[RADIATOR] Logging of multiple instances of attribute
Hugh Irvine
hugh at open.com.au
Mon Dec 17 15:15:16 CST 2012
Hello Jethro -
There is an example hook in "goodies/hooks.txt" that does the same thing for multiple "cisco-avpair" attributes:
----------------------------------------------------------------------
This hook is designed to parse multiple cisco-avpairs.
Contributed by:
Chris.Patterson at transact.com.au
All I'm doing here is taking each cisco-avpair attribute from the incoming packet and adding new attributes onto the same incoming packet.
eg:
cisco-avpair = "task_id=62"
cisco-avpair = "timezone=UTC"
cisco-avpair = "service=shell"
cisco-avpair = "priv-lvl=0"
cisco-avpair = "cmd=exit <cr>"
become:
task_id = 62
timezone = UTC
service = shell
priv-lvl = 0
cmd = "exit <cr>"
Hope this assists people in their endeavours!
Cheers
Chris.
radiator.cfg
<Handler>
PreProcessingHook file:"%D/createavpairs"
<AuthBy SQL>
DBSource dbi:mysql:radius
DBUsername test
DBAuth test
AccountingTable ACCOUNTING
AcctColumnDef TIMESTAMP,Timestamp,integer
AcctColumnDef NASIP,NAS-IP-Address
AcctColumnDef USERNAME,User-Name
AcctColumnDef CALLLINGID,Calling-Station-Id
AcctColumnDef PRIVLVL,priv-lvl
AcctColumnDef CMD,cmd
</AuthBy>
</Handler>
createavpairs
sub {
my $p=${$_[0]};
if (my @avpair = $p->get_attr('cisco-avpair')) {
foreach my $avpair (@avpair) {
$p->add_attr(split('=',$avpair));
}
}
}
----------------------------------------------------------------------
You can modify it for Colubris-AVPAIR very easily.
regards
Hugh
On 18 Dec 2012, at 02:09, Jethro R Binks <jethro.binks at strath.ac.uk> wrote:
> I have devices which send Radiator multiple instance of a certain
> attribute in their Access-Request. I want to print all of the values sent
> for that attribute, but using a logging clause such as:
>
> colubris-avp="%{Colubris-AVPAIR}"
>
> only shows me the first of the attributes received.
>
> I went through the reference and couldn't find any recognition of this
> issue.
>
> Actually, I only really want one or two of the values to be honest. So it
> would be really nice to be able to match on the A/V pair that I really
> want, so maybe something like:
>
> colubris-avp="%{Colubris-AVPAIR:ssid}"
>
> which will get me the correct string from a packet that looks like this in
> part:
>
> AVP: l=113 t=Vendor-Specific(26) v=Colubris(8744)
> VSA: l=14 t=Colubris-AVPair(0): ssid=eduroam
> VSA: l=23 t=Colubris-AVPair(0): incoming-vlan-id=4047
> VSA: l=30 t=Colubris-AVPair(0): group=James Goold Hall (GLD)
> VSA: l=17 t=Colubris-AVPair(0): vsc-unique-id=2
>
> Any ideas?
>
> Jethro.
>
> . . . . . . . . . . . . . . . . . . . . . . . . .
> Jethro R Binks, Network Manager,
> Information Services Directorate, University Of Strathclyde, Glasgow, UK
>
> The University of Strathclyde is a charitable body, registered in
> Scotland, number SC015263.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
hugh at open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc.
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
More information about the radiator
mailing list