Hello Lufti -
On Wed, 06 Oct 1999, Lutfi YUNUSOGLU wrote:
> >%_Hi
>
> I want to use a filter which is for restricting users access to our DNS and
> only to a specific host with port 443 (ssl). I create following:
>
> User-Service=Framed-User,
> Framed-Protocol=PPP,
> Framed-Netmask=255.255.255.0,
> Framed-Routing=None,
> Framed-MTU=1500,
> Framed-Compression=Van-Jacobson-TCP-IP,
> Ascend-Data-Filter="ip in forward dstip 195.175.24.91 tcp dstport>1023",
> Ascend-Data-Filter="ip in forward dstip 195.175.24.91 tcp dstport=443",
> Ascend-Data-Filter="ip in forward udp dstport=53",
> Ascend-Data-Filter="ip in drop",
> Ascend-Data-Filter="ip out forward tcp dstport>1023",
> Ascend-Data-Filter="ip out drop"
>
> But I have problems like if SSL part works DNS doesn't or I can't filter SSL
> for a specific host.
>
The first problem in the example above is that the attribute "User-Service" is
not defined in the standard Radiator dictionary. It should be:
Service-Type = Framed-User,
Secondly, there is a recent patch for Ascend filters in Radiator 2.14.1. See
this URL:
http://www.open.com.au/radiator/history.html
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
