383 lines
12 KiB
Plaintext
383 lines
12 KiB
Plaintext
#
|
|
# Version $Id$
|
|
#
|
|
# This is derived from the FreeRADIUS dictionary
|
|
# http://www.freeradius.org
|
|
#
|
|
# This file contains dictionary translations for parsing
|
|
# radius packets. All transactions are
|
|
# composed of Attribute/Value Pairs.
|
|
#
|
|
#
|
|
# Valid data types are:
|
|
#
|
|
# string - 0-253 octets
|
|
# ipaddr - 4 octets in network byte order
|
|
# integer - 32 bit value in big endian order (high byte first)
|
|
# (wireshark uses this type for non-standard 1-2-3 and 8 byte integers as well)
|
|
# date - 32 bit value in big endian order - seconds since
|
|
# 00:00:00 GMT, Jan. 1, 1970
|
|
# ifid - 8 octets in network byte order
|
|
# ipv6addr - 16 octets in network byte order
|
|
# ipv6prefix - 18 octets in network byte order
|
|
# octets - raw octets, printed as hex strings
|
|
#
|
|
|
|
$INCLUDE dictionary.3com
|
|
$INCLUDE dictionary.3gpp
|
|
$INCLUDE dictionary.3gpp2
|
|
$INCLUDE dictionary.acc
|
|
$INCLUDE dictionary.alcatel
|
|
$INCLUDE dictionary.alteon
|
|
$INCLUDE dictionary.altiga
|
|
$INCLUDE dictionary.aptis
|
|
$INCLUDE dictionary.bay
|
|
$INCLUDE dictionary.bintec
|
|
$INCLUDE dictionary.cablelabs
|
|
$INCLUDE dictionary.cabletron
|
|
$INCLUDE dictionary.cisco
|
|
$INCLUDE dictionary.cisco.vpn3000
|
|
$INCLUDE dictionary.cisco.vpn5000
|
|
$INCLUDE dictionary.cisco.bbsm
|
|
$INCLUDE dictionary.cosine
|
|
$INCLUDE dictionary.colubris
|
|
$INCLUDE dictionary.columbia_university
|
|
$INCLUDE dictionary.ericsson
|
|
$INCLUDE dictionary.erx
|
|
$INCLUDE dictionary.extreme
|
|
$INCLUDE dictionary.freeradius
|
|
$INCLUDE dictionary.foundry
|
|
$INCLUDE dictionary.gandalf
|
|
$INCLUDE dictionary.garderos
|
|
$INCLUDE dictionary.gemtek
|
|
$INCLUDE dictionary.itk
|
|
$INCLUDE dictionary.juniper
|
|
$INCLUDE dictionary.karlnet
|
|
$INCLUDE dictionary.livingston
|
|
$INCLUDE dictionary.localweb
|
|
$INCLUDE dictionary.merit
|
|
$INCLUDE dictionary.microsoft
|
|
$INCLUDE dictionary.mikrotik
|
|
$INCLUDE dictionary.navini
|
|
$INCLUDE dictionary.nomadix
|
|
$INCLUDE dictionary.netscreen
|
|
$INCLUDE dictionary.propel
|
|
$INCLUDE dictionary.quintum
|
|
$INCLUDE dictionary.redback
|
|
$INCLUDE dictionary.redcreek
|
|
$INCLUDE dictionary.shasta
|
|
$INCLUDE dictionary.shiva
|
|
$INCLUDE dictionary.sonicwall
|
|
$INCLUDE dictionary.springtide
|
|
$INCLUDE dictionary.t_systems_nova
|
|
$INCLUDE dictionary.telebit
|
|
$INCLUDE dictionary.trapeze
|
|
$INCLUDE dictionary.tunnel
|
|
$INCLUDE dictionary.unisphere
|
|
$INCLUDE dictionary.valemount
|
|
$INCLUDE dictionary.versanet
|
|
$INCLUDE dictionary.wispr
|
|
$INCLUDE dictionary.xedia
|
|
|
|
# nokia an ascend use non-vendor avps
|
|
# activate either one or the other as some attributes have common codes
|
|
#$INCLUDE dictionary.nokia
|
|
$INCLUDE dictionary.ascend
|
|
|
|
# we do not support 16bit attribute codes yet
|
|
# $INCLUDE dictionary.usr
|
|
|
|
|
|
#
|
|
# The following are the proper new names. Use these.
|
|
#
|
|
# http://www.iana.org/assignments/radius-types
|
|
#
|
|
ATTRIBUTE User-Name 1 string
|
|
ATTRIBUTE User-Password 2 string encrypt=1
|
|
ATTRIBUTE CHAP-Password 3 octets
|
|
ATTRIBUTE NAS-IP-Address 4 ipaddr
|
|
ATTRIBUTE NAS-Port 5 integer
|
|
ATTRIBUTE Service-Type 6 integer
|
|
ATTRIBUTE Framed-Protocol 7 integer
|
|
ATTRIBUTE Framed-IP-Address 8 ipaddr
|
|
ATTRIBUTE Framed-IP-Netmask 9 ipaddr
|
|
ATTRIBUTE Framed-Routing 10 integer
|
|
ATTRIBUTE Filter-Id 11 string
|
|
ATTRIBUTE Framed-MTU 12 integer
|
|
ATTRIBUTE Framed-Compression 13 integer
|
|
ATTRIBUTE Login-IP-Host 14 ipaddr
|
|
ATTRIBUTE Login-Service 15 integer
|
|
ATTRIBUTE Login-TCP-Port 16 integer
|
|
ATTRIBUTE Reply-Message 18 string
|
|
ATTRIBUTE Callback-Number 19 string
|
|
ATTRIBUTE Callback-Id 20 string
|
|
ATTRIBUTE Framed-Route 22 string
|
|
ATTRIBUTE Framed-IPX-Network 23 ipaddr
|
|
ATTRIBUTE State 24 octets
|
|
ATTRIBUTE Class 25 octets
|
|
ATTRIBUTE Vendor-Specific 26 octets
|
|
ATTRIBUTE Session-Timeout 27 integer
|
|
ATTRIBUTE Idle-Timeout 28 integer
|
|
ATTRIBUTE Termination-Action 29 integer
|
|
ATTRIBUTE Called-Station-Id 30 string
|
|
ATTRIBUTE Calling-Station-Id 31 string
|
|
ATTRIBUTE NAS-Identifier 32 string
|
|
ATTRIBUTE Proxy-State 33 octets
|
|
ATTRIBUTE Login-LAT-Service 34 string
|
|
ATTRIBUTE Login-LAT-Node 35 string
|
|
ATTRIBUTE Login-LAT-Group 36 octets
|
|
ATTRIBUTE Framed-AppleTalk-Link 37 integer
|
|
ATTRIBUTE Framed-AppleTalk-Network 38 integer
|
|
ATTRIBUTE Framed-AppleTalk-Zone 39 string
|
|
|
|
ATTRIBUTE Acct-Status-Type 40 integer
|
|
ATTRIBUTE Acct-Delay-Time 41 integer
|
|
ATTRIBUTE Acct-Input-Octets 42 integer
|
|
ATTRIBUTE Acct-Output-Octets 43 integer
|
|
ATTRIBUTE Acct-Session-Id 44 string
|
|
ATTRIBUTE Acct-Authentic 45 integer
|
|
ATTRIBUTE Acct-Session-Time 46 integer
|
|
ATTRIBUTE Acct-Input-Packets 47 integer
|
|
ATTRIBUTE Acct-Output-Packets 48 integer
|
|
ATTRIBUTE Acct-Terminate-Cause 49 integer
|
|
ATTRIBUTE Acct-Multi-Session-Id 50 string
|
|
ATTRIBUTE Acct-Link-Count 51 integer
|
|
ATTRIBUTE Acct-Input-Gigawords 52 integer
|
|
ATTRIBUTE Acct-Output-Gigawords 53 integer
|
|
ATTRIBUTE Event-Timestamp 55 date
|
|
|
|
ATTRIBUTE CHAP-Challenge 60 octets
|
|
ATTRIBUTE NAS-Port-Type 61 integer
|
|
ATTRIBUTE Port-Limit 62 integer
|
|
ATTRIBUTE Login-LAT-Port 63 integer
|
|
|
|
ATTRIBUTE Acct-Tunnel-Connection 68 string
|
|
|
|
ATTRIBUTE ARAP-Password 70 string
|
|
ATTRIBUTE ARAP-Features 71 string
|
|
ATTRIBUTE ARAP-Zone-Access 72 integer
|
|
ATTRIBUTE ARAP-Security 73 integer
|
|
ATTRIBUTE ARAP-Security-Data 74 string
|
|
ATTRIBUTE Password-Retry 75 integer
|
|
ATTRIBUTE Prompt 76 integer
|
|
ATTRIBUTE Connect-Info 77 string
|
|
ATTRIBUTE Configuration-Token 78 string
|
|
ATTRIBUTE EAP-Message 79 octets
|
|
ATTRIBUTE Message-Authenticator 80 octets
|
|
ATTRIBUTE ARAP-Challenge-Response 84 string # 10 octets
|
|
ATTRIBUTE Acct-Interim-Interval 85 integer
|
|
ATTRIBUTE NAS-Port-Id 87 string
|
|
ATTRIBUTE Framed-Pool 88 string
|
|
ATTRIBUTE NAS-IPv6-Address 95 ipv6addr
|
|
ATTRIBUTE Framed-Interface-Id 96 ifid
|
|
ATTRIBUTE Framed-IPv6-Prefix 97 octets # ipv6prefix
|
|
ATTRIBUTE Login-IPv6-Host 98 ipv6addr
|
|
ATTRIBUTE Framed-IPv6-Route 99 string
|
|
ATTRIBUTE Framed-IPv6-Pool 100 string
|
|
|
|
# As defined in RFC 3576
|
|
ATTRIBUTE Error-Cause 101 integer
|
|
|
|
# As defined in RFC 4590
|
|
ATTRIBUTE Digest-Response 103 string
|
|
ATTRIBUTE Digest-Realm 104 string
|
|
ATTRIBUTE Digest-Nonce 105 string
|
|
ATTRIBUTE Digest-Nextnonce 106 string
|
|
ATTRIBUTE Digest-Response-Auth 107 string
|
|
ATTRIBUTE Digest-Method 108 string
|
|
ATTRIBUTE Digest-URI 109 string
|
|
ATTRIBUTE Digest-Qop 110 string
|
|
ATTRIBUTE Digest-Algorithm 111 string
|
|
ATTRIBUTE Digest-Entity-Body-Hash 112 string
|
|
ATTRIBUTE Digest-CNonce 113 string
|
|
ATTRIBUTE Digest-Nonce-Count 114 string
|
|
ATTRIBUTE Digest-Username 115 string
|
|
ATTRIBUTE Digest-Opaque 116 string
|
|
ATTRIBUTE Digest-Auth-Param 117 string
|
|
ATTRIBUTE Digest-AKA-Auts 118 string
|
|
ATTRIBUTE Digest-Domain 119 string
|
|
ATTRIBUTE Digest-Stale 120 string
|
|
ATTRIBUTE Digest-HA1 121 string
|
|
ATTRIBUTE SIP-AOR 122 string
|
|
|
|
# As defined in draft-sterman-aaa-sip-00.txt
|
|
ATTRIBUTE Digest-Response 206 string
|
|
ATTRIBUTE Digest-Attributes 207 octets # stupid format
|
|
|
|
|
|
#
|
|
# Integer Translations
|
|
#
|
|
|
|
# User Types
|
|
|
|
VALUE Service-Type Login-User 1
|
|
VALUE Service-Type Framed-User 2
|
|
VALUE Service-Type Callback-Login-User 3
|
|
VALUE Service-Type Callback-Framed-User 4
|
|
VALUE Service-Type Outbound-User 5
|
|
VALUE Service-Type Administrative-User 6
|
|
VALUE Service-Type NAS-Prompt-User 7
|
|
VALUE Service-Type Authenticate-Only 8
|
|
VALUE Service-Type Callback-NAS-Prompt 9
|
|
VALUE Service-Type Call-Check 10
|
|
VALUE Service-Type Callback-Administrative 11
|
|
VALUE Service-Type Voice 12
|
|
VALUE Service-Type Fax 13
|
|
VALUE Service-Type Modem-Relay 14
|
|
VALUE Service-Type IAPP-Register 15
|
|
VALUE Service-Type IAPP-AP-Check 16
|
|
VALUE Service-Type Authorize-Only 17
|
|
|
|
|
|
# Framed Protocols
|
|
|
|
VALUE Framed-Protocol PPP 1
|
|
VALUE Framed-Protocol SLIP 2
|
|
VALUE Framed-Protocol ARAP 3
|
|
VALUE Framed-Protocol Gandalf-SLML 4
|
|
VALUE Framed-Protocol Xylogics-IPX-SLIP 5
|
|
VALUE Framed-Protocol X.75-Synchronous 6
|
|
VALUE Framed-Protocol GPRS-PDP-Context 7
|
|
|
|
# Framed Routing Values
|
|
|
|
VALUE Framed-Routing None 0
|
|
VALUE Framed-Routing Broadcast 1
|
|
VALUE Framed-Routing Listen 2
|
|
VALUE Framed-Routing Broadcast-Listen 3
|
|
|
|
# Framed Compression Types
|
|
|
|
VALUE Framed-Compression None 0
|
|
VALUE Framed-Compression Van-Jacobson-TCP-IP 1
|
|
VALUE Framed-Compression IPX-Header-Compression 2
|
|
VALUE Framed-Compression Stac-LZS 3
|
|
|
|
# Login Services
|
|
|
|
VALUE Login-Service Telnet 0
|
|
VALUE Login-Service Rlogin 1
|
|
VALUE Login-Service TCP-Clear 2
|
|
VALUE Login-Service PortMaster 3
|
|
VALUE Login-Service LAT 4
|
|
VALUE Login-Service X25-PAD 5
|
|
VALUE Login-Service X25-T3POS 6
|
|
VALUE Login-Service TCP-Clear-Quiet 7
|
|
|
|
# Login-TCP-Port (see /etc/services for more examples)
|
|
|
|
VALUE Login-TCP-Port Telnet 23
|
|
VALUE Login-TCP-Port Rlogin 513
|
|
VALUE Login-TCP-Port Rsh 514
|
|
|
|
# Status Types
|
|
|
|
VALUE Acct-Status-Type Start 1
|
|
VALUE Acct-Status-Type Stop 2
|
|
VALUE Acct-Status-Type Interim-Update 3
|
|
VALUE Acct-Status-Type Alive 3
|
|
VALUE Acct-Status-Type Accounting-On 7
|
|
VALUE Acct-Status-Type Accounting-Off 8
|
|
# RFC 2867 Additional Status-Type Values
|
|
VALUE Acct-Status-Type Tunnel-Start 9
|
|
VALUE Acct-Status-Type Tunnel-Stop 10
|
|
VALUE Acct-Status-Type Tunnel-Reject 11
|
|
VALUE Acct-Status-Type Tunnel-Link-Start 12
|
|
VALUE Acct-Status-Type Tunnel-Link-Stop 13
|
|
VALUE Acct-Status-Type Tunnel-Link-Reject 14
|
|
VALUE Acct-Status-Type Failed 15
|
|
|
|
# Authentication Types
|
|
|
|
VALUE Acct-Authentic RADIUS 1
|
|
VALUE Acct-Authentic Local 2
|
|
VALUE Acct-Authentic Remote 3
|
|
VALUE Acct-Authentic Diameter 4
|
|
|
|
# Termination Options
|
|
|
|
VALUE Termination-Action Default 0
|
|
VALUE Termination-Action RADIUS-Request 1
|
|
|
|
# NAS Port Types
|
|
|
|
VALUE NAS-Port-Type Async 0
|
|
VALUE NAS-Port-Type Sync 1
|
|
VALUE NAS-Port-Type ISDN 2
|
|
VALUE NAS-Port-Type ISDN-V120 3
|
|
VALUE NAS-Port-Type ISDN-V110 4
|
|
VALUE NAS-Port-Type Virtual 5
|
|
VALUE NAS-Port-Type PIAFS 6
|
|
VALUE NAS-Port-Type HDLC-Clear-Channel 7
|
|
VALUE NAS-Port-Type X.25 8
|
|
VALUE NAS-Port-Type X.75 9
|
|
VALUE NAS-Port-Type G.3-Fax 10
|
|
VALUE NAS-Port-Type SDSL 11
|
|
VALUE NAS-Port-Type ADSL-CAP 12
|
|
VALUE NAS-Port-Type ADSL-DMT 13
|
|
VALUE NAS-Port-Type IDSL 14
|
|
VALUE NAS-Port-Type Ethernet 15
|
|
VALUE NAS-Port-Type xDSL 16
|
|
VALUE NAS-Port-Type Cable 17
|
|
VALUE NAS-Port-Type Wireless-Other 18
|
|
VALUE NAS-Port-Type Wireless-802.11 19
|
|
VALUE NAS-Port-Type Token-Ring 20
|
|
VALUE NAS-Port-Type FDDI 21
|
|
VALUE NAS-Port-Type Wireless-CDMA2000 22
|
|
VALUE NAS-Port-Type Wireless-UMTS 23
|
|
VALUE NAS-Port-Type Wireless-1X-EV 24
|
|
VALUE NAS-Port-Type IAPP 25
|
|
VALUE NAS-Port-Type FTTP 26
|
|
|
|
# Acct Terminate Causes
|
|
|
|
VALUE Acct-Terminate-Cause User-Request 1
|
|
VALUE Acct-Terminate-Cause Lost-Carrier 2
|
|
VALUE Acct-Terminate-Cause Lost-Service 3
|
|
VALUE Acct-Terminate-Cause Idle-Timeout 4
|
|
VALUE Acct-Terminate-Cause Session-Timeout 5
|
|
VALUE Acct-Terminate-Cause Admin-Reset 6
|
|
VALUE Acct-Terminate-Cause Admin-Reboot 7
|
|
VALUE Acct-Terminate-Cause Port-Error 8
|
|
VALUE Acct-Terminate-Cause NAS-Error 9
|
|
VALUE Acct-Terminate-Cause NAS-Request 10
|
|
VALUE Acct-Terminate-Cause NAS-Reboot 11
|
|
VALUE Acct-Terminate-Cause Port-Unneeded 12
|
|
VALUE Acct-Terminate-Cause Port-Preempted 13
|
|
VALUE Acct-Terminate-Cause Port-Suspended 14
|
|
VALUE Acct-Terminate-Cause Service-Unavailable 15
|
|
VALUE Acct-Terminate-Cause Callback 16
|
|
VALUE Acct-Terminate-Cause User-Error 17
|
|
VALUE Acct-Terminate-Cause Host-Request 18
|
|
VALUE Acct-Terminate-Cause Supplicant-Restart 19
|
|
VALUE Acct-Terminate-Cause Reauthentication-Failure 20
|
|
VALUE Acct-Terminate-Cause Port-Reinit 21
|
|
VALUE Acct-Terminate-Cause Port-Disabled 22
|
|
|
|
#VALUE Tunnel-Type L2TP 3
|
|
#VALUE Tunnel-Medium-Type IP 1
|
|
|
|
VALUE Prompt No-Echo 0
|
|
VALUE Prompt Echo 1
|
|
|
|
#
|
|
# Error causes
|
|
#
|
|
VALUE Error-Cause Residual-Context-Removed 201
|
|
VALUE Error-Cause Invalid-EAP-Packet 202
|
|
VALUE Error-Cause Unsupported-Attribute 401
|
|
VALUE Error-Cause Missing-Attribute 402
|
|
VALUE Error-Cause NAS-Identification-Mismatch 403
|
|
VALUE Error-Cause Invalid-Request 404
|
|
VALUE Error-Cause Unsupported-Service 405
|
|
VALUE Error-Cause Unsupported-Extension 406
|
|
VALUE Error-Cause Administratively-Prohibited 501
|
|
VALUE Error-Cause Proxy-Request-Not-Routable 502
|
|
VALUE Error-Cause Session-Context-Not-Found 503
|
|
VALUE Error-Cause Session-Context-Not-Removable 504
|
|
VALUE Error-Cause Proxy-Processing-Error 505
|
|
VALUE Error-Cause Resources-Unavailable 506
|
|
VALUE Error-Cause Request-Initiated 507
|