(RADIATOR) CLI Auth before proceeding...

ECJ jakosalem at telpacific.com.au
Thu May 18 00:23:35 CDT 2006 

Hello Hugh,
Thank you very much for this. It worked like magic.
I just want to mention that this proved very useful in case someone will
be searching the archives for a similar situation. For the calling id part
in the checknumbers file, I have /^28/ and /^29/, without the leading 0s
because that is what our access servers are sending to our RADIUS.

Thanks again Hugh.

Cheers,
Edward


>
> Hello Edward -
>
> You will need to use two AuthBy clauses in sequence, the first to
> check the number and the second to do your normal authentication.
>
> Something like this:
>
>
> # define Realm or Handler
>
> <Handler ...>
>
> 	AuthByPolicy ContinueWhileAccept
>
> 	<AuthBy FILE>
> 		Filename %D/checknumbers
> 		AcceptIfMissing
> 	</AuthBy>
>
> 	<AuthBy ...>
> 		.....
> 	</AuthBy>
>
> 	.....
>
> </Handler>
>
>
> The contents of the file "checknumbers" would look something like this:
>
>
> # checknumbers
>
> DEFAULT Calling-Station-Id = /.../, Called-Station-Id = /.../, Auth-
> Type = Reject
>
> DEFAULT Calling-Station-Id = /.../, Called-Sation-Id = /.../, Auth-
> Type = Reject
>
> .....
>
>
> The "/.../" shown above are regular expressions to match your numbers.
>
> hope that helps
>
> regards
>
> Hugh
>
>
>
>
>
> On 18 May 2006, at 09:17, ECJ wrote:
>
>>
>> Good day all,
>>
>> My first post so please bear with me.
>> I have been searching the archives for the last couple of days but
>> I can't
>> seem to find exactly what I'm looking for. Probably this one has been
>> answered before so if anyone could just point me to the relevant
>> link or
>> document, that would be enough help.
>> We are running Radiator/MySQL without any issues. But lately, we
>> noticed a
>> lot of our dialup customers are using the roaming number when they
>> shouldn't be. So what we want to happen is when the server receives an
>> auth request, the calling id and called id will first be checked
>> against a
>> list (eg called id - 0198* and calling id - 029*). If found on the
>> list,
>> then reject outright. If not, then continue with the normal checking
>> against the db.
>> I have seen similar topics in the list list but I'm not sure if
>> that is
>> the right solution for us.
>> Thanks in advance.
>>
>> Cheers,
>>
>> Edward
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/
> radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
>



Cheers,

Edward

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list