forked from osmocom/wireshark
648 lines
30 KiB
XML
648 lines
30 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE dictionary SYSTEM "dictionary.dtd" [
|
|
<!ENTITY nasreq SYSTEM "nasreq.xml">
|
|
<!ENTITY mobileipv4 SYSTEM "mobileipv4.xml">
|
|
<!ENTITY sunping SYSTEM "sunping.xml">
|
|
]>
|
|
<dictionary>
|
|
<base uri="ftp://ftp.ietf.org/internet-drafts/draft-ietf-aaa-diameter-07.txt">
|
|
<!--
|
|
$Log: dictionary.xml,v $
|
|
Revision 1.1 2001/11/01 21:52:44 guy
|
|
From David Frascone: duUpdate to Diameter dissector to load the
|
|
dictionary as an XML file rather than building it in, and various
|
|
Diameter updates.
|
|
|
|
Revision 1.7 2001/08/24 18:03:24 chaos
|
|
Mark's Changes
|
|
|
|
Revision 1.6 2001/07/31 19:13:55 chaos
|
|
Missed a couple of MIP AVPs
|
|
|
|
Revision 1.5 2001/07/31 19:09:22 chaos
|
|
Added Mobile-Ip and Sun Ping Extension
|
|
|
|
Revision 1.4 2001/07/31 17:43:25 chaos
|
|
Oops, forgot to turn on validity checking. Fixed some errors found with validity checking turned on
|
|
|
|
Revision 1.3 2001/07/31 16:56:31 chaos
|
|
Added commands, and validated with xmllint
|
|
|
|
Revision 1.2 2001/07/31 16:29:34 chaos
|
|
Checking in some changes to verify log and ident strings
|
|
|
|
-->
|
|
<!-- *********************** Commands ***************************** -->
|
|
<!-- Diameter Base Protocol Command Codes -->
|
|
<command name="Abort-Session" code="274" vendor-id="None">
|
|
<!-- Maybe some avp stuff here one day -->
|
|
</command>
|
|
<command name="Accounting" code="271" vendor-id="None"/>
|
|
<command name="Capabilities-Exchange" code="257" vendor-id="None"/>
|
|
<command name="Device-Watchdog" code="280" vendor-id="None"/>
|
|
<command name="Disconnect-Peer" code="282" vendor-id="None"/>
|
|
<command name="Re-Auth" code="258" vendor-id="None"/>
|
|
<command name="Session-Termination" code="275" vendor-id="None"/>
|
|
<!-- ********************** End Commands ************************** -->
|
|
|
|
<!-- ************************* Vendors **************************** -->
|
|
<vendor vendor-id="None" code="0" name="None"/>
|
|
<vendor vendor-id="Merit" code="61" name="Merit Networks"/>
|
|
<vendor vendor-id="Sun" code="42" name="Sun Microsystems, Inc."/>
|
|
<vendor vendor-id="USR" code="429" name="US Robotics Corp."/>
|
|
<!-- *********************** End Vendors ************************** -->
|
|
|
|
<!-- ************************ typedefn's ************************** -->
|
|
<typedefn type-name="OctetString"/>
|
|
<!--
|
|
The data contains arbitrary data of variable length. Unless
|
|
otherwise noted, the AVP Length field MUST be set to at least 9
|
|
(13 if the 'V' bit is enabled). Data used to transmit (human
|
|
readable) character string data uses the UTF-8 [24] character
|
|
set and is NOT NULL-terminated. The minimum Length field MUST
|
|
be 9, but can be set to any value up to 65504 bytes. AVP Values
|
|
of this type that do not align on a 32-bit boundary MUST have
|
|
the necessary padding.
|
|
-->
|
|
<typedefn type-name="UTF8String" type-parent="OctetString"/>
|
|
<!--
|
|
The UTF8String format is derived from the OctetString AVP Base
|
|
Format. This is a human readable string represented using the
|
|
ISO/IEC IS 10646-1 character set, encoded as an OctetString
|
|
using the UTF-8 [29] transformation format described in RFC
|
|
2279.
|
|
|
|
Since additional code points are added by amendments to the
|
|
10646 standard from time to time, implementations MUST be
|
|
prepared to encounter any code point from 0x00000001 to
|
|
0x7fffffff. Byte sequences that do not correspond to the valid
|
|
UTF-8 encoding of a code point or are outside this range are
|
|
prohibited. Note that since a code point of 0x00000000 is
|
|
prohibited, no octet will contain a value of 0x00.
|
|
|
|
The use of control codes SHOULD be avoided. When it is
|
|
necessary to represent a newline, the control code sequence CR
|
|
LF SHOULD be used.
|
|
|
|
The use of leading or trailing white space SHOULD be avoided.
|
|
|
|
For code points not directly supported by user interface
|
|
hardware or software, an alternative means of entry and
|
|
display, such as hexadecimal, MAY be provided.
|
|
|
|
For information encoded in 7-bit US-ASCII, the UTF-8 encoding
|
|
is identical to the US-ASCII encoding.
|
|
|
|
UTF-8 may require multiple bytes to represent a single
|
|
character / code point; thus the length of a UTF8String in
|
|
octets may be different from the number of characters encoded.
|
|
|
|
Note that the size of an UTF8String is measured in octets, not
|
|
characters.
|
|
|
|
The UTF8String MUST not contain any octets with a value of
|
|
zero.
|
|
-->
|
|
<typedefn type-name="IPAddress" type-parent="OctetString"/>
|
|
<!--
|
|
The IPAddress format is derived from the OctetString AVP Base
|
|
Format. It represents 32 bit (IPv4) [17] or 128 bit (IPv6) [16]
|
|
address, most significant octet first. The format of the
|
|
address (IPv4 or IPv6) is determined by the length. If the
|
|
attribute value is an IPv4 address, the AVP Length field MUST
|
|
be 12 (16 if 'V' bit is enabled), otherwise the AVP Length
|
|
field MUST be set to 24 (28 if the 'V' bit is enabled) for IPv6
|
|
addresses.
|
|
-->
|
|
<typedefn type-name="DiameterIdentity" type-parent="OctetString"/>
|
|
<!--
|
|
The DiameterIdentity format is derived from the OctetString AVP
|
|
Base Format. It uses the UTF-8 encoding and has the same
|
|
requirements as the UTF8String. In addition, it must follow
|
|
the Uniform Resource Identifiers (URI) syntax [29] rules
|
|
specified below:
|
|
|
|
Diameter-Identity = fqdn [ port ] [ transport ]
|
|
[ protocol ]
|
|
|
|
aaa-protocol = ( "diameter" | "radius" | "tacacs+" )
|
|
|
|
protocol = ";protocol=" aaa-protocol
|
|
; If absent, the default AAA protocol
|
|
; is diameter.
|
|
|
|
fqdn = Fully Qualified Host Name
|
|
|
|
port = ":" 1*DIGIT
|
|
; One of the ports used to listen for
|
|
; incoming connections. ; If absent,
|
|
; the default Diameter port (TBD) is
|
|
; assumed.
|
|
|
|
transport-protocol = ( "tcp" | "sctp" | "udp" )
|
|
|
|
transport = ";transport=" transport-protocol
|
|
|
|
; One of the transports used to listen
|
|
; for incoming connections. If absent,
|
|
; the default SCTP [26] protocol is
|
|
; assumed. UDP MUST NOT be used when
|
|
; the aaa-protocol field is set to
|
|
; diameter.
|
|
|
|
The following are examples of valid Diameter host
|
|
identities:
|
|
|
|
host.abc.com;transport=tcp
|
|
host.abc.com:6666;transport=tcp
|
|
aaa://host.abc.com;protocol=diameter
|
|
aaa://host.abc.com:6666;protocol=diameter
|
|
aaa://host.abc.com:6666;transport=tcp;protocol=diameter
|
|
aaa://host.abc.com:1813;transport=udp;protocol=radius
|
|
|
|
Since multiple Diameter processes on a single host cannot
|
|
listen for incoming connections on the same port on a given
|
|
protocol, the DiameterIdentity is guaranteed to be unique per
|
|
host.
|
|
|
|
A Diameter node MAY advertise different identities on each
|
|
connection, via the CER and CEA's Origin-Host AVP, but the same
|
|
identity MUST be used throughout the duration of a connection.
|
|
|
|
When comparing AVPs of this format, it is necessary to add any
|
|
absent fields with the default values prior to the comparison.
|
|
For example, diameter-host.abc.com would be expanded to
|
|
aaa://diameter/diameter-host.abc.com:TBD;protocol=sctp.
|
|
-->
|
|
<typedefn type-name="IPFilterRule" type-parent="OctetString"/>
|
|
<!--
|
|
The IPFilterRule format is derived from the OctetString AVP
|
|
Base Format. It uses the UTF-8 encoding and has the same
|
|
requirements as the UTF8String. Packets may be filtered based
|
|
on the following information that is associated with it:
|
|
|
|
Direction (in or out)
|
|
Source and destination IP address (possibly masked)
|
|
Protocol
|
|
Source and destination port (lists or ranges)
|
|
TCP flags
|
|
IP fragment flag
|
|
IP options
|
|
ICMP types
|
|
|
|
Rules for the appropriate direction are evaluated in order,
|
|
with the first matched rule terminating the evaluation. Each
|
|
packet is evaluated once. If no rule matches, the packet is
|
|
dropped if the last rule evaluated was a permit, and passed if
|
|
the last rule was a deny.
|
|
|
|
IPFilterRule filters MUST follow the format:
|
|
|
|
action dir proto from src to dst [options]
|
|
|
|
action permit - Allow packets that match the rule.
|
|
deny - Drop packets that match the rule.
|
|
|
|
dir "in" is from the terminal, "out" is to the
|
|
terminal.
|
|
|
|
proto An IP protocol specified by number. The "ip"
|
|
keyword means any protocol will match.
|
|
|
|
src and dst <address/mask> [ports]
|
|
|
|
The <address/mask> may be specified as:
|
|
ipno An IPv4 or IPv6 number in dotted-
|
|
quad or canonical IPv6 form. Only
|
|
this exact IP number will match the
|
|
rule.
|
|
ipno/bits An IP number as above with a mask
|
|
width of the form 1.2.3.4/24. In
|
|
this case all IP numbers from
|
|
1.2.3.0 to 1.2.3.255 will match.
|
|
The bit width MUST be valid for the
|
|
IP version and the IP number MUST
|
|
NOT have bits set beyond the mask.
|
|
|
|
The sense of the match can be inverted by
|
|
preceding an address with the not modifier,
|
|
causing all other addresses to be matched
|
|
instead. This does not affect the selection of
|
|
port numbers.
|
|
|
|
The keyword "any" is 0.0.0.0/0 or the IPv6
|
|
equivalent. The keyword "assigned" is the
|
|
address or set of addresses assigned to the
|
|
terminal. The first rule SHOULD be "deny in
|
|
ip !assigned".
|
|
|
|
With the TCP, UDP and SCTP protocols, optional
|
|
ports may be specified as:
|
|
|
|
{port|port-port}[,port[,...]]
|
|
|
|
The `-' notation specifies a range of ports
|
|
(including boundaries).
|
|
|
|
Fragmented packets which have a non-zero offset
|
|
(i.e. not the first fragment) will never match
|
|
a rule which has one or more port
|
|
specifications. See the frag option for
|
|
details on matching fragmented packets.
|
|
|
|
options:
|
|
frag Match if the packet is a fragment and this is not
|
|
the first fragment of the datagram. frag may not
|
|
be used in conjunction with either tcpflags or
|
|
TCP/UDP port specifications.
|
|
|
|
ipoptions spec
|
|
Match if the IP header contains the comma
|
|
separated list of options specified in spec. The
|
|
supported IP options are:
|
|
|
|
ssrr (strict source route), lsrr (loose source
|
|
route), rr (record packet route) and ts
|
|
(timestamp). The absence of a particular option
|
|
may be denoted with a `!'.
|
|
|
|
tcpoptions spec
|
|
Match if the TCP header contains the comma
|
|
separated list of options specified in spec. The
|
|
supported TCP options are:
|
|
|
|
mss (maximum segment size), window (tcp window
|
|
advertisement), sack (selective ack), ts (rfc1323
|
|
timestamp) and cc (rfc1644 t/tcp connection
|
|
count). The absence of a particular option may
|
|
be denoted with a `!'.
|
|
|
|
established
|
|
TCP packets only. Match packets that have the RST
|
|
or ACK bits set.
|
|
|
|
setup TCP packets only. Match packets that have the SYN
|
|
bit set but no ACK bit.
|
|
|
|
tcpflags spec
|
|
TCP packets only. Match if the TCP header
|
|
contains the comma separated list of flags
|
|
specified in spec. The supported TCP flags are:
|
|
|
|
fin, syn, rst, psh, ack and urg. The absence of a
|
|
particular flag may be denoted with a `!'. A rule
|
|
which contains a tcpflags specification can never
|
|
match a fragmented packet which has a non-zero
|
|
offset. See the frag option for details on
|
|
matching fragmented packets.
|
|
|
|
icmptypes types
|
|
ICMP packets only. Match if the ICMP type is in
|
|
the list types. The list may be specified as any
|
|
combination of ranges or individual types
|
|
separated by commas. The supported ICMP types
|
|
are:
|
|
|
|
echo reply (0), destination unreachable (3),
|
|
source quench (4), redirect (5), echo request
|
|
(8), router advertisement (9), router
|
|
solicitation (10), time-to-live exceeded (11), IP
|
|
header bad (12), timestamp request (13),
|
|
timestamp reply (14), information request (15),
|
|
information reply (16), address mask request (17)
|
|
and address mask reply (18).
|
|
|
|
There is one kind of packet that the access device MUST always
|
|
discard, that is an IP fragment with a fragment offset of one.
|
|
This is a valid packet, but it only has one use, to try to
|
|
circumvent firewalls.
|
|
|
|
An access device that is unable to interpret or apply a deny
|
|
rule MUST terminate the session. An access device that is
|
|
unable to interpret or apply a permit rule MAY apply a more
|
|
restrictive rule. An access device MAY apply deny rules of
|
|
its own before the supplied rules, for example to protect
|
|
the access device owner's infrastructure.
|
|
|
|
The rule syntax is a modified subset of ipfw(8) from FreeBSD,
|
|
and the ipfw.c code may provide a useful base for
|
|
implementations.
|
|
-->
|
|
<typedefn type-name="QOSFilterRule" type-parent="OctetString"/>
|
|
<!--
|
|
The QosFilterRule format is derived from the OctetString AVP
|
|
Base Format. It uses the UTF-8 encoding and has the same
|
|
requirements as the UTF8String. Packets may be marked or
|
|
metered based on the following information that is associated
|
|
with it:
|
|
|
|
Direction (in or out)
|
|
Source and destination IP address (possibly masked)
|
|
Protocol
|
|
Source and destination port (lists or ranges)
|
|
DSCP values (no mask or range)
|
|
|
|
Rules for the appropriate direction are evaluated in order,
|
|
with the first matched rule terminating the evaluation. Each
|
|
packet is evaluated once. If no rule matches, the packet is
|
|
treated as best effort.
|
|
|
|
QoSFilterRule filters MUST follow the format:
|
|
|
|
action dir proto from src to dst [options]
|
|
|
|
tag - Mark packet with a specific DSCP [49].
|
|
The DSCP option MUST be included.
|
|
|
|
meter - Meter traffic. The metering options
|
|
MUST be included.
|
|
|
|
dir "in" is from the terminal, "out" is to the
|
|
terminal.
|
|
|
|
proto An IP protocol specified by number. The "ip"
|
|
keyword means any protocol will match.
|
|
|
|
src and dst <address/mask> [ports]
|
|
|
|
The <address/mask> may be specified as:
|
|
ipno An IPv4 or IPv6 number in dotted-
|
|
quad or canonical IPv6 form. Only
|
|
this exact IP number will match the
|
|
rule.
|
|
ipno/bits An IP number as above with a mask
|
|
width of the form 1.2.3.4/24. In
|
|
this case all IP numbers from
|
|
1.2.3.0 to 1.2.3.255 will match.
|
|
The bit width MUST be valid for the
|
|
IP version and the IP number MUST
|
|
NOT have bits set beyond the mask.
|
|
|
|
The sense of the match can be inverted by
|
|
preceding an address with the not modifier,
|
|
causing all other addresses to be matched
|
|
instead. This does not affect the selection of
|
|
port numbers.
|
|
|
|
The keyword "any" is 0.0.0.0/0 or the IPv6
|
|
equivalent. The keyword "assigned" is the
|
|
address or set of addresses assigned to the
|
|
terminal. The first rule SHOULD be "deny in
|
|
ip !assigned".
|
|
|
|
With the TCP, UDP and SCTP protocols, optional
|
|
ports may be specified as:
|
|
|
|
{port|port-port}[,port[,...]]
|
|
|
|
The `-' notation specifies a range of ports
|
|
(including boundaries).
|
|
|
|
options:
|
|
|
|
DSCP <color>
|
|
color values as defined in [49]. Exact matching
|
|
of DSCP values is required (no masks or ranges).
|
|
the "deny" can replace the color_under or
|
|
color_over values in the meter action for rate-
|
|
dependent packet drop.
|
|
|
|
metering <rate> <color_under> <color_over>
|
|
The metering option provides Assured Forwarding,
|
|
as defined in [50], and MUST be present if the
|
|
action is set to meter. The rate option is the
|
|
throughput, in bits per second, which is used by
|
|
the access device to mark packets. Traffic above
|
|
the rate is marked with the color_over codepoint,
|
|
while traffic under the rate is marked with the
|
|
color_under codepoint. The color_under and
|
|
color_over options contain the drop preferences,
|
|
and MUST conform to the recommended codepoint
|
|
keywords described in [50] (e.g. AF13).
|
|
|
|
The metering option also supports the strict
|
|
limit on traffic required by Expedited
|
|
Forwarding, as defined in [51]. The color_over
|
|
option may contain the keyword "drop" to prevent
|
|
forwarding of traffic that exceeds the rate
|
|
parameter.
|
|
|
|
The rule syntax is a modified subset of ipfw(8) from FreeBSD,
|
|
and the ipfw.c code may provide a useful base for
|
|
implementations.
|
|
|
|
-->
|
|
<typedefn type-name="MIPRegistrationRequest" type-parent="OctetString"/>
|
|
|
|
<typedefn type-name="Integer32"/>
|
|
<!--
|
|
32 bit signed value, in network byte order. The AVP Length
|
|
field MUST be set to 12 (16 if the 'V' bit is enabled).
|
|
-->
|
|
<typedefn type-name="VendorId" type-parent="Integer32"/>
|
|
<typedefn type-name="AppId" type-parent="Integer32"/>
|
|
<typedefn type-name="Integer64"/>
|
|
<!--
|
|
64 bit signed value, in network byte order. The AVP Length
|
|
field MUST be set to 16 (20 if the 'V' bit is enabled).
|
|
-->
|
|
<typedefn type-name="Unsigned32"/>
|
|
<!--
|
|
32 bit unsigned value, in network byte order. The AVP Length
|
|
field MUST be set to 12 (16 if the 'V' bit is enabled).
|
|
Unsigned32 values used to transmit time data contains the four
|
|
most significant octets returned from NTP [18], in network byte
|
|
order.
|
|
-->
|
|
<typedefn type-name="Time"/>
|
|
<!--
|
|
The Time format is derived from the Unsigned32 AVP Base Format.
|
|
This is 32 bit unsigned value containing the four most
|
|
significant octets returned from NTP [18], in network byte
|
|
order.
|
|
|
|
This represent the number of seconds since 0h on 1 January 1900
|
|
with respect to the Coordinated Universal Time (UTC).
|
|
|
|
On 6h 28m 16s UTC, 7 February 2036 the time value will
|
|
overflow. NTP [18] describes a procedure to extend the time to
|
|
2104.
|
|
-->
|
|
<typedefn type-name="Unsigned64"/>
|
|
<!--
|
|
64 bit unsigned value, in network byte order. The AVP Length
|
|
field MUST be set to 16 (20 if the 'V' bit is enabled).
|
|
-->
|
|
<!-- ************************* End Typedefns ************************ -->
|
|
<!-- ******************* DIAMETER BASE PROTOCOL AVPS ************************ -->
|
|
<avp name="Accounting-Interim-Interval" code="482" mandatory="must" may-encrypt="yes" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Accounting-Multi-Session-Id" code="50" mandatory="must" protected="may" may-encrypt="yes" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Accounting-Record-Number" code="485" mandatory="must" may-encrypt="yes" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Accounting-Record-Type" code="480" mandatory="must" may-encrypt="yes" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
<enum name="Event Record" code="1"/>
|
|
<enum name="Start Record" code="2"/>
|
|
<enum name="Interim Record" code="3"/>
|
|
<enum name="Stop Record" code="4"/>
|
|
</avp>
|
|
<avp name="Accounting-Session-Id" code="44" mandatory="must" protected="may" may-encrypt="yes" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Acct-Application-Id" code="259" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="AppId"/>
|
|
</avp>
|
|
<avp name="Alternate-Peer" code="275" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="DiameterIdentity"/>
|
|
</avp>
|
|
<avp name="Auth-Application-Id" code="258" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="AppId"/>
|
|
</avp>
|
|
<avp name="Auth-Request-Type" code="274" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
<enum name="Authenticate Only" code="1"/>
|
|
<enum name="Authorize Only" code="2"/>
|
|
<enum name="Authorize Authenticate" code="3"/>
|
|
</avp>
|
|
<avp name="Authorization-Lifetime" code="291" mandatory="must" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="Integer32"/>
|
|
</avp>
|
|
<avp name="Auth-Grace-Period" code="276" mandatory="must" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Auth-Session-State" code="277" mandatory="must" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
<enum name="State Maintained" code="0"/>
|
|
<enum name="No State Maintained" code="0"/>
|
|
</avp>
|
|
<avp name="Re-Auth-Request-Type" code="285" mandatory="must" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
<enum name="Authorize Only" code="0"/>
|
|
<enum name="Authorize Authenticate" code="1"/>
|
|
</avp>
|
|
<avp name="Destination-Host" code="293" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="DiameterIdentity"/>
|
|
</avp>
|
|
<avp name="Destination-Realm" code="283" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="UTF8String"/>
|
|
</avp>
|
|
<avp name="Disconnect-Cause" code="273" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
<enum name="Rebooting" code="0"/>
|
|
<enum name="Busy" code="2"/>
|
|
<enum name="Do not want to talk to you" code="2"/>
|
|
</avp>
|
|
<avp name="Error-Message" code="281" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="UTF8String"/>
|
|
</avp>
|
|
<avp name="Error-Reporting-Host" code="294" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="DiameterIdentity"/>
|
|
</avp>
|
|
<avp name="Failed-AVP" code="279" mandatory="must" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="OctetString"/>
|
|
</avp>
|
|
<avp name="Firmware-Revision" code="267" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Host-IP-Address" code="257" mandatory="must" protected="mustnot" may-encrypt="no" vendor-bit="mustnot">
|
|
<type type-name="IPAddress"/>
|
|
</avp>
|
|
<avp name="Multi-Round-Time-Out" code="272" mandatory="must" may-encrypt="yes" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Origin-Host" code="264" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="DiameterIdentity"/>
|
|
</avp>
|
|
<avp name="Origin-Realm" code="296" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="UTF8String"/>
|
|
</avp>
|
|
<avp name="Origin-State-Id" code="278" mandatory="must" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Product-Name" code="269" mandatory="mustnot" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="UTF8String"/>
|
|
</avp>
|
|
<avp name="Proxy-Host" code="280" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="DiameterIdentity"/>
|
|
</avp>
|
|
<avp name="Proxy-Info" code="284" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="OctetString"/>
|
|
</avp>
|
|
<avp name="Redirect-Host" code="292" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="DiameterIdentity"/>
|
|
</avp>
|
|
<avp name="Redirect-Host-Usage" code="261" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
<enum name="Don't Care" code="0"/>
|
|
<enum name="All Session" code="1"/>
|
|
<enum name="All Realm" code="2"/>
|
|
<enum name="Realm and Application" code="3"/>
|
|
<enum name="All Application" code="4"/>
|
|
<enum name="All Host" code="5"/>
|
|
</avp>
|
|
<avp name="Redirect-Max-Cache-Time" code="262" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Result-Code" code="268" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Route-Record" code="282" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="DiameterIdentity"/>
|
|
</avp>
|
|
<avp name="Session-Id" code="263" mandatory="must" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="UTF8String"/>
|
|
</avp>
|
|
<avp name="Session-Binding" code="270" mandatory="must" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
</avp>
|
|
<avp name="Session-Server-Failover" code="271" mandatory="must" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
<enum name="Refuse Service" code="0"/>
|
|
<enum name="Try Again" code="1"/>
|
|
<enum name="Allow Service" code="2"/>
|
|
<enum name="Try Again / Allow Service" code="3"/>
|
|
</avp>
|
|
<avp name="Source-Route" code="286" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="DiameterIdentity"/>
|
|
</avp>
|
|
<avp name="Supported-Vendor-Id" code="265" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="VendorId"/>
|
|
</avp>
|
|
<avp name="Termination-Cause" code="295" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="Unsigned32"/>
|
|
<enum name="Logout" code="1"/>
|
|
<enum name="Service Not Provided" code="2"/>
|
|
<enum name="Bad Answer" code="3"/>
|
|
<enum name="Administrative" code="4"/>
|
|
<enum name="Link Broken" code="5"/>
|
|
</avp>
|
|
<avp name="Vendor-Id" code="266" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<type type-name="VendorId"/>
|
|
</avp>
|
|
<avp name="Vendor-Specific-Application-Id" code="260" mandatory="must" may-encrypt="no" protected="mustnot" vendor-bit="mustnot">
|
|
<grouped>
|
|
<gavp name="Vendor-Id"/>
|
|
<gavp name="Auth-Application-Id"/>
|
|
<gavp name="Acct-Application-Id"/>
|
|
</grouped>
|
|
</avp>
|
|
<avp name="Example-AVP" code="999999" mandatory="mustnot" vendor-bit="may">
|
|
<grouped>
|
|
<gavp name="Origin-Host"/>
|
|
<gavp name="Host-IP-Address"/>
|
|
</grouped>
|
|
</avp>
|
|
<!-- ************************ END DIAMETER BASE PROTOCOL AVPS ******************* -->
|
|
</base>
|
|
|
|
&nasreq;
|
|
&mobileipv4;
|
|
&sunping;
|
|
|
|
</dictionary>
|