diff --git a/pppoe_auth.json b/pppoe_auth.json index 905e456..e7244f3 100644 --- a/pppoe_auth.json +++ b/pppoe_auth.json @@ -2,115 +2,7 @@ "radius_agent": { "request_processors": [ { - "id": "MikrotikPPPoEAuthCGR", - "filters": [ - "*string:~*vars.*radReqType:*radAuth" - ], - "flags": ["*log", "*attributes", "*continue"], - "request_fields": [ - {"tag": "ToR", "path": "*cgreq.ToR", "type": "*constant", "value": "*data"}, - {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "generic"}, - {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", - "value": "*prepaid", "mandatory": true}, - {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*composed", - "value": "~*req.User-Name;~*req.NAS-IP-Address", "mandatory": true}, - {"tag": "OriginHost", "path": "*cgreq.OriginHost", "type": "*variable", - "value": "~*req.NAS-IP-Address", "mandatory": true}, - {"tag": "Account", "path": "*cgreq.Account", "type": "*variable", - "value": "~*req.User-Name", "mandatory": true}, - {"tag": "Subject", "path": "*cgreq.Subject", "type": "*variable", - "value": "~*req.User-Name", "mandatory": true}, - {"tag": "Destination", "path": "*cgreq.Destination", "type": "*constant", - "value": "data"}, - {"tag": "SetupTime", "path": "*cgreq.SetupTime", "type": "*variable", - "value": "~*req.Event-Timestamp"}, - {"tag": "AnswerTime", "path": "*cgreq.AnswerTime", "type": "*variable", - "value": "~*req.Event-Timestamp"}, - {"tag": "CallingStationId", "path": "*cgreq.CallingStationId", "type": "*variable", - "value": "~*req.Calling-Station-Id"} - ], - "reply_fields": [ - {"tag": "RejectMessage", "path": "*rep.Reply-Message", - "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "Authentication failed: User not found or account disabled"}, - {"tag": "RejectCode", "path": "*rep.*radReplyCode", - "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "AccessReject", "blocker": true}, - {"tag": "SessionTimeout", "path": "*rep.Session-Timeout", "type": "*variable", - "value": "~*cgrep.MaxUsage{*duration_seconds}", - "filters": ["*notempty:~*cgrep.MaxUsage:"]}, - {"tag": "AcctInterimInterval", "path": "*rep.Acct-Interim-Interval", - "type": "*constant", "value": "60"}, - {"tag": "FramedIPAddress", "path": "*rep.Framed-IP-Address", "type": "*variable", - "value": "~*cgrep.Attributes.FramedIPAddress"}, - {"tag": "FramedIPNetmask", "path": "*rep.Framed-IP-Netmask", "type": "*variable", - "value": "~*cgrep.Attributes.FramedIPNetmask"}, - {"tag": "MikrotikRateLimit", "path": "*rep.Mikrotik-Rate-Limit", "type": "*variable", - "value": "~*cgrep.Attributes.MikrotikRateLimit"} - ] - }, - { - "id": "MikrotikPPPoEAuthPAP", - "filters": [ - "*string:~*vars.*radReqType:*radAuth", - "*notempty:~*req.User-Password:" - ], - "flags": ["*radauth", "*pap", "*log"], - "request_fields": [ - {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", - "value": "~*cgrep.Attributes.Password"} - ], - "reply_fields": [ - {"tag": "RemoveAddedFields", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*removeall", "path": "*rep"}, - {"tag": "Code", "path": "*rep.*radReplyCode", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "AccessReject"}, - {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "Authentication failed: Invalid username or password"} - ] - }, - { - "id": "MikrotikPPPoEAuthCHAP", - "filters": [ - "*string:~*vars.*radReqType:*radAuth", - "*notempty:~*req.CHAP-Password:" - ], - "flags": ["*radauth", "*chap", "*log"], - "request_fields": [ - {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", - "value": "~*cgrep.Attributes.Password"} - ], - "reply_fields": [ - {"tag": "RemoveAddedFields", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*removeall", "path": "*rep"}, - {"tag": "Code", "path": "*rep.*radReplyCode", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "AccessReject"}, - {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "Authentication failed: Invalid username or password"} - ] - }, - { - "id": "MikrotikPPPoEAuthMSCHAPv2", - "filters": [ - "*string:~*vars.*radReqType:*radAuth", - "*notempty:~*req.Microsoft.MS-CHAP-Challenge:" - ], - "flags": ["*radauth", "*mschapv2", "*log"], - "request_fields": [ - {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable", - "value": "~*cgrep.Attributes.Password"} - ], - "reply_fields": [ - {"tag": "RemoveAddedFields", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*removeall", "path": "*rep"}, - {"tag": "Code", "path": "*rep.*radReplyCode", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "AccessReject"}, - {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "filters": ["*notempty:~*cgrep.Error:"], - "type": "*constant", "value": "Authentication failed: Invalid username or password"} - ] - }, - { - "id": "MikrotikPPPoEAuthDefault", + "id": "MikrotikPPPoEAuthSimple", "filters": [ "*string:~*vars.*radReqType:*radAuth" ],