Subversion Repositories configs

Rev

Rev 4 | Blame | Compare with Previous | Last modification | View Log | RSS feed 

#
#       Configuration file for the rlm_attr_filter module.
#       Please see rlm_attr_filter(5) manpage for more information.
#
#       $Id: 8c601cf205f9d85b75c1ec7fc8e816e7341a5ba4 $
#
#       This file contains security and configuration information
#       for each realm. It can be used be an rlm_attr_filter module
#       instance to filter attributes before sending packets to the
#       home server of a realm.
#
#       When a packet is sent to a home server, these attributes
#       and values are tested. Only the first match is used unless
#       the "Fall-Through" variable is set to "Yes". In that case
#       the rules defined in the DEFAULT case are processed as well.
#
#       A special realm named "DEFAULT" matches on all realm names.
#       You can have only one DEFAULT entry. All entries are processed
#       in the order they appear in this file. The first entry that
#       matches the login-request will stop processing unless you use
#       the Fall-Through variable.
#
#       The first line indicates the realm to which the rules apply.
#       Indented (with the tab character) lines following the first
#       line indicate the filter rules.
#

# This is a complete entry for 'nochap' realm. It allows to send very
# basic attributes to the home server. Note that there is no Fall-Through
# entry so that no DEFAULT entry will be used. Only the listed attributes
# will be sent in the packet, all other attributes will be filtered out.
#
#nochap
#       User-Name =* ANY,
#       User-Password =* ANY,
#       NAS-Ip-Address =* ANY,
#       NAS-Identifier =* ANY

# The entry for the 'brokenas' realm removes the attribute NAS-Port-Type
# if its value is different from 'Ethernet'. Then the default rules are
# applied.
#
#brokenas
#       NAS-Port-Type == Ethernet
#       Fall-Through = Yes

# The rest of this file contains the DEFAULT entry.
# DEFAULT matches with all realm names.

DEFAULT
        User-Name =* ANY,
        User-Password =* ANY,
        CHAP-Password =* ANY,
        CHAP-Challenge =* ANY,
        MS-CHAP-Challenge =* ANY,
        MS-CHAP-Response =* ANY,
        EAP-Message =* ANY,
        Message-Authenticator =* ANY,
        State =* ANY,
        NAS-IP-Address =* ANY,
        NAS-Identifier =* ANY,
        Proxy-State =* ANY