forked from retailnext/ruby-radius
-
Notifications
You must be signed in to change notification settings - Fork 1
/
dictionary
289 lines (249 loc) · 14 KB
/
dictionary
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
#
# This file contains dictionary translations for parsing
# requests and generating responses. All transactions are
# composed of Attribute/Value Pairs. The value of each attribute
# is specified as one of 4 data types. Valid data types are:
#
# string - 0-253 octets
# ipaddr - 4 octets in network byte order
# integer - 32 bit value in big endian order (high byte first)
# date - 32 bit value in big endian order - seconds since
# 00:00:00 GMT, Jan. 1, 1970
#
# Enumerated values are stored in the user file with dictionary
# VALUE translations for easy administration.
#
# Example:
#
# ATTRIBUTE VALUE
# --------------- -----
# Framed-Protocol = PPP
# 7 = 1 (integer encoding)
#
#
# Proper names for everything - use this instead of the above
#
ATTRIBUTE User-Name 1 string
ATTRIBUTE User-Password 2 string
ATTRIBUTE CHAP-Password 3 string
ATTRIBUTE NAS-IP-Address 4 ipaddr
ATTRIBUTE NAS-Port 5 integer
ATTRIBUTE Service-Type 6 integer
ATTRIBUTE Framed-Protocol 7 integer
ATTRIBUTE Framed-IP-Address 8 ipaddr
ATTRIBUTE Framed-IP-Netmask 9 ipaddr
ATTRIBUTE Framed-Routing 10 integer
ATTRIBUTE Filter-Id 11 string
ATTRIBUTE Framed-MTU 12 integer
ATTRIBUTE Framed-Compression 13 integer
ATTRIBUTE Login-IP-Host 14 ipaddr
ATTRIBUTE Login-Service 15 integer
ATTRIBUTE Login-TCP-Port 16 integer
ATTRIBUTE Reply-Message 18 string
ATTRIBUTE Callback-Number 19 string
ATTRIBUTE Callback-Id 20 string
ATTRIBUTE Expiration 21 date
ATTRIBUTE Framed-Route 22 string
ATTRIBUTE Framed-IPX-Network 23 ipaddr
ATTRIBUTE State 24 string
ATTRIBUTE Class 25 octets
ATTRIBUTE Vendor-Specific 26 octets
ATTRIBUTE Session-Timeout 27 integer
ATTRIBUTE Idle-Timeout 28 integer
ATTRIBUTE Termination-Action 29 integer
ATTRIBUTE Called-Station-Id 30 string
ATTRIBUTE Calling-Station-Id 31 string
ATTRIBUTE NAS-Identifier 32 string
ATTRIBUTE Proxy-State 33 octets
ATTRIBUTE Login-LAT-Service 34 string
ATTRIBUTE Login-LAT-Node 35 string
ATTRIBUTE Login-LAT-Group 36 octets
ATTRIBUTE Framed-AppleTalk-Link 37 integer
ATTRIBUTE Framed-AppleTalk-Network 38 integer
ATTRIBUTE Framed-AppleTalk-Zone 39 string
ATTRIBUTE Acct-Status-Type 40 integer
ATTRIBUTE Acct-Delay-Time 41 integer
ATTRIBUTE Acct-Input-Octets 42 integer
ATTRIBUTE Acct-Output-Octets 43 integer
ATTRIBUTE Acct-Session-Id 44 string
ATTRIBUTE Acct-Authentic 45 integer
ATTRIBUTE Acct-Session-Time 46 integer
ATTRIBUTE Acct-Input-Packets 47 integer
ATTRIBUTE Acct-Ouput-Packets 48 integer
ATTRIBUTE Acct-Terminate-Cause 49 integer
ATTRIBUTE Event-Timestamp 55 date
ATTRIBUTE NAS-Port-Type 61 integer
ATTRIBUTE Port-Limit 62 integer
ATTRIBUTE CHAP-Challenge 60 octets
ATTRIBUTE Login-LAT-Port 63 string
ATTRIBUTE ARAP-Password 70 octets # 16 octets of data
ATTRIBUTE ARAP-Features 71 octets # 14 octets of data
ATTRIBUTE ARAP-Zone-Access 72 integer
ATTRIBUTE ARAP-Security 73 integer
ATTRIBUTE ARAP-Security-Data 74 string
ATTRIBUTE Password-Retry 75 integer
ATTRIBUTE Prompt 76 integer
ATTRIBUTE Connect-Info 77 string
ATTRIBUTE Configuration-Token 78 string
ATTRIBUTE EAP-Message 79 octets
ATTRIBUTE Message-Authenticator 80 octets
ATTRIBUTE ARAP-Challenge-Response 84 octets # 8 octets of data
ATTRIBUTE Acct-Interim-Interval 85 integer
# 86: RFC 2867
ATTRIBUTE NAS-Port-Id 87 string
ATTRIBUTE Framed-Pool 88 string
#
# Integer Translations
#
# Service types
VALUE Service-Type Login-User 1
VALUE Service-Type Framed-User 2
VALUE Service-Type Callback-Login-User 3
VALUE Service-Type Callback-Framed-User 4
VALUE Service-Type Outbound-User 5
VALUE Service-Type Administrative-User 6
VALUE Service-Type NAS-Prompt-User 7
VALUE Service-Type Authenticate-Only 8
VALUE Service-Type Callback-NAS-Prompt 9
VALUE Service-Type Call-Check 10
VALUE Service-Type Callback-Administrative 11
# Framed Protocols
VALUE Framed-Protocol PPP 1
VALUE Framed-Protocol SLIP 2
# Framed Routing Values
VALUE Framed-Routing None 0
VALUE Framed-Routing Broadcast 1
VALUE Framed-Routing Listen 2
VALUE Framed-Routing Broadcast-Listen 3
# Framed Compression Types
VALUE Framed-Compression None 0
VALUE Framed-Compression Van-Jacobson-TCP-IP 1
# Login Services
VALUE Login-Service Telnet 0
VALUE Login-Service Rlogin 1
VALUE Login-Service TCP-Clear 2
VALUE Login-Service PortMaster 3
# Status Types
VALUE Acct-Status-Type Start 1
VALUE Acct-Status-Type Stop 2
VALUE Acct-Status-Type Interim-Update 3
# Authentication Types
VALUE Acct-Authentic RADIUS 1
VALUE Acct-Authentic Local 2
VALUE Acct-Authentic PowerLink128 100
# Termination Options
VALUE Termination-Action Default 0
VALUE Termination-Action RADIUS-Request 1
# NAS Port Types, available in ComOS 3.3.1 and later
VALUE NAS-Port-Type Async 0
VALUE NAS-Port-Type Sync 1
VALUE NAS-Port-Type ISDN 2
VALUE NAS-Port-Type ISDN-V120 3
VALUE NAS-Port-Type ISDN-V110 4
# Acct Terminate Causes, available in ComOS 3.3.2 and later
VALUE Acct-Terminate-Cause User-Request 1
VALUE Acct-Terminate-Cause Lost-Carrier 2
VALUE Acct-Terminate-Cause Lost-Service 3
VALUE Acct-Terminate-Cause Idle-Timeout 4
VALUE Acct-Terminate-Cause Session-Timeout 5
VALUE Acct-Terminate-Cause Admin-Reset 6
VALUE Acct-Terminate-Cause Admin-Reboot 7
VALUE Acct-Terminate-Cause Port-Error 8
VALUE Acct-Terminate-Cause NAS-Error 9
VALUE Acct-Terminate-Cause NAS-Request 10
VALUE Acct-Terminate-Cause NAS-Reboot 11
VALUE Acct-Terminate-Cause Port-Unneeded 12
VALUE Acct-Terminate-Cause Port-Preempted 13
VALUE Acct-Terminate-Cause Port-Suspended 14
VALUE Acct-Terminate-Cause Service-Unavailable 15
VALUE Acct-Terminate-Cause Callback 16
VALUE Acct-Terminate-Cause User-Error 17
VALUE Acct-Terminate-Cause Host-Request 18
#
# Obsolete names for backwards compatibility with older users files
# If you want RADIUS accounting logs to use the new names instead of
# these, move this section to the beginning of the dictionary file
# and kill and restart radiusd
# If you don't have a RADIUS 1.16 users file that you're still using,
# you can delete or ignore this section.
#
ATTRIBUTE Client-Id 4 ipaddr
ATTRIBUTE Client-Port-Id 5 integer
ATTRIBUTE User-Service-Type 6 integer
ATTRIBUTE Framed-Address 8 ipaddr
ATTRIBUTE Framed-Netmask 9 ipaddr
ATTRIBUTE Framed-Filter-Id 11 string
ATTRIBUTE Login-Host 14 ipaddr
ATTRIBUTE Login-Port 16 integer
ATTRIBUTE Old-Password 17 string
ATTRIBUTE Port-Message 18 string
ATTRIBUTE Dialback-No 19 string
ATTRIBUTE Dialback-Name 20 string
ATTRIBUTE Challenge-State 24 string
VALUE Service-Type Dialback-Login-User 3
VALUE Service-Type Dialback-Framed-User 4
VALUE Service-Type Shell-User 6
VALUE Framed-Compression Van-Jacobsen-TCP-IP 1
#VALUE Auth-Type Unix 1
#
# END of obsolete names for backwards compatibility
#
#
# Configuration Values
# uncomment out these two lines to turn account expiration on
#
#VALUE Server-Config Password-Expiration 30
#VALUE Server-Config Password-Warning 5
##
## VENDOR SPECIFIC ATTRIBUTES
##
## The following entries demonstrate the use of VSAs
##
# cisco-avpair is used for various functions by cisco IOS. Most
# notably, it's used to create VPDN tunnels.
#
VENDORATTR 9 cisco-avpair 1 string
# Symbol attributes
# Access request attribute's
VENDORATTR 388 Symbol-Service-Type 1 integer
# SSID in the access request
VENDORATTR 388 Symbol-Wlan-Index 2 string
# Wlan index in the Access Request, deprecated in WING 5.0, this check item is replaced by VSA - Symbol-Allowed-ESSID
VENDORATTR 388 Symbol-Attr-4 4 string
VENDORATTR 388 Symbol-Allowed-ESSID 3 string
# Reply Attribute which sends the expiry date & time for the guest users
VENDORATTR 388 Guest-User-Expiry-Date-Time 7 string
# Reply Attribute which sends the start date & time for the guest users
VENDORATTR 388 Guest-User-Start-Date-Time 8 string
# Rate Limit Parameters
VENDORATTR 388 Symbol-Downlink-Limit-Kbps 10 integer
VENDORATTR 388 Symbol-Uplink-Limit-Kbps 11 integer
# User group name
VENDORATTR 388 Symbol-User-Group 12 string
VENDORATTR 388 Symbol-User-Device-Type 13 string
VENDORATTR 388 Symbol-User-OS 14 string
VENDORATTR 388 Symbol-User-Browser 15 string
VENDORATTR 388 Symbol-Login-Service 100 integer
# Aruba attributes
VENDORATTR 14823 Aruba-User-Role 1 string
VENDORATTR 14823 Aruba-User-Vlan 2 integer
VENDORATTR 14823 Aruba-Priv-Admin-User 3 integer
VENDORATTR 14823 Aruba-Admin-Role 4 string
VENDORATTR 14823 Aruba-Essid-Name 5 string
VENDORATTR 14823 Aruba-Location-Id 6 string
VENDORATTR 14823 Aruba-Port-Id 7 string
VENDORATTR 14823 Aruba-Template-User 8 string
VENDORATTR 14823 Aruba-Named-User-Vlan 9 string
VENDORATTR 14823 Aruba-AP-Group 10 string
VENDORATTR 14823 Aruba-Framed-IPv6-Address 11 string
# Airespace attributes
VENDORATTR 14179 Airespace-Wlan-Id 1 integer
VENDORATTR 14179 Airespace-QOS-Level 2 integer
VENDORATTR 14179 Airespace-DSCP 3 integer
VENDORATTR 14179 Airespace-8021p-Tag 4 integer
VENDORATTR 14179 Airespace-Interface-Name 5 string
VENDORATTR 14179 Airespace-ACL-Name 6 string
VENDORVALUE 14179 Airespace-QOS-Level Bronze 3
VENDORVALUE 14179 Airespace-QOS-Level Silver 0
VENDORVALUE 14179 Airespace-QOS-Level Gold 1
VENDORVALUE 14179 Airespace-QOS-Level Platinum 2