Hello, I've used default server configured as follows: post-auth { # my module decides to allow or reject request rtdps2 Post-Auth-Type REJECT { attr_filter.access_reject } } When I run this on 2.2.0 I got debug: Thu Nov 27 14:28:44 2014 : Info: ++[rtdps2] returns reject Thu Nov 27 14:28:44 2014 : Info: Using Post-Auth-Type REJECT Thu Nov 27 14:28:44 2014 : Info: # Executing group from file ../etc/raddb/sites-enabled/default Thu Nov 27 14:28:44 2014 : Info: +- entering group REJECT {...} Thu Nov 27 14:28:44 2014 : Info: [attr_filter.access_reject] expand: %{User-Name} -> testing Thu Nov 27 14:28:44 2014 : Debug: attr_filter: Matched entry DEFAULT at line 11 Thu Nov 27 14:28:44 2014 : Info: ++[attr_filter.access_reject] returns updated Sending Access-Reject of id 80 to 192.168.1.4 port 33304 Cisco-AVPair := "h323-return-code=8" Which is correct, but when I run it in 2.2.6 I got: Thu Nov 27 14:19:35 2014 : Info: ++[rtdps2] = reject Thu Nov 27 14:19:35 2014 : Info: +} # group post-auth = reject Sending Access-Reject of id 186 to 192.168.1.4 port 49975 Service-Type = 0 Framed-Protocol = 0 Cisco-AVPair := "h323-return-code=8" Thu Nov 27 14:19:35 2014 : Info: Finished request 0. Which is wrong, because attributes was not filtered out. Am I missing something ? Is this a bug ? What to do to make version 2.2.6 to work the same way 2.2.0 does ? Regards- *Wiesław Bieniek* <http://www.comarch.pl>