I'm having trouble with rlm_attr_filter and Ascend-Data-Filter.
Indeed, there is a comment in the source:
/* THIS SECTION NEEDS LOTS OF WORK TO GET THE ATTRIBUTE
* FILTERING LOGIC WORKING PROPERLY. RIGHT NOW IT DOES
* THINGS MOSLTY RIGHT. IT HAS SOME ISSUES WHEN YOU HAVE
* MULTIPLE A/V PAIRS FROM THE SAME ATTRIBUTE ( IE, VSA'S ).
* THAT NEEDS A BIT OF WORK STILL.... [EMAIL PROTECTED]
*/
Simpler things work fine; I can set the MTU, etc, just fine.
Also, Ascend-Data-Filter gets returned correctly from user-file entries.
Any suggestions?
Here's my config:
attrs:
acsinc.net
Ascend-Data-Filter := "ip in forward tcp est",
Ascend-Data-Filter := "ip in forward dstip 199.45.141.0/24",
Ascend-Data-Filter := "ip in drop tcp dstport = 25",
Ascend-Data-Filter := "ip in forward"
And here's some output from the debug log:
Sending Access-Accept of id 173 to 199.45.141.1:1026
Ascend-Data-Filter = "ip input forward 0"
Ascend-Data-Filter = "ip input forward 0"
Ascend-Data-Filter = "ip output drop 0"
Ascend-Data-Filter = "ip input forward 0"
Service-Type = Framed-User
Framed-IP-Address = 255.255.255.254
Framed-IP-Netmask = 255.255.255.255
Framed-Protocol = PPP
Framed-MTU = 1500
And here's what I get back:
Vendor-Specific =
"V529:T242:L34::T1:L1::T1:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0:"
Vendor-Specific =
"V529:T242:L34::T1:L1::T1:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0:"
Vendor-Specific =
"V529:T242:L34::T1:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0:"
Vendor-Specific =
"V529:T242:L34::T1:L1::T1:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0::T0:L0:"
--
Charlie Watts
[EMAIL PROTECTED]
Frontier Internet, Inc.
http://www.frontier.net/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
