Ascend-Data-Filters

Christopher Carver ccarver at pennswoods.net
Sat Nov 12 05:38:10 CET 2005 

You need to be using the += operator.  man 5 users in the operators section.

        Ascend-Data-Filter += "ip in forward tcp dstip 2xx.2xx.4x.x/32 dstport = 25",
        Ascend-Data-Filter += "ip in forward tcp dstip 2xx.2xx.4x.x/32 dstport = 25",
        Ascend-Data-Filter += "ip in forward tcp dstip 2xx.2xx.4x.xx/32 dstport = 25",
        Ascend-Data-Filter += "ip in drop tcp dstport = 25",
        Ascend-Data-Filter += "ip in forward",
        Ascend-Data-Filter += "ip out drop tcp dstport = 21",
        Ascend-Data-Filter += "ip out drop tcp dstport = 80",
        Ascend-Data-Filter += "ip out forward"

-Chris Carver

Bill Brunton wrote:

>I have in my default section:
>
>
>        Ascend-Data-Filter = "ip in forward tcp dstip 2xx.2xx.4x.x/32 
>dstport = 25",
>        Ascend-Data-Filter = "ip in forward tcp dstip 2xx.2xx.4x.x/32 
>dstport = 25",
>        Ascend-Data-Filter = "ip in forward tcp dstip 2xx.2xx.4x.xx/32 
>dstport = 25",
>        Ascend-Data-Filter = "ip in drop tcp dstport = 25",
>        Ascend-Data-Filter = "ip in forward",
>        Ascend-Data-Filter = "ip out drop tcp dstport = 21",
>        Ascend-Data-Filter = "ip out drop tcp dstport = 80",
>        Ascend-Data-Filter = "ip out forward"
> 
>Worked fin for me for years with Ascend Maxes.
>
>
>
>On Fri, 11 Nov 2005, Eric Gregory wrote:
>
>  
>
>>Date: Fri, 11 Nov 2005 13:50:07 -0600
>>From: Eric Gregory <eric at gatewayconnections.net>
>>Reply-To: FreeRadius users mailing list
>>    <freeradius-users at lists.freeradius.org>
>>To: freeradius-users at lists.freeradius.org
>>Subject: Ascend-Data-Filters
>>
>>I am having an issue that hopefully someone can help with.  I am trying 
>>to configure my radius server to send liethe following reps 
>>Ascend-Data-Filterwhen a user authenticates. 
>>
>>	Ascend-Data-Filter = ip in forward tcp est
>>	Ascend-Data-Filter = ip in forward dstip xxx.xxx.xxx.4/32
>>	Ascend-Data-Filter = ip in drop tcp dstport = 25
>>	Ascend-Data-Filter = ip in forward
>>
>>This is for configuration with GlobalPops and I need my users to be able to relay mail through my SMTP server for this to work.
>>
>>I am using FreeRadius 1.0.4 with the Mysql backend.  When I run radcheck I get this info in the reply
>>
>>
>>        Service-Type = Framed-User
>>        Framed-IP-Address = 255.255.255.254
>>        Framed-Protocol = PPP
>>        Framed-Compression = Van-Jacobson-TCP-IP
>>        Framed-IP-Netmask = 255.255.255.255
>>        Session-Timeout = 43200
>>        Idle-Timeout = 1500
>>        Port-Limit = 1
>>        Framed-MTU = 1300
>>        Ascend-Data-Filter = "ip in forward tcp est"
>>
>>If I wipe out the "ip in forward tcp est" line I get the "ip in forward 
>>dstip xxx.xxx.xxx.4/32" line in the reply, if I wipe that out the next 
>>comes back but I can't get more than one to come back at me.  I have 
>>tried applying the filters to the user and to the group which the user 
>>is a part of and gotten the same result. 
>>
>>Anyone know what my problem is here.  Is there a setting that I have to 
>>set to allow it to send multiple instances of the same reply attribute back?
>>
>>Thanks for any help you can offer.
>>
>>Eric Gregory
>>- 
>>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>>    
>>
>
>  
>

More information about the Freeradius-Users mailing list