radiusd.conf:
attr_rewrite User-Name {
...
new_attribute = yes
This means create a NEW attribute, not transform the existing one.
And append = no :)
Thanks!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Good afternoon! I have a problem. The user will be authorized with a login
in the form of [EMAIL PROTECTED], it is necessary, that freeradius transformed
its login [EMAIL PROTECTED] And so for all users. How to make? TRIED:
radiusd.conf:
attr_rewrite User-Name
Ben Butler wrote:
I am getting the folllowing in my log files (plus other codes):
Unsupported Acct-Status-Type = 12
That's likely from the SQL module. It helps to show *all* of the
message, rather than editing it.
Despite these existing in my dictionary file:
The dictionaries define
]
To: Ben Butler [EMAIL PROTECTED]; FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Sent: Tuesday, February 20, 2007 8:39 AM
Subject: Re: was Re: attr_rewrite - now RFC2867
Ben Butler wrote:
I am getting the folllowing in my log files (plus other codes):
Unsupported Acct
, 2007 8:39 AM
Subject: Re: was Re: attr_rewrite - now RFC2867
Ben Butler wrote:
I am getting the folllowing in my log files (plus other codes):
Unsupported Acct-Status-Type = 12
That's likely from the SQL module. It helps to show *all* of the
message, rather than editing it.
Despite
Ben Butler wrote:
Hard as in nice text file I can edit replicating examples of what
already is
there.
Or Hard Hard as in C and compilers and what not.
Writing more C code.
What would I have to edit to alter the way the SQL module functions.
See the hard-coded queries in rlm_sql.c (I
Hi,
I am having some problems with attr_rewrite.
What I want to do is the following at a pre authorisation phase:
User-Name = [EMAIL PROTECTED]
To
User-Name = somedomain.com
I want to call by attr_rewrite function for each of the domains that I want
to stip the username from prior
On Monday 19 February 2007 15:29, Ben Butler wrote:
Hi,
I am having some problems with attr_rewrite.
What I want to do is the following at a pre authorisation phase:
User-Name = [EMAIL PROTECTED]
To
User-Name = somedomain.com
I want to call by attr_rewrite function for each
Hi Kevin,
That has worked a treat. It works in attr_rewrite as well, but I ended up
going with your hints file method as I also need to rewrite the password
attribute as well and could not see how this could be conditionally done
with the att_rewrite based on the value of the username
Hi!
Is it possible to implement such functionality with the usage of attr_rewrite
module that whenever a packet arives to freeradius module will check if
particular parameter exists in a request and if it doesn't, it will try to
create it from other set of packet parameters? Maybe it can
Subject:Hints, Attr_rewrite - Add session timeout with
Framed IP?
Send reply to: [EMAIL PROTECTED]
Date sent: Mon, 23 Oct 2006 12:02:03 +0200
Hello
I'm looking for a solution to add in the accept packets
a session timeout value when framed ip address
Hello
I'm looking for a solution to add in the accept packets
a session timeout value when framed ip address is assigned
in the users file.
I tried to add hints rules but doesn't seems to work.
I also tried to rewrite the packet : not works.
Can you help me to do this ?
-
List
I am using FreeRADIUS Version 1.1.0 on a Suse10.1 system and want to
rewrite the User-name in that way, that all : in that name are
dropped, before fr looks into the users file.
In analogy to sanecallerid in radiusd.conf I setup
attr_rewrite saneusername {
attribute = User
looks into the users file.
In analogy to sanecallerid in radiusd.conf I setup
attr_rewrite saneusername {
attribute = User-Name
# may be packet, reply, proxy, proxy_reply or
config
searchin = packet
searchfor
Quoting Alan DeKok [EMAIL PROTECTED]:
Dennis Skinner [EMAIL PROTECTED] wrote:
Any luck with this, Alan? Need any other info from me? Should I open a
bug report in bugzilla?
Try the following:
#5 0x400e24f7 in preprocess_authorize (instance=0x0, request=0x8161638)
at
Alan DeKok wrote:
When I test it with the above packet, it works for me. So I'm not
sure what's going wrong. If you can get a core file, doc/bugs should
help.
Here is the backtrace:
(gdb) bt
#0 0x4207a703 in strlen () from /lib/tls/libc.so.6
#1 0x420477ed in vfprintf () from
for request 2
rlm_attr_rewrite: Could not find value pair for attribute Realm
modcall[authorize]: module fix_realm returns noop for request 2
The very next line is the segfault. Here is my fix_realm module:
attr_rewrite fix_realm {
attribute = Realm
Dennis Skinner [EMAIL PROTECTED] wrote:
rlm_attr_rewrite: Could not find value pair for attribute Realm
modcall[authorize]: module fix_realm returns noop for request 2
The very next line is the segfault.
Then the problem isn't the fix_realm module. It's already
returned.
The other
Alan DeKok wrote:
Then the problem isn't the fix_realm module. It's already
returned.
Ah. Makes sense.
There's no User-Name in the request. That's wrong, but it shouldn't
cause the server to die.
My thoughts exactly.
When I test it with the above packet, it works for me. So
* Alan DeKok
Submit a bug on bugs.freeradius.org, sayign Seimens NAS product X
is broken. Maybe public shame will push them to fix it.
I will, if I can conclude that this is indeed the problem. Right now
it's only a suspicion. I need to check out another loose end about how
it's
* Tore Anderson
If I add a verbatim null-byte in radiusd.conf
* Alan DeKok
Huh? You don't configure reply attributes in radiusd.conf
Sure I do. Relevant parts of my radiusd.conf:
modules {
attr_rewrite add_class {
attribute = Class
searchfor = ignored
searchin
Tore Anderson [EMAIL PROTECTED] wrote:
Huh? You don't configure reply attributes in radiusd.conf
Sure I do. Relevant parts of my radiusd.conf:
modules {
attr_rewrite add_class {
Ah. You're configuring a module. Most modules read the attributes
from a database
Hi. I'm using attr_rewrite to add a Class attribute in my auth-
reply packets. I need to include a binary null-byte in the value, but
I cannot figure out how to do so. If I add a verbatim null-byte in
radiusd.conf, the string is truncated there in the reply packet (seems
like the code
Tore Anderson [EMAIL PROTECTED] wrote:
Hi. I'm using attr_rewrite to add a Class attribute in my auth-
reply packets. I need to include a binary null-byte in the value, but
I cannot figure out how to do so.
That's why the Class attribute is octets in the dictionary file.
Class
Hi,
I try to rewrite User-Name attr. from COMPUTER_NAME\\User-Name to
User-Name.
I prefer not to use the proxy.conf file because I've a lots of
differents COMPUTER_NAME.
I think attr_rewrite will do the job, but I don't know (I'm not very
good at regexp...)
Thanks
Jeremy
-
List info
. (
There is a change in the actual attribute, not just value and the idles-timeout
is not forwarded to the access-server.)
Modules {
if(idle-timeout == 30){
attr_rewrite test {
searchfor =
searchin
= reply
replacewith = 180
new_attribute = yes
attribute = Session-Timeout
}
}
}
post
Denis Shaposhnikov [EMAIL PROTECTED] wrote:
I'am trying to rewrite -- to just with
radtest but got:
Thu Mar 31 11:41:27 2005 : Auth: Login incorrect: [-/12345678]
(from client localhost port 0)
It's a bug in attr_rewrite. It's fixed in the latest CVS
Hi!
I try to use attr_rewrite and a little confused. From my radiusd.conf:
modules {
...
attr_rewrite normalize_card {
attribute = User-Name
searchin = packet
searchfor = .{4}-([0-9]{8})-.{4}
replacewith = %{1
David Manchado [EMAIL PROTECTED] wrote:
I'm trying to rewrite User-Name attribute with attr_rewrite with no success.
It's a bug in attr_rewrite. The CVS snapshot from tomorrow has the
fix.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I'm trying to rewrite User-Name attribute with attr_rewrite with no success.
What I want to do is to rewrite the username in the form
[EMAIL PROTECTED] into [EMAIL PROTECTED] due to
limitations on the provider (let's say each realm has a charge ;D)
If the problem is the delimitator
Hi, I need to do a attr_rewrite on the NAS-Identifier only for a
particular realm.
I currently have a attr_rewrite in the pre-proxy section which does the
rewrite for all realms.
Any ideas anybody?
Thanks in advance
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
hello all
I have a problem with attr_rewrite :
I have added an attribute in
/usr/share/freeradius/freeradius/dictionnary
Reply-Message-2 65string
I haven't added in /etc/freeradius/dictionnary because it doesn't work
!!
in radius.conf my configuration is:
attr_rewrite
On Mon, 24 Jan 2005, Nans Delrieu wrote:
hello all
I have a problem with attr_rewrite :
when a user is accepted, i have reply-message and reply-message 2.
when a user is reject, i have only reply-message.
I don't understand that ??
Only a few attributes are allowed in an access-reject.
--
Kostas
the text LOCAL (for
example (primary radius return : Reply-Message = original text +
LOCAL
is it possible ?
i have make that but it doens't work :
in primary radius,
radiusd.conf
attr_rewrite LOCAL {
attribute = Reply-Message
searchin = reply
searchfor = [+ ] # is it the good parameter
my configuration is that :
attr_rewrite cross_a_realm_company {
attribute = Reply-Message
searchin = proxy_reply
searchfor = [+ ]
replacewith = through company.com
#ignore_case = no
#new_attribute = yes # i don't know ???
max_matches = 1
append= no
}
There is an error
Nans Delrieu [EMAIL PROTECTED] wrote:
There is an error when i launch freeradius -x :
radiusd.conf[1868] Unknown module rcode 'attribute'.
You are putting the module configuration in an authorize section,
not in the modules section.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
[EMAIL PROTECTED] wrote:
Yes, the NASs are wireless access points on steroids, and they get
bandwidth-throttling information from RADIUS along with
Accepts/Rejects.
Do you perhaps now the vendor?
Is bandwidth throttling the only configuration they get via radius?
Re: the NASs not identifying
[EMAIL PROTECTED] wrote:
By configuring a username and password in the accesspoint for
example. That way the NAS sends an access-request with the username
and password to the radius server.
The radius server can then 1) uniquely identify the accesspoints, 2)
reject
unknown accesspoints, 3) give
Hello FreeRadius list:
I'm having difficulty getting the attr_rewrite module to do...well,
anything.
I have a working RADIUS installation validating off of a mySQL database.
Our existing NASs (Wireless APs) transmit mac addresses as 12 character
lower case letter/number combos - this corresponds
Hello FreeRadius list:
I'm having difficulty getting the attr_rewrite module to do...well,
anything.
I have a working RADIUS installation validating off of a mySQL database.
Our existing NASs (Wireless APs) transmit mac addresses as 12 character
lower case letter/number combos
So...if anyone can get me any advice re: how to check the
functionality of
the attr_rewrite module I'd appreciate it.
Thank you -
Brian Ammons
Its because you defined the name of the module as mac_colons. Change
attr_rewrite to mac_colons in your authorize section
Hiii everbody
I asked how is attr_write fuction works
I wrote
In radius.config
attr_rewrite MyCalledStationId {
attribute = Cisco-AVPair
# may be packet, reply, or config
searchin = packet
searchfor = gw-rxd-cdn=ton:2,npi:1
OS = Solaris 9
ver = freeradius-1.0.0-pre3
I'm trying to get FreeRadius to strip the realm
from the User-Name before it proxies to another server. My attr_rewrite is
as follows:
attr_rewrite RmRealm
{
attribute =
User-Name
searchin =
packet
searchfor =
"^(+.)@mydomai
Hi Trevor:
why are you trying to use the attr_rewrite stuff for
proxying.
The simpler approach is to use the proxy.conf
and
use the 'strip' option
for e.g.
realm mydomain.net {
type= radius
authhost= anotherserver.mydomain.net
accthost
Hi Mohammed,
That exactally what I needed thanks for the info!!
Trevor
- Original Message -
From: Mohammed Petiwala [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, August 11, 2004 1:13 PM
Subject: Re: Pre-proxy attr_rewrite problems
Hi Trevor:
why are you trying to use
Hi,
I have serveral radius servers that will be receiving only accounting
data from a remote radius server. The remote radius server will
not be sending realm information. I am trying to use attr_rewrite
to add a realm to the username when the accounting data comes from
that specific server.
I
Ruslan A Dautkhanov [EMAIL PROTECTED] wrote:
For unconditional change Nas-IP-Address to Client-IP-Address
Why?
attr_rewrite set_real_nas_ip {
attribute = NAS-IP-Address
searchin = packet
searchfor = ^.*$
replacewith
Spencer Stapleton [EMAIL PROTECTED] wrote:
I can't figure out the regex syntax used in attr_rewrite, and am
unable to find any useful docs pertaining to this anywhere
$ man regex
The regex engine used is whatever is already on your machine.
I noticed that the debug line has dropped
I noticed that the debug line has dropped the regex '$'
end-of-string character, so I tried escaping it, but to no avail:
One '\' does nothing to the debug output, whilst two '\\' gives:
It's a bug in 0.9.3. The latest CVS snapshot should have it fixed.
Thanks, I can also confirm that
Hello !
For unconditional change Nas-IP-Address to Client-IP-Address
I have
modules {
attr_rewrite set_real_nas_ip {
attribute = NAS-IP-Address
searchin = packet
searchfor = ^.*$
replacewith = %{Client-IP-Address
= 255.255.255.224
cache-size = 16
session-db = ${raddbdir}/db.ippool_gprs
ip-index = ${raddbdir}/db.ipindex_gprs
override = yes
}
...
attr_rewrite rwnasport {
searchfor = NULL
searchin = packet
51 matches
Mail list logo