Time for action – using the if statement in unlang
The if statement itself is not very complex. It has the following format:
if(condition){
...
}The condition part can become complex due to its many possibilities.
Obtaining a return code using the if statement
We will now look at the return code of a module and use this code to compare against the specified condition. Each module in FreeRADIUS is required to return a code after it is called. The value of this code can subsequently be used as a conditional check in the if statement.
Authorizing a user using the if statement
This exercise uses the if condition to reject an Access-Request if the user is not in the users file.
- Edit the
sites-available/defaultvirtual server under the FreeRADIUS configuration directory and add the following lines below thefilesentry inside theauthorizesection:if(noop){ reject } - Restart FreeRADIUS in debug mode and try to authenticate with a username and password not present in the
usersfile. We...
