radius_dictionary_file
Differences
This shows you the differences between two versions of the page.
|
radius_dictionary_file [2014/08/22 19:50] |
radius_dictionary_file [2023/08/14 06:41] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | === RADIUS Dictionary File === | ||
| + | The RADIUS Dictionary File (radius.txt) is a text file which defines the RADIUS attributes used in Evolynx RADIUS Server. This file is loaded and parsed by the server application at start-up and if a change is made to contents of this file, Evolynx server must be re-started for changes to effect. | ||
| + | ===File Format=== | ||
| + | Dictionary file is a text file. Each line of text is parsed separately than other lines. It means that a command can not be broken into more than one line. TAB and space characters can be used as separators between parameters of each command. | ||
| + | If a line starts with " -" character, that line will be ignored. This feature can be used for placing remarks and descriptions in the file. | ||
| + | Each line of dictionary file defines one entry using a command. Currently there are 2 different types of dictionary entries: | ||
| + | |||
| + | * ATTRIBUTE | ||
| + | * VENDORATTR | ||
| + | |||
| + | ===ATTRIBUTE=== | ||
| + | If a line is started with ATTRIBUTE command, that line will be parsed as a normal RADIUS attribute. Format of an ATTRIBUTE command is: | ||
| + | |||
| + | <code>ATTRIBUTE name code type <nowiki>[Used_in ...]</nowiki></code> | ||
| + | |||
| + | ==name== | ||
| + | |||
| + | This is a string of characters used as a name for the attribute. | ||
| + | Name is NOT case-sensitive. Space and TAB characters are not permitted in a name. Name must be unique. | ||
| + | |||
| + | ==code== | ||
| + | |||
| + | Code is an integer number normally in the range of 1-191. This is the Attribute code defined in RADIUS RFCs. | ||
| + | |||
| + | ==type== | ||
| + | |||
| + | This parameter specifies how Evolynx RADIUS will interpret the value of this attribute. There are 4 different types defined in Evolynx RADIUS server: | ||
| + | |||
| + | * string | ||
| + | * integer | ||
| + | * octets | ||
| + | * ipaddr | ||
| + | |||
| + | |||
| + | ==Used_in ...== | ||
| + | |||
| + | These parameters are up to 6 values of 0 or 1. Each of these values determines if this attribute is used in any of following six primary RADIUS packet types respectively: | ||
| + | |||
| + | * Access Request | ||
| + | * Access Accept | ||
| + | * Access Reject | ||
| + | * Access Challenge | ||
| + | * Accounting Request | ||
| + | * Accounting Ack | ||
| + | |||
| + | Example: User-Name attribute is used in Access Request, Access Accept and Accounting Request packets, so we need to put "1" in positions 1, 2 and 5, as follows: | ||
| + | |||
| + | <code>1 1 0 0 1 0</code> | ||
| + | |||
| + | Evolynx RADIUS server uses these values when creating RADIUS packets (either to send to a client device or to forward to a remote server). For example, if a value of 1 exists for Access Accept (second position), then this attribute will be included in the outgoing packet (Only if it has a value). | ||
| + | |||
| + | ===VENDORATTR=== | ||
| + | If a line is started with VENDORATTR command, that line will be parsed as a Vendor Specific Attribute (VSA). Format of an VENDORATTR command is: | ||
| + | |||
| + | <code>ATTRIBUTE vendorID name code type <nowiki>[Used_in ...]</nowiki></code> | ||
| + | |||
| + | ==vendorID== | ||
| + | Specifies the Vendor. For example 311 is for Microsoft and 9 is for Cisco. | ||
| + | |||
| + | ==code== | ||
| + | Code is an integer number specifying this VSA. This code is defined by each vendor. | ||
| + | (All other parameters are as described for ATTRIBUTE command.) | ||
| + | |||
| + | ===Notes=== | ||
| + | * Do not modify this file (radius.txt) unless you are an expert in configuring RADIUS attributes. | ||
| + | |||
| + | * Always use standard names for attributes, because some of the attribute names are hard-coded inside the program. | ||
| + | |||
| + | * If you define a new attribute in dictionary file and mark it to be included in out-going packets, it does not guarantee that it will be included in that packet. It will be included in an out-going packet only if it has a value. An Attribute will be included in out-going packets only if: | ||
| + | * It receives a value from an in-coming packet. | ||
| + | * Hard coded logic inside Evolynx RADIUS server creates it. | ||
| + | * A developer creates a code using Evolynx API to create that attributes. | ||
radius_dictionary_file.txt ยท Last modified: 2023/08/14 06:41 (external edit)
