Best way to apply default profile

[Chris Taylor]

This is the scenario that I have freeradius with LDAP for authentication and authorization and SQL for accounting. I want to try and force every user to have a default profile that will allow them to only use our local SMTP server. I also have some businesses that I will need to exclude from this profile and allow to them send SMTP traffic anywhere.

What is the best way to go about this? Should I put the options in the users file and then create an entry for the select users in SQL and have it pull the separate profile from there?

These are the options and profiles that I would like to apply;

### Allow local SMTP only ###
acl_permit_local_smtp           Cisco-AVPair      +=           ip:inacl#100=permit tcp any 24.222.0.16 0.0.0.15 eq 25
acl_permit_local_smtp           Cisco-AVPair      +=           ip:inacl#200=deny tcp any any eq 25
acl_permit_lcoal_smtp           Cisco-AVPair      +=           ip:inacl#300=permit ip any any
acl_permit_lcoal_smtp           Fall-Through       =             Yes


### Allow any SMTP ###
acl_permit_all_smtp      Cisco-AVPair      +=           ip:inacl#90=permit tcp any any eq 25
acl_permit_all_smtp      Fall-Through       =             Yes

I am just looking for the best way to do this.

Thanks,

Chris

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130130/294f57ef/attachment.html>