RADSECProxy Realm Filtering

### Catch a load of common misconfigurations
realm /^$/ {
    replymessage "Misconfigured client: empty realm!"
}

realm /@((myabc|gmail|googlemail|hotmail|live|outlook|yahoo|unimail).com|(.*\.)?3gppnetworks?.org|yahoo.cn) {
    replymessage "Misconfigured client: govroam realm not permitted"
}

realm /@(.*\.(ax\.uk|ax\.edu|sc\.uk|ac\.edu|ac\.u|local)|ac\.uk)$ {
    replymessage "Misconfigured client: govroam realm invalid (typo?)"
}

realm /@\. {
    replymessage "Misconfigured client: govroam realm invalid (leading '.')"
}

realm /@[^\.]+$ {
    replymessage "Misconfigured client: govroam realm invalid (incomplete)"
}

### Check it's a syntacitaclly correct realm and proxy if ok
realm /@[0-9a-zA-Z\.]+\.[0-9a-zA-Z\.]+$ {
    server roaming0.govroam.uk
    server roaming1.govroam.uk
    server roaming2.govroam.uk
    server roaming3.govroam.uk
    # AccountingResponse on
}

### Otherwise reject it
realm * {
    replymessage "Misconfigured client: govroam realm invalid (syntax error)"
}