[RADIATOR] Client StripFromReply
Heikki Vatiainen
hvn at open.com.au
Mon Apr 29 17:45:49 UTC 2019
On 26/04/2019 18.50, Robert Blayzor wrote:
> We may have several "cisco-avpair" returned back to the client. How
> would you go about stripping a attribute with only a specific value?
Your'e correct, StripFromRepy removes all instances of an attribute. To
do this with a hook, you could do something like this:
my @avpairs = $p->get_attr('cisco-avpair');
foreach my $avp (@avpairs) {
next if $avp =~ m/^ip:addr-pool=/s;
$p->add_attr('cisco-avpair', $avp);
}
> So in an auth request if a attribute was added...
>
> cisco-avpair = "ip:addr-pool=null0"
>
>
> How would you go about removing only that one? I assume the only way to
> do this would be in a hook?
I'd use hook for this currently. If you check the reference manual for
VsaTranslateIn and VsaTranslateOut within <Client ...>, this could be
one option, but it seems not to support what you require, at least
currently.
File goodies/createavpairs.pl may be useful too. It'll be soon updated
with some new info for more avpair handling.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
More information about the radiator
mailing list