Hello Ingvar -
On Thu, 18 May 2000, Ingvar Berg (ERA) wrote:
> How about an Authby BLACKLIST, rejecting the request if there is a
match between Calling-Station-ID and a number in the list? It seems to be a
broad interest in this functionality. >
Why not just an AuthBy SQL with an AuthSelect that does the right thing?
# check BLACKLIST numbers
<AuthBy SQL>
Identifer Check-BLACKLIST
DBSource ....
DBUsername .....
DBAuth ....
AuthSelect select PASSWORD from BLACKLIST \
where CALLINGSTATIONID='%{Calling-Station-Id}'
</AuthBy>
You would set the PASSWORD to an "*" for example for the BLACKLIST entries,
together with a DEFAULT entry with a NULL password that would always accept.
Then chain the AuthBy's together, something like this:
# add BLACKLIST handling to existing Realms/Handlers
<Realm .....>
AuthByPolicy ContinueWhileAccept
AuthBy Check-BLACKLIST
<AuthBy ....>
......
</AuthBy>
</Realm>
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
