Proxy or not based on Client-IP-Address
Hello all, Looking for a pointer in the right direction. I want to reject requests from a particular realm that are not coming from a particular set of Client-IP-Addresses. This realm is normally proxied through my servers, so I don't authorize/authenticate them at the moment, they are simply passed to the next RADIUS server. However, some of those users are not using the proper upstream modem provider that they should be and I want to stop that. Other realms coming through that modem provider should be handled like normal. I have looked at the rlm_passwd module, but I'm not sure that is the way to go. I'm thinking that whatever I do should be in the pre_proxy section rather than the post_proxy so the downstream RADIUS server isn't sending back ACCEPT and the user getting REJECT. Thanks! -- Dennis Skinner Systems Administrator BlueFrog Internet http://www.bluefrog.com
participants (1)
-
Dennis Skinner