RE: Need Help: Struggling to add Ascend-Data-Filter in Freeradius 0.4

Tue, 28 May 2002 13:34:55 -0700 

Well, to answer my own question, I should but I am not. I have the
following entry in radiusd.conf

authorize {
        preprocess
        attr_filter
        sql
}


attr_filter in turn has this:

attr_filter {
                attrsfile = ${confdir}/attrs
}

and attrs

DEFAULT
        Service-Type == Framed-User,
        Service-Type == Login-User,
        Login-Service == Telnet,
        Login-Service == Rlogin,
        Login-Service == TCP-Clear,
        Login-TCP-Port <= 65536,
        Framed-IP-Address == 255.255.255.254,
        Framed-IP-Netmask == 255.255.255.255,
        Framed-Protocol == PPP,
        Framed-Protocol == SLIP,
        Framed-Compression == Van-Jacobson-TCP-IP,
        Framed-MTU >= 576,
        Framed-Filter-ID =~ ".*",
        Reply-Message =~ ".*",
        Session-Timeout <= 28800,
        Idle-Timeout <= 600,
        Port-Limit <= 2,
        Ascend-Data-Filter += "ip in forward tcp est",
        Ascend-Data-Filter := "ip in forward dstip ip.of.mailbox/32",
        Ascend-Data-Filter := "ip in drop tcp dstport = 25",
        Ascend-Data-Filter := "ip in forward",
        Fall-Through = yes

what gives?





>OK it's getting clearer. Now, when I use radtest, should I see those
>filters in the output? Cause I am not seeing any.





-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Chris
Parker
Sent: Tuesday, May 28, 2002 11:37 AM
To: [EMAIL PROTECTED]
Subject: Re: Need Help: Struggling to add Ascend-Data-Filter in
Freeradius 0.4 

At 02:30 PM 5/28/2002 -0400, Alan DeKok wrote:
>"Lists" <[EMAIL PROTECTED]> wrote:
> > I am running FreeRADIUS 0.4 with PostgreSQL backend, it's been
running
> > great. I am now required to add Ascend-Data-Filter (s). After
reading
> > the documentation I came up with the following:
> >
> > The following in /usr/local/freeradius/etc/raddb/attrs
> >
> > DEFAULT
> >         Service-Type == Framed-User,
> >         Service-Type == Login-User,
>
>   This is wrong.  Please read 'man 5 users' for a description of what
>'==' does.

This is not 'users'.  This is 'attrs'.  The operators specified were
correct for that usage, apart from the Data-Filter ones, which should
have been := ( Set Operator ).  :)

-Chris
--
    \\\|||///  \          StarNet Inc.      \         Chris Parker
    \ ~   ~ /   \       WX *is* Wireless!    \   Director, Engineering
    | @   @ |    \   http://www.starnetwx.net \      (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
                   \ Wholesale Internet Services -
http://www.megapop.net



- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to