[RADIATOR] Possibility to rewrite username into unique string (eg. out of request attributes like 'Calling-Station-Id')

Tue Jan 15 04:30:34 UTC 2019

Hello Christian -

I would probably do something like this (example only):

…….

# process accounting requests

<Handler Request-Type = Accounting-Request>
        PreProcessingHook sub \
        { \
                my $p = ${$_[0]}; \
                my $username = $p -> get_attr('User-Name'); \
                return unless $username =~ /^guest$/; \
                my $callingid = $p -> get_attr('Calling-Station-Id'); \
                $username = "$callingid\@public-hotspot"; \
                $p -> change_attr('User-Name', $username); \
                return; \
        } 
        <AuthBy INTERNAL>
                DefaultResult ACCEPT
        </AuthBy>
        AcctLogFileName %L/accounting
</Handler>

…….

Please let me know how you get on.

regards

Hugh

> On 14 Jan 2019, at 20:12, Christian Meutes <christian at errxtx.net> wrote:
> 
> Hello Hugh,
> 
> On Mon, Jan 14, 2019 at 5:07 AM Hugh Irvine <hugh at open.com.au> wrote:
> Yes there are several ways of doing this - can you please send me an example trace 4 debug showing what you get in the access requests?
> 
> And also tell me what you would like to use as the username?
> 
> currently I'm focusing on accounting-requests only and ideally it would use the Calling-Station-Id as the local-part of the username while the realm would be set to a fixed string so that the username "guest" would be rewritten to something like "00:00:5E:00:53:12 at public-hotspot".
> 
> Mon Jan 14 03:07:18 2019
>         User-Name = "guest"
>         NAS-Port = 13
>         NAS-IP-Address = 192.0.2.1
>         Framed-IP-Address = 192.0.2.2
>         Framed-IPv6-Prefix = 2001:DB8::/64
>         Framed-IPv6-Prefix = 2001:DB8::/64
>         Framed-IPv6-Prefix = fe80::/64
>         NAS-Identifier = "some-ac"
>         Airespace-WLAN-Id = 10
>         Acct-Session-Id = "5c3b8019/00:00:5E:00:53:12/358203"
>         NAS-Port-Type = Wireless-IEEE-802-11
>         cisco-avpair = "audit-session-id=0a381bfb0006aca35c3b7fba"
>         Acct-Authentic = Local
>         Tunnel-Type = 0:VLAN
>         Tunnel-Medium-Type = 0:802
>         Tunnel-Private-Group-ID = 1620
>         Event-Timestamp = 1547431627
>         Acct-Status-Type = Alive
>         Acct-Input-Octets = 50287684
>         Acct-Input-Gigawords = 0
>         Acct-Output-Octets = 1546124170
>         Acct-Output-Gigawords = 0
>         Acct-Input-Packets = 374646
>         Acct-Output-Packets = 1200190
>         Acct-Session-Time = 28338
>         Acct-Delay-Time = 0
>         Calling-Station-Id = "00:00:5E:00:53:12"
>         Called-Station-Id = "00:00:5E:00:53:11:hotspot"
>         Timestamp = 1547431638
> 
> 
> Thanks!
> 
> 
> Kind regards
> -- 
> Christian

--

Hugh Irvine
hugh at open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, macOS, Solaris, VMS, NetWare etc.