(RADIATOR) Getting the right attributes in the reply...

Hugh Irvine hugh at open.com.au
Wed May 8 17:47:59 CDT 2002 

Hello Chris -

DefaultReply will only add the listed attributes if there are *no* other 
attributes already present in the reply packet. The dump that you show below 
indicates that there is already a Proxy-State attribute in the reply, 
therefore you should use AddToReply instead.

BTW - it is much easier to see what is going on by looking at a trace 4 debug 
from Radiator. And don't forget that you can also use Radar with Radiator 3.0.

regards

Hugh


On Thu, 9 May 2002 08:27, Chris Craft wrote:
> I've RTFM :) and maybe I'm just thick, but I'm not seeing this realm config
> pass the replies I've asked it to:
>
> <Realm unlimitedSTAR>
>         RewriteUsername      s/^([^@]+).*/$1/
>         <AuthBy FILE>
>                 Filename /etc/raddb/users.unlimited
>                 DefaultReply Service-Type=Framed-User,\
> Framed-Protocol=PPP,\
> Framed-IP-Address=255.255.255.254,\
> Framed-IP-Netmask=255.255.255.255,\
> Ascend-Data-Filter="ip in forward tcp est",\
> Ascend-Data-Filter="ip in forward dstip <a 'class C' network address>/24",\
> Ascend-Data-Filter="ip in forward dstip <a host address>",\
> Ascend-Data-Filter="ip in forward dstip <another host>",\
> Ascend-Data-Filter="ip in drop tcp dstport = 25",\
> Ascend-Data-Filter="ip in forward"
>         </AuthBy>
>         AcctLogFileName %L/%N.s2/detail
> </Realm>
>
> A `tcpdump -s 65535 -w radcap.pkt port 1654` subsequently decoded by
> ethereal shows me only the following reply:
>
> Frame 20 (167 on wire, 167 captured)
> Ethernet II
> Internet Protocol
> User Datagram Protocol
> Radius Protocol
>     Code: Access Accept (2)
>     Packet identifier: 0xa0 (160)
>     Length: 125
>     Authenticator
>     Attribute value pairs
>         t:Proxy State(33) l:91,
> Value:"PX01\000\0005U«\158\154áÌnÍ\1390³\000tÎ\127\148½\000\002\006\145Cë\0
>00\023\000\000\000\000\000\000\000\000\000\000\000\012\000\002\006mAÔh\014\0
>00\000\000\000\000\000\000\000\000\000\000\003\000\000\000\002\0 t:Proxy
> State(33) l:14, Value:"PR0x00000AC6"
>
> Can anybody smack me with a clue-by-four?
>
> Thanks,
> Chris.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list