Hi there, We are using FreeRadius on a RedHat 9.0 machine. All users are added as system users with group membership if either "users" or "email". Users in the "users" group have full internet access, and users in the "email" group are restricted via a filter to only enable email access.
To get freeradius to work with the system groups of "users / 100" and "email / 200" I searched around the new archives until I came up with a solution that uses Exec-Program-Wait function. Ref: http://www.mail-archive.com/[EMAIL PROTECTED]/msg04644.h tml My Question here is, What sort of system load can I expect from doing this? We currently have 200+ users on the box and all seems well, but what happens when we get to 1000+ etc, will it still hold up? Is it a potential bottleneck, or is it clean enough? Any comments and ideas would be most welcome. Thanks -Rob My /etc/raddb/users file looks like this (This is the full file, nothing stripped): ###################################################### DEFAULT Auth-Type = System Service-Type = Framed-User, Exec-Program-Wait = "/etc/raddb/groups.sh", Framed-Protocol = PPP, Framed-IP-Address = 255.255.255.254, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP, ####################################################### and the /etc/raddb/groups.sh script looks like this: ####################################################### #!/bin/bash export UN=`echo $USER_NAME|tr -d \"` for FF in `/usr/bin/groups $UN | cut -d":" -f2` do if [ "$FF" = "email" ]; then echo "Framed-Filter-ID = \"email.in\"," echo "Filter-ID = \"email.in\"," fi if [ "$FF" = "users" ]; then echo "Framed-Filter-ID = \"std.in\"," echo "Filter-ID = \"std.in\"," fi done exit 0 ####################################################### - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
