preproxy_users doesn't filter attributes

Michael da Silva Pereira michael at tradepage.co.za
Mon Jul 7 17:34:21 CEST 2008 

It is interesting you say that this stuff is already included, I do not 
see it in the prepackage version which comes with Ubuntu (hardy).

http://packages.ubuntu.com/hardy/i386/freeradius/filelist

But I think this is something the maintainers for Ubuntu must update / 
incorporate

Checking the docs on non-ubuntu packages I see the sample files, erf.


Alan DeKok wrote:
> Michael da Silva Pereira wrote:
>   
>> There is no clear way to separate between which requests (from or to
>> home servers/post-proxy or pre-proxy).
>>     
>
>   Huh?  What do you mean by that?
>
>   The pre-proxy section is processed before the request is sent to the
> home server.  The post-proxy section is processed when the reply is
> received from the home server.
>
>   This is documented.
>
>   
>> So I tried this with success:
>>
>> Add this to the radiusd.conf, I added this under the "attr_filter {"
>> line, which is part of the "Modules" section in the config file.
>> attr_filter preproxy_attrfilter {
>>                 attrsfile = ${confdir}/preproxy_attrfilter
>> }
>>     
>
>   There's already a sample pre-proxy configuration for the attrfilter
> module.  Why is it necessary to create another one?
>
>   
>> Then under the pre-proxy section before the "files" line add a line
>> "preproxy_attrfilter", Or before any custom auth stuff you have in
>> there. (example:)
>> pre-proxy {
>>         preproxy_attrfilter
>>     
>
>   There's already a sample pre-proxy configuration for the attrfilter
> module in the "pre-proxy" section.  Why is it necessary to create
> another one?
>
>   
>> Then add the filters into the file preproxy_attrfilter in
>> /etc/freeradius or whatever your config directory is called.
>>     
>
>   There's already a file raddb/attrs.preproxy.  Why is it necessary to
> create another one?
>
>   Is there something about the existing documentation that isn't sufficient?
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080707/12b57717/attachment.html>

More information about the Freeradius-Users mailing list