diff -Naur radiusd-cistron-1.6.4/raddb/clients radiusd-cistron-1.6.4-subnet/raddb/clients --- radiusd-cistron-1.6.4/raddb/clients Sat Sep 18 22:10:40 1999 +++ radiusd-cistron-1.6.4-subnet/raddb/clients Thu Nov 9 14:50:47 2000 @@ -5,7 +5,7 @@ # Description of the fields: # # * The first field is a valid hostname or IP address -# for the client. +# for the client. Is is also possible specify a subnet. # * The second field (seperated by blanks or tabs) is the # encryption key. @@ -15,4 +15,6 @@ #portmaster2.isp.com testing123 #proxyradius.isp2.com TheirKey localhost testing123 +#192.168.2.0/255.255.255.192 testing123 + diff -Naur radiusd-cistron-1.6.4/raddb/naslist radiusd-cistron-1.6.4-subnet/raddb/naslist --- radiusd-cistron-1.6.4/raddb/naslist Wed Jun 28 23:34:21 2000 +++ radiusd-cistron-1.6.4-subnet/raddb/naslist Thu Nov 9 14:50:47 2000 @@ -5,22 +5,18 @@ # Description of the fields: # # * The first field is a valid hostname or IP address -# for the client. +# for the client. Is is also possible specify a subnet. # * The second field (seperated by blanks or tabs) is the # short name we use in the logfiles for this NAS. -# This means /var/log/radacct//detail, -# and Sxx: in the radwtmp file. # * The third field defines what type of device it is. Valid # values are "livingston", "cisco", "multitech", "computone", # "max40xx", "portslave", "tc", "pathras", "usrhiper", "other". # This is used to find out how to detect double logins. # -# You can use DEFAULT as a catch-all. -# # NAS Name Short Name Type #---------------- ---------- ---- #portmaster1.isp.com pm1.NY livingston #portmaster2.isp.com pm1.LA livingston localhost local portslave -DEFAULT default other +#192.168.2.0/255.255.255.192 acme cisco diff -Naur radiusd-cistron-1.6.4/src/files.c radiusd-cistron-1.6.4-subnet/src/files.c --- radiusd-cistron-1.6.4/src/files.c Mon Aug 21 18:39:12 2000 +++ radiusd-cistron-1.6.4-subnet/src/files.c Thu Nov 9 14:50:47 2000 @@ -1821,6 +1821,7 @@ FILE *fp; char buffer[256]; char hostnm[128]; + char hostmask[128]; char secret[32]; char shortnm[32]; int lineno = 0; @@ -1850,8 +1851,9 @@ file, lineno); return -1; } - - c->ipaddr = get_ipaddr(hostnm); + strcpy(hostmask,hostnm); + c->ipaddr = get_ipaddr_class(hostnm); + c->mask= get_mask(hostmask); strNcpy(c->secret, secret, sizeof(c->secret)); strNcpy(c->shortname, shortnm, sizeof(c->shortname)); strNcpy(c->longname, ip_hostname(c->ipaddr), @@ -1872,12 +1874,24 @@ CLIENT *client_find(UINT4 ipaddr) { CLIENT *cl; + CLIENT *result=NULL; + int mask=0; + int m=0; + int i=0; for(cl = clients; cl; cl = cl->next) - if (ipaddr == cl->ipaddr) - break; - - return cl; + { + if ((ipaddr & cl->mask) == cl->ipaddr) + { + m= uint4_unos(cl->mask); + if ( m > mask) + { + mask=m; + result=cl; + } + } + } + return result; } @@ -1933,6 +1947,7 @@ FILE *fp; char buffer[256]; char hostnm[128]; + char hostmask[128]; char shortnm[32]; char nastype[32]; int lineno = 0; @@ -1963,8 +1978,10 @@ c->ipaddr = 0; dotted = 0; + strcpy(hostmask,hostnm); if (strcmp(hostnm, "DEFAULT") != 0) { - c->ipaddr = get_ipaddr(hostnm); + c->ipaddr = get_ipaddr_class(hostnm); + c->mask= get_mask(hostmask); dotted = good_ipaddr(hostnm); } strNcpy(c->nastype, nastype, sizeof(c->nastype)); @@ -2082,17 +2099,29 @@ */ NAS *nas_find(UINT4 ipaddr) { - NAS *cl, *dfl; - - dfl = NULL; - for(cl = naslist; cl; cl = cl->next) { - if (ipaddr == cl->ipaddr) - break; + NAS *cl,*dfl; + NAS *result=NULL; + + int mask=0; + int m=0; + int i=0; + dfl = NULL; + for(cl = naslist; cl; cl = cl->next) + { + if ((ipaddr & cl->mask)== cl->ipaddr) + { + m= uint4_unos(cl->mask); + if ( m > mask) + { + mask=m; + result=cl; + } + } if (strcmp(cl->longname, "DEFAULT") == 0) dfl = cl; } - return cl ? cl : dfl; + return result ? result : dfl; } diff -Naur radiusd-cistron-1.6.4/src/radiusd.h radiusd-cistron-1.6.4-subnet/src/radiusd.h --- radiusd-cistron-1.6.4/src/radiusd.h Mon Aug 21 18:39:12 2000 +++ radiusd-cistron-1.6.4-subnet/src/radiusd.h Thu Nov 9 14:50:47 2000 @@ -95,6 +95,7 @@ typedef struct client { UINT4 ipaddr; + UINT4 mask; char longname[256]; u_char secret[16]; char shortname[32]; @@ -103,6 +104,7 @@ typedef struct nas { UINT4 ipaddr; + UINT4 mask; char longname[256]; char shortname[32]; char nastype[32]; @@ -212,7 +214,11 @@ /* util.c */ char * ip_hostname (UINT4); +UINT4 netmask(char *); UINT4 get_ipaddr (char *); +UINT4 get_ipaddr_class (char *); +UINT4 get_mask (char *); +int uint4_unos(UINT4); int good_ipaddr(char *); void ipaddr2str(char *, UINT4); void pairfree(VALUE_PAIR *); diff -Naur radiusd-cistron-1.6.4/src/util.c radiusd-cistron-1.6.4-subnet/src/util.c --- radiusd-cistron-1.6.4/src/util.c Wed Jun 28 23:34:22 2000 +++ radiusd-cistron-1.6.4-subnet/src/util.c Thu Nov 9 14:50:47 2000 @@ -94,6 +94,85 @@ return(ntohl(*(UINT4 *)hp->h_addr)); } +/* +* Return an IP address in host long notation from a class +*/ + + +UINT4 get_ipaddr_class(char *host) +{ + + struct hostent *hp; + UINT4 ipstr2long(); + char *ptr; + + + if (strchr(host,'/' ) == NULL){ + + if(good_ipaddr(host) == 0) { + return(ipstr2long(host)); + } + else if((hp = gethostbyname(host)) == (struct hostent *)NULL) { + return((UINT4)0); + } + return(ntohl(*(UINT4 *)hp->h_addr)); + + } + + + + + else{ + if( (ptr=strtok(host,"/") ) !=NULL){ + + if(good_ipaddr(ptr) != 0){ + return -1; + } + return(ipstr2long(host)); + } + } + +} +/* + * Return an NETMASK in dot notation. + */ + + + UINT4 get_mask(char *host) + +{ + + char *p; + UINT4 ipmask; + + if((p=strchr(host,'/'))!=NULL){ + p++; + if(strlen(p)>3){ + if(good_ipaddr(p) != 0) { + return -1; + } + ipmask=ipstr2long(p); + return(ipmask); + } + else { + ipmask=netmask(p) ; + if(ipmask==0) + { + return -1; + } + else return(ipmask); + } + + } + + ipmask=ipstr2long("255.255.255.255"); + return(ipmask); + + } + + + + /* * Check for valid IP address in standard dot notation. @@ -326,4 +405,41 @@ return dest; } +/* +* Return an netmask in host long notation from +* one supplied in non standard dot notation +*/ + +UINT4 netmask(char *maskstr) +{ + UINT4 nmask=0; + int nbit=0; + int pos; + + nbit=atoi(maskstr); + if(nbit<8 || nbit>32) + return 0; + + + for(pos=0;pos>=1; + } + return(count); +}