(RADIATOR) How to do conditions based on AVpair?

david.kramar at aliatel.cz david.kramar at aliatel.cz
Thu Aug 5 09:07:49 CDT 2004 

Hi 
try to add "AddToReplyIfNotExist" if will not contain.
But if will contain some unknown value, maybe is better delete this attribut (StripFromRequest) and add new (AddToRequest) based on same other ID parameter (@realm, IP, atd) - that's my first idea... 
David


-----Původní zpráva-----
Od: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au]za
uživatele Jan Tomasek
Odesláno: 5. srpna 2004 15:31
Komu: radiator at open.com.au
Předmět: (RADIATOR) How to do conditions based on AVpair?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello again :)
sorry for floding list this week. I'm trying to finish my TODO list before
holidays.

I've this configuration for proxied users:

<Handler>
        <AuthBy RADIUS>
                <Host radius1.eduroam.cz>
                        AuthPort        1812
                        AcctPort        1813
                        Secret          xxx
                </Host>
                <Host radius2.eduroam.cz>
                        AuthPort        1812
                        AcctPort        1813
                        Secret          xxx
                </Host>
        </AuthBy>

	AllowInReply
	AddToReply	Tunnel-Type=1:VLAN,\
			Tunnel-Medium-Type=1:Ether_802,\
			Tunnel-Private-Group-ID=1:100
</Handler>


Now I need to have there some code which will made decisision. If response
from proxy servers will contain "Tunnel-Assignment-ID=1:testAccount" it has to
 return "Tunnel-Type=1:VLAN,\
	Tunnel-Medium-Type=1:Ether_802,\
	Tunnel-Private-Group-ID=1:666" to put user into special closed VLAN.
If response from proxy servers will not contain Tunnel-Assignment-ID or will
contain it with some unknown velue it shloud return
	"Tunnel-Type=1:VLAN,\
	 Tunnel-Medium-Type=1:Ether_802,\
	 Tunnel-Private-Group-ID=1:100"
which is suposed for normal valid users.

I'm thinking about some PostAuthHook but I've no idea how to implement it.
Chould me somebody provide with an example?

Thanks!
- --
- --------------------------------------------------------------
Jan Tomasek aka Semik           work: CESNET, z.s.p.o.
http://www.tomasek.cz/                Zikova 4, 160 00 Praha 6
                                      Czech Republic
phone(work): +420 2 2435 5279         http://www.cesnet.cz/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBEjan79++DGvj6tMRAg4MAKCXFZgCpqxRrHnZK7P0DCGkSbZLxwCfYxWy
xbPcJEpVTHxyUcaiqXGW0g4=
=7SF+
-----END PGP SIGNATURE-----

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list