(RADIATOR) One client clause for whole subnet??

Andrew D. Clark andrew.clark at ucsb.edu
Tue Apr 12 16:55:59 CDT 2005 

Wildcards are ok, but I'd rather have the more flexible net/mask.  When 
I have a /27 network or similar, a wildcard doesn't really mean much to 
me.  With "natural" mask for Class A,B,C nets and either CIDR and/or 
dotted decimal (maybe either one).  There are lots of Perl modules out 
there that make that easy (I like NetAddr::IP), but then Radiator needs 
yet another Perl module.

--
Andrew Clark
Campus Network Programmer
Office of Information Technology
University of California, Santa Barbara
andrew.clark at ucsb.edu (805) 893-5311

--On Wednesday, April 13, 2005 07:45:25 AM +1000 Hugh Irvine 
<hugh at open.com.au> wrote:

>
> Hello Jon, Hello All -
>
> There is currently no way to wildcard Client clauses other than the
> <Client DEFAULT> which matches everything.
>
> We have recently added the loading of Client clauses from both SQL
> and LDAP with a configurable RefreshPeriod to automatically reload
> the list(s) instead of having to restart the server. We are still
> considering wildcards, but no decision yet.
>
> regards
>
> Hugh
>
>
> On 13 Apr 2005, at 01:13, Jon Lewis wrote:
>
>> On Tue, 12 Apr 2005, Jethro R Binks wrote:
>>
>>> For what it is worth, I have the same requirement too.  I wasn't
>>> able  to
>>> find a facility in the documentation to allow any sort of
>>> wildcarding  on
>>> the Client IP address parameter.  Nearest I could get was:
>>>
>>> <Client 10.4.0.1>
>>>         Identifier              SomeClient
>>>         Secret                  secret
>>>         IdenticalClients        10.4.0.2
>>> 	...
>>> </Client>
>>
>> It'd be really nice if radiator would (does?) support either CIDR or
>> ranges such that you could do things like:
>>
>> <Client 10.4.0.1>
>>          IdenticalClients        10.4.0.0/24
>> ...
>>
>> or
>> <Client 10.4.0.0/24>
>> or
>> <Client 10.4.0.1>
>> 	IdenticalClients         10.4.0.2-60
>>
>> Lines such as
>> 	IdenticalClients	10.4.0.2 10.4.0.3 10.4.0.4 \
>> 		10.4.0.5 10.4.0.6 ...
>>
>> are kind of ugly and bloat the config if you have alot of identical
>> clients.
>>
>> --------------------------------------------------------------------
>> -- Jon Lewis                   |  I route
>>  Senior Network Engineer     |  therefore you are
>>  Atlantic Net                |
>> _________ http://www.lewis.org/~jlewis/pgp for PGP public
>> key_________
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive
> (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list