[freeside-devel] Introductions..

[ivan]

On Sun, May 21, 2000 at 03:49:58PM -0500, Thomas Charron wrote:
>   Hello everyone..
> 
>   I've recently began to setup freeside for a local ISP using ziplink.net as 
> their wholesale provider, and I must thank you all for having a package 
> available that I had started to write myself..  :-)  That's what I get for not 
> looking hard enough first..
> 
>   I do have several questions regarding the system, more along the lines 
> of 'Should I implement this' in case no one has already..  :-P
> 
>   My first biggie is that apperently the export file will always export to both 
> the "users" radius file, and the "passwd" file.  I'd like it to be configurable 
> as to where they are exported.  This is becouse we will sell a shell account 
> that *DOES NOT INCLUDE DIALUP CAPABILITIES*, and hence, do NOT want it exported 
> to the radius file, as they shouldn't be able to auth via radius.  Has anyone 
> made changes to allow this yet?  By the same token, we also have PPP users who 
> auth off of radius but beyond that, should have no access to the system, aka, 
> no entries in the passwd file.  Yes, I know this means they will not be able to 
> recieve email (This is a feature, not a bug..  :-}).  Basically, we want to be 
> able to have several accounts.
> 
>   1) PPP with shell, mail, etc..
>     This is possible now simply by have the system export to both the radius 
> file, along with the passwd file, with a valid shell and home dir setup..
> 
>   2) PPP without anything
>     (See question)
> 
>   3) Shell with dialin, etc..
>     Again, possible with some minor modification to tell radius that it's a 
> shell forward.
> 
>   4) Shell with nadazilchnothing radius wise
>     Simply an entry in the passwd, but nothing going into the radius file.
> 
>   I'm asking these for simple thoughts on the matter.  I'm probrably going to 
> add a flag stating 'local', 'remote', or 'both' that will get detected by the 
> export scripts to tell where it should be exported to.  Easy enough..

Unneccessary.

To turn off export to the RADIUS users file, set the `slipip' in the
service definition to `Fixed' and blank.  To turn off export to the passwd
file, set the `uid' in the service definition to `Fixed' and blank.

Freeside *does* need some work to have accounts be generalized to any
number of machines/services, but the case you outline above is covered.

>   Another note is if wished I can supply a simple perl app that will import 
> ziplinks dialup numbers, simular to the one provided that pulls megapop.com's 
> access list.

Sure!

I'm also very interested in interfacing to the provisioning systems of
Megapop, Ziplink and other wholesale providers.  From what I understand,
many use proxy RADIUS, but there's also other options.

-- 
meow
_ivan