Hi,
Because we get garbage usernames, i've used the handler bit in the config file
(see below):
<Handler User-Name = /\\x/>
<AuthBy FILE>
Filename %D/reject-users
</AuthBy>
</Handler>
<Handler>
AuthByPolicy ContinueWhileIgnore
RewriteUsername tr/A-Z/a-z/
<AuthBy LDAP2>
Host <hostname>
AuthDN cn=radius,o=WISH, c=NL
BaseDN o=WISH, c=NL
AuthPassword <encrypted>
UsernameAttr uid
PasswordAttr userPassword
AddToReply Service-Type = Framed-User,\
Framed-Protocol = PPP,\
Framed-IP-Address = 255.255.255.254,\
Framed-MTU = 1500,\
Primary-DNS-Server= 212.123.129.68, \
Secondary-DNS-Server= 212.123.128.16
</AuthBy>
<AuthBy LDAP2>
Host <hostname>
AuthDN cn=radius,o=WISH, c=NL
BaseDN o=WISH, c=NL
AuthPassword <encrypted>
UsernameAttr uid
PasswordAttr userPassword
AddToReply Service-Type = Framed-User,\
Framed-Protocol = PPP,\
Framed-IP-Address = 255.255.255.254,\
Framed-MTU = 1500,\
Primary-DNS-Server= 212.123.129.68, \
Secondary-DNS-Server= 212.123.128.16
</AuthBy>
</Handler>
Only the first handler doesn't work realy. Here is a dump:
*** Received from 195.7.137.163 port 1812 ....
Code: Access-Request
Identifier: 21
Authentic: 4t<180><26><252><168>t<177><148><196>f\<10>,<206><11>
Attributes:
User-Name = "<163><138><188><143><159><235><242><159>5<176><177>
o<177>X<227><219><130><157><253><223><244><226>8<156><170>6
<2><178>%<228>?><201><141>W<237><28><135>NssSB<135><165>w<147>iv<138>$<244>z<140>><O<255><134>L<152><150><247><209>_<19><12><241><12
><160>.<140><239><255><197><241><168><190><147>J<203><223><216><254><239><205><255><229><227><155><201>:<210><154><247>T<228><20><22
1>[<218><185>/(<4><168>|<252><255>|<234><139>P<230><150><11><134><231><239><255><230><131><161><7><28>y<30>,$<210>~<230><254><237>n<
235>i<168><26>X<252><239><255>K<29><176><135>K<139><185>N<203><162>6cx<144>%<254><206><254><188><225>iT<208>"
User-Password = <210>;=<220><139>O<164>a|<203><176><227>AT<17><243>2m
<145><205><154><137><137>2Z<155><157><30>YN<11>B<28><1
97><173><3><204><21>SJ<160>O<221>><4><2><4>{)<190>L<173><223>)<9>y<152><199>Kq<204><234><184><179>)u<220>K<156>d*<18>v<144><150><148
>"<192><172><152>`3<163><167><205><130><177><133><224><180><229><7><15><254><147>
NAS-IP-Address = 195.7.137.163
NAS-Port = 1299
Acct-Session-Id = "85066624"
Interface-Index = 2555
Supports-Tags = 0
Service-Type = Login
Chassis-Call-Slot = 6
Chassis-Call-Span = 1
Chassis-Call-Channel = 19
Connect-Speed = NONE
Calling-Station-Id = "0478631728"
Called-Station-Id = ""
NAS-Port-Type = Async
Wed Feb 9 18:22:39 2000: DEBUG: Check if Handler User-Name = /\\x/ should be
used to handle this request
Wed Feb 9 18:22:39 2000: DEBUG: Check if Handler should be used to handle this
request
Wed Feb 9 18:22:39 2000: DEBUG: Handling request with Handler ''
Wed Feb 9 18:22:39 2000: DEBUG: Rewrote user name to
\xa3\x8a\xbc\x8f\x9f\xeb\xf2\x9f5\xb0\xb1 o\xb1x\xe3\xdb\x82\x9d\xfd\xdf\xf4\x
e28\x9c\xaa6^B\xb2%\xe4?>\xc9\x8dw\xed^\\x87nsssb\x87\xa5w\x93iv\x8a$\xf4z\x8c><o\xff\x86l\x98\x96\xf7\xd1_^S^L\xf1^L\xa0.\x8c\xef\x
ff\xc5\xf1\xa8\xbe\x93j\xcb\xdf\xd8\xfe\xef\xcd\xff\xe5\xe3\x9b\xc9:\xd2\x9a\xf7t\xe4^T\xdd[\xda\xb9/(^D\xa8|\xfc\xff|\xea\x8bp\xe6\
x96^K\x86\xe7\xef\xff\xe6\x83\xa1^G^\y^^,$\xd2~\xe6\xfe\xedn\xebi\xa8^Zx\xfc\xef\xffk^]\xb0\x87k\x8b\xb9n\xcb\xa26cx\x90%\xfe\xce\xf
e\xbc\xe1it\xd0
Wed Feb 9 18:22:39 2000: DEBUG: Deleting session for
\xa3\x8a\xbc\x8f\x9f\xeb\xf2\x9f5\xb0\xb1 o\xb1X\xe3\xdb\x82\x9d\xfd\xdf\xf4\
xe28\x9c\xaa6^B\xb2%\xe4?>\xc9\x8dW\xed^\\x87NssSB\x87\xa5w\x93iv\x8a$\xf4z\x8c><O\xff\x86L\x98\x96\xf7\xd1_^S^L\xf1^L\xa0.\x8c\xef\
xff\xc5\xf1\xa8\xbe\x93J\xcb\xdf\xd8\xfe\xef\xcd\xff\xe5\xe3\x9b\xc9:\xd2\x9a\xf7T\xe4^T\xdd[\xda\xb9/(^D\xa8|\xfc\xff|\xea\x8bP\xe6
\x96^K\x86\xe7\xef\xff\xe6\x83\xa1^G^\y^^,$\xd2~\xe6\xfe\xedn\xebi\xa8^ZX\xfc\xef\xffK^]\xb0\x87K\x8b\xb9N\xcb\xa26cx\x90%\xfe\xce\x
fe\xbc\xe1iT\xd0, 195.7.137.163, 1299
Wed Feb 9 18:22:39 2000: DEBUG: Handling with Radius::AuthLDAP2
Wed Feb 9 18:22:39 2000: DEBUG: Connecting to lrad.inside.servers, port 389
Wed Feb 9 18:25:11 2000: DEBUG: Reading users file /etc/raddb/reject-users
Wed Feb 9 18:25:12 2000: INFO: Server started
It says that it is reading the /etc/raddb/reject-users, but also you see that he
tries to contact the ldap server..
Why?
Owya, this is what the reject-users file contains:
DEFAULT Auth-Type = Reject
--
Regards,
Robin Gruyters - SYS/B.O.F.H. - [EMAIL PROTECTED] - http://www.phear.nl
RIPE nic-hdl: RG3771-RIPE http://www.ripe.net/cgi-bin/whois?AS9133
WISH Worldwide Websites B.V. PGP key ID DEB8C991
Tel: +31(0)413242500 - Fax: +31(0)413332281 - http://www.wish.net/
-- System Manager / Web Designer / B.O.F.H. ---
"Where do you wanna frag today?"
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.