Such as rad_recv: Access-Request packet from host 127.0.0.1:3736, id=236, length=65 User-Name = "test" User-Password = "test" Service-Type = Framed-User NAS-IP-Address = 127.0.0.1 NAS-Port-Type = Async NAS-Port-Id = "0" Note that is just an example I through together. I wanted to see if Called-Station-Id was actually coming in in the access-request packet. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: check item problem
On Mon, 31 Mar 2003, Brian Leung wrote: > hi all, > i wanna to add some rules in freeradius so the user just can access the system from > the Calledstationid 123456, for example > my ldif is like that: > > dn: uid=brianlk,ou=dialup,o=test > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: inetLocalMailRecipient > objectClass: radiusprofile > objectClass: posixAccount > objectClass: PureFTPdUser > sn: brianlk > ou: dialup > description:: IFBQUF9VWFBX > uid: brianlk > uidNumber: 15385 > gidNumber: 1001 > homeDirectory: /home/brianlk > loginShell: /sbin/nologin > userPassword:: e2NyeXB0fTEwVGtiQVlpT3hlNDI= > cn: brianlk > radiusCalledStationId: 123456 > > However, the radiusCalledStationId haven't checked when i login. So, i can access > system from any Calledstationid. How can i fix? > And, did i need to enable "compare_check_items = yes"? > I have tried to enable, but i was rejected when i login. Anyone knows how to use > "compare_check_items"? Thank you > the debug: Try using the checkval module instead of enabling compare_check_items > > rlm_ldap: waiting for bind result ... > rlm_ldap: performing search in o=test, with filter (uid=brianlk) > rlm_ldap: Added password {crypt}10Tkdsdfasfsfrwefxe42 in check items > rlm_ldap: looking for check items in directory... > rlm_ldap: Adding radiusCalledStationId as Called-Station-Id, value 123456 & op=21 > rlm_ldap: looking for reply items in directory... > Invalid operator for item User-Password: reverting to '==' > rlm_ldap: Pairs do not match. Rejecting user. > ldap_release_conn: Release Id: 0 > modcall[authorize]: module "LDAP1" returns reject > modcall: group redundant returns reject > modcall: group authorize returns reject > Invalid user (rlm_ldap: Pairs do not match): [brianlk] (from client localhost port > 10) > Delaying request 0 for 1 seconds > Finished request 0 > Going to the next request > --- Walking the entire request list --- > Waking up in 1 seconds... > --- Walking the entire request list --- > Waking up in 1 seconds... > --- Walking the entire request list --- > Sending Access-Reject of id 119 to 127.0.0.1:33242 > Waking up in 7 seconds... > --- Walking the entire request list --- > Cleaning up request 0 ID 119 with timestamp 3e87d523 > Nothing to do. Sleeping until we see a request. > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: check item problem
hi , the ldap.attrmap is : checkItem $GENERIC$ radiusCheckItem replyItem $GENERIC$ radiusReplyItem checkItem Auth-Type radiusAuthType checkItem Simultaneous-UseradiusSimultaneousUse checkItem Called-Station-Id radiusCalledStationId checkItem Calling-Station-Id radiusCallingStationId checkItem LM-Password lmPassword checkItem NT-Password ntPassword checkItem SMB-Account-CTRL-TEXT acctFlags checkItem Expiration radiusExpiration checkItem Ldap-Group radiusGroupName replyItem Service-TyperadiusServiceType replyItem Framed-Protocol radiusFramedProtocol replyItem Framed-IP-Address radiusFramedIPAddress replyItem Framed-IP-Netmask radiusFramedIPNetmask replyItem Framed-RouteradiusFramedRoute ldif: dn: uid=brianlk,ou=dialup,o=test objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: inetLocalMailRecipient objectClass: radiusprofile objectClass: posixAccount objectClass: PureFTPdUser sn: brianlk ou: dialup description:: IFBQUF9VWFBX uid: brianlk uidNumber: 15385 gidNumber: 1001 homeDirectory: /home/brianlk loginShell: /sbin/nologin userPassword:: e2NyeXB0fTEwVGtiQVlpT3hlNDI= cn: brianlk radiusCalledStationId: 123456 debug: rlm_ldap: waiting for bind result ... rlm_ldap: performing search in o=test, with filter (uid=brianlk) rlm_ldap: Added password {crypt}10Tkdsdfasfsfrwefxe42 in check items rlm_ldap: looking for check items in directory... rlm_ldap: Adding radiusCalledStationId as Called-Station-Id, value 123456 & op=21 rlm_ldap: looking for reply items in directory... Invalid operator for item User-Password: reverting to '==' rlm_ldap: Pairs do not match. Rejecting user. ldap_release_conn: Release Id: 0 modcall[authorize]: module "LDAP1" returns reject modcall: group redundant returns reject modcall: group authorize returns reject Invalid user (rlm_ldap: Pairs do not match): [brianlk] (from client localhost port 10) Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 119 to 127.0.0.1:33242 Brian - Original Message - From: "Dustin Doris" <[EMAIL PROTECTED]> To: "freeradius" <[EMAIL PROTECTED]> Sent: Monday, March 31, 2003 9:22 PM Subject: Re: check item problem > Sorry, I see that you are using ldap, so you probably don't want to list > the users in the users file as well. If you enable compare_check_items, > then all the check items that come in should match what's in the ldap > directory. > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: check item problem
Sorry, I see that you are using ldap, so you probably don't want to list the users in the users file as well. If you enable compare_check_items, then all the check items that come in should match what's in the ldap directory. So if you add radiusCalledStationId to the check items, then it must match what is in the ldap directory. You may be getting rejected because another attribute is in the check items, but not in ldap. So for example, you may have Calling-Station-Id in check items, but if that doesn't exist in the LDAP directory for the user, then it would fail. Maybe you could show a debug with the attributes that come in and a copy of your ldap.attrmap file. On Mon, 31 Mar 2003, Dustin Doris wrote: > > > On Mon, 31 Mar 2003, Brian Leung wrote: > > > hi all, > > i wanna to add some rules in freeradius so the user just can access the system > > from the Calledstationid 123456, for example > > my ldif is like that: > > > > add it in the users file. > > example, > > user User-Password == "password", Called-Station-ID == "12345" > > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: check item problem
On Mon, 31 Mar 2003, Brian Leung wrote: > hi all, > i wanna to add some rules in freeradius so the user just can access the system from > the Calledstationid 123456, for example > my ldif is like that: > add it in the users file. example, user User-Password == "password", Called-Station-ID == "12345" - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html