(RADIATOR) How to do conditions based on AVpair?
Jan Tomasek
jan at tomasek.cz
Thu Aug 5 08:31:21 CDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello again :)
sorry for floding list this week. I'm trying to finish my TODO list before
holidays.
I've this configuration for proxied users:
<Handler>
<AuthBy RADIUS>
<Host radius1.eduroam.cz>
AuthPort 1812
AcctPort 1813
Secret xxx
</Host>
<Host radius2.eduroam.cz>
AuthPort 1812
AcctPort 1813
Secret xxx
</Host>
</AuthBy>
AllowInReply
AddToReply Tunnel-Type=1:VLAN,\
Tunnel-Medium-Type=1:Ether_802,\
Tunnel-Private-Group-ID=1:100
</Handler>
Now I need to have there some code which will made decisision. If response
from proxy servers will contain "Tunnel-Assignment-ID=1:testAccount" it has to
return "Tunnel-Type=1:VLAN,\
Tunnel-Medium-Type=1:Ether_802,\
Tunnel-Private-Group-ID=1:666" to put user into special closed VLAN.
If response from proxy servers will not contain Tunnel-Assignment-ID or will
contain it with some unknown velue it shloud return
"Tunnel-Type=1:VLAN,\
Tunnel-Medium-Type=1:Ether_802,\
Tunnel-Private-Group-ID=1:100"
which is suposed for normal valid users.
I'm thinking about some PostAuthHook but I've no idea how to implement it.
Chould me somebody provide with an example?
Thanks!
- --
- --------------------------------------------------------------
Jan Tomasek aka Semik work: CESNET, z.s.p.o.
http://www.tomasek.cz/ Zikova 4, 160 00 Praha 6
Czech Republic
phone(work): +420 2 2435 5279 http://www.cesnet.cz/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBEjan79++DGvj6tMRAg4MAKCXFZgCpqxRrHnZK7P0DCGkSbZLxwCfYxWy
xbPcJEpVTHxyUcaiqXGW0g4=
=7SF+
-----END PGP SIGNATURE-----
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list