Fwd: Filter attributes when proxying
Joe Maimon
jmaimon at ttec.com
Mon Jun 19 17:16:17 CEST 2006
try to use rlm_policy
I am sure there are other ways.
Martin Zuziak wrote:
> Hello all
>
> I didn't get any response the first time I sent this so I'm trying
> again.
>
> Any chance of having such a feature implemented?
>
> Sincerely,
>
> Martin Zuziak <zuziak at math.ku.dk>
>
> PS: Don't worry, if I don't get any answer this time, I'll shut up :)
>
> ----- Forwarded message from Martin Zuziak <zuziak at math.ku.dk> -----
>
> Date: Thu, 1 Jun 2006 10:34:19 +0200
> From: Martin Zuziak <zuziak at math.ku.dk>
> To: freeradius-users at lists.freeradius.org
> Subject: Filter attributes when proxying
>
> Hello all
>
> Is it possible to (easily) remove single attributes sent or received
> when proxying? I know it can be done with attr_filter but if you only
> want to remove a single attribute while leaving the rest untouched, you
> need pass rules for every other attribute.
>
> It doesn't look like attr_rewrite can remove attributes. Am I wrong?
>
> Otherwise I think this would be a nice feature to implement. The
> attr_filter module can easily (I think) be changed to include a variable
> to control whether or not passing rules are needed to allow an
> attribute.
>
> Currently attributes are only allowed if they don't fail any rules in
> attrs and pass at least one rule:
>
> if (fail == 0 && pass > 0)
>
> This could be changed to something like
> if (fail == 0 && (pass > 0 || allow_no_match))
>
> where a variable in the attrs file could control if passing rules are
> required.
>
> Sincerely,
>
> Martin Zuziak <zuziak at math.ku.dk>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
> ----- End forwarded message -----
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list