Alan DeKok wrote:
Maybe we should just move to a completely separate way of handling things.
Another idea: allow the administrateur to set Post-Auth-Type during post-auth, like we do for authorize. We first run the anonymous modules outside any Post-Auth-Type stanzas. After that we check for Post-Auth-Type and if it exists we run the corresponding subsection. In this case, it could be possible to choose what will be run during post-auth with the same syntax as the "users" file: DEFAULT Realm == realm.net, Packet-Type == Access-Accept, Post-Auth-Type := ippool.realm.net DEFAULT Realm == realm.net, Packet-Type == Access-Reject, Post-Auth-Type := sql_log.realm.net DEFAULT Packet-Type == Access-Accept, Post-Auth-Type := other -- Nicolas Baradakis