handled
}
+ #
+ # Force some sanity on User-Name. This helps to avoid issues
+ # issues where the back-end database is "forgiving" about
+ # what constitutes a user name.
+ #
+ filter_username {
+ # spaces at the start: reject
+ if (User-Name =~ /^ /) {
+ reject
+ }
+
+ # spaces at the end: reject
+ if (User-Name =~ / $$/) {
+ reject
+ }
+
+ # Mixed case: reject
+ if (User-Name != "%{lower:%{User-Name}}") {
+ reject
+ }
+ }
+
+
#
# The following policies are for the Chargeable-User-Identity
# (CUI) configuration.
cui
}
}
+
+ #
+ # Normalize the MAC Addresses in the Calling/Called-Station-Id
+ #
+ mac-addr = ([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})
+
+ # Add "rewrite.called_station_id" in the "authorize" and "preacct"
+ # sections.
+ rewrite.called_station_id {
+ if((Called-Station-Id) && "%{Called-Station-Id}" =~ /^%{config:policy.mac-addr}(:(.+))?$/i) {
+ update request {
+ Called-Station-Id := "%{tolower:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}}"
+ }
+
+ # SSID component?
+ if ("%{7}") {
+ update request {
+ Called-Station-Id := "%{Called-Station-Id}:%{7}"
+ }
+ }
+ updated
+ }
+ else {
+ noop
+ }
+ }
+
+ # Add "rewrite.calling_station_id" in the "authorize" and "preacct"
+ # sections.
+ rewrite.calling_station_id {
+ if((Calling-Station-Id) && "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) {
+ update request {
+ Calling-Station-Id := "%{tolower:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}}"
+ }
+ updated
+ }
+ else {
+ noop
+ }
+ }
}
projects / freeradius.git / commitdiff