I am currently facing a problem within my Radius configuration and wanted to ask you for help.
I'am using the FreeRadius-Version 3.0.23
Within the authorize section in radiusd.conf I am trying to create the following unlang expression.
I have users in the following format:
super1
super2
...
user1
user2
NAS-Identifier:
SUP-A
SUP-B
SUP-C
SUP-D
I want to extract something from the NAS identifier using a regex and append to the user.
=> super1-A
=> super2-D
However, it doesn't work with the following expression because the extracted value is no longer available in the second IF statement.
if ( NAS-Identifier =~ /^SUP\\-([ABCD])/ ) {
=> The extracted value is only available at this point
=> Or is it possible to define a local variable with the value?
if ( "%{User-Name}" !~ /^super\\d / )
update request {
User-Name := "%{User-Name}-%{1}" (However, I need the value here)
}
}
}
This is my workaround:
if ( "%{User-Name}" !~ /^super\\d / && NAS-Identifier =~ /^SUP\\-([ABCD])/ ) {
update request {
User-Name := "%{User-Name}-%{1}"
}
}
I would really appreciate your help as I couldn't find anything in the FreeRadius documentation.
Thanks in advance.
CodePudding user response:
According to the FreeRadius documentation:
Every time a regular expression is evaluated, whether it matches or not, the capture group values will be cleared.
So, in your case, you can reverse the order of conditions:
if ( "%{User-Name}" !~ /^super\\d / ) {
if ( NAS-Identifier =~ /^SUP-([ABCD])/ ) {
update request {
User-Name := "%{User-Name}-%{1}"
}
}
}
Note that the - char is not any special regex metacharacter when used outside character classes, no need to escape it here.