rlm_preprocess

Synopsis

Preprocesses the incoming RADIUS request before handing it off to other modules.

This module processes the huntgroups and hints files. In addition, it re-writes some unusual attributes created by some NASes and converts the attributes into a form that is a little more standard.

Processing Sections

When listed in one of the following sections, the preprocess module normalizes data from certain NAS equipment and processes the hints and huntgroups files.

authorize

preacct

Return codes

ok The module has normalized the request and processed the files.

fail The module was unable to perform one or more actions.

Expansions

None.

Directives

ascend_channels_per_line
Syntax

ascend_channels_per_line = integer

Default

23

Description

This directive works with the with_ascend_hack directive, to correct Ascends non-standard port numbering.

H323-Attribute
Syntax

with_cisco_hack = boolean

Default

no

Description

Cisco (and Quintum in Cisco mode) sends its VSA attributes with the attribute name AGAIN in the string, e.g., H323-Attribute = "h323-attribute=value"`. If this directive is set to `yes, then the redundant data in the the attribute text is stripped out. The result will be H323-Attribute = "value", which is more useful.

This directive is useful only for Cisco and Qintum NASes.

hints
Syntax

hints = filename

Default

${confdir}/hints

Description

The name of the hints file. See man hints for more information.

huntgroups
Syntax

huntgroups = filename

Default

${confdir}/huntgroups

Description

The name of the huntgroups file. See man huntgroups for more information.

with_ascend_hack
Syntax

with_ascend_hack = boolean

Default

no

Description

This hack changes Ascend’s unusual port numberings to standard port numbers.

with_ntdomain_hack
Syntax

with_ntdomain_hack = boolean

Default

no

Description

Windows NT machines often authenticate themselves as NT_DOMAIN\username.

If this directive is set to yes, then the NT_DOMAIN portion of the user-name is silently discarded. This configuration entry SHOULD NOT be used. See the realms module for a better way to handle NT domains.

with_specialix_jetstream_hack
Syntax

with_specialix_jetstream_hack = boolean

Default

no

Description

This directive fixes non-standard packets from a Specialix Jetstream 8500 24 port access server. If the user name is 10 characters or longer, a "/" and the excess characters after the 10th are appended to the user name.

This directive is useful only for a Specialix Jetstream NAS.