Article delegate-en/4909 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4908@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Does Delegate support user-based access lists, with those users authenticated by a RADIUS server?
16 Sep 2010 01:44:43 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


In message <_A4908@delegate-en.ML_> on 09/16/10(07:55:26)
you Vietnhi Phuvan <pcijqbdyi-hugik5vhznxr.ml@ml.delegate.org> wrote:
 |delegated -P1080 SERVER=socks AUTHORIZER=-pam OWNER="root" 
 |REMITTABLE="tcprelay/80" REMITTABLE="tcprelay/22"  

This must be one of followings:
REMITTABLE="tcprelay/80" REMITTABLE="+,tcprelay/22"  
REMITTABLE="tcprelay/80,tcprelay/22"  
REMITTABLE="tcprelay/{80,22}"  

 |HOSTLIST="ConsServ:/10.80.80.100" REJECT="tcprelay:\!ConsServ:user1"  

A strange "/" in the second field of HOSTLIST disables this parameger.

 |PERMIT="tcprelay:*:*" +=/etc/delegated.conf
 |
 |I am wondering why user1 is not being blocked from accessing 
 |10.80.80.100. Do you see anything wrong with my syntax?

A word in the field means a hostname, so a client host with name "user1"
will be rejected.  To match with a username by AUTHORIZER, it must be
username@hostname, thus maybe it should be "user1@*" in your case.

Cheers,
Yutaka
--
  9 9   Yutaka Sato, CSDP#005482 <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V