(RADIATOR) Handler

[Robin Gruyters]

Hi,

Because we get garbage usernames, i've used the handler bit in the config file
(see below):

<Handler User-Name = /\\x/>
        <AuthBy FILE>
                Filename %D/reject-users
        </AuthBy>
</Handler>

<Handler>
        AuthByPolicy ContinueWhileIgnore

        RewriteUsername tr/A-Z/a-z/

        <AuthBy LDAP2>
                Host            <hostname>
                AuthDN          cn=radius,o=WISH, c=NL
                BaseDN          o=WISH, c=NL
                AuthPassword    <encrypted>
                UsernameAttr    uid
                PasswordAttr    userPassword

                AddToReply Service-Type = Framed-User,\
                        Framed-Protocol = PPP,\
                        Framed-IP-Address = 255.255.255.254,\
                        Framed-MTU = 1500,\
                        Primary-DNS-Server=  212.123.129.68, \
                        Secondary-DNS-Server= 212.123.128.16
        </AuthBy>

        <AuthBy LDAP2>
                Host            <hostname>
                AuthDN          cn=radius,o=WISH, c=NL
                BaseDN          o=WISH, c=NL
                AuthPassword    <encrypted>
                UsernameAttr    uid
                PasswordAttr    userPassword

                AddToReply Service-Type = Framed-User,\
                        Framed-Protocol = PPP,\
                        Framed-IP-Address = 255.255.255.254,\
                        Framed-MTU = 1500,\
                        Primary-DNS-Server=  212.123.129.68, \
                        Secondary-DNS-Server= 212.123.128.16
        </AuthBy>

</Handler>

Only the first handler doesn't work realy. Here is a dump:

*** Received from 195.7.137.163 port 1812 ....
Code:       Access-Request
Identifier: 21
Authentic:  4t<180><26><252><168>t<177><148><196>f\<10>,<206><11>
Attributes:
        User-Name = "<163><138><188><143><159><235><242><159>5<176><177>
o<177>X<227><219><130><157><253><223><244><226>8<156><170>6
<2><178>%<228>?><201><141>W<237><28><135>NssSB<135><165>w<147>iv<138>$<244>z<140>><O<255><134>L<152><150><247><209>_<19><12><241><12
><160>.<140><239><255><197><241><168><190><147>J<203><223><216><254><239><205><255><229><227><155><201>:<210><154><247>T<228><20><22
1>[<218><185>/(<4><168>|<252><255>|<234><139>P<230><150><11><134><231><239><255><230><131><161><7><28>y<30>,$<210>~<230><254><237>n<
235>i<168><26>X<252><239><255>K<29><176><135>K<139><185>N<203><162>6cx<144>%<254><206><254><188><225>iT<208>"
        User-Password = <210>;=<220><139>O<164>a|<203><176><227>AT<17><243>2m
<145><205><154><137><137>2Z<155><157><30>YN<11>B<28><1
97><173><3><204><21>SJ<160>O<221>><4><2><4>{)<190>L<173><223>)<9>y<152><199>Kq<204><234><184><179>)u<220>K<156>d*<18>v<144><150><148
>"<192><172><152>`3<163><167><205><130><177><133><224><180><229><7><15><254><147>
        NAS-IP-Address = 195.7.137.163
        NAS-Port = 1299
        Acct-Session-Id = "85066624"
        Interface-Index = 2555
        Supports-Tags = 0
        Service-Type = Login
        Chassis-Call-Slot = 6
        Chassis-Call-Span = 1
        Chassis-Call-Channel = 19
        Connect-Speed = NONE
        Calling-Station-Id = "0478631728"
        Called-Station-Id = ""
        NAS-Port-Type = Async

Wed Feb  9 18:22:39 2000: DEBUG: Check if Handler User-Name = /\\x/ should be
used to handle this request
Wed Feb  9 18:22:39 2000: DEBUG: Check if Handler  should be used to handle this
request
Wed Feb  9 18:22:39 2000: DEBUG: Handling request with Handler ''
Wed Feb  9 18:22:39 2000: DEBUG: Rewrote user name to
\xa3\x8a\xbc\x8f\x9f\xeb\xf2\x9f5\xb0\xb1 o\xb1x\xe3\xdb\x82\x9d\xfd\xdf\xf4\x
e28\x9c\xaa6^B\xb2%\xe4?>\xc9\x8dw\xed^\\x87nsssb\x87\xa5w\x93iv\x8a$\xf4z\x8c><o\xff\x86l\x98\x96\xf7\xd1_^S^L\xf1^L\xa0.\x8c\xef\x
ff\xc5\xf1\xa8\xbe\x93j\xcb\xdf\xd8\xfe\xef\xcd\xff\xe5\xe3\x9b\xc9:\xd2\x9a\xf7t\xe4^T\xdd[\xda\xb9/(^D\xa8|\xfc\xff|\xea\x8bp\xe6\
x96^K\x86\xe7\xef\xff\xe6\x83\xa1^G^\y^^,$\xd2~\xe6\xfe\xedn\xebi\xa8^Zx\xfc\xef\xffk^]\xb0\x87k\x8b\xb9n\xcb\xa26cx\x90%\xfe\xce\xf
e\xbc\xe1it\xd0
Wed Feb  9 18:22:39 2000: DEBUG:  Deleting session for
\xa3\x8a\xbc\x8f\x9f\xeb\xf2\x9f5\xb0\xb1 o\xb1X\xe3\xdb\x82\x9d\xfd\xdf\xf4\
xe28\x9c\xaa6^B\xb2%\xe4?>\xc9\x8dW\xed^\\x87NssSB\x87\xa5w\x93iv\x8a$\xf4z\x8c><O\xff\x86L\x98\x96\xf7\xd1_^S^L\xf1^L\xa0.\x8c\xef\
xff\xc5\xf1\xa8\xbe\x93J\xcb\xdf\xd8\xfe\xef\xcd\xff\xe5\xe3\x9b\xc9:\xd2\x9a\xf7T\xe4^T\xdd[\xda\xb9/(^D\xa8|\xfc\xff|\xea\x8bP\xe6
\x96^K\x86\xe7\xef\xff\xe6\x83\xa1^G^\y^^,$\xd2~\xe6\xfe\xedn\xebi\xa8^ZX\xfc\xef\xffK^]\xb0\x87K\x8b\xb9N\xcb\xa26cx\x90%\xfe\xce\x
fe\xbc\xe1iT\xd0, 195.7.137.163, 1299
Wed Feb  9 18:22:39 2000: DEBUG: Handling with Radius::AuthLDAP2
Wed Feb  9 18:22:39 2000: DEBUG: Connecting to lrad.inside.servers, port 389
Wed Feb  9 18:25:11 2000: DEBUG: Reading users file /etc/raddb/reject-users
Wed Feb  9 18:25:12 2000: INFO: Server started

It says that it is reading the /etc/raddb/reject-users, but also you see that he
tries to contact the ldap server..

Why?


Owya, this is what the reject-users file contains:

DEFAULT Auth-Type = Reject


-- 
Regards,

 Robin Gruyters - SYS/B.O.F.H. - [EMAIL PROTECTED] - http://www.phear.nl
 RIPE nic-hdl: RG3771-RIPE   http://www.ripe.net/cgi-bin/whois?AS9133
 WISH Worldwide Websites B.V.                     PGP key ID DEB8C991
  Tel: +31(0)413242500 - Fax: +31(0)413332281 - http://www.wish.net/
          -- System Manager / Web Designer / B.O.F.H. ---
                 "Where do you wanna frag today?"

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.