[freeside-devel] Introductions..

Brian Wolfe ahzz at terrabox.com
Mon May 22 23:59:32 PDT 2000 

	One would intuitively think that if your account doesn't need dialup capabilities that you would un-select the slip ip in the account creation fields instead of making it fixed null.....

	Brian



On Mon, May 22, 2000 at 07:16:45PM -0700, ivan wrote:
> On Sun, May 21, 2000 at 03:49:58PM -0500, Thomas Charron wrote:
> >   Hello everyone..
> > 
> >   I've recently began to setup freeside for a local ISP using ziplink.net as 
> > their wholesale provider, and I must thank you all for having a package 
> > available that I had started to write myself..  :-)  That's what I get for not 
> > looking hard enough first..
> > 
> >   I do have several questions regarding the system, more along the lines 
> > of 'Should I implement this' in case no one has already..  :-P
> > 
> >   My first biggie is that apperently the export file will always export to both 
> > the "users" radius file, and the "passwd" file.  I'd like it to be configurable 
> > as to where they are exported.  This is becouse we will sell a shell account 
> > that *DOES NOT INCLUDE DIALUP CAPABILITIES*, and hence, do NOT want it exported 
> > to the radius file, as they shouldn't be able to auth via radius.  Has anyone 
> > made changes to allow this yet?  By the same token, we also have PPP users who 
> > auth off of radius but beyond that, should have no access to the system, aka, 
> > no entries in the passwd file.  Yes, I know this means they will not be able to 
> > recieve email (This is a feature, not a bug..  :-}).  Basically, we want to be 
> > able to have several accounts.
> > 
> >   1) PPP with shell, mail, etc..
> >     This is possible now simply by have the system export to both the radius 
> > file, along with the passwd file, with a valid shell and home dir setup..
> > 
> >   2) PPP without anything
> >     (See question)
> > 
> >   3) Shell with dialin, etc..
> >     Again, possible with some minor modification to tell radius that it's a 
> > shell forward.
> > 
> >   4) Shell with nadazilchnothing radius wise
> >     Simply an entry in the passwd, but nothing going into the radius file.
> > 
> >   I'm asking these for simple thoughts on the matter.  I'm probrably going to 
> > add a flag stating 'local', 'remote', or 'both' that will get detected by the 
> > export scripts to tell where it should be exported to.  Easy enough..
> 
> Unneccessary.
> 
> To turn off export to the RADIUS users file, set the `slipip' in the
> service definition to `Fixed' and blank.  To turn off export to the passwd
> file, set the `uid' in the service definition to `Fixed' and blank.
> 
> Freeside *does* need some work to have accounts be generalized to any
> number of machines/services, but the case you outline above is covered.
> 
> >   Another note is if wished I can supply a simple perl app that will import 
> > ziplinks dialup numbers, simular to the one provided that pulls megapop.com's 
> > access list.
> 
> Sure!
> 
> I'm also very interested in interfacing to the provisioning systems of
> Megapop, Ziplink and other wholesale providers.  From what I understand,
> many use proxy RADIUS, but there's also other options.
> 
> -- 
> meow
> _ivan

More information about the freeside-devel mailing list