[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Grant access to a groups of users to a determinated subnets
From:       Matthew Newton <mcn () freeradius ! org>
Date:       2020-01-29 14:15:13
Message-ID: 50f9d61f98c3fc33b278118fc7c3435d6f584e06.camel () freeradius ! org
[Download RAW message or body]

On Wed, 2020-01-29 at 14:06 +0000, Condor via Freeradius-Users wrote:
>   Sorry for ask again, there is an alternative to hunt group regex
> for subnet? unlang is possible maybe, but i don't understand how to
> use it. Someone could please point me some example

https://freeradius.org/radiusd/man/unlang.html

if (&NAS-IP-Address =~ /^192\.168\.(1?\d\d?|2[0-4]\d|25[0-5])\.(1?\d\d?|2[0-4]\d|25[0-5])$/) {
  update control {
    &Huntgroup-Name == "gNetworking"
  }
}

You can also check if IPs are in a particular network - see the man
page. e.g.

if (<ipaddr>192.0.2.1 < 192.0.2.0/24) {
  ...
}

if (&NAS-IP-Address < 192.0.2.0/24) {
  ...
}


-- 
Matthew


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]