(RADIATOR) One client clause for whole subnet??
Andrew D. Clark
andrew.clark at ucsb.edu
Tue Apr 12 16:55:59 CDT 2005
Wildcards are ok, but I'd rather have the more flexible net/mask. When
I have a /27 network or similar, a wildcard doesn't really mean much to
me. With "natural" mask for Class A,B,C nets and either CIDR and/or
dotted decimal (maybe either one). There are lots of Perl modules out
there that make that easy (I like NetAddr::IP), but then Radiator needs
yet another Perl module.
--
Andrew Clark
Campus Network Programmer
Office of Information Technology
University of California, Santa Barbara
andrew.clark at ucsb.edu (805) 893-5311
--On Wednesday, April 13, 2005 07:45:25 AM +1000 Hugh Irvine
<hugh at open.com.au> wrote:
>
> Hello Jon, Hello All -
>
> There is currently no way to wildcard Client clauses other than the
> <Client DEFAULT> which matches everything.
>
> We have recently added the loading of Client clauses from both SQL
> and LDAP with a configurable RefreshPeriod to automatically reload
> the list(s) instead of having to restart the server. We are still
> considering wildcards, but no decision yet.
>
> regards
>
> Hugh
>
>
> On 13 Apr 2005, at 01:13, Jon Lewis wrote:
>
>> On Tue, 12 Apr 2005, Jethro R Binks wrote:
>>
>>> For what it is worth, I have the same requirement too. I wasn't
>>> able to
>>> find a facility in the documentation to allow any sort of
>>> wildcarding on
>>> the Client IP address parameter. Nearest I could get was:
>>>
>>> <Client 10.4.0.1>
>>> Identifier SomeClient
>>> Secret secret
>>> IdenticalClients 10.4.0.2
>>> ...
>>> </Client>
>>
>> It'd be really nice if radiator would (does?) support either CIDR or
>> ranges such that you could do things like:
>>
>> <Client 10.4.0.1>
>> IdenticalClients 10.4.0.0/24
>> ...
>>
>> or
>> <Client 10.4.0.0/24>
>> or
>> <Client 10.4.0.1>
>> IdenticalClients 10.4.0.2-60
>>
>> Lines such as
>> IdenticalClients 10.4.0.2 10.4.0.3 10.4.0.4 \
>> 10.4.0.5 10.4.0.6 ...
>>
>> are kind of ugly and bloat the config if you have alot of identical
>> clients.
>>
>> --------------------------------------------------------------------
>> -- Jon Lewis | I route
>> Senior Network Engineer | therefore you are
>> Atlantic Net |
>> _________ http://www.lewis.org/~jlewis/pgp for PGP public
>> key_________
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive
> (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list