siteadmin:realm_filtering
This is an old revision of the document!
Basic syntax checking can be done with the 'filter_username' policy. From the FreeRADIUS documents:
# Filter the username # # Force some sanity on User-Name. This helps to avoid issues # issues where the back-end database is "forgiving" about # what constitutes a user name.
Example usage:
authorize {
filter_username
loop_prevent
operator-name
suffix
}
To filter out unwanted realms, such as 'hotmail.com' can be done simply by using the 'realm' command:
## Filter out NULL realms e.g. Username = fred
realm NULL {
}
## Filter out realms that aren't every going to be valid Govroam realms e.g. Username = fred@hotmail.com
realm "~hotmail\\.com$" {
}
realm "~hotmail\\.co\\.uk$" {
}
realm "~.*\\.3gppnetworks\\.org$" {
}
realm "~gmail\\.com" {
}
realm "~googlemail\\.com" {
}
realm "~live\\.com" {
}
realm "~outlook\\.com" {
}
realm "~yahoo\\.com" {
}
realm "~yahoo\\.cn" {
}
realm "~unimail\\.com" {
}
realm "~yahoo\\.co\\.uk" {
}
siteadmin/realm_filtering.1565690328.txt.gz · Last modified: 2019/08/13 09:58 by admin