[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4.5 NAS Types — ‘raddb/nastypes

The ‘raddb/nastypes’ file describes the ways to query NASes about active user sessions.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4.5.1 Syntax of ‘raddb/nastypes

(This message will disappear, once this node revised.)

Syntax

Each record consists of three fields separated by any amount of whitespace. The fields are:

Type

Type of the NAS which is described in this record.

Method

Method to use to query a NAS of given type.

Arguments

Arguments to pass to this method. Each argument is a pair arg=value, where arg is its name and value is a value assigned to it. The list of predefined argument names follows. Note, that no intervening whitespace is allowed in this field.

Methods

Version 1.6 of GNU Radius supports following querying methods: finger, snmp, external and guile. .

Arguments

In the discussion below n means numeric and s string value.

The following arguments are predefined:

Common for all methods

function=s

Specifies the check function to use with this method (see section Login Verification Functions). This argument must be present. For description of how this function is applied, see Multiple Login Checking.

port=n

Use port number n instead of the default for the given method.

Method snmp

password=s

Use community s instead of the default. This argument must be present.

retries=n

Retry n times before giving up.

timeout=n

Timeout n seconds on each retry.

Method finger

timeout=n

Give up if the NAS does not respond within n seconds.

notcp
tcp=0

Disable the use of T/TCP for hosts with a broken TCP implementation.

arg=subst

Send subst to finger, instead of username. subst must be one of macro variables, described below.

Macro variables

The following macro-variables are recognized and substituted when encountered in the value pair of an argument:

%u

Expands to username.

%s

Expands to session id.

%d

Expands to session id converted to decimal representation.

%p

Expands to port number.

%P

Expands to port number + 1.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4.5.2 Example of nastypes file.

Note, that in the following example the long lines are broken into several lines for readability.

 
# Type     Method          Args
# ----     ------          ----
unix       finger       function=check_unix
max-f      finger       function=check_max_finger
max        snmp         oid=.1.3.6.1.4.1.529.12.3.1.4.%d,
                        function=check_snmp_u
as5300-f   finger       function=check_as5300_finger
as5300     snmp         oid=.1.3.6.1.4.1.9.9.150.1.1.3.1.2.%d,
                        function=check_snmp_u
livingston snmp         oid=.1.3.6.1.4.1.307.3.2.1.1.1.5.%P,
                        function=check_snmp_s

[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4.5.3 Standard NAS types

The ‘nastypes’ shipped with version 1.6 of GNU Radius defines following NAS types:

unix — UNIX boxes running Finger

This type suits for UNIX boxes running finger service able to return information about dial-up users active on them. To enable finger checking of a unix host add following to your ‘naslist’ file:

 
#Hostname       Shortname   Type
#--------       ---------   ----
nas.name        T           unix
max-f — MAX Ascend with Finger

Use this type if you have MAX Ascend terminal server that answers finger queries. The ‘naslist’ entry for such NAS will look like:

 
#Hostname       Shortname   Type  Flags
#--------       ---------   ----  -----
nas.name        T           max-f broken_pass

Note the use of broken_pass flag. It is needed for most MAX Ascend servers (see section NAS List — ‘raddb/naslist).

max — MAX Ascend, answering SNMP

Use this type if you have MAX Ascend terminal server that answers SNMP queries. The ‘naslist’ entry for such NAS will look like:

 
#Hostname       Shortname   Type  Flags
#--------       ---------   ----  -----
nas.name        T           max-f broken_pass,community=comm

Replace comm with your actual SNMP community name.

as5300-f — Cisco AS5300 running finger
as5300 — Cisco AS5300 answering SNMP
livingston — Livingston Portmaster

Type livingston queries portmaster using SNMP.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]

This document was generated by Sergey Poznyakoff on December, 6 2008 using texi2html 1.78.