(RADIATOR) Radius

Barrett W Clark mgronduty at texoma.net
Sat Apr 20 18:07:14 CDT 2002


Hugh,

I have tried to follow the example below but customers can still dial in on 
that number.

Any suggestions as to what I am doing wrong would be helpful!!  Also on 
improving the radius.cfg file would be greatly appreciated!

regards

bwc

------Begin radius.cfg-----------

#Foreground
LogStdout
LogDir          /usr/local/radius/log
DbDir           /usr/local/etc/raddb
# User a lower trace level in production systems:
Trace           3
AuthPort 1645
AcctPort 1646

#strip realm
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername s/%//g

<Client localhost>
         Secret  XXXXXXXX
         DupInterval 0
</Client>

# All of our clients are listed here
<Client host.domain.com>
         Secret XXXXXXXXXXXX
         Identifier ourclients

         IdenticalClients host2.domain.com host3.domain.com \
         host4.domain.com host5.domain.com host6.domain.com \
         host7.domain.com host8.domain.com
</Client>

<Client xxx.xxx.xxx.xxx>
         Secret XXXXXXXXXXXX
         Identifier theirclients

         IdenticalClients yyy.yyy.yyy.yyy zzz.zzz.zzz.zzz
</Client>

<Handler Client-Identifier=theirclients,Called-Station-Id="##########">
         <AuthBy INTERNAL>
                 DefaultResult REJECT
         </AuthBy>
</Handler>

<Handler>
         <AuthBy DBFILE>
                 Filename %D/users
         </AuthBy>
         AcctLogFileName %L/cd-%Y%m%d
</Handler>

<Realm DEFAULT>
         <AuthBy DBFILE>
                 Filename %D/users
         </AuthBy>
         AcctLogFileName %L/cd-%Y%m%d
</Realm>

<SessionDatabase DBM>
         # The name of the DBM file. Defaults on %D/online
         Filename %D/online
</SessionDatabase>

-----Example of the cd-20020419-------

Sat Apr 20 06:47:59 2002
         NAS-IP-Address = xxx.xxx.xxx.xxx
         NAS-Port = $$$$
         NAS-Port-Type = Async
         Called-Station-Id = "##########"
         Calling-Station-Id = "**********"
         Acct-Status-Type = Start
         Acct-Authentic = RADIUS
         Service-Type = Framed-User
         Acct-Session-Id = "000DDF72"
         Framed-Protocol = PPP
         Acct-Link-Count = 1
         Ascend-Num-In-Multilink = 1
         Acct-Multi-Session-Id = "156668"
         Framed-IP-Address = ooo.ooo.ooo.ooo
         Ascend-Multilink-ID = 156668
         Acct-Delay-Time = 0
         User-Name = "username"

At 08:15 AM 4/17/2002 +1000, Hugh Irvine wrote:
>Hello Barrett -
>
>In my example below, you would reject all calls to a particular
>Called-Station-Id on the Clients with "Identifier somewhere".
>
>Ie. "######" is the number you want to deny.
>
><Handler Client-Identifier = somewhere, Called-Station-Id = 12345>
>
>You could also use regular expressions in the <Handler ....>.
>
>regards
>
>Hugh

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list