...
| Code Block |
|---|
realm /myabc\.com$/ {
replymessage "Misconfigured client: default realm of Intel PRO/Wireless supplicant! Rejected by <TLD>."
accountingresponse on
}
realm /@.*3gppnetwork\.org$ {
replymessage "Misconfigured client: Unsupported 3G EAP-SIM client!"
accountingresponse on
}
realm /^$/ {
replymessage "Misconfigured client: empty realm! Rejected by <TLD>."
accountingresponse on
}
|
...
Finally, all realms that do not belong to the own federation are forwarded to the European eduroam Confederation root servers. However, we limit this to 'sane' realms: these must include a tld of at least 2 characters. Anything else is dropped.
| Code Block |
|---|
realm */@.+\..{2,}$/ { server etlr1.eduroam.org server etlr2.eduroam.org } realm * { replymessage "Misconfigured client: username does not contain a valid realm!" } |
Goodies
This section contains some optional configuration parameters that can do good in many cases.
...