From af754e596a8dbb05ed8580c342e7fe02e08b28e0 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 13 Apr 2024 16:11:00 +0200
Subject: Adding upstream version 3.2.3+dfsg.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 raddb/mods-config/preprocess/hints      | 86 +++++++++++++++++++++++++++++++++
 raddb/mods-config/preprocess/huntgroups | 43 +++++++++++++++++
 2 files changed, 129 insertions(+)
 create mode 100644 raddb/mods-config/preprocess/hints
 create mode 100644 raddb/mods-config/preprocess/huntgroups

(limited to 'raddb/mods-config/preprocess')

diff --git a/raddb/mods-config/preprocess/hints b/raddb/mods-config/preprocess/hints
new file mode 100644
index 0000000..84d4d78
--- /dev/null
+++ b/raddb/mods-config/preprocess/hints
@@ -0,0 +1,86 @@
+#
+#  hints
+#
+#	The hints file.  This file is used to match
+#	a request, and then add attributes to it.  This
+#	process allows a user to login as "bob.ppp" (for example),
+#	and receive a PPP connection, even if the NAS doesn't
+#	ask for PPP.  The "hints" file is used to match the
+#	".ppp" portion of the username, and to add a set of
+#	"user requested PPP" attributes to the request.
+#
+#	Matching can take place with the the Prefix and Suffix
+#	attributes, just like in the "users" file.
+#	These attributes operate ONLY on the username, though.
+#
+#	Note that the attributes that are set for each entry are
+#	NOT added to the reply attributes passed back to the NAS.
+#	Instead they are added to the list of attributes in the
+#	request that has been SENT by the NAS.
+#
+#	This extra information can be used in the users file to
+#	match on. Usually this is done in the DEFAULT entries,
+#	of which there can be more than one.
+#
+#	In addition a matching entry can transform a username
+#	for authentication purposes if the "Strip-User-Name"
+#	variable is set to Yes in an entry (default is Yes).
+#
+#	A special non-protocol name-value pair called "Hint"
+#	can be set to match on in the "users" file.
+#
+#	As with the "users" file, the first entry that matches the
+#	incoming request will cause the server to stop looking for
+#	more hints. If the "Fall-Through" attribute is set to
+#	"Yes" in an entry then the server will not stop, but
+#	continue to process further hints from the file. Matches
+#	on subsequent hints will be against the altered request
+#	from the previous hints, not against the original request.
+#
+#	The following is how most dial-up ISPs want to set this up.
+#
+# Version:	$Id$
+#
+
+
+DEFAULT	Suffix == ".ppp", Strip-User-Name = Yes
+	Hint = "PPP",
+	Service-Type = Framed-User,
+	Framed-Protocol = PPP
+
+DEFAULT	Suffix == ".slip", Strip-User-Name = Yes
+	Hint = "SLIP",
+	Service-Type = Framed-User,
+	Framed-Protocol = SLIP
+
+DEFAULT	Suffix == ".cslip", Strip-User-Name = Yes
+	Hint = "CSLIP",
+	Service-Type = Framed-User,
+	Framed-Protocol = SLIP,
+	Framed-Compression = Van-Jacobson-TCP-IP
+
+######################################################################
+#
+#	These entries are old, and commented out by default.
+#	They confuse too many people when "Peter" logs in, and the
+#	server thinks that the user "eter" is asking for PPP.
+#
+#DEFAULT	Prefix == "U", Strip-User-Name = No
+#	Hint = "UUCP"
+
+#DEFAULT	Prefix == "P", Strip-User-Name = Yes
+#	Hint = "PPP",
+#	Service-Type = Framed-User,
+#	Framed-Protocol = PPP
+
+#DEFAULT	Prefix == "S", Strip-User-Name = Yes
+#	Hint = "SLIP",
+#	Service-Type = Framed-User,
+#	Framed-Protocol = SLIP
+
+#DEFAULT	Prefix == "C", Strip-User-Name = Yes
+#	Hint = "CSLIP",
+#	Service-Type = Framed-User,
+#	Framed-Protocol = SLIP,
+#	Framed-Compression = Van-Jacobson-TCP-IP
+
diff --git a/raddb/mods-config/preprocess/huntgroups b/raddb/mods-config/preprocess/huntgroups
new file mode 100644
index 0000000..da28dba
--- /dev/null
+++ b/raddb/mods-config/preprocess/huntgroups
@@ -0,0 +1,43 @@
+#
+# huntgroups	This file defines the `huntgroups' that you have. A
+#		huntgroup is defined by specifying the IP address of
+#		the NAS and possibly a port.
+#
+#		Matching is done while RADIUS scans the user file; if it
+#		includes the selection criteria "Huntgroup-Name == XXX"
+#		the huntgroup is looked up in this file to see if it
+#		matches. There can be multiple definitions of the same
+#		huntgroup; the first one that matches will be used.
+#
+#		This file can also be used to define restricted access
+#		to certain huntgroups. The second and following lines
+#		define the access restrictions (based on username and
+#		UNIX usergroup) for the huntgroup.
+#
+
+#
+# Our POP in Alphen a/d Rijn has 3 terminal servers. Create a Huntgroup-Name
+# called Alphen that matches on all three terminal servers.
+#
+#alphen		NAS-IP-Address == 192.0.2.5
+#alphen		NAS-IP-Address == 192.0.2.6
+#alphen		NAS-IP-Address == 192.0.2.7
+
+#
+# The POP in Delft consists of only one terminal server.
+#
+#delft		NAS-IP-Address == 198.51.100.5
+
+#
+# Port 0 on the first terminal server in Alphen are connected to
+# a huntgroup that is for business users only. Note that only one
+# of the username or groupname has to match to get access (OR/OR).
+#
+# Note that this huntgroup is a subset of the "alphen" huntgroup.
+#
+#business	NAS-IP-Address == 198.51.100.5, NAS-Port-Id == 0
+#		User-Name == rogerl,
+#		User-Name == henks,
+#		Group == business,
+#		Group == staff
+
-- 
cgit v1.2.3