# # PRE: if # update reply { Filter-Id := "filter" } if ("%{Client-Shortname}" != '') { update reply { Filter-Id += "fail 0" } } if ("%{Request-Processing-Stage}" != 'authorize') { update reply { Filter-Id += "fail 1" } } if ("%{Virtual-Server}" != 'default') { update reply { Filter-Id += "fail 2" } } if ("%{Module-Return-Code}" != '') { update reply { Filter-Id += "fail 3a" } } ok if ("%{Module-Return-Code}" != 'ok') { update reply { Filter-Id += "fail 3b" } } if ("%{Packet-Type}" != 'Access-Request') { update reply { Filter-Id += "fail 4" } } # Response hasn't been set yet if ("%{Response-Packet-Type}" != '') { update reply { Filter-Id += "fail 5" } } if ("%{Packet-Authentication-Vector}" != '0x00000000000000000000000000000000') { update reply { Filter-Id += "fail 6" } } if ("%{Client-IP-Address}" != 127.0.0.1) { update reply { Filter-Id += "fail 7a" } } if ("%{Packet-Src-IP-Address}" != 127.0.0.1) { update reply { Filter-Id += "fail 7b" } } if ("%{Packet-Dst-IP-Address}" != 127.0.0.1) { update reply { Filter-Id += "fail 8" } } # Can't have both... if ("%{Packet-Src-IPv6-Address}" != '') { update reply { Filter-Id += "fail 9" } } if ("%{Packet-Dst-IPv6-Address}" != '') { update reply { Filter-Id += "fail 10" } } if ("%{Packet-Src-Port}" != '18120') { update reply { Filter-Id += "fail 11" } } if ("%{Packet-Dst-Port}" != '1812') { update reply { Filter-Id += "fail 12" } } # We should allow the user to overload virtual attributes update request { Client-Shortname := 'my_test_client' } if ("%{Client-Shortname}" != 'my_test_client') { update reply { Filter-Id += "fail 13" } } # Operations on virtual attributes should be the same as on real ones if ("%{Virtual-Server[0]}" != 'default') { update reply { Filter-Id += "fail 14" } } if ("%{Virtual-Server[*]}" != 'default') { update reply { Filter-Id += "fail 15" } } if ("%{Virtual-Server[#]}" != 1) { update reply { Filter-Id += "fail 16" } }