(RADIATOR) Caller blacklist

Hugh Irvine hugh at open.com.au
Thu Oct 17 01:26:38 CDT 2002 

Hello Jon -

You will need to use cascaded AuthBy's to do this, with an AuthBy FILE 
first, which then calls the AuthBy SQL.

The configuration file should look something like this:

# define AuthBy clauses

<AuthBy SQL>
         Identifier CheckSQLBlacklist
         DBSource        ......
         DBUsername    ......
         DBAuth          ......
         AuthSelect select "REJECT" from CALLER_BLACKLIST \
                    where Calling_Station='%{Calling-Station-Id}'
         AuthColumnDef 0, GENERIC, check
</AuthBy>

<AuthBy FILE>
	Identifier CheckBlacklist
	Filename %D/users.blacklist
</AuthBy>

......


# define Handlers

<Handler ...>
	AuthByPolicy ContinueWhileAccept
	AuthBy CheckBlacklist
	# your normal AuthBy
	.....
</Handler>

.......


The users.blacklist file would look like this:

# users.blacklist

DEFAULT  Auth-Type = CheckSQLBlacklist

DEFAULT  Auth-Type = Accept

The reason for doing it this way is because the AuthBy processing is 
looking for a user, which the AuthBy SQL clause is not doing.

regards

Hugh


On Thursday, October 17, 2002, at 03:16 AM, jlewis at lewis.org wrote:

> Based on what I found in the archive at
> http://www.open.com.au/archives/radiator/2002-06/msg00090.html
>
> I'm wondering if I can make a calling-station-id blacklist by doing
> something like:
>
> <AuthBy SQL>
>         DBSource        ......
>         DBUsername    ......
>         DBAuth          ......
>         AuthSelect select "REJECT" from CALLER_BLACKLIST \
>                    where Calling_Station='%{Calling-Station-Id}'
>         AuthColumnDef 0, GENERIC, check
> </AuthBy>
>
> The CALLER_BLACKLIST table would have fields for Calling_Station and
> REJECT such as:
> 1115551212	Auth-Type = "Reject: Your phone number has been BLACKLISTED"
>
> Then just include this AuthBy before all others in the various 
> Handler's
> we use?
>
> ----------------------------------------------------------------------
>  Jon Lewis *jlewis at lewis.org*|  I route
>  System Administrator        |  therefore you are
>  Atlantic Net                |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: I am travelling this week, so there may be delays in our 
correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list