groups with port permissions

Discussion:

(too old to reply)

subcode

2011-04-13 13:02:49 UTC

Hi All,
I'm new in FreeRadius. I have install freeRadius and ChillSpot on Debian
with squid and iptables. Everything is ok, but I want to make a Group with
port permissions. For exampel first group "Low" with only HTTP(S)
permission, the second group "Mittel" with HTTP(S), POP(S), IMAP, SMTP(S)
and the third group "Hi" with all permission (all ports).
How can I do this? I have my hotspot in my caffe-bar and only customers can
have a internet.

Thanks for your help!

PS: Sorry for my englisch :-)

--
View this message in context: http://freeradius.1045715.n5.nabble.com/groups-with-port-permissions-tp4300533p4300533.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Stephen Vigus

2011-04-13 13:13:17 UTC

Permalink

Hi

I think your best bet would be is to assign different ip pools for
each of these groups on your NAS. Then use iptables an limit each ip
group as you like.

Regards
Stephen

Post by subcode
Hi All,
I'm new in FreeRadius. I have install freeRadius and ChillSpot on Debian
with squid and iptables. Everything is ok, but I want to make a Group with
port permissions. For exampel first group "Low" with only HTTP(S)
permission, the second group "Mittel" with HTTP(S), POP(S), IMAP, SMTP(S)
and the third group "Hi" with all permission (all ports).
How can I do this? I have my hotspot in my caffe-bar and only customers can
have a internet.
Thanks for your help!
PS: Sorry for my englisch :-)
--
View this message in context: http://freeradius.1045715.n5.nabble.com/groups-with-port-permissions-tp4300533p4300533.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

subcode

2011-04-18 10:33:55 UTC

Permalink

Stephen thank you for your answer! I try to do the groups but I don't know
how. Where should I assign the pools ?
I have FreeRADIUS Version 2.1.10 and
In /etc/freeradius/modules/ippool i added:
ippool lowpool {
range-start = 192.168.181.129
range-stop = 192.168.181.254
netmask = 255.255.255.0
cache-size = 800
session-db = ${raddbdir}/db.iplowpool
ip-index = ${raddbdir}/db.iplowindex
override = no
maximum-timeout = 0
}

ippool mipool {
range-start = 192.168.182.129
range-stop = 192.168.182.254
netmask = 255.255.255.0
cache-size = 800
session-db = ${raddbdir}/db.ipmipool
ip-index = ${raddbdir}/db.ipmiindex
override = no
maximum-timeout = 0
}

in /etc/freeradius/users added:

DEFAULT Group == low, Pool-Name := "lowpool"
DEFAULT Group == mi, Pool-Name := "mipool"

and it's doesn't works :( can somebody help me?? Thanks a lot!!!

--
View this message in context: http://freeradius.1045715.n5.nabble.com/groups-with-port-permissions-tp4300533p4310390.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html