2 # Configuration file for the rlm_attr_filter module.
3 # Please see rlm_attr_filter(5) manpage for more information.
7 # This file contains security and configuration information
8 # for each realm. It can be used be an rlm_attr_filter module
9 # instance to filter attributes before sending packets to the
10 # home server of a realm.
12 # When a packet is sent to a home server, these attributes
13 # and values are tested. Only the first match is used unless
14 # the "Fall-Through" variable is set to "Yes". In that case
15 # the rules defined in the DEFAULT case are processed as well.
17 # A special realm named "DEFAULT" matches on all realm names.
18 # You can have only one DEFAULT entry. All entries are processed
19 # in the order they appear in this file. The first entry that
20 # matches the login-request will stop processing unless you use
21 # the Fall-Through variable.
23 # The first line indicates the realm to which the rules apply.
24 # Indented (with the tab character) lines following the first
25 # line indicate the filter rules.
28 # This is a complete entry for 'nochap' realm. It allows to send very
29 # basic attributes to the home server. Note that there is no Fall-Through
30 # entry so that no DEFAULT entry will be used. Only the listed attributes
31 # will be sent in the packet, all other attributes will be filtered out.
35 # User-Password =* ANY,
36 # NAS-Ip-Address =* ANY,
37 # NAS-Identifier =* ANY
39 # The entry for the 'brokenas' realm removes the attribute NAS-Port-Type
40 # if its value is different from 'Ethernet'. Then the default rules are
44 # NAS-Port-Type == Ethernet
47 # The rest of this file contains the DEFAULT entry.
48 # DEFAULT matches with all realm names.
54 CHAP-Challenge =* ANY,
56 NAS-Ip-Address =* ANY,
57 NAS-Identifier =* ANY,