[VOP RADIUS] Changing an encapsulated filter to hex format

Fri, 17 Jan 2003 07:43:09 -0800 

Hello all,

We're functioning as a radius endpoint for an ISP. I'm applying a filter for generic 
signup users that prevents them from going anywhere except to our webserver until 
they've completed the registration process.

Previously, we were sending a filter in attribute 242 and all was working fine. But 
apparently something changed on the NAS's and we now need to encapsulate attribute 242 
into Vendor-Specific attribute 26.

All is well and good, I was able to do that. However, the filter is now being sent in 
plaintext and it needs to be sent in hexadecimal format. I can't seem to find any way 
to do this with VOP Radius.

Here is my old filter from profiles.txt:

        Ascend-Data-Filter = "ip in forward tcp est"
        Ascend-Data-Filter = "ip in forward dstip 1.1.1.1/32"
        Ascend-Data-Filter = "ip in forward udp dstport = 53"
        Ascend-Data-Filter = "ip in drop"

This is what results in the VPRError.log:

                (242) Ascend-Data-Filter = 
[26]"\001\001\001\000\000\000\000\000\000\000\000\000\000\000\006\001\000\000\000\000\000\000\000\000\000\000"
                (242) Ascend-Data-Filter = 
[26]"\001\001\001\000\000\000\000\000\330*\207\005\000\030\000\000\000\000\000\000\000\000\000\000\000\000"
                (242) Ascend-Data-Filter = 
[26]"\001\001\001\000\000\000\000\000\000\000\000\000\000\000\021\000\000\000\0005\000\002\000\000\000\000"
                (242) Ascend-Data-Filter = 
[26]"\001\000\001\000\000\000\000\000\000\000\000\000\000\000\000\000

Now with the new config, here is my VPRError.log:

                (242) Ascend-Data-Filter = [21]"ip in forward tcp est" [VendorID 1411]
                (242) Ascend-Data-Filter = [35]"ip in forward dstip 1.1.1.1/32" 
[VendorID 1411]
                (242) Ascend-Data-Filter = [30]"ip in forward udp dstport = 53" 
[VendorID 1411]
                (242) Ascend-Data-Filter = [10]"ip in drop" [VendorID 1411]

As you can see, it's now plaintext. I verified it with the provider and they say it 
needs to be hexadecimal or it's going to be ignored. Is there any way I can do this 
with VOPRadius? Thanks in advance.

__________________________________________________
Ron Penna
Cephire Technologies, Inc.
Network Engineering
aim: cephireron



BEGIN:VCARD
VERSION:2.1
N:Penna;Ron
FN:Ron Penna
TEL;CELL;VOICE:(585) 746-2650
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:20021220T170419Z
END:VCARD

Reply via email to