rlm_attr_filter updated, new functionality
Alan DeKok
aland@ox.org
Wed, 24 Apr 2002 12:45:06 -0400
Chris Parker <cparker@starnetusa.net> wrote:
> o Two new operators have been added, to allow better wildcarded permit
> and deny rules:
>
> =* Always report pass
> !* Always report fail
One more thought: How does this affect the 'users' file?
For attrfilter, you say:
> This allows a shortcut to always allow or deny an attribute. IE:
>
> ...
> Reply-Message *= ANY
> Ascend-Data-Filter *= ANY
> Proxy-State *= ANY
I have a good idea what that means for attrfilter, but it doesn't
make much sense for the 'users' file. A match which always returns
true or false isn't very useful.
Would it be possible to *slightly* extend the meaning, so that for
the 'users' file, these operators would be 'existence' operators?
e.g.
DEFAULT Proxy-State *= ANY
Reply-Message = "I saw a Proxy-State in your request"
DEFAULT Proxy-State !* ANY
Reply-Message = "I didn'pt see a Proxy-State in your request"
Alan DeKok.