Alan DeKok wrote:
Joe Maimon wrote:
It does make the code a bit more hairy - I have been making a stab at
this and it seems to be quite ugly.
Hmm... much of this work could be relegated to the radius_do_cmp()
function. It needs to do:
a) return if condition matches
b) continue if it
Alan DeKok wrote:
Joe Maimon wrote:
I could use vsa hack. But it is a hack and its impact is a bit larger
than the actual functionality I want. I just want to leave everything
else unchanged but to have the mac address represented as
calling-station-id, which for anything ethernet and not POTS
Joe Maimon wrote:
> I could use vsa hack. But it is a hack and its impact is a bit larger
> than the actual functionality I want. I just want to leave everything
> else unchanged but to have the mac address represented as
> calling-station-id, which for anything ethernet and not POTS related, it
>
Hi Alan,
I could use vsa hack. But it is a hack and its impact is a bit larger
than the actual functionality I want. I just want to leave everything
else unchanged but to have the mac address represented as
calling-station-id, which for anything ethernet and not POTS related, it is.
unlang o
Joe Maimon wrote:
> According to what I see turning on cisco vsa hack can overwrite any
> existing attributes that happen to match the value in the avpair
The Cisco boxes don't send:
Cisco-AVPair = "foo = bar"
foo = bar
*both* in the same packet.
> and
> also seems to possib
According to what I see turning on cisco vsa hack can overwrite any
existing attributes that happen to match the value in the avpair and
also seems to possibly delete information from the avpair -- its not
clear to me exactly what it does.
In any event, I just need to solve this "little" probl
See the following link and the associated reference posts.
What you need is already built-in. It takes two steps (5 minutes) to
get access to the attributes. The only question then is how you will
format your SQL statements to write the attributes out to the database
(another 5 minutes).
h
Alan DeKok writes:
> Maybe something like:
>
> if (*Cisco-AVpair =~ /^client-mac-address=(.+)$/) {
>
> i.e. "*" means "any one matches"
Is it ever useful to match on a single one? You'll always have a hard
time knowing the order and number of attributes.
I believe you could just as
Joe Maimon wrote:
> I have searched. I am unsatisfied with the results.
>
> The cisco_vsa_hack may have unintended consequences.
Like... ?
> unlang should properly loop over the vp list, like other paircompares do.
I would prefer that behavior to be *explicit* rather than *implicit*.
> I h
I have searched. I am unsatisfied with the results.
The cisco_vsa_hack may have unintended consequences.
unlang should properly loop over the vp list, like other paircompares do.
I have patched this kind of oversight before elsewhere, not sure if
thats the right approach here.
Bryan Campbe
Been there, done that . . . search the mailing list archives from last
month for this topic.
The hack turns the av-pair strings into attributes (if you add them to
the dictionary).
Then you just have to adjust your SQL to address them for writing to the
database.
Again . . . search the ma
Coutesy of Michael Bowe . . .
Since Calling-Station-Id does not exist in the accounting spill from the
Cisco, concatenating the client-mac-address works just great.
In the instance that we are not using a Cisco then the
Calling-Station-Id is populated and client-mac-address does not exist.
S
O.K.
What is the best way to accomplish the following . . .
For a specific NAS-IP-Address=10.10.10.10
Accounting packet includes the following . . .
%{Calling-Station-Id}(does not exist)
%{client-mac-address}=..
Need to write the value for .
> One of the attributes we are after is the client-mac-address from
> Cisco-AVPair = "client-mac-address=0012.3fb2.15d2".
>
> So far it is now converted to an attribute of its own
> client-mac-address=0012.3fb2.15d2. (by setting cisco-av-hack to yes
> and
> adding some attributes to the dictionar
One of the attributes we are after is the client-mac-address from
Cisco-AVPair = "client-mac-address=0012.3fb2.15d2".
So far it is now converted to an attribute of its own
client-mac-address=0012.3fb2.15d2. (by setting cisco-av-hack to yes and
adding some attributes to the dictionary)
Now to
From someone who has already suffered through it five years ago.
And, for the benefit of those who come after me.
1) set with_cisco_vsa_hack = yes in radiusd.conf
2) add the attributes I want to have stripped from the AVPair fields to
cisco.dictionary in /usr/local/share/freeradius, freeradius
On Mon, 7 Dec 2009, Bryan Campbell wrote:
O.K. That gets us to the per packet instances of the Cisco-AVPair. We
can access the array of two or five instances of Cisco-AVPair that are
in the respective packets. That gets us to the strings that are
defined.
How about using a regexp:
if (
. . .
>man unlang. Read about variables.
>
>Ivan Kalik
O.K. That gets us to the per packet instances of the Cisco-AVPair. We
can access the array of two or five instances of Cisco-AVPair that are
in the respective packets. That gets us to the strings that are defined.
Once you have the st
> We use Freeradius/MySQL with Cisco-AVPair entries to send radreplies and
> radgroupreplies that specify speeds and such with great success.
> However, we are having a bit of difficulty sorting out how to sort out
> Cisco-AVPair accounting entries so that we can insert them into the
> database.
>
have edited the dictionary.cisco file and removed other entry and added
ATTRIBUTE pre-session-time198 integer Cisco
Still coming out
Cisco-AVPair = "pre-session-time=7"
Am I still missing something?
On Wed, 28 Apr 2004, Alan DeKok wrote:
> Brent Geach <
Brent Geach <[EMAIL PROTECTED]> wrote:
> Not sure if caps is important but they are there eg
> ATTRIBUTE Cisco-PreSession-Time 198 integer Cisco
> Or should I edit this (left this as the original standard was) to reflect
> pre-session-time ?
The "pre-session-time" str
Not sure if caps is important but they are there eg
ATTRIBUTE Cisco-PreSession-Time 198 integer Cisco
Or should I edit this (left this as the original standard was) to reflect
pre-session-time ?
On Wed, 28 Apr 2004, Alan DeKok wrote:
> Brent Geach <[EMAIL PROTECTED]> w
Brent Geach <[EMAIL PROTECTED]> wrote:
> when with the Cisco-AVPair all I want to log it to mysql is:
> pre-session-time=4
> nas-rx-speed=9600
Do those attributes exist in the dictionary.cisco file?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
23 matches
Mail list logo