Home | pfodApps/pfodDevices | WebStringTemplates | Java/J2EE | Unix | Torches | Superannuation | | About Us
 

Forward Logo (image)      

Freebees - Webpage from Tacacs+ user logs
Tacacs+ configuration file

This is our tacacs+ configuration file to support the three classes of users. This file is generated automatically from our database whenever a user's access is changed.

The CWW and CWE users have an access list applied to their connection to limit their access to the Central West Web only (plus other selected sites such as the weather). CWW users can not send email outside the Central West Web. This restriction is inforced by modifications to sendmail (not yet released).

File tac_plus.conf

# configuration file for tac_plus V2.1 
# /usr/local/bin/tac_plus/tac_plus.conf
#
key= secret_key_here
accounting file = /var/log/tacacs-log
default authentication = file /etc/passwd

group = CWW {
  # cww access only
  service = exec {
      autocmd = "ppp default"
  }
  service = ppp protocol = ip {
    default attribute = permit
    inacl=101
  }

  service = ppp protocol = lcp {
     default attribute = permit
  }

  cmd = ppp {
     permit default
  }
}

group = CWE {
  # cww + ww email only
  service = exec {
      autocmd = "ppp default"
  }
  service = ppp protocol = ip {
    default attribute = permit
    inacl=101
  }

  service = ppp protocol = lcp {
     default attribute = permit
  }

  cmd = ppp {
     permit default
  }

}

group = INT {
 # full internet access
  service = exec {
      autocmd = "ppp default"
  }
  service = ppp protocol = ip {
    default attribute = permit
  }

  service = ppp protocol = lcp {
     default attribute = permit
  }

  cmd = ppp {
     permit default
  }

}



# typical entry for each user 
user = cww1234 {  member = INT }



Refer to Conditions of Use


Forward home page link (image)

Contact Forward Computing and Control by
©Copyright 1996-2012 Forward Computing and Control Pty. Ltd. ACN 003 669 994