Return no answer to the client if proxied access request times out
Alan DeKok
aland at deployingradius.com
Fri Jan 18 15:08:29 CET 2019
On Jan 18, 2019, at 6:17 AM, Gianni Costanzi <gianni.costanzi at gmail.com> wrote:
>
> Thank you for your answer. Actually we can install only from official
> Redhat Enterprise repositories, due to internal policies which are quite
> restrictive. Unfortunately it’s not so easy to switch vendor when you’re
> working in big companies that must comply to tens of policies (due to ISOs,
> PCI-DSS, GDPR), I perfectly understood what you say and I have your
> attitude when working on my own systems.
I tend to be cynical about "security" policies that prevent security from happening...
> BTW, where should the following code snipped be placed? In which
> file/section?
>
> Post-Proxy-Type Fail {
> do_not_respond
> }
In the "Post-Proxy-Type" subsection...
$ cd /etc/raddb
$ grep -r -- 'Post-Proxy-Type'
Takes 2 minutes...
And if you read the debug output, it will show that it's running a post-proxy subsection.
See sites-available/default. It's all there....
Alan DeKok.
More information about the Freeradius-Users
mailing list