Hi,
I have somthing similar to this:
<Handler Client-Identifier=PGW, Acct-Status-Type=Start>
Identifier PGW_START
AccountingHandled
<AuthBy GROUP>
AuthByPolicy ContinueUntilReject
<AuthBy RADIUS>
Host 192.168.1.2
Secret secret2
StripFromRequest AVP1__2,AVP2__2
AllowInRequest 3GPP-IMSI,
Acct-Session-Id, NAS-Port-Type\
Acct-Status-Type,
Called-Station-Id, Calling-Station-Id, Event-Timestamp,
Framed-IP-Address, User-Name
</AuthBy>
<AuthBy RADIUS>
Host 192.168.1.3
Secret secret3
RequestHook sub {\
my $p = ${$_[0]};\
my $fp = ${$_[1]};\
my $imsi = $p->get_attr('3GPP-IMSI');\
if ($imsi =~ /^1234/) { \
$fp->change_attr('3GPP-RAT-Type,', 'UMTS');\
}\
}
AllowInRequest 3GPP-IMSI,
3GPP-PDP-Type, 3GPP-RAT-Type, 3GPP-User-Location-Info,
Acct-Session-Id,NAS-Port-Type \
Acct-Status-Type,
Called-Station-Id, Calling-Station-Id, Event-Timestamp,
Framed-IP-Address, User-Name
</AuthBy>
<AuthBy RADIUS>
Host 192.168.1.4
Secret secret3
AllowInRequest 3GPP-RAT-Type,
3GPP-User-Location-Info, Acct-Session-Id, NAS-Port-Type\
Acct-Status-Type,
Called-Station-Id, Calling-Station-Id, Event-Timestamp,
Framed-IP-Address, User-Name
</AuthBy>
<AuthBy RADIUS>
Host 192.168.1.5
Secret secret4
</AuthBy>
<AuthBy RADIUS>
Host 192.168.1.6
Secret secret5
</AuthBy>
</AuthBy>
MaxSessions 0
</Handler>
( not exactly this but similar enough)
I want o achieve the following:
1.Broadcast accounting to all servers.
2.Have a different set of AVPs for each destination server.
3.To one server ( and only to that one) want to have a more complex
logic and be able to add,remove or change AVPs
In other setups I found that changing avps on one clause it will send
AVP changes to the following servers, which was not intended
I achieved the intended behaviour by enclosing a AuthBy RADIUS in a
GROUP between a couple of INTERNALs. The first one to change the AVP
and a final one to restore from original packet.
I found a RequestHook very useful and more clean approach. It is the
counterpart of the Reply/NoReplyHook .
I thought it could be useful for other and, eventually, included in
next versions.
Thanks anyway,
Best regards,
José Borges Ferreira
On Wed, Apr 22, 2015 at 7:21 AM, Hugh Irvine <[email protected]> wrote:
>
> Hello Jose -
>
> One way to do this is with multiple Handler clauses and an AuthBy HANDLER
> clause in the first one.
>
> See the example in “goodies/authhandler.cfg”.
>
> See also section 5.76 AuthBy HANDLER in the manual (“doc/ref.pdf”).
>
> You can have a different PreAuthHook in each target Handler clause, and the
> overall configuration will be much simpler.
>
> I would also have separate configuration files for authentication and
> accounting (each listening only on the corresponding ports).
>
> hope that helps
>
> regards
>
> Hugh
>
>
>
>> On 22 Apr 2015, at 01:26, Jose Borges Ferreira <[email protected]> wrote:
>>
>> Hi all,
>>
>> I have a setup that forwards some accounting to several servers. I
>> need to mangle some attributes before a forward to the remote
>> server.One requirement is to have different mangling per host.
>> I couldn't found a way to change hook some code at AuthBy RADIUS, so I
>> implemented the attached patch.
>>
>> So , my question is :
>>
>> Is there a way to achieve what I want ?
>>
>> Does the patch makes sense ?
>>
>> Thanks in advanced,
>>
>> José Borges Ferreira
>> <RequestHook.patch>_______________________________________________
>> radiator mailing list
>> [email protected]
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
> --
>
> Hugh Irvine
> [email protected]
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER, SIM, etc.
> Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
>
_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator
