(RADIATOR) Ascend-Data-Filter problem
Hi, We are resellers of radiator. We are using demo version of radiator and trying to configure radiator on our client machine. The problem is with Ascend-Data-Filter. I have been given few filter strings that are as follows: Ascend-Data-Filter=ip input forward tcp est Ascend-Data-Filter=ip input forward dstip 192.48.96.198/24 Ascend-Data-Filter=ip input drop tcp dstport=25 Ascend-Data-Filter=ip input forward 0 Type of Ascend-Data-Filter in dictionary is abinary. Radiator says that format of Ascend-Data-Filter is invalid and doesn't reply appropriate. If I replace 'input' with 'in', then Radiator works fine and reply good in Access-Accept with other attributes. Now the problem is that User is not connected and access server sends an Accounting-Reject a little after receiving access-accept. Access-Server requires CHAP-Authentication, that is successfully processed but still user is not being connected. Here's the log of Accounting-Stop packet received at Radiator. Wed Jun 12 08:53:16 2002: DEBUG: Packet dump: *** Received from 209.211.205.27 port 46617 Code: Accounting-Request Identifier: 215 Authentic: 30T21B143Y1287er166142O:237130 Attributes: User-Name = hussnain NAS-IP-Address = xxx.xxx.xxx.xxx NAS-Port = 7190 Service-Type = Framed-User Framed-Protocol = PPP cisco-avpair = disc-cause-ext=1045 cisco-avpair = pre-bytes-in=154 cisco-avpair = pre-bytes-out=311 cisco-avpair = pre-paks-in=5 cisco-avpair = pre-paks-out=9 cisco-avpair = pre-session-time=33 cisco-avpair = connect-progress=65 cisco-avpair = nas-rx-speed=24000 cisco-avpair = nas-tx-speed=49333 Cisco-NAS-Port = Async3/56*Serial7/0:1:22 Calling-Station-Id = 9094617624 Acct-Status-Type = Stop Acct-Delay-Time = 0 Acct-Input-Octets = 253 Acct-Output-Octets = 33 Acct-Session-Id = 0C000B55 Acct-Authentic = RADIUS Acct-Session-Time = 32 Acct-Input-Packets = 12 Acct-Output-Packets = 2 NAS-Port-Type = Async Ascend-Pre-Input-Octets = 154 Ascend-Pre-Output-Octets = 311 Ascend-Pre-Input-Packets = 5 Ascend-Pre-Output-Packets = 9 Ascend-Disconnect-Cause = pppRcvTerminate Ascend-Connect-Progress = prLCPOpened Ascend-Data-Rate = 24000 Ascend-PreSession-Time = 33 Ascend-Xmit-Rate = 49333 Two attributes are of main interest in my point of view. Acct-Session-Time = 32 Ascend-Disconnect-Cause = pppRcvTerminate It seems that user was connected for 32 seconds, but dial-up user is not actually connected. This disconnect cause tells normal termination from Ascend. Can you please tell me why user is not being connected? I have even tried by changing Ascend-Data-Filter type to 'string' in dictionary but for no use. Thanks for the help === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ascend-Data-Filter...
Hello Chris - The reason for the different behaviour is that you will only get one or the other (but not both) of DefaultReply or AddToReply. See sections 6.17.8 and 6.17.10 in the Radiator 3.0 reference manual. (doc/ref.html). regards Hugh On Fri, 3 May 2002 09:42, Chris Craft wrote: This works: Realm unlimitedDUP RewriteUsername s/^([^@]+).*/$1/ AuthBy FILE Filename /etc/raddb/users.unlimited.dup DefaultReply Service-Type=Framed-User,\ Framed-Protocol=PPP,\ Framed-IP-Address=255.255.255.254,\ Framed-IP-Netmask=255.255.255.255,\ Ascend-Data-Filter=ip in forward tcp est,\ Ascend-DataFilter=ip in forward dstip 216.127.146.0/24,\ Ascend-DataFilter=ip in forward dstip 63.80.49.5,\ Ascend-DataFilter=ip in forward dstip 65.89.75.10,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward /AuthBy AcctLogFileName %L/%N.dup/detail /Realm ...but the following didn't: Realm unlimitedDUP RewriteUsername s/^([^@]+).*/$1/ AuthBy FILE Filename /etc/raddb/users.unlimited.dup DefaultReply Service-Type=Framed-User,\ Framed-Protocol=PPP,\ Framed-IP-Address=255.255.255.254,\ Framed-IP-Netmask=255.255.255.255 AddToReply Ascend-Data-Filter=ip in forward tcp est,\ Ascend-DataFilter=ip in forward dstip 216.127.146.0/24,\ Ascend-DataFilter=ip in forward dstip 63.80.49.5,\ Ascend-DataFilter=ip in forward dstip 65.89.75.10,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward /AuthBy AcctLogFileName %L/%N.dup/detail /Realm Thanks again. Chris Craft, Postmaster/NOC Meister SpringSips.com On Wednesday 01 May 2002 02:46, Hugh Irvine wrote: Hello Chris - Could you send me a copy of what works and what doesn't so I can check it? thanks Hugh (who also loves Radiator) Uh oh... first day on the list, and already I'm doing the answering my own post faux-pas! For some reason, nothing in my AddToReply directives is being added. When I added the stuff under AddToReply to the DefaultReply directive, all was good in the world. Go figure. Thanks for being there. (I just love Radiator! :) Chris Craft, Postmaster/NOC Meister SpringSips.com CHOP === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ascend-Data-Filter...
This works: Realm unlimitedDUP RewriteUsername s/^([^@]+).*/$1/ AuthBy FILE Filename /etc/raddb/users.unlimited.dup DefaultReply Service-Type=Framed-User,\ Framed-Protocol=PPP,\ Framed-IP-Address=255.255.255.254,\ Framed-IP-Netmask=255.255.255.255,\ Ascend-Data-Filter=ip in forward tcp est,\ Ascend-DataFilter=ip in forward dstip 216.127.146.0/24,\ Ascend-DataFilter=ip in forward dstip 63.80.49.5,\ Ascend-DataFilter=ip in forward dstip 65.89.75.10,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward /AuthBy AcctLogFileName %L/%N.dup/detail /Realm ...but the following didn't: Realm unlimitedDUP RewriteUsername s/^([^@]+).*/$1/ AuthBy FILE Filename /etc/raddb/users.unlimited.dup DefaultReply Service-Type=Framed-User,\ Framed-Protocol=PPP,\ Framed-IP-Address=255.255.255.254,\ Framed-IP-Netmask=255.255.255.255 AddToReply Ascend-Data-Filter=ip in forward tcp est,\ Ascend-DataFilter=ip in forward dstip 216.127.146.0/24,\ Ascend-DataFilter=ip in forward dstip 63.80.49.5,\ Ascend-DataFilter=ip in forward dstip 65.89.75.10,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward /AuthBy AcctLogFileName %L/%N.dup/detail /Realm Thanks again. Chris Craft, Postmaster/NOC Meister SpringSips.com On Wednesday 01 May 2002 02:46, Hugh Irvine wrote: Hello Chris - Could you send me a copy of what works and what doesn't so I can check it? thanks Hugh (who also loves Radiator) Uh oh... first day on the list, and already I'm doing the answering my own post faux-pas! For some reason, nothing in my AddToReply directives is being added. When I added the stuff under AddToReply to the DefaultReply directive, all was good in the world. Go figure. Thanks for being there. (I just love Radiator! :) Chris Craft, Postmaster/NOC Meister SpringSips.com CHOP === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ascend-Data-Filter...
Hello Chris - Could you send me a copy of what works and what doesn't so I can check it? thanks Hugh (who also loves Radiator) Uh oh... first day on the list, and already I'm doing the answering my own post faux-pas! For some reason, nothing in my AddToReply directives is being added. When I added the stuff under AddToReply to the DefaultReply directive, all was good in the world. Go figure. Thanks for being there. (I just love Radiator! :) Chris Craft, Postmaster/NOC Meister SpringSips.com On Tuesday 30 April 2002 11:19, you wrote: I did a search of archives, and found only one reference to these thingys (a question entitled Ascend-Data-Filter woes with no reply)... A wholesaler is requiring these filters (SPAM avoidance) and it seems that it's not getting things in the right order. I'm replying: AddToReply Ascend-Data-Filter=ip in forward tcp est,\ Ascend-Data-Filter=ip in forward dstip MY.SMTP.SERVERS.IP,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward The result of this filter is that I can do everything but send SMTP to my SMTP server. :( If you have any hints/pointers, I would greatly appreciate it. Sincerely, Chris Craft, Postmaster/NOC Meister SpringSips.com CHOP --- -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ascend-Data-Filter...
Hello Chris - Please send me a copy of your configuration file (no secrets) together with a trace 4 debug from Radiator showing what is happening. thanks Hugh On Wed, 1 May 2002 03:19, Chris Craft wrote: I did a search of archives, and found only one reference to these thingys (a question entitled Ascend-Data-Filter woes with no reply)... A wholesaler is requiring these filters (SPAM avoidance) and it seems that it's not getting things in the right order. I'm replying: AddToReply Ascend-Data-Filter=ip in forward tcp est,\ Ascend-Data-Filter=ip in forward dstip MY.SMTP.SERVERS.IP,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward The result of this filter is that I can do everything but send SMTP to my SMTP server. :( If you have any hints/pointers, I would greatly appreciate it. Sincerely, Chris Craft, Postmaster/NOC Meister SpringSips.com === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ascend-Data-Filter...
-- Forwarded Message -- Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from [Chris Craft [EMAIL PROTECTED]] Date: Tue, 30 Apr 2002 12:33:35 -0500 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] From [EMAIL PROTECTED] Tue Apr 30 12:33:34 2002 Received: from mamacass.springsips.com ([63.80.49.5]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id g3UHXY305419 for [EMAIL PROTECTED]; Tue, 30 Apr 2002 12:33:34 -0500 Received: from there (cc2.springsips.com [63.80.49.27]) by mamacass.springsips.com (Postfix) with SMTP id 79CA661174 for [EMAIL PROTECTED]; Tue, 30 Apr 2002 13:00:51 -0600 (MDT) Content-Type: text/plain; charset=iso-8859-1 From: Chris Craft [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: (RADIATOR) Ascend-Data-Filter... Date: Tue, 30 Apr 2002 13:00:52 -0600 X-Mailer: KMail [version 1.3.1] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: [EMAIL PROTECTED] Uh oh... first day on the list, and already I'm doing the answering my own post faux-pas! For some reason, nothing in my AddToReply directives is being added. When I added the stuff under AddToReply to the DefaultReply directive, all was good in the world. Go figure. Thanks for being there. (I just love Radiator! :) Chris Craft, Postmaster/NOC Meister SpringSips.com On Tuesday 30 April 2002 11:19, you wrote: I did a search of archives, and found only one reference to these thingys (a question entitled Ascend-Data-Filter woes with no reply)... A wholesaler is requiring these filters (SPAM avoidance) and it seems that it's not getting things in the right order. I'm replying: AddToReply Ascend-Data-Filter=ip in forward tcp est,\ Ascend-Data-Filter=ip in forward dstip MY.SMTP.SERVERS.IP,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward The result of this filter is that I can do everything but send SMTP to my SMTP server. :( If you have any hints/pointers, I would greatly appreciate it. Sincerely, Chris Craft, Postmaster/NOC Meister SpringSips.com CHOP --- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Ascend-Data-Filter woes
I'm having some problems with Ascend-Data-Filter. I've checked my directory as I concatted a few different ones together and made sure I only had one entry for the ADF and that it was set for 242 w/o a VSA assignment and have tried it as string and abinary. The problem seems to be that when I send these attributes to their equipment that I'm unable to establish the connection. The roaming partner that is requiring these filters be added has told me that he was getting the following in his output: Received response ID 133, code 2, length = 263 Service-Type = Framed-User Framed-Protocol = PPP Session-Timeout = 10800 Idle-Timeout = 1800 Port-Limit = 1 X-Ascend-Data-Filter = ??? output drop X-Ascend-Data-Filter = 0x 69 70 20 69 6e 20 66 6f 72 77 61 72 64 20 64 73 74 69 70 20 32 30 35 2e 31 36 30 2e 32 33 34 2e 30 2f 32 34 X-Ascend-Data-Filter = 0x 69 70 20 69 6e 20 66 6f 72 77 61 72 64 20 64 73 74 69 70 20 32 30 38 2e 31 31 2e 37 37 2e 30 2f 32 34 X-Ascend-Data-Filter = 0x 69 70 20 69 6e 20 66 6f 72 77 61 72 64 20 64 73 74 69 70 20 32 30 38 2e 32 37 2e 34 33 2e 30 2f 32 34 X-Ascend-Data-Filter = 0x 69 70 20 69 6e 20 66 6f 72 77 61 72 64 20 64 73 74 69 70 20 32 30 38 2e 33 31 2e 37 38 2e 30 2f 32 34 X-Ascend-Data-Filter = ??? output drop X-Ascend-Data-Filter = ??? output drop This was with ADF being defined as string in my dictionary file and having the following in my config file: AddToReply Ascend-Data-Filter=ip in forward tcp est,\ Ascend-Data-Filter=ip in forward dstip XXX.XXX.XXX.0/24,\ Ascend-Data-Filter=ip in forward dstip XXX.XXX.XXX.0/24,\ Ascend-Data-Filter=ip in forward dstip XXX.XXX.XXX.0/24,\ Ascend-Data-Filter=ip in forward dstip XXX.XXX.XXX.0/24,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward Hmm...Silly me, but looking at the hex, I seem to be reading the same thing -- well save for the X'd out IPs in the sample from the config file. Is there anything that could be causing the problem? -- Robert G. Fisher Sitestar.net, Inc. System Engineer (276) 666-9533 x 116 === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Ascend-Data-Filter not working at all
Hello! We have a problem with the Ascend-Data-Filter: we are not able to restrict access at all. We've tried a few things: With Radiator 2.14 we could not reach any host when using an Ascend-Data-Filter. So we tried the new 2.17.1. The effect is that we now can reach every host no matter of which Filter we specify. Even with Ascend-Data-Filter="ip out drop" everyone is still reachable from the Client. We have no idea what is going wrong. Do we need a special software for the Ascend MAX 4000? Does it depend on the version of the software on the MAX? How can we find out how the MAX interprets the filter or why it doesn't work? Does anyone has an idea? Best regards, Thomas. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Ascend-Data-Filter
--- Forwarded mail from [EMAIL PROTECTED] Date: Tue, 24 Oct 2000 17:40:26 +1000 (EST) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from [Urban [EMAIL PROTECTED]] From mikem Tue Oct 24 17:40:18 2000 Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA15905 for [EMAIL PROTECTED]; Tue, 24 Oct 2000 17:40:18 +1000 (EST) Received: from smtp1.bip.net (ns1.bip.net [212.78.195.130]) by perki.connect.com.au with ESMTP id SAA00553 (8.8.8/IDA-1.7 for [EMAIL PROTECTED]); Tue, 24 Oct 2000 18:28:07 +1100 (EST) Received: from smtp1.bip.net (ns1.bip.net [212.78.195.130]) by perki.connect.com.au with ESMTP id SAA00553 (8.8.8/IDA-1.7 for [EMAIL PROTECTED]); Tue, 24 Oct 2000 18:28:07 +1100 (EST) Received: from ng4R89.i.spray.se (site.spray.se [195.58.123.54]) by smtp1.bip.net (8.9.3/8.9.0) with ESMTP id JAA05632 for [EMAIL PROTECTED]; Tue, 24 Oct 2000 09:28:04 +0200 Received: (from urban@localhost) by ng4R89.i.spray.se (8.9.3/8.8.7) id JAA24745 for [EMAIL PROTECTED]; Tue, 24 Oct 2000 09:27:06 +0200 Date: Tue, 24 Oct 2000 09:27:05 +0200 From: Urban [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Ascend-Data-Filter Message-ID: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.2i Organization: Spray Network Services Content-Type: text/plain; charset=us-ascii Hi I have a problem with Ascend-Data-Filter attribute. I would like to set up a filter that can lookup a ip in a DNS and also surf to that address. Just the first Ascend-Data-Filter is in the respone from the "radpwtst -trace" Does any one know if this is bugg in Radiator or if I'm not doing it right. -- Urban -- snipp -- radpwtst output Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async User-Password = "228c1831741901169A149i1302472302191626" sending Access-Request... OK Code: Access-Accept Identifier: 200 Authentic: 2141741361594%^199J15224022ck Attributes: Service-Type = Framed-User Framed-Protocol = PPP Framed-Routing = None Maximum-Time = 0 Ascend-Client-Assign-DNS = DNS-Assign-Yes Ascend-Client-Primary-DNS = 194.98.65.65 Ascend-Client-Secondary-DNS = 194.98.65.165 Ascend-Idle-Limit = 3600 Ascend-Data-Filter = ip in forward dstip 194.98.65.65/32 udp dstport = 53 -- snipp -- radiator.cfg Realm xxx.fr AuthByPolicy ContinueWhileAccept AuthBy SQL DBSourcedbi:Oracle:RAD.world DBUsername xxx DBAuth xxx AddToReplyIfNotExist Service-Type = Framed-User,\ Framed-Protocol = PPP,\ Framed-Routing = None,\ Ascend-Assign-IP-Pool = 0,\ Ascend-Client-Assign-DNS = 1,\ Ascend-Client-Primary-DNS = 194.98.65.65,\ Ascend-Client-Secondary-DNS = 194.98.65.165,\ Ascend-Idle-Limit = 3600,\ Ascend-Data-Filter = "ip IN FORWARD dstip 213.41.2.120 srcip 0.0.0.0 6 dstport = 80",\ Ascend-Data-Filter = "ip OUT FORWARD dstip 0.0.0.0 srcip 213.41.2.120 6 srcport = 80",\ Ascend-Data-Filter = "ip IN FORWARD dstip 0.0.0.0 srcip 0.0.0.0 17 dstport = 53",\ Ascend-Data-Filter = "ip OUT FORWARD dstip 0.0.0.0 srcip 0.0.0.0 17 srcport = 53",\ Ascend-Data-Filter = "ip OUT DROP",\ Ascend-Data-Filter = "ip IN DROP" /Realm -- snipp -- ---End of forwarded mail from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Ascend-Data-Filter
Hi I have a problem with Ascend-Data-Filter attribute. I would like to set up a filter that can lookup a ip in a DNS and also surf to that address. Just the first Ascend-Data-Filter is in the respone from the "radpwtst -trace" Does any one know if this is bugg in Radiator or if I'm not doing it right. -- Urban -- snipp -- radpwtst output Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async User-Password = "228c1831741901169A149i1302472302191626" sending Access-Request... OK Code: Access-Accept Identifier: 200 Authentic: 2141741361594%^199J15224022ck Attributes: Service-Type = Framed-User Framed-Protocol = PPP Framed-Routing = None Maximum-Time = 0 Ascend-Client-Assign-DNS = DNS-Assign-Yes Ascend-Client-Primary-DNS = 194.98.65.65 Ascend-Client-Secondary-DNS = 194.98.65.165 Ascend-Idle-Limit = 3600 Ascend-Data-Filter = ip in forward dstip 194.98.65.65/32 udp dstport = 53 -- snipp -- radiator.cfg Realm xxx.fr AuthByPolicy ContinueWhileAccept AuthBy SQL DBSourcedbi:Oracle:RAD.world DBUsername xxx DBAuth xxx AddToReplyIfNotExist Service-Type = Framed-User,\ Framed-Protocol = PPP,\ Framed-Routing = None,\ Ascend-Assign-IP-Pool = 0,\ Ascend-Client-Assign-DNS = 1,\ Ascend-Client-Primary-DNS = 194.98.65.65,\ Ascend-Client-Secondary-DNS = 194.98.65.165,\ Ascend-Idle-Limit = 3600,\ Ascend-Data-Filter = "ip IN FORWARD dstip 213.41.2.120 srcip 0.0.0.0 6 dstport = 80",\ Ascend-Data-Filter = "ip OUT FORWARD dstip 0.0.0.0 srcip 213.41.2.120 6 srcport = 80",\ Ascend-Data-Filter = "ip IN FORWARD dstip 0.0.0.0 srcip 0.0.0.0 17 dstport = 53",\ Ascend-Data-Filter = "ip OUT FORWARD dstip 0.0.0.0 srcip 0.0.0.0 17 srcport = 53",\ Ascend-Data-Filter = "ip OUT DROP",\ Ascend-Data-Filter = "ip IN DROP" /Realm === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ascend-Data-Filter
On Tue, Oct 24, 2000 at 09:46:44AM +0200, Urban wrote: Just the first Ascend-Data-Filter is in the respone from the "radpwtst -trace" Does any one know if this is bugg in Radiator or if I'm not doing it right. There was a bug in one radiator version that disallowed multiple attributes with the same name at least when using LDAP. I patched it and reported to the mailing list so it should be in the lastest version. -- Urban bye, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 [EMAIL PROTECTED] Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ascend-Data-Filter and Radiator
Hi, On Fri, 2 Jul 1999, Richi Plana wrote: |o| I noticed in the Radiator dictionary, Ascend-Data-Filter had been |o| changed from type string to type abinary. Would that affect |o| anything? Okay, okay. I just figured out that abinary stands for Ascend binary. It's some vendor-proprietary data type. I only figured it out from the Radiator source. Ascend needs to improve their documentation. Looks like Radiator is sending the right packets. Now it's either there's something wrong with my configs or the TNT (or just perhaps its TAOS 7.0.4) is busted. L L Richi Plana 8^) ,-,-. ,-,-. ,-,-. ,-,-. ,- LL LL Systems Administrator / / \ \ / / \ \ / / \ \ / / \ \ / / L Mosaic Communications, Inc. \ \ / / \ \ / / \ \ / / \ \ / / L mailto:[EMAIL PROTECTED] `-'-' `-'-' `-'-' `-'-' === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.