On 10/06/2017 01:54 AM, Daniel Ehlers wrote:
On 10/05/2017 07:55 PM, Linus Nordberg wrote:
Hi,
Running radsecproxy with `-d 5' should give you log lines like these, which might help debug the issue:
addrealm: constructed regexp %s from %s
And again, what's the _double_ backslashes for?
Escaping the dots, all examples in the manual are that way, and the constructed regex strings from none regex realms in radsecproxy.c L2073 escape them the same way.
regards Daniel
Oh gosh ... to long no real C coding. That is an escaping sequence. I think the documention is misleading in that point. He is right Alex you should remove the _double_ blackslashes ....
regards Daniel
Alex Sharaz alex.sharaz@york.ac.uk wrote Thu, 5 Oct 2017 13:15:44 +0100:
Nope still doesn't work :-( A
On 5 October 2017 at 07:57, Alex Sharaz alex.sharaz@york.ac.uk wrote:
I’ll double check, but think I’ve already tried that Rgds Alex
Sent from my iPhone 6 plus
On 4 Oct 2017, at 20:29, Daniel Ehlers danielehlers@mindeye.net wrote:
On 10/04/2017 04:58 PM, Alex Sharaz wrote: Hi, I'm using radsecproxy to pass RADIUS auths from our ORPS machine to the
upstream national radius proxy service .
Looking at the log file I'm seeing access-rejects being sent down
generating log entries of the form
Oct 4 15:47:09 2017: Access-Reject for user
0234105273270593@wlan.mnc010.mcc234.3gppnetwork.org
mailto:0234105273270593@wlan.mnc010.mcc234.3gppnetwork.org stationid
2C-0E-3D-05-37-86 from roaming0.ja.net
http://roaming0.ja.net (Request Denied) to fromFR (127.0.0.1)
What I'd like to do is reject these locally in radsecproxy.conf. I
thought that
realm /.*\.3gppnetwork\.org$/ { replymessage "Misconfigured client: Rejected by
eduroam1.york.ac.uk http://eduroam1.york.ac.uk!"> >> }
would stop these from being passed onwards. As the log entry above
shows, it doesn't !
The statement is at the top of my realm statement lists with
realm * { server roaming0.ja.net http://roaming0.ja.net> >> server roaming1.ja.net http://roaming1.ja.net> >> }
at the bottom.
What's wrong with my realm statement? Rgds Alex
Hi,
plz try
realm /@.*\.3gppnetwork\.org$/ {
didn't checked that with the code, but according to [1] it looks like you have to explicitly define a username/domain part separated by
'@'.
regards Daniel
[1] https://software.nordu.net/radsecproxy/doc/1.6/%3E radsecproxy.conf.html#REALM%20BLOCK
radsecproxy mailing list radsecproxy@lists.nordu.net https://lists.nordu.net/listinfo/radsecproxy%3E
radsecproxy mailing list radsecproxy@lists.nordu.net https://lists.nordu.net/listinfo/radsecproxy
radsecproxy mailing list radsecproxy@lists.nordu.net https://lists.nordu.net/listinfo/radsecproxy