On May 5, 5:45pm, Stuart Henderson wrote:
> Subject: Re: (RADIATOR) Blocking based on Caller ID
> > Is their a better way?
>
> If you can implement caller id-based filtering in the nas that
> will be better as it will avoid toll calls for your users to try
> to get authenticated only to find it failing. (I think many
> people would just try again, and again, if it comes back saying
> 'bad password' or similar).
That sounds like good advice.
If Brian did want to implement in Radiator, its probably best to use Handlers
rather than Realms. By checking a combination of NAS-IP-Address and
Calling-Station-Id, you should be able to discriminate between the ones you are
prepared to handle
<Handler NAS-Ip-Address=10.11.12.13,Calling-Station-Id=/^403/>
# This will handle calls into that NAS from numbers that start with 403
</Handler>
<Handler NAS-Ip-Address=11.11.12.13,Calling-Station-Id=/^201/>
# This will handle calls into that NAS from numbers that start with 201
</Handler>
<Handler>
# This will handle all the "illegal" combinations.
# without an AuthBy it will always reject
</Handler>
Hope that helps.
Cheers.
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
