(RADIATOR) %{Handler:name}

Mariano Absatz radiator at lists.com.ar
Mon Sep 9 15:16:15 CDT 2002 

El 6 Sep 2002 a las 9:42, Hugh Irvine escribió:

> 
> Hello Mariano -
> 
> I'm afraid I dont quite understand what you are wanting to do.
> 
> Could you give me a bit more detail?
Yup.

I'm trying to generalize the way I write very similar proxies where maybe the only thing that 
changes is the proxied hosts/ports and where I log accounting failures... 

Since this stuff goes in a different <AuthBy Radius> (or <AuthBy LOADBALANCE> for that 
matter), I want to name (via "Identifier") each AuthBy and be able to recall that name within 
the AuthBy...

In the manual (http://www.open.com.au/radiator/ref.html#pgfId=291148) I see that I can find 
out which client triggered a clause (%{Client:name}) and which handler did so 
(%{Handler:name}), but I might have several clients and several handlers going to the same 
AuthBy and the AuthBy itself would be the selector.

Let's go by example...

Suppose I currently have the following in my config file:

=======================START OF (portion of) RADIUS.CFG======================
<AuthBy LOADBALANCE>
	Identifier Kind01

	Retries 1
        <Host 22.33.44.55>
		Secret aaaa
		AuthPort 1111
		AcctPort 2222
	</Host>
	<Host 22.33.44.66>
		Secret asdf
		AuthPort 2321
		AcctPort 1234
	</Host>

	AcctFailedLogFileName %L/ACCT-LOST/Kind01/%Y-%m-%d.log
</AuthBy>

<AuthBy LOADBALANCE>
	Identifier Kind02

	Retries 3
        <Host 22.33.44.55>
		Secret bbbb
		AuthPort 2231
		AcctPort 2311
	</Host>
	<Host 22.33.44.66>
		Secret qwert
		AuthPort 3333
		AcctPort 4444
	</Host>

	AcctFailedLogFileName %L/ACCT-LOST/Kind02/%Y-%m-%d.log
</AuthBy>
========================END OF (portion of) RADIUS.CFG=======================





I would like to change this to:


======================START OF (portion of) NEWRADIUS.CFG====================
<AuthBy LOADBALANCE>
	Identifier Kind01

	include %D/Retries%{AuthName:Identifier}.cfg
	include %D/Hosts%{AuthName:Identifier}.cfg

	AcctFailedLogFileName %L/ACCT-LOST/%{AuthName:Identifier}/%Y-%m-%d.log
</AuthBy>

<AuthBy LOADBALANCE>
	Identifier Kind02

	include %D/Retries%{AuthName:Identifier}.cfg
	include %D/Hosts%{AuthName:Identifier}.cfg

	AcctFailedLogFileName %L/ACCT-LOST/%{AuthName:Identifier}/%Y-%m-%d.log
</AuthBy>
=======================END OF (portion of) NEWRADIUS.CFG=====================

======================START OF RetriesKind01.cfg====================
Retries 1
=======================END OF RetriesKind01.cfg=====================

======================START OF HostsKind01.cfg====================
<Host 22.33.44.55>
	Secret aaaa
	AuthPort 1111
	AcctPort 2222
</Host>
<Host 22.33.44.66>
	Secret asdf
	AuthPort 2321
	AcctPort 1234
</Host>
=======================END OF HostsKind01.cfg=====================

======================START OF RetriesKind02.cfg====================
Retries 3
=======================END OF RetriesKind02.cfg=====================

======================START OF HostsKind02.cfg====================
<Host 22.33.44.55>
	Secret bbbb
	AuthPort 2231
	AcctPort 2311
</Host>
<Host 22.33.44.66>
	Secret qwert
	AuthPort 3333
	AcctPort 4444
</Host>
=======================END OF HostsKind02.cfg=====================



Although this leads to a profussion of files, they are all parsed at startup and this allows 
me to modify things on a per AuthBy basis and keep it clean... Maybe give some people the 
possibility to edit some files and other people to edit other files...

I might be dumb or crazy... but this kind of things helped me a lot in the past for keeping 
config files clean and ordered...

> 
> thanks
> 
> Hugh
> 
> 
> On Friday, September 6, 2002, at 07:26 AM, Mariano Absatz wrote:
> 
> > Hi Hugh, long time no see...
> >
> > I'm planning an installation with a bunch of front-end Radiator proxies
> > (using <AuthBy LOADBALANCE>) to an(other) bunch of Radiator back-end 
> > servers
> > that do the actual authentication against SQL servers.
> >
> > Now, the front-end farm has the "dispatching" intelligence and the 
> > back-end,
> > the authentication intelligence...
> >
> > By "dispatching" I mean:
> > "if it comes from such and such a NAS authenticate using of these 
> > back-end
> > servers"
> > "if the realm matches xxx authenticate against these bunch of back-ends"
> > etc...
> >
> > I'm trying to generalize as much as possible and want to have short and
> > easily manteinable config files, so I'm doing a bunch of identfied 
> > AuthBy's
> > like this:
> >
> > <AuthBy LOADBALANCE>
> > 	Identifier Kind01
> >
> > 	include %{GlobalVar:ConfigDir}/RetriesKind01.cfg
> > 	include %{GlobalVar:ConfigDir}/HostsKind01.cfg
> >
> > 	AcctFailedLogFileName %L/ACCT-LOST/Kind01/%Y-%m-%d.log
> > </AuthBy>
> >
> > This would be the AuthBy to use for the "Kind01" kind of handlers...
> >
> > Is there a way to have a "per AuthBy" special that has the "AuthBy"
> > Identfier? That is... a kind of "%{LocalVar:xxxx}" where the locality 
> > is wrt
> > the AuthBy...
> >
> > Would %{Handler:Identifier} do that? or that would give me the 
> > Identifier of
> > the Handler that called this AuthBy?
> >
> > Otherwise, would something along the lines of this work?:
> >
> > <AuthBy LOADBALANCE>
> > 	DefineFormattedGlobalVar KIND Kind01
> > 	Identifier %{GlobalVar:KIND}
> >
> > 	include %{GlobalVar:ConfigDir}/Retries%{GlobalVar:KIND}.cfg
> > 	include %{GlobalVar:ConfigDir}/Hosts%{GlobalVar:KIND}.cfg
> >
> > 	AcctFailedLogFileName %L/ACCT-LOST/%{GlobalVar:KIND}/%Y-%m-%d.log
> > </AuthBy>
> >
> > <AuthBy LOADBALANCE>
> > 	DefineFormattedGlobalVar KIND Kind02
> > 	Identifier %{GlobalVar:KIND}
> >
> > 	include %{GlobalVar:ConfigDir}/Retries%{GlobalVar:KIND}.cfg
> > 	include %{GlobalVar:ConfigDir}/Hosts%{GlobalVar:KIND}.cfg
> >
> > 	AcctFailedLogFileName %L/ACCT-LOST/%{GlobalVar:KIND}/%Y-%m-%d.log
> > </AuthBy>
> >
> >
> > TIA.
> >
> >
> > --
> > Mariano Absatz
> > El Baby
> > ----------------------------------------------------------
> > It said, "Insert disk #3," but only two will fit!
> >
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> >
> >
> 
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list