Chapter 7
Pop quiz – authorization
- It may be that the NAS does not support the AVP that is returned to throttle the bandwidth. There may also be a mismatch of the AVP's units. The counter for instance expects the value to be Kbit/s instead of bit/s.
- Perl should be used instead of Bash for better speed. If you use the
perlmodule, the Perl interpreter along with the Perl script will be loaded into memory when FreeRADIUS starts up. - Additional attributes that are used internally by FreeRADIUS should be defined in the dictionary file, which is located under the FreeRADIUS configuration directory.
- The internal attribute list is known as the control list. To reference the
Auth-Typeattribute you can usecontrol:Auth-Typeinside conditional statements and%{control:Auth-Type}inside a double-quoted or back-quoted string. - This code defines a policy called
rewrite_calling_station_id. The policy code searches for MAC addresses that contain delimiter characters of : or - and rewrites them to...
