| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
(This message will disappear, once this node revised.)
Within the new configuration system, the traditional ``trio'' ‘hints-huntgroups-users’ will be translated to the following program:
(defprog main
(CALL hints)
(CALL huntgroups)
(COND "request_code() == Access-Request"
(CALL users))
(REPLY Access-Reject
(Reply-Message . "\nAccess denied\n")))
|
For example, consider the following configuration:
# raddb/hints: DEFAULT Prefix = "PPP" Hint = PPP |
This will produce the following program:
(defprog hints
(COND "%[Prefix] == \"PPP\"")
(ACTION "%[Hint] = \"PPP\""))
|
#raddb/huntgroups DEFAULT NAS-IP-Address = 10.10.4.1 Suffix = "staff" DEFAULT NAS-IP-Address = 10.10.4.2 Huntgroup-Name = "second" |
Will produce
(defprog huntgroups
(COND "%[NAS-IP-Address] == 10.10.4.1 && !(%[Suffix] == \"staff\")"
(REPLY Access-Reject
("Reply-Message" . "Access Denied by Huntgroup")))
(COND "%[NAS-IP-Address] == 10.10.4.2"
(ACTION "%[Huntgroup-Name] = \"second\"")))
|
Finally, ‘users’:
#raddb/users
DEFAULT Hint = "PPP",
Auth-Type = PAM
Service-Type = Framed-User,
Framed-Protocol = PPP
DEFAULT Huntgroup-Name = "second",
Auth-Type = PAM
Service-Type = "Authenticate-Only",
Reply-Message = "Authentity Confirmed"
|
will produce
(defprog users
(COND "%[Hint] == "PPP" && authorize(PAM)"
(REPLY Access-Accept
(Service-Type . Framed-User)
(Framed-Protocol . PPP))
(REPLY Access-Reject
(Reply-Message . "Access Denied")))
(COND "%[Huntgroup-Name] == \"second\" && authorize(PAM)"
(REPLY Access-Accept
(Service-Type . "Authenticate-Only")
(Reply-Message . "Authentity Confirmed"))))
|
This document was generated by Sergey Poznyakoff on December, 6 2008 using texi2html 1.78.