A.5 Support for Traditional Configuration Files.
(This message will disappear, once this node revised.)
Within the new configuration system, the traditional ``trio''
‘hints-huntgroups-users’ will be translated to the following
program:
| | (defprog main
(CALL hints)
(CALL huntgroups)
(COND "request_code() == Access-Request"
(CALL users))
(REPLY Access-Reject
(Reply-Message . "\nAccess denied\n")))
|
For example, consider the following configuration:
| | # raddb/hints:
DEFAULT Prefix = "PPP" Hint = PPP
|
This will produce the following program:
| | (defprog hints
(COND "%[Prefix] == \"PPP\"")
(ACTION "%[Hint] = \"PPP\""))
|
| | #raddb/huntgroups
DEFAULT NAS-IP-Address = 10.10.4.1 Suffix = "staff"
DEFAULT NAS-IP-Address = 10.10.4.2 Huntgroup-Name = "second"
|
Will produce
| | (defprog huntgroups
(COND "%[NAS-IP-Address] == 10.10.4.1 && !(%[Suffix] == \"staff\")"
(REPLY Access-Reject
("Reply-Message" . "Access Denied by Huntgroup")))
(COND "%[NAS-IP-Address] == 10.10.4.2"
(ACTION "%[Huntgroup-Name] = \"second\"")))
|
Finally, ‘users’:
| | #raddb/users
DEFAULT Hint = "PPP",
Auth-Type = PAM
Service-Type = Framed-User,
Framed-Protocol = PPP
DEFAULT Huntgroup-Name = "second",
Auth-Type = PAM
Service-Type = "Authenticate-Only",
Reply-Message = "Authentity Confirmed"
|
will produce
| | (defprog users
(COND "%[Hint] == "PPP" && authorize(PAM)"
(REPLY Access-Accept
(Service-Type . Framed-User)
(Framed-Protocol . PPP))
(REPLY Access-Reject
(Reply-Message . "Access Denied")))
(COND "%[Huntgroup-Name] == \"second\" && authorize(PAM)"
(REPLY Access-Accept
(Service-Type . "Authenticate-Only")
(Reply-Message . "Authentity Confirmed"))))
|
This document was generated by Sergey Poznyakoff on December, 6 2008 using texi2html 1.78.