Posted on by Michael Newton

Setting NAS ID on pfSense 2.0

Following up a previous post for pfSense 1.2.3, here is a patch against pfSense 2.0.1 which allows setting a custom NAS Identifier. Just run these commands from the console.

/etc/rc.conf_mount_rw
wget http://mike.eire.ca/wp-content/uploads/2012/04/pfsense_radius.txt
patch -b orig -p1 < pfsense_radius.txt
rm pfsense_radius.txt
/etc/rc.conf_mount_ro
/etc/rc.restart_webgui

/etc/rc.conf_mount_rw wget http://mike.eire.ca/wp-content/uploads/2012/04/pfsense_radius.txt patch -b orig -p1 < pfsense_radius.txt rm pfsense_radius.txt /etc/rc.conf_mount_ro /etc/rc.restart_webgui

For those who like to get their hands dirty, here’s the diff file. Hopefully WordPress doesn’t mangle it too badly!

diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc
index b509444..8deece8 100644
--- a/etc/inc/captiveportal.inc
+++ b/etc/inc/captiveportal.inc
@@ -1429,11 +1429,18 @@ function getVolume($ip) {
  */
 function getNasID()
 {
-	$nasId = "";
-	exec("/bin/hostname", $nasId);
-	if(!$nasId[0])
-		$nasId[0] = "{$g['product_name']}";
-	return $nasId[0];
+	global $config;
+
+	if (!empty($config['captiveportal']['radiusnasid'])) {
+		return $config['captiveportal']['radiusnasid'];
+	}
+	else {
+		$nasId = "";
+		exec("/bin/hostname", $nasId);
+		if(!$nasId[0])
+			$nasId[0] = "{$g['product_name']}";
+		return $nasId[0];
+	}
 }
 
 /**
diff --git a/etc/inc/radius.inc b/etc/inc/radius.inc
index 459b0cf..67b69e4 100644
--- a/etc/inc/radius.inc
+++ b/etc/inc/radius.inc
@@ -306,11 +306,16 @@ class Auth_RADIUS extends PEAR {
         $this->putAttribute(RADIUS_NAS_IP_ADDRESS, $ipaddr, "addr");
 
         // Add support for sending NAS-Identifier
-	$nasId = "";
-	exec("/bin/hostname", $nasId);
-	if(!$nasId[0])
-		$nasId[0] = "{$g['product_name']}";
-        $this->putAttribute(RADIUS_NAS_IDENTIFIER, $nasId[0]);
+		if (!function_exists("getNasID")) {
+			$nasId = "";
+			exec("/bin/hostname", $nasId);
+			if(!$nasId[0])
+				$nasId[0] = "{$g['product_name']}";
+        	$this->putAttribute(RADIUS_NAS_IDENTIFIER, $nasId[0]);
+		}
+		else {
+			$this->putAttribute(RADIUS_NAS_IDENTIFIER, getNasID());
+		}
     }
 
     /**
@@ -1067,7 +1072,7 @@ class Auth_RADIUS_Acct extends Auth_RADIUS
         if (isset($this->authentic)) {
             $this->putAttribute(RADIUS_ACCT_AUTHENTIC, $this->authentic);
         }
-
+        $this->putStandardAttributes();
     }
 
 }
diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php
index 2f1db79..37aed66 100755
--- a/usr/local/www/services_captiveportal.php
+++ b/usr/local/www/services_captiveportal.php
@@ -106,6 +106,7 @@ $pconfig['radiussrcip_attribute'] = $config['captiveportal']['radiussrcip_attrib
 $pconfig['passthrumacadd'] = isset($config['captiveportal']['passthrumacadd']);
 $pconfig['passthrumacaddusername'] = isset($config['captiveportal']['passthrumacaddusername']);
 $pconfig['radmac_format'] = $config['captiveportal']['radmac_format'];
+$pconfig['radiusnasid'] = $config['captiveportal']['radiusnasid'];
 
 if ($_POST) {
 
@@ -217,6 +218,7 @@ if ($_POST) {
 		$config['captiveportal']['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false;
 		$config['captiveportal']['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false;
 		$config['captiveportal']['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false;
+		$config['captiveportal']['radiusnasid'] = $_POST['radiusnasid'];
 
 		/* file upload? */
 		if (is_uploaded_file($_FILES['htmlfile']['tmp_name']))
@@ -297,6 +299,7 @@ function enable_change(enable_change) {
 	document.iform.reauthenticateacct[0].disabled = radacct_dis;
 	document.iform.reauthenticateacct[1].disabled = radacct_dis;
 	document.iform.reauthenticateacct[2].disabled = radacct_dis;
+	document.iform.radiusnasid.disabled = radius_endis;
 }
 //-->
 </script>
@@ -579,7 +582,7 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client
 
 			<tr>
 				<td class="vncell" valign="top"><?=gettext("RADIUS NAS IP attribute"); ?></td>
-				<td>
+				<td class="vtable">
 				<select name="radiussrcip_attribute" id="radiussrcip_attribute">
 				<?php $iflist = get_configured_interface_with_descr();
 					foreach ($iflist as $ifdesc => $ifdescr) {
@@ -619,6 +622,11 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client
 			</tr>
 
 			<tr>
+				<td class="vncell" valign="top"><?=gettext("NAS-Identifier"); ?></td>
+				<td class="vtable"><input name="radiusnasid" type="text" class="formfld unknown" id="radiusnasid" value="<?=htmlspecialchars($pconfig['radiusnasid']);?>"><br>
+				<?=gettext("Specify a NAS identifier to override the default value, which is the hostname."); ?></td>
+			</tr>
+			<tr>
 				<td class="vncell" valign="top"><?=gettext("Type"); ?></td>
 				<td class="vtable"><select name="radiusvendor" id="radiusvendor">
 				<option><?=gettext("default"); ?></option>

diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index b509444..8deece8 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -1429,11 +1429,18 @@ function getVolume($ip) { */ function getNasID() { - $nasId = ""; - exec("/bin/hostname", $nasId); - if(!$nasId[0]) - $nasId[0] = "{$g['product_name']}"; - return $nasId[0]; + global $config; + + if (!empty($config['captiveportal']['radiusnasid'])) { + return $config['captiveportal']['radiusnasid']; + } + else { + $nasId = ""; + exec("/bin/hostname", $nasId); + if(!$nasId[0]) + $nasId[0] = "{$g['product_name']}"; + return $nasId[0]; + } } /** diff --git a/etc/inc/radius.inc b/etc/inc/radius.inc index 459b0cf..67b69e4 100644 --- a/etc/inc/radius.inc +++ b/etc/inc/radius.inc @@ -306,11 +306,16 @@ class Auth_RADIUS extends PEAR { $this->putAttribute(RADIUS_NAS_IP_ADDRESS, $ipaddr, "addr"); // Add support for sending NAS-Identifier - $nasId = ""; - exec("/bin/hostname", $nasId); - if(!$nasId[0]) - $nasId[0] = "{$g['product_name']}"; - $this->putAttribute(RADIUS_NAS_IDENTIFIER, $nasId[0]); + if (!function_exists("getNasID")) { + $nasId = ""; + exec("/bin/hostname", $nasId); + if(!$nasId[0]) + $nasId[0] = "{$g['product_name']}"; + $this->putAttribute(RADIUS_NAS_IDENTIFIER, $nasId[0]); + } + else { + $this->putAttribute(RADIUS_NAS_IDENTIFIER, getNasID()); + } } /** @@ -1067,7 +1072,7 @@ class Auth_RADIUS_Acct extends Auth_RADIUS if (isset($this->authentic)) { $this->putAttribute(RADIUS_ACCT_AUTHENTIC, $this->authentic); } - + $this->putStandardAttributes(); } } diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 2f1db79..37aed66 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -106,6 +106,7 @@ $pconfig['radiussrcip_attribute'] = $config['captiveportal']['radiussrcip_attrib $pconfig['passthrumacadd'] = isset($config['captiveportal']['passthrumacadd']); $pconfig['passthrumacaddusername'] = isset($config['captiveportal']['passthrumacaddusername']); $pconfig['radmac_format'] = $config['captiveportal']['radmac_format']; +$pconfig['radiusnasid'] = $config['captiveportal']['radiusnasid']; if ($_POST) { @@ -217,6 +218,7 @@ if ($_POST) { $config['captiveportal']['passthrumacadd'] = $_POST['passthrumacadd'] ? true : false; $config['captiveportal']['passthrumacaddusername'] = $_POST['passthrumacaddusername'] ? true : false; $config['captiveportal']['radmac_format'] = $_POST['radmac_format'] ? $_POST['radmac_format'] : false; + $config['captiveportal']['radiusnasid'] = $_POST['radiusnasid']; /* file upload? */ if (is_uploaded_file($_FILES['htmlfile']['tmp_name'])) @@ -297,6 +299,7 @@ function enable_change(enable_change) { document.iform.reauthenticateacct[0].disabled = radacct_dis; document.iform.reauthenticateacct[1].disabled = radacct_dis; document.iform.reauthenticateacct[2].disabled = radacct_dis; + document.iform.radiusnasid.disabled = radius_endis; } //--> </script> @@ -579,7 +582,7 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client <tr> <td class="vncell" valign="top"><?=gettext("RADIUS NAS IP attribute"); ?></td> - <td> + <td class="vtable"> <select name="radiussrcip_attribute" id="radiussrcip_attribute"> <?php $iflist = get_configured_interface_with_descr(); foreach ($iflist as $ifdesc => $ifdescr) { @@ -619,6 +622,11 @@ value="<?=htmlspecialchars($pconfig['maxprocperip']);?>"> <?=gettext("per client </tr> <tr> + <td class="vncell" valign="top"><?=gettext("NAS-Identifier"); ?></td> + <td class="vtable"><input name="radiusnasid" type="text" class="formfld unknown" id="radiusnasid" value="<?=htmlspecialchars($pconfig['radiusnasid']);?>"><br> + <?=gettext("Specify a NAS identifier to override the default value, which is the hostname."); ?></td> + </tr> + <tr> <td class="vncell" valign="top"><?=gettext("Type"); ?></td> <td class="vtable"><select name="radiusvendor" id="radiusvendor"> <option><?=gettext("default"); ?></option>

Comments are closed.