From owner-freebsd-net@FreeBSD.ORG Fri Jul 8 04:49:46 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7A2A616A41C for ; Fri, 8 Jul 2005 04:49:46 +0000 (GMT) (envelope-from fooler@skyinet.net) Received: from smtp2.skyinet.net (smtp2.skyinet.net [202.78.97.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id EAFEF43D46 for ; Fri, 8 Jul 2005 04:49:45 +0000 (GMT) (envelope-from fooler@skyinet.net) Received: from fooler (fooler.ilo.skyinet.net [202.78.118.66]) by smtp2.skyinet.net (Postfix) with SMTP id 849255BC1D; Fri, 8 Jul 2005 12:49:42 +0800 (PHT) Message-ID: <078d01c58378$2d96d120$42764eca@ilo.skyinet.net> From: "fooler" To: =?iso-8859-1?Q?Hern=E1n_Freschi?= References: <25a1a0990507061634655433ec@mail.gmail.com><036f01c582a6$baa0ce90$42764eca@ilo.skyinet.net> <25a1a09905070714551cd551f@mail.gmail.com> Date: Fri, 8 Jul 2005 12:47:42 +0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Cc: freebsd-net@freebsd.org Subject: Re: pppoe+radius server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2005 04:49:46 -0000 ----- Original Message ----- From: "Hernán Freschi" Cc: Sent: Friday, July 08, 2005 5:55 AM Subject: Re: pppoe+radius server >great great, only one problem. i make the radius server send the >Filter-Id attr, with value "64:32" for 64 down/32 up. It seems to get >to ppp: /etc/ppp/ppp.log: > >Phase: Filter "64:32" > >Notice it says "filter", not filter-id > >so my /etc/ppp/ppp.linkup looks like this: > >default: > bg /etc/ppp/addclient.sh USER INTERFACE HISADDR RAD_FILTER_ID > >and addclient.sh just: > > echo $1 $2 $3 $4 >> /test.log > >and /test.log looks like > >username tun0 10.20.20.20 RAD_FILTER_ID > >seems like ppp doesn't replace RAD_FILTER_ID with the Filter-Id >attribute from the server. It should do that, right? Or did I got >something wrong? RAD_FILTER_ID according to ppp's man page: RAD_FILTER_ID If this attribute is supplied, ppp will attempt to use it as an additional label to load from the ppp.linkup and ppp.linkdown files. The load will be attempted before (and in addition to) the normal label search. If the label doesn't exist, no action is taken and ppp proceeds to the normal load using the current label. the text content of Filter-ID radius attribute coming from your radius server serves as label for ppp.linkup and ppp.linkdown files... for example... sending Filter-ID = "abc" from radius server inside /etc/ppp/ppp.linkup: abc: ! sh -c "echo abc label called >> /test.log" xyz: ! sh -c "echo xyz label called >> /test.log" you are using label "64:32" which is ambiguous because a label in ppp is a string starts from the first column of a line followed by a colon... you can replace your "64:32" to "d64u32" or whatever you like as long as it is a valid label... your ppp.linkup and ppp.linkdown file will look like this: /etc/ppp/ppp.linkup d64u32: !bg /etc/ppp/addpipe.sh INTERFACE 64 32 /etc/ppp/ppp.linkdown MYADDR: !bg /etc/ppp/delpipe.sh INTERFACE /etc/ppp/addpipe.sh extract tunnel number and assign to NTUN variable NTUN = NTUN * 2 (+ BASE to allow room for other firewall rules) IN = NTUN OUT = NTUN + 1 assign IN for incoming pipe number assign OUT for outgoing pipe number /etc/ppp/delpipe.sh extract tunnel number and assign to NTUN variable NTUN = NTUN * 2 (+ BASE to allow room for other firewall rules) IN = NTUN OUT = NTUN + 1 assign IN to delete previous incoming pipe number assign OUT to delete previous outgoing pipe number fooler.