server labitat {

	listen {
		type = auth
		ipaddr = 10.42.0.1
		port = 0

		limit {
			max_connections = 16
			lifetime = 0
			idle_timeout = 30
		}
	}

	authorize {
		filter_username
		preprocess
		auth_log

		eap {
			ok = return
		}

		expiration
		logintime
		pap
	}

	authenticate {
		Auth-Type PAP {
			pap
		}

		eap
	}

	preacct {
		preprocess
		acct_unique
		suffix
	}

	accounting {
		exec
		attr_filter.accounting_response
	}

	session {
	}

	post-auth {
		exec
		remove_reply_message_if_eap

		Post-Auth-Type REJECT {
			attr_filter.access_reject
			eap
			remove_reply_message_if_eap
		}
	}

	pre-proxy {
	}

	post-proxy {
		eap
	}
}