(RADIATOR) Radiator & IPTables integraton

Francisco Contreiras fc at b52.ist.utl.pt
Thu Jul 17 05:31:09 CDT 2003 

I'm having some trouble finding out witch example in hooks.txt should
suit my needs:

- After the Authentication, run a script (perl, ...) to add a rule in
IPTABLES adding the authenticated client IP to the NAT list;
 As far as I understood I should use: 
 <Handler ....>
       <AuthBy ....>
                ....
        </AuthBy>
       PostAuthHook file:"perl_script"
 </Handler> 
- To know the witch client IP I need to use the <AddressAllocator DHCP>
clause or can I stay witch my DHCPD service?
- When user disconnects form the network, how can I run another script
to remove him from the IPTABLES list?

Best regards,

Francisco Contreiras





-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au] 
Sent: quinta-feira, 17 de Julho de 2003 3:23
To: Francisco Contreiras
Cc: radiator at open.com.au
Subject: Re: (RADIATOR) Radiator & IPTables integraton


Hello Francisco -

You can use a PostAuthHook to do whatever is required to add a dynamic 
rule to iptables.

There are some example hooks in the file "goodies/hooks.txt" in the 
Radiator distribution.

regards

Hugh


>
>
> Is it possible to add a dynamic rule to Iptables allowing the
> authenticated user IP to be able to use NAT. How do I get the client
> information (IP assigned by DHCP or by Radiator) from Radiator.
>
> Thank's
> Francisco Contreiras
>
> -------------------------------------------------------
>
> -- 
> Mike McCauley                               mikem at open.com.au
> Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++,
WWW
> 24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
> Phone +61 3 9598-0985                       Fax   +61 3 9598-0955
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
TLS,
> TTLS, PEAP etc on Unix, Windows, MacOS etc.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list