Re: [xtradius] setting allowed user services to access

Top Page
Author: Bulgaria Online - Assen Totin
Date:  
To: Edison Cala
CC: xtradius
Subject: Re: [xtradius] setting allowed user services to access
Hi,

EC> i just want to ask some info regarding setting allowed
EC> services where selected users can only use/access like mail only
EC> service.


I have some customers who are only allowed to use SMTP, POP3 & DNS,
but not to use HTTP for example.

When such user authenticates, my external authentication script prints
the number of the access list that the NAS should apply to the user's
interface:

--- snip perl code --
# Service number "6" is the email-only service
if ($service==6) {
# ACL No 110 on my AS5200 contains the permist to
print "Filter-Id = 110\n";
}
--- end perl code ---

Here is my ACL 110:

dialup3#sh ip access-lists 110
Extended IP access list 110
    permit tcp any eq smtp 217.75.129.0 0.0.0.255
    permit tcp 217.75.129.0 0.0.0.255 any eq smtp
    permit tcp any eq pop3 217.75.129.0 0.0.0.255
    permit tcp 217.75.129.0 0.0.0.255 any eq pop3
    permit udp any eq domain 217.75.129.0 0.0.0.255
    permit udp 217.75.129.0 0.0.0.255 any eq domain
    permit tcp any 217.75.129.0 0.0.0.255 eq ident
    permit tcp 217.75.129.0 0.0.0.255 eq ident any
    permit tcp any eq domain 217.75.129.0 0.0.0.255
    permit tcp 217.75.129.0 0.0.0.255 any eq domain



WWell,

Assen Totin
Development Manager

===============================
        BULGARIA ONLINE
  Your quality... Your price!
===============================
tel. (+359 2) 973-3000 ext. 511
     http://home.online.bg


_______________________________________________
xtradius mailing list
xtradius@???
http://lists.q-linux.com/mailman/listinfo/xtradius