From 477cc2bc24b4b0a36b2bc765c1bb4d79a2eacaed Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 5 Jun 2012 19:24:16 +0000
Subject: Import OpenVPN cisco style radius attributes applying policy to
 logged in users. Feature #2100

---
 usr/local/sbin/openvpn.attributes.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100755 usr/local/sbin/openvpn.attributes.sh

(limited to 'usr')

diff --git a/usr/local/sbin/openvpn.attributes.sh b/usr/local/sbin/openvpn.attributes.sh
new file mode 100755
index 0000000..b88d1df
--- /dev/null
+++ b/usr/local/sbin/openvpn.attributes.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+echo $script_type > /tmp/script
+if [ "$script_type" = "client-connect" ]; then
+	if [ -f /tmp/$common_name ]; then
+		/bin/cat /tmp/$common_name > $1
+		/bin/rm /tmp/$common_name
+	fi
+elif [ "$script_type" = "client-disconnect" ]; then
+	command="/sbin/pfctl -a 'openvpn/$common_name' -F rules"
+        eval $command
+	/sbin/pfctl -k $ifconfig_pool_remote_ip
+	/sbin/pfctl -K $ifconfig_pool_remote_ip
+fi
+
+exit 0
-- 
cgit v1.1