[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: FreeRADIUS & MAC authentication
From: Russell Mike <radius.sir () gmail ! com>
Date: 2014-04-30 17:01:09
Message-ID: CADao4CqGWxubt=GE1ARrK3smxawzkiBh5RTsc66mFEyBumRa-Q () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Dear Alan
Thanks once again, you are right. i was thinking complex rather. if mac
address found in database, FreeRADIUS will send accept. if NOT found,
following will force to accept.
authorize {
authorized_macs
*# if not found accept access*
if (!ok) {
accept
}
update control {
Auth-Type := Accept
}
}
i think this is what i want. does this unlang look correct to you ?
Thanks / Regards
On Wed, Apr 30, 2014 at 3:21 PM, Alan DeKok <aland@deployingradius.com>wrote:
> Russell Mike wrote:
> > authorize {
> >
> > authorized_macs
> >
> > # if not found accept access
> >
> > if (!ok) {
> >
> > accept
>
> You can't just put "accept" into the configuration file.
>
> > # Here I also want to say that if record found, look for accept and
> > reject field in DB. i need little help
>
> What do you mean by that? What are the "accept and reject fields"?
>
> You have an idea as to what you want to do. But you're explaining it
> using the idea itself... "I want to do stuff with stuff". Well...
> that's not helpful.
>
> > it seems to be little tricky for me, once i have already said, accept if
> > record NOT found.
>
> The example in the Wiki shows how to force Auth-Type = Accept. Use that.
>
> > how can i say again look for (accept/reject) entry if
> > record found.
>
> Look for accept/reject WHERE?
>
> If you want to put accept/reject into the authorized_macs file... just
> do that. Add another field to the file. Do this by using a text
> editor. Then, edit the "authorized_macs" module definition to add that
> field.
>
> All of this is documented in detail.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
[Attachment #5 (text/html)]
<div dir="ltr"><font face="verdana, sans-serif">Dear Alan</font><div><font \
face="verdana, sans-serif"><br></font></div><div><font face="verdana, \
sans-serif">Thanks once again, you are right. i was thinking complex rather. if mac \
address found in database, FreeRADIUS will send accept. if NOT found, following will \
force to accept.</font></div> <div><font face="verdana, \
sans-serif"><br></font></div><div>
<p class=""><font face="verdana, sans-serif">authorize {</font></p>
<p class=""><font face="verdana, sans-serif">authorized_macs<br></font></p>
<p class=""><font face="verdana, sans-serif"><b># if not found accept \
access</b></font></p> <p class=""><font face="verdana, sans-serif"> if (!ok) \
{</font></p> <p class=""><font face="verdana, sans-serif"> accept</font></p>
<p class=""><font face="verdana, sans-serif"> }</font></p><p class="">update \
control {</p><p class=""> Auth-Type := Accept</p><p class=""> }</p><p \
class="">
</p><p class=""> }</p><p class=""><span style="font-family:verdana,sans-serif">i \
think this is what i want. does this unlang look correct to you ? </span><br></p><p \
class=""><font face="verdana, sans-serif">Thanks / Regards</font></p> <p \
class=""><br></p></div></div><div class="gmail_extra"><br><br><div \
class="gmail_quote">On Wed, Apr 30, 2014 at 3:21 PM, Alan DeKok <span \
dir="ltr"><<a href="mailto:aland@deployingradius.com" \
target="_blank">aland@deployingradius.com</a>></span> wrote:<br> <blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div class="">Russell Mike wrote:<br> > authorize {<br>
><br>
> authorized_macs<br>
><br>
> # if not found accept access<br>
><br>
> if (!ok) {<br>
><br>
> accept<br>
<br>
</div> You can't just put "accept" into the configuration file.<br>
<div class=""><br>
> # Here I also want to say that if record found, look for accept and<br>
> reject field in DB. i need little help<br>
<br>
</div> What do you mean by that? What are the "accept and reject \
fields"?<br> <br>
You have an idea as to what you want to do. But you're explaining it<br>
using the idea itself... "I want to do stuff with stuff". Well...<br>
that's not helpful.<br>
<div class=""><br>
> it seems to be little tricky for me, once i have already said, accept if<br>
> record NOT found.<br>
<br>
</div> The example in the Wiki shows how to force Auth-Type = Accept. Use \
that.<br> <div class=""><br>
> how can i say again look for (accept/reject) entry if<br>
> record found.<br>
<br>
</div> Look for accept/reject WHERE?<br>
<br>
If you want to put accept/reject into the authorized_macs file... just<br>
do that. Add another field to the file. Do this by using a text<br>
editor. Then, edit the "authorized_macs" module definition to add \
that<br> field.<br>
<br>
All of this is documented in detail.<br>
<div class="HOEnZb"><div class="h5"><br>
Alan DeKok.<br>
-<br>
List info/subscribe/unsubscribe? See <a \
href="http://www.freeradius.org/list/users.html" \
target="_blank">http://www.freeradius.org/list/users.html</a><br> \
</div></div></blockquote></div><br></div>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic