(RADIATOR) AddtoReply

Hugh Irvine hugh at open.com.au
Mon Aug 26 19:55:14 CDT 2002 

Hello Wim, Hello Miko -

Thanks Wim - I was going to write the same thing as you did.

The reason that AddToReply does what it does is because there are people 
who do want to add attributes to both rejects and to accounting replies. 
The manual is incorrect and has been fixed for the next release.

regards

Hugh


On Monday, August 26, 2002, at 10:25 PM, Wim Biemolt wrote:

>
>
> ==> From: miko at yournetplus.com
>
>> The only downside to doing it this way is that it still adds the
>> attributes to access-reject reply packets, which inherantly does not
>> cause problems, except when dealing with larger networks, such as UUNet
>> which request that the only attributes passes back are Proxy-State and
>> Reply-Message...
>
> The nice thing about radiator is that it is very flexible and until
> now I always could come up with some kind of configuration which was
> doing what I needed. In your situation the following will probably
> work (didn't actual test it!) ...
>
> <Handler Realm=bogus-service>
> 	...
> 	...
> 	ReplyHook  file:"/some/path/makesurenottosendtoomuch.pl"
> </Handler>
>
> and
>
> # -*- mode: Perl -*-
> # makesurenottosendtoomuch.pl
> #
> sub
> {
>   my $p  = ${$_[0]};    # proxy reply packet
>   my $rp = ${$_[1]};    # reply packet to NAS
>   my $op = ${$_[2]};    # original request packet
>   my $sp = ${$_[3]};    # packet sent to proxy
>
>   # Get the request code from the proxy reply.
>   my $code = $p->code;
>
>   unless ($code eq 'Access-Accept')
>   {
>        &main::log($main::LOG_DEBUG, "about to undo AddtoReply");
>        $rp->delete_attr('Attribute-Name');
>        &main::log($main::LOG_DEBUG, "removed Attribute-Name");
>        return;
>   }
> }
>
> Although the best thing probably would be to make radiator behave
> with respect to AddtoReply as described in the radiator 3.2 manual.
> Adds attributes to *Access-Accepts*. So not to Access-Rejects and
> not to Accounting-Requests ;)
>
> -Wim -/- SURFnet
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: I am travelling this week, so there may be delays in our 
correspondence.

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list