Re: Preventing Dial-ins ??

Network Operations Center (root@syrinx.jeffnet.org)
Fri, 6 Sep 1996 20:40:04 -0700 (PDT)

I run this from a cron job that puts the output into the radius database
file. By different directories I meant /home/net/<user> or
/home/dialin/<user>. I am using the SCP patch, if you are not you will
need to remove the "P" in the printf ("P" $1 " Password = UNIX
\n")\ line. A user with a home directory in the password file that is
not listed in this script cannot do PPP ( or dialin at all if you take
out the default entry at the end).
------------------------------------------------------------------------
#!/bin/csh -f
set DS='$'
/usr/local/bin/gawk -F: '\
$2 != " " &&\
$2 !~ /(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)[0-9][0-9]/ &&\
$6 ~ "/(home)/[^/]+$" {\
printf ("#\n")\
printf ("P" $1 " Password = UNIX \n")\
printf (" User-Service-Type = Framed-User,\n")\
printf (" Framed-Protocol = PPP,\n")\
printf (" Framed-Address = 255.255.255.254,\n")\
printf (" Framed-Routing = None,\n")\
printf (" Framed-Compression = Van-Jacobsen-TCP-IP,\n")\
}' /etc/passwd
/usr/local/bin/gawk -F: '\
$2 != " " &&\
$2 !~ /(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)[0-9][0-9]/ &&\
$6 ~ "/(home/dialin)/[^/]+$" {\
printf ("#\n")\
printf ("P" $1 " Password = UNIX \n")\
printf (" User-Service-Type = Framed-User,\n")\
printf (" Framed-Protocol = PPP,\n")\
printf (" Framed-Address = 255.255.255.254,\n")\
printf (" Framed-Routing = None,\n")\
printf (" Framed-Compression = Van-Jacobsen-TCP-IP,\n")\
}' /etc/passwd
echo "#"
echo "DEFAULT Password = UNIX"
echo " User-Service-Type = Login-User,"
echo " Login-Service = Rlogin"

On Fri, 6 Sep 1996, Pete Holsberg wrote:

> On Fri, 6 Sep 1996, Network Operations Center wrote:
>
> > What I do is make accounts with different home
> > directories and I generate my radius database based on
> > which directory they are in. Sure I have an entry for
> > every user, but it works.
>
> Sorry, but I don't follow that. Each account I create has
> its own home directory.
>
> How does the radius database depend on the directory?
>
> Here's my /etc/raddb/users file:
>
> matthew Password = "UNIX"
> User-Service-Type = Framed-User,
> Framed-Protocol = SLIP,
> Framed-Address = 204.97.12.48,
> Framed-Netmask = 255.255.255.0,
> Framed-Routing = None,
> Framed-Compression = Van-Jacobsen-TCP-IP,
> Framed-MTU = 1006
> DEFAULT Password = "UNIX"
> User-Service-Type = Login-User,
> Login-Service = Telnet
> # This is for <username> without a . in it, (the old DEFAULT)
> DEFAULT.DEFAULT Password = "UNIX"
> User-Service-Type = Login-User,
> Login-Service = Telnet
> # Login-Host = 198.133.170.1
> # This is for <username>.UNIX
> DEFAULT.UNIX Password = "UNIX"
> User-Service-Type = Login-User,
> Login-Service = Telnet
> # This is for <username>.shell
> DEFAULT.shell Password = "UNIX"
> User-Service-Type = Login-User,
> Login-Service = Telnet
> # This is for <username>.slip (starts dynamic SLIP)
> DEFAULT.slip Password = "UNIX"
> User-Service-Type = Framed-User,
> Framed-Protocol = SLIP,
> Framed-Routing = None,
> Framed-MTU = 1006
> # This is for <username>.cslip (starts dynamic CSLIP)
> DEFAULT.cslip Password = "UNIX"
> User-Service-Type = Framed-User,
> Framed-Protocol = SLIP,
> Framed-Routing = None,
> Framed-MTU = 1006,
> Framed-Compression = Van-Jacobsen-TCP-IP
> # This is for <username>.ppp (starts dynamic ppp)
> DEFAULT.ppp Password = "UNIX"
> User-Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-Routing = None,
> Framed-MTU = 1500
> Framed-Compression = Van-Jacobsen-TCP-IP
>
> I have the Matthew Crocker "loginname.ppp" modification to
> radius.
>
> Thanks,
> Pete
>

\\|// ^^^^^ )))(( %%%%% ,,,,,
(- -) (o o) (- o) (0-0) (* *)
+--ooO-(_)-Ooo--oo0-(_)-0oo--ooO-(_)-Ooo--oo0-(_)-0oo--ooO-(_)-Ooo--+
| NETWORK OPERATIONS CENTER |
| mailto:support@friendly.jeffnet.org Voice # 800-876-8797 |
| http://jeffnet.org/noc 541-776-3283 |
| Mike Taylor - Network Services Manager |
+-------------------------------------------------------------------+