Rev 2712 | Blame | Compare with Previous | Last modification | View Log
server default {
listen {
type = auth
ipaddr = *
port = 0
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
listen {
type = acct
ipaddr = *
port = 0
limit {
max_pps = 0
}
}
authorize {
# if (!(&User-Name =~ /^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/)) {
if ((!&Calling-Station-Id) || (&User-Name != &Calling-Station-Id) || (!&User-Password) || (&User-Password != "password")) { # no LDAP query for @MAC
ldap { fail = 1 }
if ((ok || updated) && User-Password) {
update control {
Auth-Type := LDAP
Tmp-String-0 := "ldap" # AuthType SQL group
}
update reply {
Filter-Id := "%{control:Tmp-String-0}"
}
}
}
sql { notfound = 1 }
if ((notfound) && (!control:Auth-Type)) {
update reply {
Reply-Message := "Username not found"
}
reject
}
expire_on_login { reject = 1 }
if (reject) {
update reply {
Reply-Message := "Your usage time has been reached"
}
reject
}
noresetcounter { reject = 1 }
if (reject) {
update reply {
Reply-Message := "Your maximum usage time has been reached"
}
reject
}
monthlycounter { reject = 1 }
if (reject) {
update reply {
Reply-Message := "Your maximum monthly usage time has been reached"
}
reject
}
dailycounter { reject = 1 }
if (reject) {
update reply {
Reply-Message := "Your maximum daily usage time has been reached"
}
reject
}
counterCoovaChilliMaxAllTotalOctets { reject = 1 }
if (reject) {
update reply {
Reply-Message := "Your maximum usage volume has been reached"
}
reject
}
counterCoovaChilliMaxTotalOctetsMonthly { reject = 1 }
if (reject) {
update reply {
Reply-Message := "Your maximum monthly usage volume has been reached"
}
reject
}
counterCoovaChilliMaxTotalOctetsDaily { reject = 1 }
if (reject) {
update reply {
Reply-Message := "Your maximum daily usage volume has been reached"
}
reject
}
expiration { userlock = 1 }
if (userlock) {
update reply {
Reply-Message := "Your expiration date has been reached"
}
userlock
}
logintime { userlock = 1 }
if (userlock) {
update reply {
Reply-Message := "You are out your allowed time period"
}
userlock
}
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type LDAP {
ldap
}
}
accounting {
sql
}
session {
sql
}
post-auth {
Post-Auth-Type REJECT {
update reply {
Reply-Message = "Login failed"
}
attr_filter.access_reject
}
}
}