Hi Aaron,

On May 11,  8:06pm, Aaron Holtz wrote:
> Subject: (RADIATOR) Combatting a bad NAS...
> I have a NAS unit (An Osicom IQX -> read: junk) that doesn't send the
> NAS-IP-Address in the authentication packet.  Is there a down and dirty
> way to pull that information out of the packet header and use it?  The
> reason I ask is that I have a Handler based on NAS address that doesn't
> work from this unit because of this missing information (this is confirmed
> missing via a trace 4 dump of the authenticator packet.....)   I believe I
> saw something similiar elsewhere in one of the radius modules, but wasn't
> sure how/where I could implement this.  Thanks in advance.
> Here is the packet dump:
>
> Mon Apr 19 13:48:19 1999: DEBUG: Packet dump:
> *** Received from 1.1.1.1 port 1611 ....
> Code:       Access-Request
> Identifier: 2
> Authentic:  F7<25>h<13>KCT<157><24><143><6><246><3><17>r
> Attributes:
>         User-Name = "test"
>         Password = "<178>@.<233>0<230><224><180>R<189>$<163>.C(%"
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>         NAS-Port = 29
>
>
> I see in Radius.pm that Socket::inet_ntoa($l[1]) can be the IP of the
> sending unit.  Is there a place I can setup a test to see if during the
> Access-Request phase the NAS-IP-Address is set and if not, make it from
> the packet?  The information is there during the accounting phases but it
> appears that Osicom is quite slow in implementing this change that we've
> asked......  It doesn't *technically* violate the RFC but I believe it
> suggests in all caps that the NAS ip be sent during this phase......

Probably the easiest way is to add a PreHandlerHook that will test for the
existence of NAS-IP-Address, and if its not there deduce it from other methods,
something like this (not tsted)

PreClientHook sub { \
 if (${$_[0]}->getAttrByNum(4) eq '')\
 {\
        ${$_[0]}->addAttrByNum(4, Socket::inet_ntoa(${$_[0]}->{RecvFrom}));\
 }\
}

Hope that helps.

Cheers.


-- 
Mike McCauley                               [EMAIL PROTECTED]
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, 
NT, Rhapsody
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to