Radius and Portmaster filters; Need Help

BadgerNet (perryb@badger1.net)
Sat, 30 Nov 1996 00:09:24 -0800

I need some help on packet filters. I want to restrict a single dialup
user on my portmaster to http only on my local network. I'm using Radius,
for authentication, and a PM2e Portmaster with OS v3.1.4. Following are
the files involved, but this setup doesn't seem to work. I can dial in as
the user and use all available protocols on the system, to anywhere in the
world. Can anyone provide me with a solution?

FROM /etc/raddb/users

guest Password = "guest", Client-Id = portmaster
Framed-Address = 255.255.255.254,
Framed-Netmask = 255.255.255.0,
Framed-Routing = None,
Framed-Filter-Id = "signup",
Framed-Compression = Van-Jacobsen-TCP-IP,
Framed-MTU = 1500

FROM Portmaster

pm1> sho filter signup.ft

1 permit 0.0.0.0/0 207.113.50.5/32 tcp dst eq 80

pm1> sho s0
----------------------- Current Status - Port S0
---------------------------
Status: ESTABLISHED
Input: 1385397 Parity Errors: 0
Output: 17933505 Framing Errors: 6
Pending: 0 Overrun Errors: 0

Active Configuration Default Configuration
-------------------- ---------------------
Port Type: Netwrk Login/Netwrk (Dial In) (Security)
Baud Rates: 115200 115200,115200,115200
Flow Control: RTS/CTS No Xon/Xoff*,RTS/CTS
Modem Control: on on (No Hangup)
Modem Status: Configured mt1

Remote Host: 207.113.50.107
Netmask: 255.255.255.0 0.0.0.0
Interface: ptp0 (PPP,Quiet,Compres (SLIP,Quiet)
Mtu: 1500 1500
Async Map: L:00000000 R:000a0000 00000000
Pkt Filters: In:signup.in Out:signup.out
Dial Group: 0
----------------------------------------------------------------------------
-----------------

BadgerNet Communications
info@badger1.net
"Get connected, or you'll miss everything"