perl
/
libnet-radius-perl
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Imported Upstream version 2.103+dfsg

This commit is contained in:
Mario Fetka 2017-09-15 15:01:34 +02:00
commit 885cfb79ed
115 changed files with 16877 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

197
Changes Normal file
View File

@ -0,0 +1,197 @@
Revision history for Perl extension RADIUS.
1.56 Fri Jun 8 09:55:35 VET 2007
* Yaroslav Bogomolov reported a problem when packing VSAs with
dictionaries with no VENDOR definitions (numeric VIDs). his
was fixed while preserving the intended behavior of having
->vendor_num return undef on this case. Thanks Yaroslav!
Added a reg test for this.
1.55 Thu Apr 26 16:21:46 VET 2007
* Darrian Hale reported that $p->unset_attr('Attribute',
$packet->attr('Attribute')) was b0rken due to the attribute
lookup using the "escaped" value instead of the raw value
returned by ->attr. Escaping was removed and a test was
added
* Versions bumped to 1.55 as prior fixes were confirmed to
work - Release to CPAN
Sun Apr 22 16:54:03 VET 2007
* Fixed the VSA packer to accept a vendor-id and a vendor
name. This will help if similar bugs are still lurking
around. This was pointed to by Pedro as well
Sat Apr 21 14:04:35 VET 2007
* Fixed VSA packing bug pointed out by Pedro Cavaca. Parts of
Packet.pm expected to receive a numeric vendor id, others
expected the string name
1.54 Tue Jan 30 11:13:42 VET 2007
* Added missing packet file to MANIFEST
* Fixed an innocuous warn() during make test
1.53 Tue Jan 30 06:25:33 VET 2007
* Packets with VSAs that couldn't be decoded caused an endless
loop. This has now been fixed by skipping over the b0rked
attribute, thus parsing as much of the packet as possible. A
warn() is issued
* The packet tests now fail if the decode causes a warn() -
This may be helpful in the future for catching subtle
errors, specially in the decoding of packets
* Added a new test packet for Cisco VPN 3000 - Thanks Luis
1.52 Mon Jan 8 15:47:38 VET 2007
* Added patch by Freman (consistend ->set_vsattr and
->unset_vsattr) - Thanks Freman
* ->attr_slot deprecated. ->attr_slot_name and ->attr_slot_val
introduced
* Added documentation for those methods
* Added tests to verify correct operation of the overwrite and
slots functionality
* Multiple attributes (ie, multiple Proxy-State attributes)
are now correctly handled
* Include (untested) patch from j7 (Thanks) which allows for
multiple VSAs. We need some testing for this...
Tue Jan 9 15:52:06 VET 2007
* Added support for the packet decoding tests as well as
samples of common packets in a live production environment
* dictionary.base now replaces dictionary.orig
Sun Jan 14 14:54:25 VET 2007
* Added BroadSoft VSA dictionary supplied by j7 - Fixed typo
within it
* Extracted binary packet from the sample provided by j7 and
added standard packet decoding test
1.51 Mon Nov 13 21:08:28 VET 2006
* Improve the ->dump() and ->str_dump() in ::Packet
* Add the ->auth_*_verify() methods and tests
* Dictionaries can now use the vendor name everywhere
* Added all the dictionaries from Ethereal for completeness
* Shipped dictionaries were cleaned up. IMPORTANT: Legacy,
obsolete entries have been commented. Please review the
dictionary files or keep the ones currently in production
before installing.
* Added pseudo-support for ipv6addr, ifid and date types
* Limit the packet authenticator to 16 bytes
* Tagged attribue support is broken/incomplete - Need examples
to properly write tests and fill in missing functionality
* ->password() now accepts an optional attribute to work with
instead of the default 'User-Password'
1.50 Mon Oct 23 15:43:20 VET 2006
Applied patch by Chris that adds support for tagged
attributes.
Applied patch from Flavio, adding this:
* [Dictionary.pm] accept a new keyword in dictionary file, namely
"PACKET", that allows to define packet types
* [Dictionary.pm] these packet types default to the current
state-of-the-art according to
http://www.iana.org/assignments/radius-types
* [Dictionary.pm] the packet types can be accessed via ad-hoc
methods
* [Dictionary.pm] the constructor has been extended to accept
a list of dictionary files to load upon creation (instead of
a single one)
* [Packet.pm] hardcoded mapping hashes in pack() and unpack()
methods are now loaded from the dictionary
Bumped version to 1.50 in the .pm files.
1.49 Wed Aug 9 11:57:52 VET 2006
- Making dictionaries case-insensitive seems to breaks old
code in hard to debug ways. This decision was officially
reversed
- set_password now accepts an optional attribute argmuent, to
tell the code where to store the encripted password. Still
defaults to 'User-Password'
1.46 Mon Jul 31 17:28:16 VET 2006
- Dictionaries now can be merged with each other, as suggested
by Kevin Steves
- Accessors for dictionary entries now use lc() to match what
is done at parse time
- Dictionaries are now officially case-insensitive
- Various documentation improvements and updates
- Added code against bug in Alcatel 5620 SAM Release 3.0
(Improper attribute type). Possibly helpful in other cases as
well
1.45 Thu Oct 16 10:45:02 VET 2003
- Added support for "octets" as requested by Alex Chen
- Improved / added tests. This now requires Test::More
- Understands the VENDOR syntax for FreeRadius
1.44 Tue Jan 7 23:06:12 VET 2003
- By default, tuples not in the dictionary are now ignored.
- Added ->show_unknown_entries() to issue warn()s for each unknown
tuple found in the packets.
1.43 Thu Dec 20 15:36:42 GMT 2001
Changes by Tony Mountifield <tony@mountifield.org>
- added set_password method to generate client password correctly
- added unset_attr method to remove an attribute from a Packet
- added example-client.pl to demonstrate auth and acct
- Added User-Password (as per RFC 2138) both in the code and
in the dictionaries [There's some (broken) software that insists
in 'Password', so this is used unless 'User-Password' is present -lem]
- corrected syntax of the "Welcome, Larry" reply message example.
1.42 Fri Jul 6 12:22:36 VET 2001
- Fixed sobe warnings in the packet dump code. (Thanks to Kevin Payne).
1.41 Fri May 11 10:54:19 EDT 2001
Changes by Jim Harle <harle@usna.edu> (Thanks Jim! -lem)
- added 3com dictionary
- added example radius<->ldap server
- fixed examples to show correct module name
- made Digest::MD5 a prerequisite in Makefile.PL
Dictionary.pm changes
- allow hex and octal constants in dictionary file
- give more details about unknown vendors
Packet.pm changes
- use Digest::MD5 instead of MD5 (newer)
- distinguishes between garbled and unknown VSAs
- individual garbled/unknown VSAs only printed once
- make sure empty passwords don't cause undefined if run with -w
- cleaned up password length issues when running with Authen::Radius
- made indenting in code regular
Changes by lem
- Minor edits here and there
- Errors produced by Net::Radius::Packet are not print'ed but warn'ed
so that they can be catched with $SIG{__WARN__}.
- Added examples/tutorial.pl to show how to use some basic
functions.
- Added ->str_dump to provide the output of a packet dump in
a string.
1.31 Tue 20 Feb 21:05:00 VET 2001
- Fixed test.pl so that make test works
- Added mods suggested by Quan Choi regarding the packing
of VSAs with 3Com VSAs
1.20 Tue 09 Nov 17:09:00 VET 1999
- Added modifications sent by Ian Smith <iansmith@ncinter.net>
to the VSA code. This allows VSAs to be sent and understood
properly by the USR/3COM Total Control family. This has not
been individually tested.
1.10 Sat 23 Jan 19:52:00 VET 1999
- VSAs now can appear multiple times in a packet. This changes
slightly the interface of the VSAs accessors
1.10 Fri 22 Jan 12:31:00 VET 1999
- Added 'date' attribute type. This is used by certain
dictionaries
- Garbled packets no longer attempt to call an undef
code reference in unpack()
- Added some suport for Vendor-Specific attributes
1.00 Fri 22 Aug 09:22:16 EDT 1997
- first released version

124
MANIFEST Normal file
View File

@ -0,0 +1,124 @@
build-stamp
Changes
contrib/bin2packet
contrib/rad-dump
dicts/dictionary
dicts/dictionary.3com
dicts/dictionary.3com-o
dicts/dictionary.3gpp
dicts/dictionary.3gpp2
dicts/dictionary.acc
dicts/dictionary.alcatel
dicts/dictionary.alteon
dicts/dictionary.altiga
dicts/dictionary.aptis
dicts/dictionary.ascend
dicts/dictionary.base
dicts/dictionary.bay
dicts/dictionary.bintec
dicts/dictionary.bristol
dicts/dictionary.broadsoft
dicts/dictionary.cablelabs
dicts/dictionary.cabletron
dicts/dictionary.cisco
dicts/dictionary.cisco.bbsm
dicts/dictionary.cisco.vpn3000
dicts/dictionary.cisco.vpn5000
dicts/dictionary.colubris
dicts/dictionary.columbia_university
dicts/dictionary.compat
dicts/dictionary.cosine
dicts/dictionary.erx
dicts/dictionary.extreme
dicts/dictionary.foundry
dicts/dictionary.freeradius
dicts/dictionary.gandalf
dicts/dictionary.garderos
dicts/dictionary.gemtek
dicts/dictionary.huawei
dicts/dictionary.itk
dicts/dictionary.juniper
dicts/dictionary.karlnet
dicts/dictionary.livingston
dicts/dictionary.localweb
dicts/dictionary.merit
dicts/dictionary.microsoft
dicts/dictionary.mikrotik
dicts/dictionary.navini
dicts/dictionary.netscreen
dicts/dictionary.nokia
dicts/dictionary.nomadix
dicts/dictionary.propel
dicts/dictionary.quintum
dicts/dictionary.redback
dicts/dictionary.redcreek
dicts/dictionary.shasta
dicts/dictionary.shiva
dicts/dictionary.sonicwall
dicts/dictionary.springtide
dicts/dictionary.t_systems_nova
dicts/dictionary.telebit
dicts/dictionary.trapeze
dicts/dictionary.tunnel
dicts/dictionary.unisphere
dicts/dictionary.unix
dicts/dictionary.usr
dicts/dictionary.valemount
dicts/dictionary.versanet
dicts/dictionary.wispr
dicts/dictionary.xedia
docs/rfc2865.txt
docs/rfc2866.txt
docs/rfc2869.txt
docs/rfc2882.txt
docs/rfc3575.txt
docs/rfc3576.txt
examples/example-client.pl
examples/example-menu.pl
examples/example-unix.pl
examples/example-yes.pl
examples/radius2ldap.pl
examples/tutorial.pl
install-stamp
Makefile.PL
MANIFEST This list of files
MANIFEST.SKIP
packets/broadsoft-areq-00.p
packets/cisco-acs-ar-01.p
packets/cisco-acs-ar-02.p
packets/cisco-acs-ar-03.p
packets/cisco-ios-12.2.18-01.p
packets/cisco-ios-12.2.18-02.p
packets/cisco-vpn3k-ar.p
packets/huawei-me60-accreq-01.p
packets/huawei-me60-acctreq-01.p
packets/huawei-me60-acctreq-02.p
packets/README
packets/rsa-aa-01.p
packets/rsa-aa-02.p
packets/rsa-ac-01.p
packets/rsa-ar-01.p
Radius/Dictionary.pm
Radius/Packet.pm
README
README.3COM
README.broken
README.debian
README.packets
README.server
README.VSA
t/00-load.t
t/00-pod.t
t/attrdict.t
t/attrover.t
t/attrslot.t
t/attrunset.t
t/auth.t
t/basedict.t
t/bundled.t
t/dictover.t
t/dump.t
t/packdict.t
t/packets.t
t/vsa.t
META.yml Module meta-data (added by MakeMaker)

32
MANIFEST.SKIP Normal file
View File

@ -0,0 +1,32 @@
^\.\.?
^Build$
^_build/
^blib/
^blibdirs
^debian/
Makefile$
Makefile\.[a-z]+$
pm_to_blib
CVS/.*
\.svn
\.cvs
,v$
^tmp/
\.old$
\.log$
\.bak$
\.tmp$
\.xsc$
~$
^#
\.shar$
\.tar$
\.tgz$
\.tar\.gz$
\.zip$
dict\.\d+$
_uu$
\.orig$
\.rej$
\.rej\.\d+$

15
META.yml Normal file
View File

@ -0,0 +1,15 @@
--- #YAML:1.0
name: Net-Radius
version: 2.103
abstract: ~
license: ~
author: ~
generated_by: ExtUtils::MakeMaker version 6.42
distribution_type: module
requires:
Digest::MD5: 0
Test::More: 0
Test::Warn: 0
meta-spec:
url: http://module-build.sourceforge.net/META-spec-v1.3.html
version: 1.3

25
Makefile.PL Normal file
View File

@ -0,0 +1,25 @@
use ExtUtils::MakeMaker;
my $version = (split(m/:/, qx{svnversion 2>/dev/null}, 2))[0];
$version = sprintf("%d", (q$Revision: 102 $ =~ /\d+/g)[0])
unless $version;
$version /= 1000;
$version += 2;
$version = sprintf("%0.3f", $version);
# See lib/ExtUtils/MakeMaker.pm for details of how to influence
# the contents of the Makefile that is written.
WriteMakefile(
'NAME' => 'Net::Radius',
VERSION => $version,
'PM' => {
map { ("$_.pm" => "\$(INST_LIBDIR)/$_.pm") }
qw(Radius/Packet Radius/Dictionary)
},
PREREQ_PM => {
'Digest::MD5' => 0,
'Test::More' => 0,
'Test::Warn' => 0,
},
'dist' => {COMPRESS => 'gzip -9f', SUFFIX => 'gz'}
);

119
README Normal file
View File

@ -0,0 +1,119 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Net::Radius Modules
===================
The modules included here provide an interface to the RADIUS
protocol. It consists of the following modules:
Net::Radius::Packet - Deals with RADIUS packets
Net::Radius::Dictionary - Deals with RADIUS dictionaries
This module is essentially the original RADIUS-1.0 distribution by
Christopher Masto plus a number of changes and fixes by Luis Muñoz and
Ian Smith.
It has been changed so that it better fits the CPAN namespace. See the
other README.* files in this archive for additional information.
The installation follows the standard protocol...
$ perl Makefile.PL
$ make
$ make test
$ make install
The ./examples directory contain a number of simple examples.
This code supports the use of vendor specific attributes. This
type of attribute is defined in RFC-2138 and is used to support
'propietary' extensions on top of the base RADIUS specification.
There are two new kinds of entries in the RADIUS dictionary in
order to specify VSAs.
VENDORATTR <vendor> <attribute> <id> <type>
This entry is used to create a new kind of vendor attribute,
such as in this example
VENDORATTR 9 cisco-avpair 1 string
This creates a new vendor-specific attribute for vendor 9 (Cisco
Systems), with name 'cisco-avpair'. This attribute is identified by
numeric id '1' and is associated with a string value.
The second type of entry allows the specification of named values.
The following is an hypotetical example of named value entry.
VENDORATTR 9 cisco-enum 254 integer
VENDORVALUE 9 cisco-enum Value-1 1
VENDORVALUE 9 cisco-enum Value-2 2
VENDORVALUE 9 cisco-enum Value-3 3
Alternatively, you can use the widely deployed FreeRadius dictionary
files' syntax of:
VENDOR Cisco 9
ATTRIBUTE Cisco-AVPair 1 string Cisco
About the stability, this code has been in very active use at a
largish ISP with millions of users using a variety of network
equipment with impressive results. It has been succesfully used under
FreeBSD, Linux, Solaris and Tru64.
There's copious support material along with this distribution. Please
do take a look.
DO YOU WANT TO THANK ME?
If you consider this a valuable contribution, there is a web page
where you can express your gratitude. Please see
http://mipagina.cantv.net/lem/thanks-en.html (English)
http://mipagina.cantv.net/lem/thanks-es.html (Spanish)
SECURITY CONSIDERATIONS
I have no control on the machanisms involved in the storage or
transport of this distribution. This means that I cannot guarantee
that the distribution you have in your hands is indeed, the same
distribution I packed and uploaded.
Along the distribution file, you should have a file with the extension
".asc". This contains a GPG "detached signature" that makes it
impossible for anybody to alter this distribution. If security is of
any concern to you, by all means verify the signature of this file and
contact the author if any discrepancy is detected.
You can find more information about this at the following URL
http://mipagina.cantv.net/lem/gpg/
COPYRIGHT AND LICENSE
Original work (c) Christopher Masto. Changes (c) 2002,2003 Luis
E. Muñoz <luismunoz@cpan.org>.
This software can be used under the same terms as perl itself. It also
carries the same warranties.
Please send bug reports (or patches) as well as feedback and
suggestions to
luismunoz@cpan.org
When submitting bugs, it is very important that you include the
relevant information for reproducing the bug. Packet dumps are most
useful.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)
iD8DBQFEznquQyDWGRI/hhARAq37AJ4nwkdiU1eqgpTObZ0G2QZ0jvQU2QCgkR28
nf3syw7TJsGGyrr/KSTcyfU=
=Of85
-----END PGP SIGNATURE-----

28
README.3COM Normal file
View File

@ -0,0 +1,28 @@
Feb 21 2001:
Finally the VSA packing/unpacking works with 3Com equipment. Ian Smith
contributed code to unpack VSAs coming from the 3Com. Quan Choi
reported useful information regarding the encoding of the
VSAs. According to Quan, 3Com packs the VSAs according to the
following structure:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Vendor-Id
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Id (cont) | Sub-Attribute Type
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Sub-Attribute Type | Payload... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Which is fine, as RFC-2138 does not mandate any particular structure
for the Vendor-Specific payload.
Thanks to both Ian and Quan for the help.
luismunoz@cpan.org
$Id: README.3COM 7 2003-01-08 03:42:41Z lem $

41
README.VSA Normal file
View File

@ -0,0 +1,41 @@
Vendor-Specific Attribute support
This code supports the use of vendor specific attributes. This
type of attribute is defined in RFC-2138 and is used to support
'propietary' extensions on top of the base RADIUS specification.
There are two new kinds of entries in the RADIUS dictionary in
order to specify VSAs.
VENDORATTR <vendor> <attribute> <id> <type>
This entry is used to create a new kind of vendor attribute,
such as in this example
VENDORATTR 9 cisco-avpair 1 string
This creates a new vendor-specific attribute for vendor 9 (Cisco
Systems), with name 'cisco-avpair'. This attribute is identified by
numeric id '1' and is associated with a string value.
The second type of entry allows the specification of named values.
The following is an hypotetical example of named value entry.
VENDORATTR 9 cisco-enum 254 integer
VENDORVALUE 9 cisco-enum Value-1 1
VENDORVALUE 9 cisco-enum Value-2 2
VENDORVALUE 9 cisco-enum Value-3 3
Questions and comments about the package can be sent to the
author of the module, Christopher Masto <chris@netmonger.net>.
Questions and comments about the VSA support can be directed
to the author of this part of the code, Luis E. Muñoz
<luismunoz@cpan.org>
Ian Smith <iansmith@ncinter.net> contributed code for 3COM
VSAs.
$Id: README.VSA 7 2003-01-08 03:42:41Z lem $

29
README.broken Normal file
View File

@ -0,0 +1,29 @@
* NAS-IP-Address and other "ipaddr" encoding inconsistencies
I've confirmed some reports that the Alcatel 5620 SAM Release 3.0
and possibly other endpoints from this or other vendors, are
improperly encoding the IP address in the NAS-IP-Address tuple. The
relevant RFCs state that NAS-IP-Address should be encoded as four
octets, MSB. However, this device seems to be packing the argument
as a plain string.
This error may manifest itself as a parameter length mismatch with
inet_ntoa() in earlier versions of Net::Radius. A packet dump
exhibiting this problem looks like this...
$ tcpdump -vvv -nr tcpdump-radius.out
reading from file tcpdump-radius.out, link-type EN10MB (Ethernet)
16:13:29.540605 IP (tos 0x0, ttl 250, id 41011, offset 0, flags
[DF], length: 108) 10.120.156.15.33452 > 161.196.109.5.1645: RADIUS,
length: 80
Access Request (1), id: 0x78, Authenticator: ...
NAS IP Address Attribute (4), length: 15, Value: ERROR: length 13 != 4
0x0000: 3130 2e31 3230 2e31 3536 2e31 35
Note the error pointed out by tcpdump, referring to the length of
the attribute.
In order to improve interoperability, I've included code that allows
decoding of these packets, by simply returning the enclosed string
"as is" to the calling script.

11
README.debian Normal file
View File

@ -0,0 +1,11 @@
On Debian systems, all the bundled dictionaries are placed in
/usr/share/libnet-radius-perl/dicts.
Documentation is placed in /usr/share/doc/libnet-radius-perl/ as per
the Debian Policy.
For other distributions or under manual installation, you may need to
locate those files manually according to your needs.
Luis E. Muñoz / 2009-08-25

100
README.packets Normal file
View File

@ -0,0 +1,100 @@
As of version 1.52, Net::Radius includes the "packet tests". Those
packet tests consist of RADIUS packets captured in various production
environments and passed through Net::Radius, to see how it fares with
real-world data.
Ideally, every bug report about Net::Radius related to the dialog with
a given network device, should include a proper packet capture that
allows for the reproduction of the problem. This also allows the
implementation of regression tests that will insure that packets will
be decoded properly in later versions of this distribution.
To be useful, a packet capture must include the complete (binary) RADIUS
packet(s) in one or more files. Also, the following information would
be of help:
* RADIUS Secret and Auhenticator, if applicable and known
* Name, version and relevant information about the device producing
the packet
* Relevant dictionary entries to properly decode the packet
attributes. This is specially important with Vendor-Specific
Attributes
* If you're including more than a single packet, please specify what
each one should contain
If the packet dump is being provided as part of a bug report, a
concise explanation about why the Net::Radius handling of the packet
is incorrect and what the correct or expected result is. If you have
references to document this further, please provide them as
well. Packet dumps from other RADIUS server doing "the right thing"
are worth extra points.
If you want to contribute with the production of more packet tests,
please consider the following:
* Devices not currently included in the packet tests are
welcome. Exotic, old or obsoleted devices are even more welcome (Any
PortMaster 2 or 3 out there?)
* Ideally, try to provide at least one sample packet of each type that
your device is able to send (ie, Access-Request, Accounting-Request,
etc)
* Packet dumps will be copied straight into the distribution - You're
responsible for safeguarding any private or restricted information
on the packets, such as the RADIUS secret, user names or passwords,
IP addresses, etc.
HOW TO PRODUCE A PACKET DUMP
Packet dumps can be produced with any tool whose output is supported
by wireshark (formerly, ethereal), which is then used to extract the
packet payload and build the corresponding test. My recommendation is
to use the tcpdump utility, available in many operating systems. There
are other compatible utilities that can store captured packets as raw
binary files, which can be compressed and sent via email or attached
to a bug report.
By way of example, let's say that the RADIUS server is located at IP
address 10.0.0.1, serving requests in the UDP ports 1812 and 1813 for
authentication and accounting respectively, while the device whose
dialog we want to capture, uses IP address 10.0.0.5. Packets from the
device to the server could be captured using the following command (in
a single line):
tcpdump -s 0 -c 1 -w radius.dump -e 'src host 10.0.0.5 and dst host
10.0.0.1 and udp and portrange 1812-1813'
Of course, the machine must have an interface connected so that
traffic can be sniffed, whose name may have to be specified. Note that
only one packet is being captured (-c option) although you could
capture more that this.
Likewise, response packets from the RADIUS server to the device can be
captured with the following command:
tcpdump -s 0 -c 1 -w radius.dump -e 'src host 10.0.0.1 and dst host
10.0.0.5 and udp and portrange 1812-1813'
tcpdump has a nice and extensive manual page that explains all of its
options. Please take a look at it so that you understand independently
what the incantations I've provided above actually do or conversely,
whether there is something else you may need to do in your environment
to acurately record the information you want.
IMPORTANT: Remember that full packets are needed for proper
testing. Make sure your captures include all of the packet
payload. Including only the packet headers make for a very poor test
input. In the examples above, the -s option takes care of this.
The commands disussed above will capure packets to/from the relevant
devices, leavig them in the file radius.dump that you can now
send. Remember to record and include the useful information mentioned
in the first part of these instructions.
If you want to provide the source file for the tests directly, please
take a look at the file packets/README

12
README.server Normal file
View File

@ -0,0 +1,12 @@
This distribution includes a few RADIUS servers with different degrees
if functionality in the examples directory. If you're considering
writing a RADIUS server, take a look at Net::Radius::Server before
starting.
Net::Radius::Server is an extensible framework allowing the creation
of RADIUS servers with very little programming. Complex tasks are
easily accomplished by means of a pipeline architecture in which each
request is matched and then acted upon by Perl code.
Classes implementing common tasks are already included.

386
Radius/Dictionary.pm Normal file
View File

@ -0,0 +1,386 @@
package Net::Radius::Dictionary;
use strict;
use warnings;
use vars qw($VERSION);
# $Id: Dictionary.pm 80 2007-04-26 20:20:02Z lem $
$VERSION = '1.55';
sub new {
my $class = shift;
my $self = {
rvsattr => {},
vsattr => {},
vsaval => {},
rvsaval => {},
attr => {},
rattr => {},
val => {},
rval => {},
vendors => {},
packet => undef, # Fall back to default
rpacket => undef, # Fall back to default
};
bless $self, $class;
$self->readfile($_) for @_; # Read all given dictionaries
return $self;
}
sub readfile {
my ($self, $filename) = @_;
open DICT, "<$filename";
while (defined(my $l = <DICT>)) {
next if $l =~ /^\#/;
next unless my @l = split /\s+/, $l;
if ($l[0] =~ m/^vendor$/i)
{
if (defined $l[1] and defined $l[2] and $l[2] =~ /^[xo0-9]+$/)
{
if (substr($l[2],0,1) eq "0") { #allow hex or octal
my $num = lc($l[2]);
$num =~ s/^0b//;
$l[2] = oct($num);
}
$self->{vendors}->{$l[1]} = $l[2];
}
else
{
warn "Garbled VENDOR line $l\n";
}
}
elsif ($l[0] =~ m/^attribute$/i)
{
if (@l == 4)
{
$self->{attr}->{$l[1]} = [@l[2,3]];
$self->{rattr}->{$l[2]} = [@l[1,3]];
}
elsif (@l == 5) # VENDORATTR
{
if (substr($l[2],0,1) eq "0") { #allow hex or octal
my $num = lc($l[2]);
$num =~ s/^0b//;
$l[2] = oct($num);
}
if (exists $self->{vendors}->{$l[4]})
{
$self->{vsattr}->{$self->{vendors}->{$l[4]}}->{$l[1]}
= [@l[2, 3]];
$self->{rvsattr}->{$self->{vendors}->{$l[4]}}->{$l[2]}
= [@l[1, 3]];
}
elsif ($l[4] =~ m/^\d+$/)
{
$self->{vsattr}->{$l[4]}->{$l[1]} = [@l[2, 3]];
$self->{rvsattr}->{$l[4]}->{$l[2]} = [@l[1, 3]];
}
else
{
warn "Warning: Unknown vendor $l[4]\n";
}
}
}
elsif ($l[0] =~ m/^value$/i) {
if (exists $self->{attr}->{$l[1]}) {
$self->{val}->{$self->{attr}->{$l[1]}->[0]}->{$l[2]} = $l[3];
$self->{rval}->{$self->{attr}->{$l[1]}->[0]}->{$l[3]} = $l[2];
}
else {
for my $v (keys %{$self->{vsattr}})
{
if (defined $self->{vsattr}->{$v}->{$l[1]})
{
$self->{vsaval}->{$v}->{$self->{vsattr}->{$v}
->{$l[1]}->[0]}->{$l[2]}
= $l[3];
$self->{rvsaval}->{$v}->{$self->{vsattr}->{$v}
->{$l[1]}->[0]}->{$l[3]}
= $l[2];
}
}
}
}
elsif ($l[0] =~ m/^vendorattr$/i) {
if (substr($l[3],0,1) eq "0") { #allow hex or octal
my $num = lc($l[3]);
$num =~ s/^0b//;
$l[3] = oct($num);
}
if (exists $self->{vendors}->{$l[1]})
{
$self->{vsattr}->{$self->{vendors}->{$l[1]}}->{$l[2]}
= [@l[3, 4]];
$self->{rvsattr}->{$self->{vendors}->{$l[1]}}->{$l[3]}
= [@l[2, 4]];
}
elsif ($l[1] =~ m/^\d+$/)
{
$self->{vsattr}->{$l[1]}->{$l[2]} = [@l[3, 4]];
$self->{rvsattr}->{$l[1]}->{$l[3]} = [@l[2, 4]];
}
else
{
warn "Warning: Unknown vendor $l[1]\n";
}
}
elsif ($l[0] =~ m/^vendorvalue$/i) {
if (substr($l[4],0,1) eq "0")
{ #allow hex or octal
my $num = lc($l[4]);
$num =~ s/^0b//;
$l[4] = oct($num);
}
if (exists $self->{vendors}->{$l[1]})
{
$self->{vsaval}->{$self->{vendors}->{$l[1]}}
->{$self->{vsattr}->{$self->{vendors}->{$l[1]}}
->{$l[2]}->[0]}->{$l[3]} = $l[4];
$self->{rvsaval}->{$self->{vendors}->{$l[1]}}
->{$self->{vsattr}->{$self->{vendors}->{$l[1]}}
->{$l[2]}->[0]}->{$l[4]} = $l[3];
}
elsif ($l[1] =~ m/^\d+$/)
{
$self->{vsaval}->{$l[1]}->{$self->{vsattr}->{$l[1]}->{$l[2]}
->[0]}->{$l[3]} = $l[4];
$self->{rvsaval}->{$l[1]}->{$self->{vsattr}->{$l[1]}->{$l[2]}
->[0]}->{$l[4]} = $l[3];
}
else {
warn "Warning: $filename contains vendor value for ",
"unknown vendor attribute - ignored ",
"\"$l[1]\"\n $l";
}
}
elsif (lc($l[0]) eq 'packet') {
my ($name, $value) = @l[1,2];
$self->{packet}{$name} = $value;
$self->{rpacket}{$value} = $name;
}
else {
warn "Warning: Weird dictionary line: $l\n";
}
}
close DICT;
}
# Accessors for standard attributes
sub vendor_num { $_[0]->{vendors}->{$_[1]}; }
sub attr_num { $_[0]->{attr}->{$_[1]}->[0]; }
sub attr_type { $_[0]->{attr}->{$_[1]}->[1]; }
sub attr_name { $_[0]->{rattr}->{$_[1]}->[0]; }
sub attr_numtype { $_[0]->{rattr}->{$_[1]}->[1]; }
sub attr_has_val { $_[0]->{val}->{$_[1]}; }
sub val_has_name { $_[0]->{rval}->{$_[1]}; }
sub val_num { $_[0]->{val}->{$_[1]}->{$_[2]}; }
sub val_name { $_[0]->{rval}->{$_[1]}->{$_[2]}; }
sub val_tag { $_[0]->{val}->{$_[1]}->{$_[3]}; }
# Accessors for Vendor-Specific Attributes
sub vsattr_num { $_[0]->{vsattr}->{$_[1]}->{$_[2]}->[0]; }
sub vsattr_type { $_[0]->{vsattr}->{$_[1]}->{$_[2]}->[1]; }
sub vsattr_name { $_[0]->{rvsattr}->{$_[1]}->{$_[2]}->[0]; }
sub vsattr_numtype { $_[0]->{rvsattr}->{$_[1]}->{$_[2]}->[1]; }
sub vsattr_has_val { $_[0]->{vsaval}->{$_[1]}->{$_[2]}; }
sub vsaval_has_name { $_[0]->{rvsaval}->{$_[1]}->{$_[2]}; }
sub vsaval_has_tval { $_[0]->{vsaval}->{$_[1]}->{$_[2]}->[0]; }
sub vsaval_has_tag { $_[0]->{vsaval}->{$_[1]}->{$_[2]}->[1]; }
sub vsaval_num { $_[0]->{vsaval}->{$_[1]}->{$_[2]}->{$_[3]}; }
sub vsaval_name { $_[0]->{rvsaval}->{$_[1]}->{$_[2]}->{$_[3]}; }
# Accessors for packet types. Fall-back to defaults if the case.
# Defaults taken from http://www.iana.org/assignments/radius-types
# as of Oct 21, 2006
my %default_packets = (
'Access-Request' => 1, # [RFC2865]
'Access-Accept' => 2, # [RFC2865]
'Access-Reject' => 3, # [RFC2865]
'Accounting-Request' => 4, # [RFC2865]
'Accounting-Response' => 5, # [RFC2865]
'Accounting-Status' => 6, # [RFC2882] (now Interim Accounting)
'Interim-Accounting' => 6, # see previous note
'Password-Request' => 7, # [RFC2882]
'Password-Ack' => 8, # [RFC2882]
'Password-Reject' => 9, # [RFC2882]
'Accounting-Message' => 10, # [RFC2882]
'Access-Challenge' => 11, # [RFC2865]
'Status-Server' => 12, # (experimental) [RFC2865]
'Status-Client' => 13, # (experimental) [RFC2865]
'Resource-Free-Request' => 21, # [RFC2882]
'Resource-Free-Response' => 22, # [RFC2882]
'Resource-Query-Request' => 23, # [RFC2882]
'Resource-Query-Response' => 24, # [RFC2882]
'Alternate-Resource-Reclaim-Request' => 25, # [RFC2882]
'NAS-Reboot-Request' => 26, # [RFC2882]
'NAS-Reboot-Response' => 27, # [RFC2882]
# 28 Reserved
'Next-Passcode' => 29, # [RFC2882]
'New-Pin' => 30, # [RFC2882]
'Terminate-Session' => 31, # [RFC2882]
'Password-Expired' => 32, # [RFC2882]
'Event-Request' => 33, # [RFC2882]
'Event-Response' => 34, # [RFC2882]
'Disconnect-Request' => 40, # [RFC3575]
'Disconnect-ACK' => 41, # [RFC3575]
'Disconnect-NAK' => 42, # [RFC3575]
'CoA-Request' => 43, # [RFC3575]
'CoA-ACK' => 44, # [RFC3575]
'CoA-NAK' => 45, # [RFC3575]
'IP-Address-Allocate' => 50, # [RFC2882]
'IP-Address-Release' => 51, # [RFC2882]
# 250-253 Experimental Use
# 254 Reserved
# 255 Reserved [RFC2865]
);
# Reverse defaults. Remember that code #6 has a double mapping, force
# to Interim-Accouting
my %default_rpackets
= map { $default_packets{$_} => $_ } keys %default_packets;
$default_rpackets{6} = 'Interim-Accounting';
# Get full hashes
sub packet_numbers { %{ $_[0]->{packet} || \%default_packets } }
sub packet_names { %{ $_[0]->{rpacket} || \%default_rpackets }; }
# Single resolution, I'm taking care of avoiding auto-vivification
sub packet_hasname {
my $href = $_[0]->{packet} || \%default_packets;
my $ok = exists $href->{$_[1]};
return $ok unless wantarray;
# return both answer and the resolution
return ($ok, $ok ? $href->{$_[1]} : undef);
}
sub packet_hasnum {
my $href = $_[0]->{rpacket} || \%default_rpackets;
my $ok = exists $href->{$_[1]};
return $ok unless wantarray;
# return both answer and the resolution
return ($ok, $ok ? $href->{$_[1]} : undef);
}
# Note: crossed, as it might not be immediately evident
sub packet_num { ($_[0]->packet_hasname($_[1]))[1]; }
sub packet_name { ($_[0]->packet_hasnum($_[1]))[1]; }
1;
__END__
=head1 NAME
Net::Radius::Dictionary - RADIUS dictionary parser
=head1 SYNOPSIS
use Net::Radius::Dictionary;
my $dict = new Net::Radius::Dictionary "/etc/radius/dictionary";
$dict->readfile("/some/other/file");
my $num = $dict->attr_num('User-Name');
my $name = $dict->attr_name(1);
my $vsa_num = $dict->vsattr_num(9, 'cisco-avpair');
my $vsa_name = $dict->vsattr_name(9, 1);
=head1 DESCRIPTION
This is a simple module that reads a RADIUS dictionary file and
parses it, allowing conversion between dictionary names and numbers.
Vendor-Specific attributes are supported in a way consistent to the
standards.
A few earlier versions of this module attempted to make dictionaries
case-insensitive. This proved to be a very bad decision. From this
version on, this tendency is reverted: Dictionaries and its contents
are to be case-sensitive to prevent random, hard to debug failures in
production code.
=head2 METHODS
=over
=item B<new($dict_file, ...)>
Returns a new instance of a Net::Radius::Dictionary object. This
object will have no attributes defined, as expected.
If given an (optional) list of filenames, it calls I<readfile> for you
for all of them, in the given order.
=item B<-E<gt>readfile($dict_file)>
Parses a dictionary file and learns the mappings to use. It can be
called multiple times for the same object. The result will be that new
entries will override older ones, thus you could load a default
dictionary and then have a smaller dictionary that override specific
entries.
=item B<-E<gt>vendor_num($vendorname)>
Return the vendor number for the given vendor name.
=item B<-E<gt>attr_num($attrname)>
Returns the number of the named attribute.
=item B<-E<gt>attr_type($attrname)>
Returns the type (I<string>, I<integer>, I<ipaddr>, or I<time>) of the
named attribute.
=item B<-E<gt>attr_name($attrnum)>
Returns the name of the attribute with the given number.
=item B<-E<gt>attr_numtype($attrnum)>
Returns the type of the attribute with the given number.
=item B<-E<gt>attr_has_val($attrnum)>
Returns a true or false value, depending on whether or not the numbered
attribute has any known value constants.
=item B<-E<gt>val_has_name($attrnum)>
Alternate (bad) name for I<attr_has_val>.
=item B<-E<gt>val_num($attrnum, $valname)>
Returns the number of the named value for the attribute number supplied.
=item B<-E<gt>val_name($attrnum, $valnumber)>
Returns the name of the numbered value for the attribute number supplied.
=back
There is an equivalent family of accessor methods for Vendor-Specific
attributes and its values. Those methods are identical to their standard
attributes counterparts with two exceptions. Their names have a
I<vsa> prepended to the accessor name and the first argument to each one
is the vendor code on which they apply.
=head1 CAVEATS
This module is mostly for the internal use of Net::Radius::Packet, and
may otherwise cause insanity and/or blindness if studied.
=head1 AUTHOR
Christopher Masto <chris@netmonger.net>,
Luis E. Muñoz <luismunoz@cpan.org> contributed the VSA code.
=head1 SEE ALSO
Net::Radius::Packet
=cut

1014
Radius/Packet.pm Normal file
View File

File diff suppressed because it is too large Load Diff

320
contrib/bin2packet Executable file
View File

@ -0,0 +1,320 @@
#!/usr/bin/perl
no utf8;
use strict;
use warnings;
our $VERSION = do { sprintf "%0.03f", (q$Revision: 93 $ =~ /\d+/g) };
use IO::File;
use IO::Prompt;
use Pod::Usage;
use Data::Dumper;
use Getopt::Long;
use Net::Radius::Packet;
use Net::Radius::Dictionary;
use UNIVERSAL qw/isa/;
my %opt;
GetOptions(\%opt, qw/
dictionary=s@
authenticator=s
code=s
description=s
dont-embed-dict
dump
help
identifier=i
noprompt
output=s
secret=s
slots=i
/);
my %data = ();
pod2usage(verbose => 2, exitval => 0)
if $opt{help};
pod2usage(verbose => 1, exitval => 1,
message => 'Missing dictionary specification')
unless $opt{dictionary} and @{$opt{dictionary}};
pod2usage(verbose => 1, exitval => 1,
message => 'Missing output file specification')
unless $opt{output};
my $output = $opt{output} . ".p";
pod2usage(verbose => 1, exitval => 1,
message => "Won't clobber existing output file $output")
if -f $output;
# Format general warnings
local $SIG{__WARN__} = sub { warn "bin2packet: ", @_ };
# Further processing will need us to read and parse a dictioary file -
# Let's do this.
my $d = new Net::Radius::Dictionary;
foreach (@{$opt{dictionary}})
{
die "Dictionary $_ unreadable: ", ($!||'Check permissions'), "\n"
unless -r $_;
$d->readfile($_);
}
$data{dictionary} = $opt{'dont-embed-dict'} ? undef : $d;
$data{opts} = \%opt;
# Attempt to parse the packet, to auto-guess information and provide a
# packet dump
my $file = shift @ARGV;
pod2usage(verbose => 1, exitval => 1,
message => "Must specify a packet dump file to process")
unless $file;
my $fh = new IO::File $file, "r";
pod2usage(verbose => 1, exitval => 1,
message => "Failed to read dump file $file: $!")
unless $fh;
my $packet;
do {
local $/ = undef;
$data{packet} = <$fh>;
};
close $fh;
warn length($data{packet}), " octets read from file $file\n";
my $p;
eval
{
local $SIG{__WARN__} = sub {warn "bin2packet (during decode): ", @_ };
$p = new Net::Radius::Packet $d, $data{packet};
};
warn "(Decoding error) $_\n" for split(/\n/, $@);
if ($p and isa($p, 'Net::Radius::Packet'))
{
warn "Packet decoded\n";
unless (defined $opt{authenticator})
{
my $auth = $p->authenticator;
if (length($auth) == 16)
{
warn "authenticator taken from the packet\n";
$opt{authenticator} = $auth;
}
else
{
warn "authenticator looks weird - ignoring\n";
}
}
unless (defined $opt{identifier})
{
my $id = $p->identifier;
warn "identifier set to $id from the packet\n";
$opt{identifier} = $id;
}
unless (defined $opt{slots})
{
my $id = $p->attr_slots;
warn "slots set to $id from the packet\n";
$opt{slots} = $id;
}
}
else
{
warn "Failed to decode packet\n";
}
if ($opt{dump})
{
print $p->dump;
exit 0;
}
# Add default (unknown) values and build the base structure where the
# information is to be stored
foreach (qw/secret authenticator identifier description slots/)
{
next if defined $opt{$_};
unless ($opt{noprompt})
{
$opt{$_} = prompt("Enter packet $_ (if known): ", -tty,
($_ eq 'secret' ? (-echo => '*') : ()));
# Simplify the stored object by removing the reference to
# IO::Prompt::ReturnVal
$opt{$_} = "$opt{$_}";
}
$opt{$_} = undef unless defined $opt{$_};
}
continue
{
$data{$_} = $opt{$_};
}
die "Failed to create output file $output: $!\n"
unless $fh = new IO::File $output, "w+";
die "Failed storing contents of file $output: $!\n"
unless print $fh "#!/usr/bin/perl\n\n" .
"no utf8;\n\n# Net::Radius test input\n" . '# Made with $Id: bin2packet 93 2009-09-23 14:38:39Z lem $'
. "\n\n" . Data::Dumper->Dump([\%data]);
die "Failed to close output file $output: $!\n"
unless close $fh;
warn "Test input $output succesfully created\n";
exit 0;
__END__
=head1 NAME
bin2packet - Convert a RADIUS packet payload into a useable test point
=head1 SYNOPSIS
bin2packet --dictionary dictfile [--authenticator auth-string]
[--code code] [--description packet-desc] [--dont-embed-dict]
[--dump] [--help] [--identifier id] [--noprompt] [--output file]
[--secret secret] [--slots number] dump-file...
=head1 DESCRIPTION
This tool is used to convert the payload of a RADIUS packet stored in
B<dump-file> into a "test input". This test input can then be used by
the test harness included in the Net::Radius::Packet(3) distribution
as part of the regression tests.
The following options are supported (Options can be shortened - See
Getopt::Long(3)):
=over
=item B<--dictionary dictfile...>
Specifies one or more dictionary files to use for decoding the
supplied packet. Those dictionaries may be required for derived tests
to work properly (ie, match the expected attribute names and/or
values).
A serialized dictionary is appended to the test input.
This argument is mandatory.
=item B<--authenticator auth-string>
Specifies the RADIUS packet authenticator. If the provided
packet dump can be decoded by Net::Radius::Packet, this value will be
supplied automatically. If the guess is wrong, you must use this
option to provide a correct value.
=item B<--code code>
The RADIUS packet code. If the provided packet dump can be decoded by
Net::Radius::Packet, this value will be supplied automatically. If the
guess is wrong, you must use this option to provide a correct value.
=item B<--description packet-desc>
A (hopefully) informative description of this packet. The most
relevant information items that should be present is the name/version
of the device that generated the packet, as well as a concise
reference to where this packet belongs (ie, simple user
authentication).
=item B<--dont-embed-dict>
Causes the resulting test input to not embed the
Net::Radius::Dictionary(3) object used to contain the dictionary
data. This can be used when only dictionaries found in the
distribution are used to process the packet.
=item B<--dump>
Dump the decoded packet and exit without further actions.
=item B<--help>
Shows this documentation, then exits.
=item B<--identifier id>
Specifies the RADIUS packet identifier, if known. If the provided
packet dump can be decoded by Net::Radius::Packet, this value will be
supplied automatically. If the guess is wrong, you must use this
option to provide a correct value.
=item B<--noprompt>
All the packet information items available in the command-line will be
prompted if not specified. This option causes non-supplied options to
remain undefined, which may prevent certain tests over the packet.
=item B<--output file>
Name of the file where this test input will be stored. The B<.p>
extension will be automatically added.
=item B<--secret secret>
Specify the RADIUS secret to use for decoding the packet. If not
specified, it will be prompted depending on the B<--noprompt> option.
=item B<--slots number>
Specify the number of attribute slots (ie, attribute-value tuples)
stored in the RADIUS packet. If the provided packet dump can be
decoded by Net::Radius::Packet, this value will be supplied
automatically. If the guess is wrong, you must use this option to
provide a correct value.
=back
=head1 HISTORY
$Log$
Revision 1.2 2007/01/14 18:51:42 lem
When Dump()ing and eval()ing back the packet, IO::Prompt::ReturnVal
may not be within reach of the test script (different machine,
etc). Make sure we drop this magic when we generate the test input.
Revision 1.1 2007/01/09 17:55:10 lem
First release of bin2packet added
=head1 LICENSE AND WARRANTY
This code and all accompanying software comes with NO WARRANTY. You
use it at your own risk.
This code and all accompanying software can be used freely under the
same terms as Perl version 5.8.6 itself.
=head1 AUTHOR
Luis E. Muñoz E<lt>luismunoz@cpan.orgE<gt>
=head1 SEE ALSO
perl(1), Getopt::Long(3), Net::Radius::Packet(3),
Net::Radius::Dictionary(3).
=cut

154
contrib/rad-dump Executable file
View File

@ -0,0 +1,154 @@
#!/usr/bin/perl
no utf8;
use strict;
use warnings;
our $VERSION = do { sprintf "%0.03f", (q$Revision: 94 $ =~ /\d+/g) };
use IO::File;
use Pod::Usage;
use Data::Dumper;
use Getopt::Long;
use Net::Radius::Packet;
use Net::Radius::Dictionary;
use UNIVERSAL qw/isa/;
my %opt;
GetOptions(\%opt, qw/
dictionary=s@
secret=s
help
/);
my %data = ();
pod2usage(verbose => 2, exitval => 0)
if $opt{help};
pod2usage(verbose => 1, exitval => 1,
message => 'Missing dictionary specification')
unless $opt{dictionary} and @{$opt{dictionary}};
# Format general warnings
local $SIG{__WARN__} = sub { warn "rad-dump: ", @_ };
# Further processing will need us to read and parse a dictioary file -
# Let's do this.
my $d = new Net::Radius::Dictionary;
foreach (@{$opt{dictionary}})
{
die "Dictionary $_ unreadable: ", ($!||'Check permissions'), "\n"
unless -r $_;
$d->readfile($_);
}
# Attempt to parse the packet, to auto-guess information and provide a
# packet dump
my $packet_data = join('', <>);
pod2usage(verbose => 1, exitval => 1,
message => "Failed to read packet data: $!")
unless $packet_data;
warn length($packet_data), " octets read\n";
my $p;
eval
{
local $SIG{__WARN__} = sub {warn "bin2packet (during decode): ", @_ };
$p = new Net::Radius::Packet $d, $packet_data;
};
warn "(Decoding error) $_\n" for split(/\n/, $@);
if ($p and isa($p, 'Net::Radius::Packet'))
{
warn "Packet decoded\n";
if($opt{secret})
{
if (auth_acct_verify($packet_data, $opt{secret}))
{
print "Packet authenticator is correct\n";
}
else
{
print "Packet authenticator does NOT match\n";
}
}
else
{
print "No secret specified. Authenticator not checked.\n";
}
print $p->dump;
exit 0;
}
else
{
warn "Failed to decode packet\n";
exit 255;
}
__END__
=head1 NAME
rad-dump - Dump a RADIUS packet payload into a human readable form
=head1 SYNOPSIS
rad-dump --dictionary dictfile [--secret secret] dump-file
=head1 DESCRIPTION
This tool is used to convert the payload of a RADIUS packet stored in
B<dump-file> into a human readable form, suitable for simple
inspections.
The following options are supported (Options can be shortened - See
Getopt::Long(3)):
=over
=item B<--dictionary dictfile...>
Specifies one or more dictionary files to use for decoding the
supplied packet. Those dictionaries may be required for derived tests
to work properly (ie, match the expected attribute names and/or
values).
=item B<--secret secret>
If a secret is given, the packet authenticator is verified.
=item B<--help>
Shows this documentation, then exits.
=back
=head1 LICENSE AND WARRANTY
This code and all accompanying software comes with NO WARRANTY. You
use it at your own risk.
This code and all accompanying software can be used freely under the
same terms as Perl version 5.8.6 itself.
=head1 AUTHOR
Luis E. Muñoz E<lt>luismunoz@cpan.orgE<gt>
=head1 SEE ALSO
perl(1), Getopt::Long(3), Net::Radius::Packet(3),
Net::Radius::Dictionary(3).
=cut

278
dicts/dictionary Normal file
View File

@ -0,0 +1,278 @@
#
# Version $Id: dictionary 45 2006-11-14 17:45:00Z lem $
#
# This is derived from the FreeRADIUS dictionary
# http://www.freeradius.org
#
# This file contains dictionary translations for parsing
# radius packets. All transactions are
# composed of Attribute/Value Pairs.
#
# Taken from the Ethereal distribution for bundling with the
# Net::Radius distribution
ATTRIBUTE User-Name 1 string
ATTRIBUTE User-Password 2 string
ATTRIBUTE CHAP-Password 3 string
ATTRIBUTE NAS-IP-Address 4 ipaddr
ATTRIBUTE NAS-Port 5 integer
ATTRIBUTE Service-Type 6 integer
ATTRIBUTE Framed-Protocol 7 integer
ATTRIBUTE Framed-IP-Address 8 ipaddr
ATTRIBUTE Framed-IP-Netmask 9 ipaddr
ATTRIBUTE Framed-Routing 10 integer
ATTRIBUTE Filter-Id 11 string
ATTRIBUTE Framed-MTU 12 integer
ATTRIBUTE Framed-Compression 13 integer
ATTRIBUTE Login-IP-Host 14 ipaddr
ATTRIBUTE Login-Service 15 integer
ATTRIBUTE Login-TCP-Port 16 integer
ATTRIBUTE Reply-Message 18 string
ATTRIBUTE Callback-Number 19 string
ATTRIBUTE Callback-Id 20 string
ATTRIBUTE Framed-Route 22 string
ATTRIBUTE Framed-IPX-Network 23 ipaddr
ATTRIBUTE State 24 string
ATTRIBUTE Class 25 string
ATTRIBUTE Vendor-Specific 26 string
ATTRIBUTE Session-Timeout 27 integer
ATTRIBUTE Idle-Timeout 28 integer
ATTRIBUTE Termination-Action 29 integer
ATTRIBUTE Called-Station-Id 30 string
ATTRIBUTE Calling-Station-Id 31 string
ATTRIBUTE NAS-Identifier 32 string
ATTRIBUTE Proxy-State 33 string
ATTRIBUTE Login-LAT-Service 34 string
ATTRIBUTE Login-LAT-Node 35 string
ATTRIBUTE Login-LAT-Group 36 string
ATTRIBUTE Framed-AppleTalk-Link 37 integer
ATTRIBUTE Framed-AppleTalk-Network 38 integer
ATTRIBUTE Framed-AppleTalk-Zone 39 string
ATTRIBUTE Acct-Status-Type 40 integer
ATTRIBUTE Acct-Delay-Time 41 integer
ATTRIBUTE Acct-Input-String 42 integer
ATTRIBUTE Acct-Output-String 43 integer
ATTRIBUTE Acct-Session-Id 44 string
ATTRIBUTE Acct-Authentic 45 integer
ATTRIBUTE Acct-Session-Time 46 integer
ATTRIBUTE Acct-Input-Packets 47 integer
ATTRIBUTE Acct-Output-Packets 48 integer
ATTRIBUTE Acct-Terminate-Cause 49 integer
ATTRIBUTE Acct-Multi-Session-Id 50 string
ATTRIBUTE Acct-Link-Count 51 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer
ATTRIBUTE Event-Timestamp 55 date
ATTRIBUTE CHAP-Challenge 60 string
ATTRIBUTE NAS-Port-Type 61 integer
ATTRIBUTE Port-Limit 62 integer
ATTRIBUTE Login-LAT-Port 63 integer
ATTRIBUTE Acct-Tunnel-Connection 68 string
ATTRIBUTE ARAP-Password 70 string
ATTRIBUTE ARAP-Features 71 string
ATTRIBUTE ARAP-Zone-Access 72 integer
ATTRIBUTE ARAP-Security 73 integer
ATTRIBUTE ARAP-Security-Data 74 string
ATTRIBUTE Password-Retry 75 integer
ATTRIBUTE Prompt 76 integer
ATTRIBUTE Connect-Info 77 string
ATTRIBUTE Configuration-Token 78 string
ATTRIBUTE EAP-Message 79 string
ATTRIBUTE Message-Authenticator 80 string
ATTRIBUTE ARAP-Challenge-Response 84 string # 10 string
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE NAS-Port-Id 87 string
ATTRIBUTE Framed-Pool 88 string
ATTRIBUTE NAS-IPv6-Address 95 ipv6addr
ATTRIBUTE Framed-Interface-Id 96 ifid
ATTRIBUTE Framed-IPv6-Prefix 97 string # ipv6prefix
ATTRIBUTE Login-IPv6-Host 98 ipv6addr
ATTRIBUTE Framed-IPv6-Route 99 string
ATTRIBUTE Framed-IPv6-Pool 100 string
# As defined in RFC 3576
ATTRIBUTE Error-Cause 101 integer
# As defined in draft-sterman-aaa-sip-00.txt
ATTRIBUTE Digest-Response 206 string
ATTRIBUTE Digest-Attributes 207 string # stupid format
#
# Integer Translations
#
# User Types
VALUE Service-Type Login-User 1
VALUE Service-Type Framed-User 2
VALUE Service-Type Callback-Login-User 3
VALUE Service-Type Callback-Framed-User 4
VALUE Service-Type Outbound-User 5
VALUE Service-Type Administrative-User 6
VALUE Service-Type NAS-Prompt-User 7
VALUE Service-Type Authenticate-Only 8
VALUE Service-Type Callback-NAS-Prompt 9
VALUE Service-Type Call-Check 10
VALUE Service-Type Callback-Administrative 11
VALUE Service-Type Voice 12
VALUE Service-Type Fax 13
VALUE Service-Type Modem-Relay 14
VALUE Service-Type IAPP-Register 15
VALUE Service-Type IAPP-AP-Check 16
VALUE Service-Type Authorize-Only 17
# Framed Protocols
VALUE Framed-Protocol PPP 1
VALUE Framed-Protocol SLIP 2
VALUE Framed-Protocol ARAP 3
VALUE Framed-Protocol Gandalf-SLML 4
VALUE Framed-Protocol Xylogics-IPX-SLIP 5
VALUE Framed-Protocol X.75-Synchronous 6
VALUE Framed-Protocol GPRS-PDP-Context 7
# Framed Routing Values
VALUE Framed-Routing None 0
VALUE Framed-Routing Broadcast 1
VALUE Framed-Routing Listen 2
VALUE Framed-Routing Broadcast-Listen 3
# Framed Compression Types
VALUE Framed-Compression None 0
VALUE Framed-Compression Van-Jacobson-TCP-IP 1
VALUE Framed-Compression IPX-Header-Compression 2
VALUE Framed-Compression Stac-LZS 3
# Login Services
VALUE Login-Service Telnet 0
VALUE Login-Service Rlogin 1
VALUE Login-Service TCP-Clear 2
VALUE Login-Service PortMaster 3
VALUE Login-Service LAT 4
VALUE Login-Service X25-PAD 5
VALUE Login-Service X25-T3POS 6
VALUE Login-Service TCP-Clear-Quiet 7
# Login-TCP-Port (see /etc/services for more examples)
VALUE Login-TCP-Port Telnet 23
VALUE Login-TCP-Port Rlogin 513
VALUE Login-TCP-Port Rsh 514
# Status Types
VALUE Acct-Status-Type Start 1
VALUE Acct-Status-Type Stop 2
VALUE Acct-Status-Type Interim-Update 3
VALUE Acct-Status-Type Alive 3
VALUE Acct-Status-Type Accounting-On 7
VALUE Acct-Status-Type Accounting-Off 8
# RFC 2867 Additional Status-Type Values
VALUE Acct-Status-Type Tunnel-Start 9
VALUE Acct-Status-Type Tunnel-Stop 10
VALUE Acct-Status-Type Tunnel-Reject 11
VALUE Acct-Status-Type Tunnel-Link-Start 12
VALUE Acct-Status-Type Tunnel-Link-Stop 13
VALUE Acct-Status-Type Tunnel-Link-Reject 14
VALUE Acct-Status-Type Failed 15
# Authentication Types
VALUE Acct-Authentic RADIUS 1
VALUE Acct-Authentic Local 2
VALUE Acct-Authentic Remote 3
VALUE Acct-Authentic Diameter 4
# Termination Options
VALUE Termination-Action Default 0
VALUE Termination-Action RADIUS-Request 1
# NAS Port Types
VALUE NAS-Port-Type Async 0
VALUE NAS-Port-Type Sync 1
VALUE NAS-Port-Type ISDN 2
VALUE NAS-Port-Type ISDN-V120 3
VALUE NAS-Port-Type ISDN-V110 4
VALUE NAS-Port-Type Virtual 5
VALUE NAS-Port-Type PIAFS 6
VALUE NAS-Port-Type HDLC-Clear-Channel 7
VALUE NAS-Port-Type X.25 8
VALUE NAS-Port-Type X.75 9
VALUE NAS-Port-Type G.3-Fax 10
VALUE NAS-Port-Type SDSL 11
VALUE NAS-Port-Type ADSL-CAP 12
VALUE NAS-Port-Type ADSL-DMT 13
VALUE NAS-Port-Type IDSL 14
VALUE NAS-Port-Type Ethernet 15
VALUE NAS-Port-Type xDSL 16
VALUE NAS-Port-Type Cable 17
VALUE NAS-Port-Type Wireless-Other 18
VALUE NAS-Port-Type Wireless-802.11 19
VALUE NAS-Port-Type Token-Ring 20
VALUE NAS-Port-Type FDDI 21
VALUE NAS-Port-Type Wireless-CDMA2000 22
VALUE NAS-Port-Type Wireless-UMTS 23
VALUE NAS-Port-Type Wireless-1X-EV 24
VALUE NAS-Port-Type IAPP 25
VALUE NAS-Port-Type FTTP 26
# Acct Terminate Causes
VALUE Acct-Terminate-Cause User-Request 1
VALUE Acct-Terminate-Cause Lost-Carrier 2
VALUE Acct-Terminate-Cause Lost-Service 3
VALUE Acct-Terminate-Cause Idle-Timeout 4
VALUE Acct-Terminate-Cause Session-Timeout 5
VALUE Acct-Terminate-Cause Admin-Reset 6
VALUE Acct-Terminate-Cause Admin-Reboot 7
VALUE Acct-Terminate-Cause Port-Error 8
VALUE Acct-Terminate-Cause NAS-Error 9
VALUE Acct-Terminate-Cause NAS-Request 10
VALUE Acct-Terminate-Cause NAS-Reboot 11
VALUE Acct-Terminate-Cause Port-Unneeded 12
VALUE Acct-Terminate-Cause Port-Preempted 13
VALUE Acct-Terminate-Cause Port-Suspended 14
VALUE Acct-Terminate-Cause Service-Unavailable 15
VALUE Acct-Terminate-Cause Callback 16
VALUE Acct-Terminate-Cause User-Error 17
VALUE Acct-Terminate-Cause Host-Request 18
VALUE Acct-Terminate-Cause Supplicant-Restart 19
VALUE Acct-Terminate-Cause Reauthentication-Failure 20
VALUE Acct-Terminate-Cause Port-Reinit 21
VALUE Acct-Terminate-Cause Port-Disabled 22
#VALUE Tunnel-Type L2TP 3
#VALUE Tunnel-Medium-Type IP 1
VALUE Prompt No-Echo 0
VALUE Prompt Echo 1
#
# Error causes
#
VALUE Error-Cause Residual-Context-Removed 201
VALUE Error-Cause Invalid-EAP-Packet 202
VALUE Error-Cause Unsupported-Attribute 401
VALUE Error-Cause Missing-Attribute 402
VALUE Error-Cause NAS-Identification-Mismatch 403
VALUE Error-Cause Invalid-Request 404
VALUE Error-Cause Unsupported-Service 405
VALUE Error-Cause Unsupported-Extension 406
VALUE Error-Cause Administratively-Prohibited 501
VALUE Error-Cause Proxy-Request-Not-Routable 502
VALUE Error-Cause Session-Context-Not-Found 503
VALUE Error-Cause Session-Context-Not-Removable 504
VALUE Error-Cause Proxy-Processing-Error 505
VALUE Error-Cause Resources-Unavailable 506
VALUE Error-Cause Request-Initiated 507

22
dicts/dictionary.3com Normal file
View File

@ -0,0 +1,22 @@
#
# 3com SuperStack Firewall dictionary
# Bought from Sonicwall, apparently, from Enterprise number 8741.
#
# $Id: dictionary.3com 45 2006-11-14 17:45:00Z lem $
#
VENDOR 3com 43
#
# These attributes contain the access-level value.
#
ATTRIBUTE 3Com-User-Access-Level 1 integer 3com
# Read-only access to manageable (not security) parameters
VALUE 3Com-User-Access-Level 3Com-Monitor 1
# Read-write access to manageable (not security) parameters
VALUE 3Com-User-Access-Level 3Com-Manager 2
# Read-write access to all manageable parameters
VALUE 3Com-User-Access-Level 3Com-Administrator 3

1396
dicts/dictionary.3com-o Normal file
View File

File diff suppressed because it is too large Load Diff

36
dicts/dictionary.3gpp Normal file
View File

@ -0,0 +1,36 @@
#
# 3GPP stuff.
#
# ftp://ftp.3gpp.org/specs/2002-06/R1999/29_series/29061-3a0.zip
#
# $Id: dictionary.3gpp 45 2006-11-14 17:45:00Z lem $
#
VENDOR 3GPP 10415
#
# Most of the 'string' attributes are UTF-8 encoded text.
# Maybe we want a UTF-8 'type' in the server...
#
ATTRIBUTE 3GPP-IMSI 1 string 3GPP
ATTRIBUTE 3GPP-Charging-ID 2 integer 3GPP
ATTRIBUTE 3GPP-PDP-Type 3 integer 3GPP
ATTRIBUTE 3GPP-Charging-Gateway-Address 4 ipaddr 3GPP
ATTRIBUTE 3GPP-GPRS-Negotiated-QoS-profile 5 string 3GPP
ATTRIBUTE 3GPP-SGSN-Address 6 ipaddr 3GPP
ATTRIBUTE 3GPP-GGSN-Address 7 ipaddr 3GPP
ATTRIBUTE 3GPP-IMSI-MCC-MNC 8 string 3GPP
ATTRIBUTE 3GPP-GGSN-MCC-MNC 9 string 3GPP
ATTRIBUTE 3GPP-NSAPI 10 string 3GPP
ATTRIBUTE 3GPP-Session-Stop-Indicator 11 octets 3GPP
ATTRIBUTE 3GPP-Selection-Mode 12 string 3GPP
ATTRIBUTE 3GPP-Charging-Characteristics 13 string 3GPP
ATTRIBUTE 3GPP-Charging-Gateway-IPv6-Address 14 string 3GPP
ATTRIBUTE 3GPP-SGSN-IPv6-Address 15 string 3GPP
ATTRIBUTE 3GPP-GGSN-IPv6-Address 16 string 3GPP
#
# This attribute is really an array of IPv6 addresses.
# Why the heck couldn't they just send multiple attributes?
#
ATTRIBUTE 3GPP-IPv6-DNS-Servers 17 octets 3GPP

121
dicts/dictionary.3gpp2 Normal file
View File

@ -0,0 +1,121 @@
#
# 3GPP2 stuff.
#
# http://www.3gpp2.org/Public_html/specs/index.cfm
# X.S0011-005-C v1.0
#
# $Id: dictionary.3gpp2 45 2006-11-14 17:45:00Z lem $
#
VENDOR 3GPP2 5535
ATTRIBUTE 3GPP2-Ike-Preshared-Secret-Request 1 integer 3GPP2
ATTRIBUTE 3GPP2-Security-Level 2 integer 3GPP2
ATTRIBUTE 3GPP2-Pre-Shared-Secret 3 string 3GPP2
ATTRIBUTE 3GPP2-Reverse-Tunnel-Spec 4 integer 3GPP2
ATTRIBUTE 3GPP2-Diffserv-Class-Option 5 integer 3GPP2
# Contains embedded 3GPP2 accounting attributes.
ATTRIBUTE 3GPP2-Accounting-Container 6 octets 3GPP2
ATTRIBUTE 3GPP2-Home-Agent-IP-Address 7 ipaddr 3GPP2
# A number formed from the concatenation of the home RADIUS IP address,
# the FA IP address, and a 32-bit Unix timestamp, all encoded as 8 ASCII
# hex characters.
ATTRIBUTE 3GPP2-KeyID 8 string 3GPP2
ATTRIBUTE 3GPP2-PCF-IP-Address 9 ipaddr 3GPP2
ATTRIBUTE 3GPP2-BSID 10 string 3GPP2
ATTRIBUTE 3GPP2-User-Id 11 integer 3GPP2
ATTRIBUTE 3GPP2-Forward-FCH-Mux-Option 12 integer 3GPP2
ATTRIBUTE 3GPP2-Reverse-FCH-Mux-Option 13 integer 3GPP2
#
# 14-15 ?
#
ATTRIBUTE 3GPP2-Service-Option 16 integer 3GPP2
ATTRIBUTE 3GPP2-Forward-Traffic-Type 17 integer 3GPP2
ATTRIBUTE 3GPP2-Reverse-Traffic-Type 18 integer 3GPP2
ATTRIBUTE 3GPP2-FCH-Frame-Size 19 integer 3GPP2
ATTRIBUTE 3GPP2-Forward-FCH-RC 20 integer 3GPP2
ATTRIBUTE 3GPP2-Reverse-FCH-RC 21 integer 3GPP2
ATTRIBUTE 3GPP2-IP-Technology 22 integer 3GPP2
ATTRIBUTE 3GPP2-Compulsory-Tunnel-Indicator 23 integer 3GPP2
ATTRIBUTE 3GPP2-Release-Indicator 24 integer 3GPP2
ATTRIBUTE 3GPP2-Bad-PPP-Frame-Count 25 integer 3GPP2
#
# 26-29 ?
#
ATTRIBUTE 3GPP2-Number-Active-Transitions 30 integer 3GPP2
ATTRIBUTE 3GPP2-Terminating-SDB-Octet-Count 31 integer 3GPP2
ATTRIBUTE 3GPP2-Originating-SDB-OCtet-Count 32 integer 3GPP2
ATTRIBUTE 3GPP2-Terminating-Number-SDBs 33 integer 3GPP2
ATTRIBUTE 3GPP2-Originating-Number-SDBs 34 integer 3GPP2
# 35 ?
ATTRIBUTE 3GPP2-IP-QoS 36 integer 3GPP2
# 37-38 ?
ATTRIBUTE 3GPP2-Airlink-Priority 39 integer 3GPP2
ATTRIBUTE 3GPP2-Airlink-Record-Type 40 integer 3GPP2
# 41 ?
ATTRIBUTE 3GPP2-Airlink-Sequence-Number 42 integer 3GPP2
ATTRIBUTE 3GPP2-Received-HDLC-Octets 43 integer 3GPP2
ATTRIBUTE 3GPP2-Correlation-Id 44 string 3GPP2
ATTRIBUTE 3GPP2-Module-Orig-Term-Indicator 45 octets 3GPP2
ATTRIBUTE 3GPP2-Inbound-Mobile-IP-Sig-Octets 46 integer 3GPP2
ATTRIBUTE 3GPP2-Outbound-Mobile-IP-Sig-Octets 47 integer 3GPP2
ATTRIBUTE 3GPP2-Session-Continue 48 integer 3GPP2
ATTRIBUTE 3GPP2-Active-Time 49 integer 3GPP2
ATTRIBUTE 3GPP2-DCCH-Frame-Size 50 integer 3GPP2
ATTRIBUTE 3GPP2-Begin-Session 51 integer 3GPP2
ATTRIBUTE 3GPP2-ESN 52 string 3GPP2
# 53 ?
ATTRIBUTE 3GPP2-S-Key 54 octets 3GPP2
ATTRIBUTE 3GPP2-S-Request 55 integer 3GPP2
ATTRIBUTE 3GPP2-S-Lifetime 56 date 3GPP2
ATTRIBUTE 3GPP2-MN-HA-SPI 57 integer 3GPP2
ATTRIBUTE 3GPP2-MN-HA-Shared-Key 58 string 3GPP2
# The next set of attributes contain sub-types
ATTRIBUTE 3GPP2-Remote-IP-Address 59 octets 3GPP2
# 60 - 69 are marked "reserved"
ATTRIBUTE 3GPP2-Remote-IPv6-Address 70 octets 3GPP2
ATTRIBUTE 3GPP2-Remote-Address-Table-Index 71 octets 3GPP2
ATTRIBUTE 3GPP2-Remote-IPv4-Addr-Octet-Count 72 octets 3GPP2
ATTRIBUTE 3GPP2-Allowed-Diffserv-Marking 73 octets 3GPP2
ATTRIBUTE 3GPP2-Service-Option-Profile 74 octets 3GPP2
# the following don't contain subtypes
ATTRIBUTE 3GPP2-DNS-Update-Required 75 integer 3GPP2
# Is this 76 or 78? Check...
#ATTRIBUTE 3GPP2-Always-On 76 integer 3GPP2
# 77 ?
#ATTRIBUTE 3GPP2-Always-On 78 integer 3GPP2
ATTRIBUTE 3GPP2-Foreign-Agent-Address 79 ipaddr 3GPP2
ATTRIBUTE 3GPP2-Last-User-Activity-Time 80 integer 3GPP2
ATTRIBUTE 3GPP2-MN-AAA-Removal-Indication 81 integer 3GPP2
ATTRIBUTE 3GPP2-RN-Packet-Data-Inactivity-Timer 82 integer 3GPP2
ATTRIBUTE 3GPP2-Forward-PDCH-RC 83 integer 3GPP2
ATTRIBUTE 3GPP2-Forward-DCCH-Mux-Option 84 integer 3GPP2
ATTRIBUTE 3GPP2-Reverse-DCCH-Mux-Option 85 integer 3GPP2
ATTRIBUTE 3GPP2-Forward-DCCH-RC 86 integer 3GPP2
ATTRIBUTE 3GPP2-Reverse-DHHC-RC 87 integer 3GPP2
ATTRIBUTE 3GPP2-Session-Termination-Capability 88 integer 3GPP2
ATTRIBUTE 3GPP2-Allowed-Persistent-TFTs 89 integer 3GPP2
# The next set of attributes contain sub-types
ATTRIBUTE 3GPP2-Prepaid-Acct-Quota 90 octets 3GPP2
ATTRIBUTE 3GPP2-Prepaid-acct-Capability 91 octets 3GPP2
ATTRIBUTE 3GPP2-MIP-Lifetime 92 octets 3GPP2
ATTRIBUTE 3GPP2-Acct-Stop-Trigger 93 integer 3GPP2
# contains subtypes
ATTRIBUTE 3GPP2-Service-Reference-Id 94 octets 3GPP2
ATTRIBUTE 3GPP2-DNS-Update-Capability 95 integer 3GPP2
ATTRIBUTE 3GPP2-Disconnect-Reason 96 integer 3GPP2
# The next set of attributes contain sub-types
ATTRIBUTE 3GPP2-Remote-IPv6-Octet-Count 97 octets 3GPP2
ATTRIBUTE 3GPP2-PrePaid-Tariff-Switching 98 octets 3GPP2

251
dicts/dictionary.acc Normal file
View File

@ -0,0 +1,251 @@
#
# dictionary.acc
# Dictionary for Acc/Newbridge, models Tigris, Amazon, etc.
# Written by Stephane Marzloff <smarzloff@carif-idf.org>
# based on specifications available through ftp and the web.
#
# Version: @(#)dictionary.acc 1.00 smarzloff 21-Jun-1999
#
VENDOR Acc 5
#
# Acc specific
ATTRIBUTE Acc-Reason-Code 1 integer Acc
ATTRIBUTE Acc-Ccp-Option 2 integer Acc
ATTRIBUTE Acc-Input-Errors 3 integer Acc
ATTRIBUTE Acc-Output-Errors 4 integer Acc
ATTRIBUTE Acc-Access-Partition 5 string Acc
ATTRIBUTE Acc-Customer-Id 6 string Acc
ATTRIBUTE Acc-Ip-Gateway-Pri 7 ipaddr Acc
ATTRIBUTE Acc-Ip-Gateway-Sec 8 ipaddr Acc
ATTRIBUTE Acc-Route-Policy 9 integer Acc
ATTRIBUTE Acc-ML-MLX-Admin-State 10 integer Acc
ATTRIBUTE Acc-ML-Call-Threshold 11 integer Acc
ATTRIBUTE Acc-ML-Clear-Threshold 12 integer Acc
ATTRIBUTE Acc-ML-Damping-Factor 13 integer Acc
ATTRIBUTE Acc-Tunnel-Secret 14 string Acc
ATTRIBUTE Acc-Clearing-Cause 15 integer Acc
ATTRIBUTE Acc-Clearing-Location 16 integer Acc
ATTRIBUTE Acc-Service-Profile 17 string Acc
ATTRIBUTE Acc-Request-Type 18 integer Acc
ATTRIBUTE Acc-Bridging-Support 19 integer Acc
ATTRIBUTE Acc-Apsm-Oversubscribed 20 integer Acc
ATTRIBUTE Acc-Acct-On-Off-Reason 21 integer Acc
ATTRIBUTE Acc-Tunnel-Port 22 integer Acc
ATTRIBUTE Acc-Dns-Server-Pri 23 ipaddr Acc
ATTRIBUTE Acc-Dns-Server-Sec 24 ipaddr Acc
ATTRIBUTE Acc-Nbns-Server-Pri 25 ipaddr Acc
ATTRIBUTE Acc-Nbns-Server-Sec 26 ipaddr Acc
ATTRIBUTE Acc-Dial-Port-Index 27 integer Acc
ATTRIBUTE Acc-Ip-Compression 28 integer Acc
ATTRIBUTE Acc-Ipx-Compression 29 integer Acc
ATTRIBUTE Acc-Connect-Tx-Speed 30 integer Acc
ATTRIBUTE Acc-Connect-Rx-Speed 31 integer Acc
ATTRIBUTE Acc-Modem-Modulation-Type 32 string Acc
ATTRIBUTE Acc-Modem-Error-Protocol 33 string Acc
ATTRIBUTE Acc-Callback-Delay 34 integer Acc
ATTRIBUTE Acc-Callback-Num-Valid 35 string Acc
ATTRIBUTE Acc-Callback-Mode 36 integer Acc
ATTRIBUTE Acc-Callback-CBCP-Type 37 integer Acc
ATTRIBUTE Acc-Dialout-Auth-Mode 38 integer Acc
ATTRIBUTE Acc-Dialout-Auth-Password 39 string Acc
ATTRIBUTE Acc-Dialout-Auth-Username 40 string Acc
ATTRIBUTE Acc-Access-Community 42 integer Acc
ATTRIBUTE Acc-Vpsm-Reject-Cause 43 integer Acc
ATTRIBUTE Acc-Ace-Token 44 string Acc
ATTRIBUTE Acc-Ace-Token-Ttl 45 integer Acc
ATTRIBUTE Acc-Ip-Pool-Name 46 string Acc
ATTRIBUTE Acc-Igmp-Admin-State 47 integer Acc
ATTRIBUTE Acc-Igmp-Version 48 integer Acc
VALUE Acc-Reason-Code No-reason-No-Failure 0
VALUE Acc-Reason-Code Resource-shortage 1
VALUE Acc-Reason-Code Session-already-open 2
VALUE Acc-Reason-Code Too-many-RADIUS-users 3
VALUE Acc-Reason-Code No-authentification-server 4
VALUE Acc-Reason-Code No-authentification-response 5
VALUE Acc-Reason-Code No-accounting-server 6
VALUE Acc-Reason-Code No-accounting-response 7
VALUE Acc-Reason-Code Access-Denied 8
VALUE Acc-Reason-Code Temporary-buffer-shortage 9
VALUE Acc-Reason-Code Protocol-error 10
VALUE Acc-Reason-Code Invalid-attribute 11
VALUE Acc-Reason-Code Invalid-service-type 12
VALUE Acc-Reason-Code Invalid-framed-protocol 13
VALUE Acc-Reason-Code Invalid-attribute-value 14
VALUE Acc-Reason-Code Invalid-user-information 15
VALUE Acc-Reason-Code Invalid-IP-address 16
VALUE Acc-Reason-Code Invalid-integer-syntax 17
VALUE Acc-Reason-Code Invalid-NAS-port 18
VALUE Acc-Reason-Code Requested-by-user 19
VALUE Acc-Reason-Code Network-disconnect 20
VALUE Acc-Reason-Code Service-interruption 21
VALUE Acc-Reason-Code Physical-port-error 22
VALUE Acc-Reason-Code Idle-timeout 23
VALUE Acc-Reason-Code Session-timeout 24
VALUE Acc-Reason-Code Administrative-reset 25
VALUE Acc-Reason-Code NAS-reload-or-reset 26
VALUE Acc-Reason-Code NAS-error 27
VALUE Acc-Reason-Code NAS-request 28
VALUE Acc-Reason-Code Undefined-reason-given 29
VALUE Acc-Reason-Code Conflicting-attributes 30
VALUE Acc-Reason-Code Port-limit-exceeded 31
VALUE Acc-Reason-Code Facility-not-available 32
VALUE Acc-Reason-Code Internal-config-error 33
VALUE Acc-Reason-Code Bad-route-specification 34
VALUE Acc-Reason-Code Access-Partition-bind-failure 35
VALUE Acc-Reason-Code Security-violation 36
VALUE Acc-Reason-Code Request-type-conflict 37
VALUE Acc-Reason-Code Configuration-disallowed 38
VALUE Acc-Reason-Code Missing-attribute 39
VALUE Acc-Reason-Code Invalid-request 40
VALUE Acc-Reason-Code Missing-parameter 41
VALUE Acc-Reason-Code Invalid-parameter 42
VALUE Acc-Reason-Code Call-cleared-with-cause 43
VALUE Acc-Reason-Code Inopportune-config-request 44
VALUE Acc-Reason-Code Invalid-config-parameter 45
VALUE Acc-Reason-Code Missing-config-parameter 46
VALUE Acc-Reason-Code Incompatible-service-profile 47
VALUE Acc-Reason-Code Administrative-reset-2 48
VALUE Acc-Reason-Code Administrative-reload 49
VALUE Acc-Reason-Code Port-unneeded 50
VALUE Acc-Reason-Code Port-preempted 51
VALUE Acc-Reason-Code Port-suspended 52
VALUE Acc-Reason-Code Service-unavailable 53
VALUE Acc-Reason-Code Callback 54
VALUE Acc-Reason-Code User-error 55
VALUE Acc-Reason-Code Host-request 56
VALUE Acc-Ccp-Option Disabled 1
VALUE Acc-Ccp-Option Enabled 2
VALUE Acc-Route-Policy Funnel 1
VALUE Acc-Route-Policy Direct 2
VALUE Acc-ML-MLX-Admin-State Enabled 1
VALUE Acc-ML-MLX-Admin-State Disabled 2
VALUE Acc-Clearing-Cause Cause-unspecified 0
VALUE Acc-Clearing-Cause Unassigned-number 1
VALUE Acc-Clearing-Cause No-route-to-transit-network 2
VALUE Acc-Clearing-Cause No-route-to-destination 3
VALUE Acc-Clearing-Cause Channel-unacceptable 6
VALUE Acc-Clearing-Cause Call-awarded-being-delivered 7
VALUE Acc-Clearing-Cause Normal-clearing 16
VALUE Acc-Clearing-Cause User-busy 17
VALUE Acc-Clearing-Cause No-user-responding 18
VALUE Acc-Clearing-Cause User-alerted-no-answer 19
VALUE Acc-Clearing-Cause Call-rejected 21
VALUE Acc-Clearing-Cause Number-changed 22
VALUE Acc-Clearing-Cause Non-selected-user-clearing 26
VALUE Acc-Clearing-Cause Destination-out-of-order 27
VALUE Acc-Clearing-Cause Invalid-or-incomplete-number 28
VALUE Acc-Clearing-Cause Facility-rejected 29
VALUE Acc-Clearing-Cause Response-to-status-inquiry 30
VALUE Acc-Clearing-Cause Normal-unspecified-cause 31
VALUE Acc-Clearing-Cause No-circuit-or-channel-available 34
VALUE Acc-Clearing-Cause Network-out-of-order 38
VALUE Acc-Clearing-Cause Temporary-failure 41
VALUE Acc-Clearing-Cause Switching-equipment-congestion 42
VALUE Acc-Clearing-Cause Access-information-discarded 43
VALUE Acc-Clearing-Cause Circuit-or-channel-unavailable 44
VALUE Acc-Clearing-Cause Circuit-or-channed-preempted 45
VALUE Acc-Clearing-Cause Resources-unavailable 47
VALUE Acc-Clearing-Cause Quality-of-service-unavailable 49
VALUE Acc-Clearing-Cause Facility-not-subscribed 50
VALUE Acc-Clearing-Cause Outgoing-calls-barred 52
VALUE Acc-Clearing-Cause Incoming-calls-barred 54
VALUE Acc-Clearing-Cause Bearer-capability-unauthorized 57
VALUE Acc-Clearing-Cause Bearer-capability-not-available 58
VALUE Acc-Clearing-Cause Service-not-available 63
VALUE Acc-Clearing-Cause Bearer-capablity-not-implmented 65
VALUE Acc-Clearing-Cause Channel-type-not-implemented 66
VALUE Acc-Clearing-Cause Facility-not-implemented 69
VALUE Acc-Clearing-Cause Restrcted-digtal-infrmtion-only 70
VALUE Acc-Clearing-Cause Service-not-implemented 79
VALUE Acc-Clearing-Cause Invalid-call-reference 81
VALUE Acc-Clearing-Cause Identified-channel-doesnt-exist 82
VALUE Acc-Clearing-Cause Call-identify-in-use 84
VALUE Acc-Clearing-Cause No-call-suspended 85
VALUE Acc-Clearing-Cause Suspended-call-cleared 86
VALUE Acc-Clearing-Cause Incompatible-destination 88
VALUE Acc-Clearing-Cause Invalid-transit-network-selctin 91
VALUE Acc-Clearing-Cause Invalid-message 95
VALUE Acc-Clearing-Cause Mandtory-infrmtion-elment-miss 96
VALUE Acc-Clearing-Cause Message-not-implemented 97
VALUE Acc-Clearing-Cause Inopportune-message 98
VALUE Acc-Clearing-Cause Infrmtion-elemnt-not-implmented 99
VALUE Acc-Clearing-Cause Invlid-infrmtion-element-contnt 100
VALUE Acc-Clearing-Cause Message-incompatible-with-state 101
VALUE Acc-Clearing-Cause Recovery-on-timer-expiration 102
VALUE Acc-Clearing-Cause Mndtry-infrmtion-elmnt-lngt-err 103
VALUE Acc-Clearing-Cause Protocol-error 111
VALUE Acc-Clearing-Cause Interworking 127
VALUE Acc-Clearing-Location Local-or-remote-user 0
VALUE Acc-Clearing-Location Prvte-ntwork-serving-local-user 1
VALUE Acc-Clearing-Location Pblic-ntwork-serving-local-user 2
VALUE Acc-Clearing-Location Transit-network 3
VALUE Acc-Clearing-Location Prvte-ntwork-serv-remote-user 4
VALUE Acc-Clearing-Location Pblic-ntwork-serv-remote-user 5
VALUE Acc-Clearing-Location International-network 6
VALUE Acc-Clearing-Location Beyond-interworking-point 10
VALUE Acc-Request-Type Ring-Indication 1
VALUE Acc-Request-Type Dial-Request 2
VALUE Acc-Request-Type User-Authentification 3
VALUE Acc-Request-Type Tunnel-Authentification 4
VALUE Acc-Bridging-Support Disabled 1
VALUE Acc-Bridging-Support Enabled 2
VALUE Acc-Apsm-Oversubscribed False 1
VALUE Acc-Apsm-Oversubscribed True 2
VALUE Acc-Acct-On-Off-Reason NAS-Reset 0
VALUE Acc-Acct-On-Off-Reason NAS-Reload 1
VALUE Acc-Acct-On-Off-Reason Configuration-Reset 2
VALUE Acc-Acct-On-Off-Reason Configuration-Reload 3
VALUE Acc-Acct-On-Off-Reason Enabled 4
VALUE Acc-Acct-On-Off-Reason Disabled 5
VALUE Acc-Ip-Compression Disabled 1
VALUE Acc-Ip-Compression Enabled 2
VALUE Acc-Ipx-Compression Disabled 1
VALUE Acc-Ipx-Compression Enabled 2
VALUE Acc-Callback-Mode User-Auth 0
VALUE Acc-Callback-Mode User-Specified-E-164 3
VALUE Acc-Callback-Mode CBCP-Callback 6
VALUE Acc-Callback-Mode CLI-Callback 7
VALUE Acc-Callback-CBCP-Type CBCP-None 1
VALUE Acc-Callback-CBCP-Type CBCP-User-Specified 2
VALUE Acc-Callback-CBCP-Type CBCP-Pre-Specified 3
VALUE Acc-Dialout-Auth-Mode PAP 1
VALUE Acc-Dialout-Auth-Mode CHAP 2
VALUE Acc-Dialout-Auth-Mode CHAP-PAP 3
VALUE Acc-Dialout-Auth-Mode NONE 4
VALUE Acc-Access-Community PUBLIC 1
VALUE Acc-Access-Community NETMAN 2
# Acc-Vpsm-Reject-Cause values (available in access-reject packets only)
VALUE Acc-Vpsm-Reject-Cause No-Access-Partition 1
VALUE Acc-Vpsm-Reject-Cause Access-Partition-Disabled 2
VALUE Acc-Vpsm-Reject-Cause Partition-Portlimit-Exceeded 3
VALUE Acc-Vpsm-Reject-Cause License-Portlimit-Exceeded 4
VALUE Acc-Vpsm-Reject-Cause Home-Server-Down 5
VALUE Acc-Vpsm-Reject-Cause Rejected-By-Home-Server 6
VALUE Acc-Vpsm-Reject-Cause NAS-Administratively-Disabled 7
# Acc-Igmp-Admin-State values
VALUE Acc-Igmp-Admin-State Enabled 1
VALUE Acc-Igmp-Admin-State Disabled 2
# Acc-Igmp-Version values
VALUE Acc-Igmp-Version V1 1
VALUE Acc-Igmp-Version V2 2

64
dicts/dictionary.alcatel Normal file
View File

@ -0,0 +1,64 @@
#
# Alcatel Broadband Access Server dictionary.
#
# Version: 1.00 10-July-2002 Lasse Johnsen <lassejohnsen@bulldogcommunications.com>
# $Id: dictionary.alcatel 45 2006-11-14 17:45:00Z lem $
#
VENDOR Alcatel 3041
#
# Alcatel Vendor Specific Extensions
#
#
ATTRIBUTE AAT-Client-Primary-DNS 5 ipaddr Alcatel
ATTRIBUTE AAT-Client-Primary-WINS-NBNS 6 ipaddr Alcatel
ATTRIBUTE AAT-Client-Secondary-WINS-NBNS 7 ipaddr Alcatel
#ATTRIBUTE AAT-Client-Primary-DNS 8 ipaddr Alcatel
ATTRIBUTE AAT-PPP-Address 9 ipaddr Alcatel
ATTRIBUTE AAT-ATM-Direct 21 string Alcatel
ATTRIBUTE AAT-IP-TOS 22 integer Alcatel
ATTRIBUTE AAT-IP-TOS-Precedence 23 integer Alcatel
ATTRIBUTE AAT-IP-TOS-Apply-To 24 integer Alcatel
ATTRIBUTE AAT-MCast-Client 27 integer Alcatel
ATTRIBUTE AAT-Vrouter-Name 61 string Alcatel
ATTRIBUTE AAT-Require-Auth 62 integer Alcatel
ATTRIBUTE AAT-IP-Pool-Definition 63 string Alcatel
ATTRIBUTE AAT-Assign-IP-Pool 64 integer Alcatel
ATTRIBUTE AAT-Data-Filter 65 string Alcatel
ATTRIBUTE AAT-Source-IP-Check 66 integer Alcatel
ATTRIBUTE AAT-ATM-VPI 128 integer Alcatel
ATTRIBUTE AAT-ATM-VCI 129 integer Alcatel
ATTRIBUTE AAT-Input-Octets-Diff 130 integer Alcatel
ATTRIBUTE AAT-Output-Octets-Diff 131 integer Alcatel
ATTRIBUTE AAT-User-MAC-Address 132 string Alcatel
ATTRIBUTE AAT-ATM-Traffic-Profile 133 string Alcatel
VALUE AAT-MCast-Client Multicast-No 0
VALUE AAT-MCast-Client Multicast-Yes 1
VALUE AAT-Require-Auth Not-Require-Auth 0
VALUE AAT-Require-Auth Require-Auth 1
VALUE AAT-Source-IP-Check Source-IP-Check-No 0
VALUE AAT-Source-IP-Check Source-IP-Check-Yes 1
VALUE AAT-IP-TOS IP-TOS-Normal 0
VALUE AAT-IP-TOS IP-TOS-Disabled 1
VALUE AAT-IP-TOS IP-TOS-Cost 2
VALUE AAT-IP-TOS IP-TOS-Reliability 4
VALUE AAT-IP-TOS IP-TOS-Throughput 8
VALUE AAT-IP-TOS IP-TOS-Latency 16
VALUE AAT-IP-TOS-Apply-To IP-TOS-Apply-To-Incoming 1024
VALUE AAT-IP-TOS-Apply-To IP-TOS-Apply-To-Both 3072
VALUE AAT-IP-TOS-Apply-To IP-TOS-Apply-To-Outgoing 2048
VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Normal 0
VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-One 32
VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Two 64
VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Three 96
VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Four 128
VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Five 160
VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Six 192
VALUE AAT-IP-TOS-Precedence IP-TOS-Precedence-Pri-Seven 224

17
dicts/dictionary.alteon Normal file
View File

@ -0,0 +1,17 @@
#
# dictionary.alteon
#
# Alteon Webswitch
#
# $Id: dictionary.alteon 45 2006-11-14 17:45:00Z lem $
#
VENDOR Alteon 1872
ATTRIBUTE Alteon-Service-Type 26 integer Alteon
VALUE Alteon-Service-Type Alteon-L4admin 250
VALUE Alteon-Service-Type Alteon-Slbadmin 251
VALUE Alteon-Service-Type Alteon-Oper 252
VALUE Alteon-Service-Type Alteon-L4oper 253
VALUE Alteon-Service-Type Alteon-Slboper 254
VALUE Alteon-Service-Type Alteon-User 255

131
dicts/dictionary.altiga Normal file
View File

@ -0,0 +1,131 @@
# Altiga vendor attributes
#
# $Id: dictionary.altiga 45 2006-11-14 17:45:00Z lem $
#
VENDOR Altiga 3076
ATTRIBUTE Altiga-Access-Hours-G/U 1 string Altiga
ATTRIBUTE Altiga-Simultaneous-Logins-G/U 2 integer Altiga
ATTRIBUTE Altiga-Min-Password-Length-G 3 integer Altiga
ATTRIBUTE Altiga-Allow-Alpha-Only-Passwords-G 4 integer Altiga
ATTRIBUTE Altiga-Primary-DNS-G 5 ipaddr Altiga
ATTRIBUTE Altiga-Secondary-DNS-G 6 ipaddr Altiga
ATTRIBUTE Altiga-Primary-WINS-G 7 ipaddr Altiga
ATTRIBUTE Altiga-Secondary-WINS-G 8 ipaddr Altiga
ATTRIBUTE Altiga-SEP-Card-Assignment-G/U 9 integer Altiga
ATTRIBUTE Altiga-Priority-on-SEP-G/U 10 integer Altiga
ATTRIBUTE Altiga-Tunneling-Protocols-G/U 11 integer Altiga
ATTRIBUTE Altiga-IPSec-Sec-Association-G/U 12 string Altiga
ATTRIBUTE Altiga-IPSec-Authentication-G 13 integer Altiga
ATTRIBUTE Altiga-IPSec-Banner-G 15 string Altiga
ATTRIBUTE Altiga-IPSec-Allow-Passwd-Store-G/U 16 integer Altiga
ATTRIBUTE Altiga-Use-Client-Address-G/U 17 integer Altiga
ATTRIBUTE Altiga-PPTP-Min-Authentication-G/U 18 integer Altiga
ATTRIBUTE Altiga-L2TP-Min-Authentication-G/U 19 integer Altiga
ATTRIBUTE Altiga-PPTP-Encryption-G 20 integer Altiga
ATTRIBUTE Altiga-L2TP-Encryption-G 21 integer Altiga
ATTRIBUTE Altiga-IPSec-L2L-Keepalives-G 25 integer Altiga
ATTRIBUTE Altiga-IPSec-Split-Tunnel-List-G 27 string Altiga
ATTRIBUTE Altiga-IPSec-Default-Domain-G 28 string Altiga
ATTRIBUTE Altiga-IPSec-Secondary-Domains-G 29 string Altiga
ATTRIBUTE Altiga-IPSec-Tunnel-Type-G 30 integer Altiga
ATTRIBUTE Altiga-IPSec-Mode-Config-G 31 integer Altiga
ATTRIBUTE Altiga-IPSec-User-Group-Lock-G 33 integer Altiga
ATTRIBUTE Altiga-IPSec-Over-NAT-G 34 integer Altiga
ATTRIBUTE Altiga-IPSec-Over-NAT-Port-Num-G 35 integer Altiga
# Altiga value
VALUE Altiga-Allow-Alpha-Only-Passwords-G Allow 1
VALUE Altiga-Allow-Alpha-Only-Passwords-G Disallow 0
VALUE Altiga-SEP-Card-Assignment-G/U SEP1 1
VALUE Altiga-SEP-Card-Assignment-G/U SEP2 2
VALUE Altiga-SEP-Card-Assignment-G/U SEP3 4
VALUE Altiga-SEP-Card-Assignment-G/U SEP4 8
VALUE Altiga-SEP-Card-Assignment-G/U Any-SEP 15
VALUE Altiga-Priority-on-SEP-G/U High 1
VALUE Altiga-Priority-on-SEP-G/U Med-High 2
VALUE Altiga-Priority-on-SEP-G/U Medium 3
VALUE Altiga-Priority-on-SEP-G/U Med-Low 4
VALUE Altiga-Priority-on-SEP-G/U Low 5
VALUE Altiga-Tunneling-Protocols-G/U PPTP 1
VALUE Altiga-Tunneling-Protocols-G/U L2TP 2
VALUE Altiga-Tunneling-Protocols-G/U IPSec 4
VALUE Altiga-Tunneling-Protocols-G/U L2TP/IPSec 8
VALUE Altiga-Tunneling-Protocols-G/U PPTP-and-IPSec 5
VALUE Altiga-Tunneling-Protocols-G/U All 15
VALUE Altiga-IPSec-Authentication-G None 0
VALUE Altiga-IPSec-Authentication-G RADIUS 1
VALUE Altiga-IPSec-Authentication-G LDAP 2
VALUE Altiga-IPSec-Authentication-G NTDomain 3
VALUE Altiga-IPSec-Authentication-G SDI 4
VALUE Altiga-IPSec-Authentication-G Internal 5
VALUE Altiga-IPSec-Allow-Passwd-Store-G/U Allow 1
VALUE Altiga-IPSec-Allow-Passwd-Store-G/U Disallow 0
VALUE Altiga-Use-Client-Address-G/U Allow 1
VALUE Altiga-Use-Client-Address-G/U Disallow 0
VALUE Altiga-PPTP-Min-Authentication-G/U PAP 1
VALUE Altiga-PPTP-Min-Authentication-G/U CHAP 2
VALUE Altiga-PPTP-Min-Authentication-G/U EAP-MD5 4
VALUE Altiga-PPTP-Min-Authentication-G/U EAP-GTC 8
VALUE Altiga-PPTP-Min-Authentication-G/U EAP-TLS 16
VALUE Altiga-PPTP-Min-Authentication-G/U MSCHAPv1 32
VALUE Altiga-PPTP-Min-Authentication-G/U MSCHAPv2 64
VALUE Altiga-PPTP-Min-Authentication-G/U Default 102
VALUE Altiga-L2TP-Min-Authentication-G/U PAP 1
VALUE Altiga-L2TP-Min-Authentication-G/U CHAP 2
VALUE Altiga-L2TP-Min-Authentication-G/U EAP-MD5 4
VALUE Altiga-L2TP-Min-Authentication-G/U EAP-GTC 8
VALUE Altiga-L2TP-Min-Authentication-G/U EAP-TLS 16
VALUE Altiga-L2TP-Min-Authentication-G/U MSCHAPv1 32
VALUE Altiga-L2TP-Min-Authentication-G/U MSCHAPv2 64
VALUE Altiga-L2TP-Min-Authentication-G/U Default 102
VALUE Altiga-PPTP-Encryption-G 40bit 2
VALUE Altiga-PPTP-Encryption-G 40-Encryption-Req 3
VALUE Altiga-PPTP-Encryption-G 128 4
VALUE Altiga-PPTP-Encryption-G 128-Encryption-Req 5
VALUE Altiga-PPTP-Encryption-G 40-or-128 6
VALUE Altiga-PPTP-Encryption-G 40-or-128-Encry-Req 7
VALUE Altiga-PPTP-Encryption-G 40-Stateless-Req 10
VALUE Altiga-PPTP-Encryption-G 40-Enc/Stateless-Req 11
VALUE Altiga-PPTP-Encryption-G 128-Stateless-Req 12
VALUE Altiga-PPTP-Encryption-G 128-Enc/Stateless-Req 13
VALUE Altiga-PPTP-Encryption-G 40/128-Stateless-Req 14
VALUE Altiga-PPTP-Encryption-G 40/128-Enc/Statls-Req 15
VALUE Altiga-L2TP-Encryption-G 40bit 2
VALUE Altiga-L2TP-Encryption-G 40-Encryption-Req 3
VALUE Altiga-L2TP-Encryption-G 128 4
VALUE Altiga-L2TP-Encryption-G 128-Encryption-Req 5
VALUE Altiga-L2TP-Encryption-G 40-or-128 6
VALUE Altiga-L2TP-Encryption-G 40-or-128-Encry-Req 7
VALUE Altiga-L2TP-Encryption-G 40-Stateless-Req 10
VALUE Altiga-L2TP-Encryption-G 40-Enc/Stateless-Req 11
VALUE Altiga-L2TP-Encryption-G 128-Stateless-Req 12
VALUE Altiga-L2TP-Encryption-G 128-Enc/Stateless-Req 13
VALUE Altiga-L2TP-Encryption-G 40/128-Stateless-Req 14
VALUE Altiga-L2TP-Encryption-G 40/128-Enc/Statls-Req 15
VALUE Altiga-IPSec-L2L-Keepalives-G ON 1
VALUE Altiga-IPSec-L2L-Keepalives-G OFF 0
VALUE Altiga-IPSec-Tunnel-Type-G LAN-to-LAN 1
VALUE Altiga-IPSec-Tunnel-Type-G Remote-Access 2
VALUE Altiga-IPSec-Mode-Config-G ON 1
VALUE Altiga-IPSec-Mode-Config-G OFF 0
VALUE Altiga-IPSec-User-Group-Lock-G ON 1
VALUE Altiga-IPSec-User-Group-Lock-G OFF 0
VALUE Altiga-IPSec-Over-NAT-G ON 1
VALUE Altiga-IPSec-Over-NAT-G OFF 0

44
dicts/dictionary.aptis Normal file
View File

@ -0,0 +1,44 @@
#
# $Id: dictionary.aptis 45 2006-11-14 17:45:00Z lem $
#
VENDOR Aptis 2637
ATTRIBUTE CVX-Identification 1 string Aptis
ATTRIBUTE CVX-VPOP-ID 2 integer Aptis
ATTRIBUTE CVX-SS7-Session-ID-Type 3 integer Aptis
ATTRIBUTE CVX-Radius-Redirect 4 integer Aptis
ATTRIBUTE CVX-IPSVC-AZNLVL 5 integer Aptis
ATTRIBUTE CVX-IPSVC-Mask 6 integer Aptis
ATTRIBUTE CVX-Multilink-Match-Info 7 integer Aptis
ATTRIBUTE CVX-Multilink-Group-Number 8 integer Aptis
ATTRIBUTE CVX-PPP-Log-Mask 9 integer Aptis
ATTRIBUTE CVX-Modem-Begin-Modulation 10 string Aptis
ATTRIBUTE CVX-Modem-End-Modulation 11 string Aptis
ATTRIBUTE CVX-Modem-Error-Correction 12 string Aptis
ATTRIBUTE CVX-Modem-Data-Compression 13 string Aptis
ATTRIBUTE CVX-Modem-Tx-Packets 14 integer Aptis
ATTRIBUTE CVX-Modem-ReTx-Packets 15 integer Aptis
ATTRIBUTE CVX-Modem-SNR 16 integer Aptis
ATTRIBUTE CVX-Modem-Local-Retrains 17 integer Aptis
ATTRIBUTE CVX-Modem-Remote-Retrains 18 integer Aptis
ATTRIBUTE CVX-Modem-Local-Rate-Negs 19 integer Aptis
ATTRIBUTE CVX-Modem-Remote-Rate-Negs 20 integer Aptis
ATTRIBUTE CVX-Modem-Begin-Recv-Line-Lvl 21 integer Aptis
ATTRIBUTE CVX-Modem-End-Recv-Line-Lvl 22 integer Aptis
ATTRIBUTE CVX-Primary-DNS 135 ipaddr Aptis
ATTRIBUTE CVX-Secondary-DNS 136 ipaddr Aptis
ATTRIBUTE CVX-Client-Assign-DNS 137 integer Aptis
ATTRIBUTE CVX-Multicast-Rate-Limit 152 integer Aptis
ATTRIBUTE CVX-Multicast-Client 155 integer Aptis
ATTRIBUTE CVX-Disconnect-Cause 195 integer Aptis
ATTRIBUTE CVX-Data-Rate 197 integer Aptis
ATTRIBUTE CVX-PreSession-Time 198 integer Aptis
ATTRIBUTE CVX-Assign-IP-Pool 218 integer Aptis
ATTRIBUTE CVX-Maximum-Channels 235 integer Aptis
ATTRIBUTE CVX-Data-Filter 242 string Aptis
ATTRIBUTE CVX-Idle-Limit 244 integer Aptis
ATTRIBUTE CVX-PPP-Address 253 ipaddr Aptis
ATTRIBUTE CVX-Xmit-Rate 255 integer Aptis

1063
dicts/dictionary.ascend Normal file
View File

File diff suppressed because it is too large Load Diff

261
dicts/dictionary.bay Normal file
View File

@ -0,0 +1,261 @@
#
# Bay Networks
# http://www.baynetworks.com/
#
# From MegaZone <megazone@megazone.org>, as posted to the bay-isp list.
# Modified for libradius by Alan DeKok <aland@ox.org>
#
VENDOR Bay-Networks 1584 # now Nortel
# Bay Networks Extensions
ATTRIBUTE Annex-Filter 28 string Bay-Networks
ATTRIBUTE Annex-CLI-Command 29 string Bay-Networks
ATTRIBUTE Annex-CLI-Filter 30 string Bay-Networks
ATTRIBUTE Annex-Host-Restrict 31 string Bay-Networks
ATTRIBUTE Annex-Host-Allow 32 string Bay-Networks
ATTRIBUTE Annex-Product-Name 33 string Bay-Networks
ATTRIBUTE Annex-SW-Version 34 string Bay-Networks
ATTRIBUTE Annex-Local-IP-Address 35 ipaddr Bay-Networks
ATTRIBUTE Annex-Callback-Portlist 36 integer Bay-Networks
ATTRIBUTE Annex-Sec-Profile-Index 37 integer Bay-Networks
ATTRIBUTE Annex-Tunnel-Authen-Type 38 integer Bay-Networks
ATTRIBUTE Annex-Tunnel-Authen-Mode 39 integer Bay-Networks
ATTRIBUTE Annex-Authen-Servers 40 string Bay-Networks
ATTRIBUTE Annex-Acct-Servers 41 string Bay-Networks
ATTRIBUTE Annex-User-Server-Location 42 integer Bay-Networks
ATTRIBUTE Annex-Local-Username 43 string Bay-Networks
ATTRIBUTE Annex-System-Disc-Reason 44 integer Bay-Networks
ATTRIBUTE Annex-Modem-Disc-Reason 45 integer Bay-Networks
ATTRIBUTE Annex-Disconnect-Reason 46 integer Bay-Networks
ATTRIBUTE Annex-Addr-Resolution-Protocol 47 integer Bay-Networks
ATTRIBUTE Annex-Addr-Resolution-Servers 48 string Bay-Networks
ATTRIBUTE Annex-Domain-Name 49 string Bay-Networks
ATTRIBUTE Annex-Transmit-Speed 50 integer Bay-Networks
ATTRIBUTE Annex-Receive-Speed 51 integer Bay-Networks
ATTRIBUTE Annex-Input-Filter 52 string Bay-Networks
ATTRIBUTE Annex-Output-Filter 53 string Bay-Networks
ATTRIBUTE Annex-Primary-DNS-Server 54 ipaddr Bay-Networks
ATTRIBUTE Annex-Secondary-DNS-Server 55 ipaddr Bay-Networks
ATTRIBUTE Annex-Primary-NBNS-Server 56 ipaddr Bay-Networks
ATTRIBUTE Annex-Secondary-NBNS-Server 57 ipaddr Bay-Networks
ATTRIBUTE Annex-Syslog-Tap 58 integer Bay-Networks
ATTRIBUTE Annex-Keypress-Timeout 59 integer Bay-Networks
ATTRIBUTE Annex-Unauthenticated-Time 60 integer Bay-Networks
ATTRIBUTE Annex-Re-CHAP-Timeout 61 integer Bay-Networks
ATTRIBUTE Annex-MRRU 62 integer Bay-Networks
ATTRIBUTE Annex-EDO 63 string Bay-Networks
# Annex R18.0 software
ATTRIBUTE Annex-PPP-Trace-Level 64 integer Bay-Networks
ATTRIBUTE Annex-Pre-Input-Octets 65 integer Bay-Networks
ATTRIBUTE Annex-Pre-Output-Octets 66 integer Bay-Networks
ATTRIBUTE Annex-Pre-Input-Packets 67 integer Bay-Networks
ATTRIBUTE Annex-Pre-Output-Packets 68 integer Bay-Networks
ATTRIBUTE Annex-Connect-Progress 69 integer Bay-Networks
ATTRIBUTE Annex-Multicast-Rate-Limit 73 integer Bay-Networks
ATTRIBUTE Annex-Maximum-Call-Duration 74 integer Bay-Networks
ATTRIBUTE Annex-Multilink-Id 75 integer Bay-Networks
ATTRIBUTE Annex-Num-In-Multilink 76 integer Bay-Networks
ATTRIBUTE Annex-Logical-Channel-Number 81 integer Bay-Networks
ATTRIBUTE Annex-Wan-Number 82 integer Bay-Networks
ATTRIBUTE Annex-Port 83 integer Bay-Networks
ATTRIBUTE Annex-Pool-Id 85 integer Bay-Networks
ATTRIBUTE Annex-Compression-Protocol 86 string Bay-Networks
ATTRIBUTE Annex-Transmitted-Packets 87 integer Bay-Networks
ATTRIBUTE Annex-Retransmitted-Packets 88 integer Bay-Networks
ATTRIBUTE Annex-Signal-to-Noise-Ratio 89 integer Bay-Networks
ATTRIBUTE Annex-Retrain-Requests-Sent 90 integer Bay-Networks
ATTRIBUTE Annex-Retrain-Requests-Rcvd 91 integer Bay-Networks
ATTRIBUTE Annex-Rate-Reneg-Req-Sent 92 integer Bay-Networks
ATTRIBUTE Annex-Rate-Reneg-Req-Rcvd 93 integer Bay-Networks
ATTRIBUTE Annex-Begin-Receive-Line-Level 94 integer Bay-Networks
ATTRIBUTE Annex-End-Receive-Line-Level 95 integer Bay-Networks
ATTRIBUTE Annex-Begin-Modulation 96 string Bay-Networks
ATTRIBUTE Annex-Error-Correction-Prot 97 string Bay-Networks
ATTRIBUTE Annex-End-Modulation 98 string Bay-Networks
# Bay Router Specific Attributes
#
ATTRIBUTE Annex-User-Level 100 integer Bay-Networks
ATTRIBUTE Annex-Audit-Level 101 integer Bay-Networks
# Annex Tunnel Authen Type Values
VALUE Annex-Tunnel-Authen-Type none 0
VALUE Annex-Tunnel-Authen-Type kmd5-128 1
# Annex Tunnel Authen Mode Values
VALUE Annex-Tunnel-Authen-Mode none 0
VALUE Annex-Tunnel-Authen-Mode prefix-suffix 1
# Annex User Server Location Values
VALUE Annex-User-Server-Location local 1
VALUE Annex-User-Server-Location remote 2
# Annex Addr Resolution Protocol Values
VALUE Annex-Addr-Resolution-Protocol none 0
VALUE Annex-Addr-Resolution-Protocol DHCP 1
# Annex System Disconnect Reason Values
VALUE Annex-System-Disc-Reason Unknown 0
VALUE Annex-System-Disc-Reason Line-disconnected 1
VALUE Annex-System-Disc-Reason Dial-failed 2
VALUE Annex-System-Disc-Reason WAN-manager-error 3
VALUE Annex-System-Disc-Reason Disconnect-reset 4
VALUE Annex-System-Disc-Reason Error-from-adm_notify 5
VALUE Annex-System-Disc-Reason Modem-down-adm_notify 6
VALUE Annex-System-Disc-Reason PPP-protocol-disconnect 7
VALUE Annex-System-Disc-Reason Inactivity-timer 8
VALUE Annex-System-Disc-Reason CLI-Hangup-command 9
VALUE Annex-System-Disc-Reason CLI-last-job 10
VALUE Annex-System-Disc-Reason Session-timeout 11
VALUE Annex-System-Disc-Reason Slave-termination 12
VALUE Annex-System-Disc-Reason Abnormal-termination 13
VALUE Annex-System-Disc-Reason DCD-wait-failed 14
VALUE Annex-System-Disc-Reason CLI-inactivity 15
VALUE Annex-System-Disc-Reason Admin-port-reset 16
VALUE Annex-System-Disc-Reason CLI-auth-failed 17
VALUE Annex-System-Disc-Reason Slave-auth-failed 18
VALUE Annex-System-Disc-Reason PAP-auth-failed 19
VALUE Annex-System-Disc-Reason CHAP-auth-failed 20
VALUE Annex-System-Disc-Reason Local-modem-reset 21
VALUE Annex-System-Disc-Reason Modem-dead 22
VALUE Annex-System-Disc-Reason PPP-LCP-failure 23
VALUE Annex-System-Disc-Reason PPP-IPCP-failure 24
VALUE Annex-System-Disc-Reason PPP-IPXCP-failure 25
VALUE Annex-System-Disc-Reason PPP-ATCP-failure 26
VALUE Annex-System-Disc-Reason PPP-CCP-failure 27
VALUE Annex-System-Disc-Reason PPP-MP-failure 28
VALUE Annex-System-Disc-Reason PPP-IPCP-timeout 29
VALUE Annex-System-Disc-Reason PPP-IPXCP-timeout 30
VALUE Annex-System-Disc-Reason PPP-ATCP-timeout 31
VALUE Annex-System-Disc-Reason PPP-CCP-timeout 32
VALUE Annex-System-Disc-Reason PPP-MP-timeout 33
VALUE Annex-System-Disc-Reason PPP-init-failure 34
VALUE Annex-System-Disc-Reason PPP-Unknown 35
VALUE Annex-System-Disc-Reason PPP-Dialback-failed 36
VALUE Annex-System-Disc-Reason PPP-Address-In-Use 37
VALUE Annex-System-Disc-Reason PPP-No-device 38
VALUE Annex-System-Disc-Reason PPP-Modem-hangup-rcvd 39
VALUE Annex-System-Disc-Reason PPP-Hangup-rcvd 40
VALUE Annex-System-Disc-Reason PPP-Termination-rcvd 41
VALUE Annex-System-Disc-Reason PPP-Kill-rcvd 42
VALUE Annex-System-Disc-Reason PPP-Time-rcvd 43
VALUE Annex-System-Disc-Reason PPP-No-memory 44
VALUE Annex-System-Disc-Reason PPP-Connection-Abort 45
VALUE Annex-System-Disc-Reason PPP-VPN-LCP-failure 46
VALUE Annex-System-Disc-Reason PPP-VPN-Auth-failure 47
VALUE Annex-System-Disc-Reason PPP-MP-invalid-port 48
VALUE Annex-System-Disc-Reason PPP-Invalid-device 49
VALUE Annex-System-Disc-Reason PPP-MMP-bundle-failure 50
VALUE Annex-System-Disc-Reason DVS-Registration-failure 51
VALUE Annex-System-Disc-Reason DVS-Home-agent-dereg 52
VALUE Annex-System-Disc-Reason DVS-Tunnel-no-renew 53
VALUE Annex-System-Disc-Reason DVS-Tunnel-expired 54
# Annex Modem Disconnect Reason Values
VALUE Annex-Modem-Disc-Reason Unknown 0
VALUE Annex-Modem-Disc-Reason Local-disconnect 1
VALUE Annex-Modem-Disc-Reason CD-Timer-Expired 2
VALUE Annex-Modem-Disc-Reason Remote-protocol-disc 4
VALUE Annex-Modem-Disc-Reason Clear-down 5
VALUE Annex-Modem-Disc-Reason Long-Space-disconnect 6
VALUE Annex-Modem-Disc-Reason Carrier-Lost 7
VALUE Annex-Modem-Disc-Reason Modem-Retrain-Timeout 8
# Annex Connection Progress Values
#VALUE Annex-Connect-Progress Progress-Unknown 2
#VALUE Annex-Connect-Progress Call-Is-Up 10
#VALUE Annex-Connect-Progress CLI-Started 40
#VALUE Annex-Connect-Progress LAN-Session-Is-Up 60
#VALUE Annex-Connect-Progress LCP-Negotiations-Allowed 61
#VALUE Annex-Connect-Progress CCP-Negotiations-Allowed 62
#VALUE Annex-Connect-Progress IPCP-Negotiations-Allowed 63
#VALUE Annex-Connect-Progress LCP-Is-In-Open-State 65
#VALUE Annex-Connect-Progress CCP-Is-In-Open-State 66
#VALUE Annex-Connect-Progress IPCP-Is-In-Open-State 67
#VALUE Annex-Connect-Progress LCP-Is-In-Closed-State 71
#VALUE Annex-Connect-Progress LCP-Is-In-Stopped-State 72
#VALUE Annex-Connect-Progress LCP-Is-In-Closing-State 73
#VALUE Annex-Connect-Progress LCP-Is-In-Request-Sent-State 75
#VALUE Annex-Connect-Progress LCP-Is-In-Ack-Recvd-State 76
#VALUE Annex-Connect-Progress LCP-Is-In-Ack-Sent-State 77
#VALUE Annex-Connect-Progress IPXCP-Is-In-Open-State 80
#VALUE Annex-Multicast-Client Multicast-No 0
#VALUE Annex-Multicast-Client Multicast-Yes 1
#VALUE Annex-Inbound-Precedence Routine 0
#VALUE Annex-Inbound-Precedence Priority 1
#VALUE Annex-Inbound-Precedence Immediate 2
#VALUE Annex-Inbound-Precedence Flash 3
#VALUE Annex-Inbound-Precedence Flash-Override 4
#VALUE Annex-Inbound-Precedence CRITIC/ECP 5
#VALUE Annex-Inbound-Precedence Internetwork-Control 6
#VALUE Annex-Inbound-Precedence Network-Control 7
#VALUE Annex-Outbound-Precedence Routine 0
#VALUE Annex-Outbound-Precedence Priority 1
#VALUE Annex-Outbound-Precedence Immediate 2
#VALUE Annex-Outbound-Precedence Flash 3
#VALUE Annex-Outbound-Precedence Flash-Override 4
#VALUE Annex-Outbound-Precedence CRITIC/ECP 5
#VALUE Annex-Outbound-Precedence Internetwork-Control 6
#VALUE Annex-Outbound-Precedence Network-Control 7
#VALUE Annex-Gwy-Selection-Mode Normal 0
#VALUE Annex-Gwy-Selection-Mode Backup 1
#VALUE Annex-Gwy-Selection-Mode Distribution 2
#VALUE Annex-Pool-Id Pool-One 1
#VALUE Annex-Pool-Id Pool-Two 2
#VALUE Annex-Pool-Id Pool-Three 3
#VALUE Annex-Pool-Id Pool-Four 4
#VALUE Annex-Pool-Id Pool-Five 5
#VALUE Annex-Pool-Id Pool-Six 6
VALUE Annex-User-Level Manager 2
VALUE Annex-User-Level User 4
VALUE Annex-User-Level Operator 8
VALUE Annex-Audit-Level Manager 2
VALUE Annex-Audit-Level User 4
VALUE Annex-Audit-Level Operator 8
#
# Define additional Bay Networks specific values for the main
# RADIUS dictionary
#
# Note that '0x0630' == 1584, which is the Vendor-ID for Bay Networks.
# Nice design, and probably the best way of adding vendor-specific
# VALUE extensions to the standard RADIUS attributes.
#
VALUE Service-Type Annex-Authorize-Only 0x06300001
VALUE Service-Type Annex-Framed-Tunnel 0x06300002
VALUE Acct-Status-Type Annex-User-Reject 0x06300001
VALUE Acct-Status-Type Annex-Call-Reject 0x06300002
VALUE Acct-Status-Type Annex-IPCP-Start 0x06300003
VALUE Acct-Status-Type Annex-IPXCP-Start 0x06300004
VALUE Acct-Status-Type Annex-ATCP-Start 0x06300005
VALUE Acct-Status-Type Annex-Accounting-Restart 0x06300006
VALUE Acct-Status-Type Annex-Accounting-Shutoff 0x06300007
VALUE Acct-Status-Type Annex-Tunnel-Start 0x06300008
VALUE Acct-Status-Type Annex-Tunnel-Stop 0x06300009
VALUE Acct-Status-Type Annex-Tunnel-Reject 0x0630000a
VALUE Acct-Status-Type Annex-Tunnel-Link-Start 0x0630000b
VALUE Acct-Status-Type Annex-Tunnel-Link-Stop 0x0630000c
VALUE Acct-Status-Type Annex-MP-Start 0x0630000d
VALUE Acct-Status-Type Annex-MP-Stop 0x0630000e
VALUE Acct-Status-Type Annex-Line-Seizure 0x0630000f
VALUE Acct-Status-Type Annex-Rlogin-Start 0x06300010
VALUE Acct-Status-Type Annex-Rlogin-Stop 0x06300011

42
dicts/dictionary.bintec Normal file
View File

@ -0,0 +1,42 @@
#
# Bintec dictionary
# $Id: dictionary.bintec 45 2006-11-14 17:45:00Z lem $
#
#
#
VENDOR BinTec 272
# (272 << 16) | N
#
VALUE Framed-Protocol X25 17825794
VALUE Framed-Protocol X25-PPP 17825795
VALUE Framed-Protocol IP-LAPB 17825796
VALUE Framed-Protocol IP-HDLC 17825798
VALUE Framed-Protocol MPR-LAPB 17825799
VALUE Framed-Protocol MPR-HDLC 17825800
VALUE Framed-Protocol FRAME-RELAY 17825801
VALUE Framed-Protocol X31-BCHAN 17825802
VALUE Framed-Protocol X75-PPP 17825803
VALUE Framed-Protocol X75BTX-PPP 17825804
VALUE Framed-Protocol X25-NOSIG 17825805
VALUE Framed-Protocol X25-PPP-OPT 17825806
#
#
ATTRIBUTE BinTec-biboPPPTable 224 string BinTec
ATTRIBUTE BinTec-biboDialTable 225 string BinTec
ATTRIBUTE BinTec-ipExtIfTable 226 string BinTec
ATTRIBUTE BinTec-ipRouteTable 227 string BinTec
ATTRIBUTE BinTec-ipExtRtTable 228 string BinTec
ATTRIBUTE BinTec-ipNatPresetTable 229 string BinTec
ATTRIBUTE BinTec-ipxCircTable 230 string BinTec
ATTRIBUTE BinTec-ripCircTable 231 string BinTec
ATTRIBUTE BinTec-sapCircTable 232 string BinTec
ATTRIBUTE BinTec-ipxStaticRouteTable 233 string BinTec
ATTRIBUTE BinTec-ipxStaticServTable 234 string BinTec
ATTRIBUTE BinTec-ospfIfTable 235 string BinTec
ATTRIBUTE BinTec-pppExtIfTable 236 string BinTec
ATTRIBUTE BinTec-ipFilterTable 237 string BinTec
ATTRIBUTE BinTec-ipQoSTable 238 string BinTec
ATTRIBUTE BinTec-qosIfTable 239 string BinTec
ATTRIBUTE BinTec-qosPolicyTable 240 string BinTec

18
dicts/dictionary.bristol Normal file
View File

@ -0,0 +1,18 @@
#
# dictionary.bristol
#
# RoamNode VSA's
#
# Version: $Id: dictionary.bristol 45 2006-11-14 17:45:00Z lem $
#
VENDOR Bristol 4363
#
# Standard attribute
#
ATTRIBUTE NN-Data-Rate 1 integer Bristol
ATTRIBUTE NN-Data-Rate-Ceiling 2 integer Bristol
ATTRIBUTE NN-Homenode 3 ipaddr Bristol
ATTRIBUTE NN-Homeservice 4 ipaddr Bristol
ATTRIBUTE NN-Homeservice-Name 5 string Bristol

141
dicts/dictionary.broadsoft Normal file
View File

@ -0,0 +1,141 @@
#
# dictionary.broadsoft
#
# Accounting VSAs for BroadSoft
# Contributed by j7 - Thanks!
#
VENDOR BroadSoft 6431
#
ATTRIBUTE BWAS-Call-Detail-Record-Version 0 string BroadSoft
ATTRIBUTE BWAS-Record-id 1 string BroadSoft
ATTRIBUTE BWAS-Service-provider 2 string BroadSoft
ATTRIBUTE BWAS-Type 3 string BroadSoft
ATTRIBUTE BWAS-User-Number 4 string BroadSoft
ATTRIBUTE BWAS-Group-Number 5 string BroadSoft
ATTRIBUTE BWAS-Direction 6 string BroadSoft
ATTRIBUTE BWAS-Calling-Number 7 string BroadSoft
ATTRIBUTE BWAS-Calling-Presentation-Indic 8 string BroadSoft
ATTRIBUTE BWAS-Called-Number 9 string BroadSoft
ATTRIBUTE BWAS-Start-Time 10 string BroadSoft
ATTRIBUTE BWAS-User-Timezone 11 string BroadSoft
ATTRIBUTE BWAS-Answer-Indic 12 string BroadSoft
ATTRIBUTE BWAS-Answer-Time 13 string BroadSoft
ATTRIBUTE BWAS-Release-Time 14 string BroadSoft
ATTRIBUTE BWAS-Termination-Cause 15 string BroadSoft
ATTRIBUTE BWAS-Network-Type 16 string BroadSoft
ATTRIBUTE BWAS-Carrier-Identification-Code 17 string BroadSoft
ATTRIBUTE BWAS-Dialed-Digits 18 string BroadSoft
ATTRIBUTE BWAS-Call-Category 19 string BroadSoft
ATTRIBUTE BWAS-Network-Call-Type 20 string BroadSoft
ATTRIBUTE BWAS-Network-Translated-Number 21 string BroadSoft
ATTRIBUTE BWAS-Network-Translated-Group 22 string BroadSoft
ATTRIBUTE BWAS-Releasing-Party 23 string BroadSoft
ATTRIBUTE BWAS-Route 24 string BroadSoft
ATTRIBUTE BWAS-Network-Callid 25 string BroadSoft
ATTRIBUTE BWAS-Codec 26 string BroadSoft
ATTRIBUTE BWAS-Access-Device-Address 27 string BroadSoft
ATTRIBUTE BWAS-Access-Callid 28 string BroadSoft
ATTRIBUTE BWAS-Spare-29 29 string BroadSoft
ATTRIBUTE BWAS-Failover-Correlation-Id 30 string BroadSoft
ATTRIBUTE BWAS-Spare-31 31 string BroadSoft
ATTRIBUTE BWAS-Group 32 string BroadSoft
ATTRIBUTE BWAS-Department 33 string BroadSoft
ATTRIBUTE BWAS-Account-Code 34 string BroadSoft
ATTRIBUTE BWAS-Authorization-Code 35 string BroadSoft
ATTRIBUTE BWAS-Original-Called-Number 36 string BroadSoft
ATTRIBUTE BWAS-Original-Called-Presentation-Indic 37 string BroadSoft
ATTRIBUTE BWAS-Original-Called-Reason 38 string BroadSoft
ATTRIBUTE BWAS-Redirecting-Number 39 string BroadSoft
ATTRIBUTE BWAS-Redirecting-Presentation-Indic 40 string BroadSoft
ATTRIBUTE BWAS-Redirecting-Reason 41 string BroadSoft
ATTRIBUTE BWAS-Charge-Indic 42 string BroadSoft
ATTRIBUTE BWAS-Type-Of-Network 43 string BroadSoft
ATTRIBUTE BWAS-VP-Calling-Invoke-Time 44 string BroadSoft
ATTRIBUTE BWAS-Local-Callid 45 string BroadSoft
ATTRIBUTE BWAS-Remote-Callid 46 string BroadSoft
ATTRIBUTE BWAS-Calling-Party-Category 47 string BroadSoft
ATTRIBUTE BWAS-Conference-Invoke-Time 48 string BroadSoft
ATTRIBUTE BWAS-Conference-Callid 49 string BroadSoft
ATTRIBUTE BWAS-Conference-To 50 string BroadSoft
ATTRIBUTE BWAS-Conference-From 51 string BroadSoft
ATTRIBUTE BWAS-Conference-Id 52 string BroadSoft
ATTRIBUTE BWAS-Conference-Role 53 string BroadSoft
ATTRIBUTE BWAS-Conference-Bridge 54 string BroadSoft
ATTRIBUTE BWAS-Conference-Owner 55 string BroadSoft
ATTRIBUTE BWAS-Conference-Owner-Dn 56 string BroadSoft
ATTRIBUTE BWAS-Conference-Title 57 string BroadSoft
ATTRIBUTE BWAS-Conference-Project-Code 58 string BroadSoft
ATTRIBUTE BWAS-Charging-Vector-Key 59 string BroadSoft
ATTRIBUTE BWAS-Charging-Vection-Creator 60 string BroadSoft
ATTRIBUTE BWAS-Charging-Vection-Orig 61 string BroadSoft
ATTRIBUTE BWAS-Charging-Vection-Term 62 string BroadSoft
ATTRIBUTE BWAS-Acc-Per-Call-Invoke-Time 63 string BroadSoft
ATTRIBUTE BWAS-Acc-Per-Call-Fac-Result 64 string BroadSoft
ATTRIBUTE BWAS-Acb-Act-Invoke-Time 65 string BroadSoft
ATTRIBUTE BWAS-Acb-Act-Fac-Result 66 string BroadSoft
ATTRIBUTE BWAS-Acb-Deact-Invoke-Time 67 string BroadSoft
ATTRIBUTE BWAS-Acb-Deact-Fac-Result 68 string BroadSoft
ATTRIBUTE BWAS-Call-Park-Invoke-Time 69 string BroadSoft
ATTRIBUTE BWAS-Call-Park-Fac-Result 70 string BroadSoft
ATTRIBUTE BWAS-Call-Park-Retr-Invoke-Time 71 string BroadSoft
ATTRIBUTE BWAS-Call-Park-Retr-Fac-Result 72 string BroadSoft
ATTRIBUTE BWAS-Call-Pickup-Invoke-Time 73 string BroadSoft
ATTRIBUTE BWAS-Call-Pickup-Fac-Result 74 string BroadSoft
ATTRIBUTE BWAS-Directed-Call-Pickup-Invoke-Time 75 string BroadSoft
ATTRIBUTE BWAS-Directed-Call-Pickup-Fac-Result 76 string BroadSoft
ATTRIBUTE BWAS-Dpubi-Invoke-Time 77 string BroadSoft
ATTRIBUTE BWAS-Dpubi-Fac-Result 78 string BroadSoft
ATTRIBUTE BWAS-Cancel-Cwt-Per-Call-Invoke-Time 79 string BroadSoft
ATTRIBUTE BWAS-Cancel-Cwt-Per-Call-Fac-Result 80 string BroadSoft
ATTRIBUTE BWAS-Cfa-Act-Invoke-Time 81 string BroadSoft
ATTRIBUTE BWAS-Cfa-Act-Fac-Result 82 string BroadSoft
ATTRIBUTE BWAS-Cfa-Deact-Invoke-Time 83 string BroadSoft
ATTRIBUTE BWAS-Cfa-Deact-Fac-Result 84 string BroadSoft
ATTRIBUTE BWAS-Cfb-Act-Invoke-Time 85 string BroadSoft
ATTRIBUTE BWAS-Cfb-Act-Fac-Result 86 string BroadSoft
ATTRIBUTE BWAS-Cfb-Deact-Invoke-Time 87 string BroadSoft
ATTRIBUTE BWAS-Cfb-Deact-Fac-Result 88 string BroadSoft
ATTRIBUTE BWAS-Cfna-Act-Invoke-Time 89 string BroadSoft
ATTRIBUTE BWAS-Cfna-Act-Fac-Result 90 string BroadSoft
ATTRIBUTE BWAS-Cfna-Deact-Invoke-Time 91 string BroadSoft
ATTRIBUTE BWAS-Cfna-Deact-Fac-Result 92 string BroadSoft
ATTRIBUTE BWAS-Clid-Delivery-Per-Call-Invoke-Time 93 string BroadSoft
ATTRIBUTE BWAS-Clid-Delivery-Per-Call-Fac-Result 94 string BroadSoft
ATTRIBUTE BWAS-Clid-Blocking-Per-Call-Invoke-Time 95 string BroadSoft
ATTRIBUTE BWAS-Clid-Blocking-Per-Call-Fac-Result 96 string BroadSoft
ATTRIBUTE BWAS-Cot-Invoke-Time 97 string BroadSoft
ATTRIBUTE BWAS-Cot-Fac-Result 98 string BroadSoft
ATTRIBUTE BWAS-Direct-Vm-Xfer-Invoke-Time 99 string BroadSoft
ATTRIBUTE BWAS-Direct-Vm-Xfer-Fac-Result 100 string BroadSoft
ATTRIBUTE BWAS-Dnd-Act-Invoke-Time 101 string BroadSoft
ATTRIBUTE BWAS-Dnd-Act-Fac-Result 102 string BroadSoft
ATTRIBUTE BWAS-Dnd-Deact-Invoke-Time 103 string BroadSoft
ATTRIBUTE BWAS-Dnd-Deact-Fac-Result 104 string BroadSoft
ATTRIBUTE BWAS-Sac-Lock-Invoke-Time 105 string BroadSoft
ATTRIBUTE BWAS-Sac-Lock-Fac-Result 106 string BroadSoft
ATTRIBUTE BWAS-Sac-Unlock-Invoke-Time 107 string BroadSoft
ATTRIBUTE BWAS-Sac-Unlock-Fac-Result 108 string BroadSoft
ATTRIBUTE BWAS-Flash-Call-Hold-Invoke-Time 109 string BroadSoft
ATTRIBUTE BWAS-Flash-Call-Hold-Fac-Result 110 string BroadSoft
ATTRIBUTE BWAS-Last-Number-Redial-Invoke-Time 111 string BroadSoft
ATTRIBUTE BWAS-Last-Number-Redial-Fac-Result 112 string BroadSoft
ATTRIBUTE BWAS-Return-Call-Invoke-Time 113 string BroadSoft
ATTRIBUTE BWAS-Return-Call-Fac-Result 114 string BroadSoft
ATTRIBUTE BWAS-Sd100-Programming-Invoke-Time 115 string BroadSoft
ATTRIBUTE BWAS-Sd100-Programming-Fac-Result 116 string BroadSoft
ATTRIBUTE BWAS-Sd8-Programming-Invoke-Time 117 string BroadSoft
ATTRIBUTE BWAS-Sd8-Programming-Fac-Result 118 string BroadSoft
ATTRIBUTE BWAS-Clear-Mwi-Invoke-Time 119 string BroadSoft
ATTRIBUTE BWAS-Clear-Mwi-Fac-Result 120 string BroadSoft
ATTRIBUTE BWAS-UserId 121 string BroadSoft
ATTRIBUTE BWAS-Other-Party-Name 122 string BroadSoft
ATTRIBUTE BWAS-Other-Party-Name-Pres-Indic 123 string BroadSoft
ATTRIBUTE BWAS-Moh-Deact-Fac-Result 125 string BroadSoft
ATTRIBUTE BWAS-Push-to-Talk-Invoke-Time 126 string BroadSoft
ATTRIBUTE BWAS-Push-to-Talk-Fac-Result 127 string BroadSoft
ATTRIBUTE BWAS-Hoteling-Invoke-Time 128 string BroadSoft
ATTRIBUTE BWAS-Hoteling-Group 129 string BroadSoft
ATTRIBUTE BWAS-Hoteling-UserId 130 string BroadSoft
ATTRIBUTE BWAS-Hoteling-User-Number 131 string BroadSoft
ATTRIBUTE BWAS-Hoteling-Group-Number 132 string BroadSoft

188
dicts/dictionary.cablelabs Normal file
View File

@ -0,0 +1,188 @@
VENDOR CableLabs 4491
ATTRIBUTE CableLabs-Reserved 0 octets CableLabs
ATTRIBUTE CableLabs-Event-Message 1 octets CableLabs
ATTRIBUTE CableLabs-MTA-Endpoint-Name 3 string CableLabs
ATTRIBUTE CableLabs-Calling-Party-Number 4 string CableLabs
ATTRIBUTE CableLabs-Called-Party-Number 5 string CableLabs
ATTRIBUTE CableLabs-Database-ID 6 string CableLabs
ATTRIBUTE CableLabs-Query-Type 7 integer CableLabs
ATTRIBUTE CableLabs-Returned-Number 9 string CableLabs
ATTRIBUTE CableLabs-Call-Termination-Cause 11 octets CableLabs
ATTRIBUTE CableLabs-Related-Call-Billing-Correlation-ID 13 octets CableLabs
ATTRIBUTE CableLabs-First-Call-Calling-Party-Number 14 string CableLabs
ATTRIBUTE CableLabs-Second-Call-Calling-Party-Number 15 string CableLabs
ATTRIBUTE CableLabs-Charge-Number 16 string CableLabs
ATTRIBUTE CableLabs-Forwarded-Number 17 string CableLabs
ATTRIBUTE CableLabs-Service-Name 18 string CableLabs
ATTRIBUTE CableLabs-Intl-Code 20 string CableLabs
ATTRIBUTE CableLabs-Dial-Around-Code 21 string CableLabs
ATTRIBUTE CableLabs-Location-Routing-Number 22 string CableLabs
ATTRIBUTE CableLabs-Carrier-Identification-Code 23 string CableLabs
ATTRIBUTE CableLabs-Trunk-Group-ID 24 octets CableLabs
ATTRIBUTE CableLabs-Routing-Number 25 string CableLabs
ATTRIBUTE CableLabs-MTA-UDP-Portnum 26 integer CableLabs
ATTRIBUTE CableLabs-Channel-State 29 integer CableLabs
ATTRIBUTE CableLabs-SF-ID 30 integer CableLabs
ATTRIBUTE CableLabs-Error-Description 31 string CableLabs
ATTRIBUTE CableLabs-QoS-Descriptor 32 octets CableLabs
ATTRIBUTE CableLabs-Direction-indicator 37 integer CableLabs
ATTRIBUTE CableLabs-Time-Adjustment 38 octets CableLabs
ATTRIBUTE CableLabs-SDP-Upstream 39 string CableLabs
ATTRIBUTE CableLabs-SDP-Downstream 40 string CableLabs
ATTRIBUTE CableLabs-User-Input 41 string CableLabs
ATTRIBUTE CableLabs-Translation-Input 42 string CableLabs
ATTRIBUTE CableLabs-Redirected-From-Info 43 octets CableLabs
ATTRIBUTE CableLabs-Electronic-Surveillance-Indication 44 octets CableLabs
ATTRIBUTE CableLabs-Redirected-From-Party-Number 45 string CableLabs
ATTRIBUTE CableLabs-Redirected-To-Party-Number 46 string CableLabs
ATTRIBUTE CableLabs-Electronic-Surveillance-DF-Security 47 octets CableLabs
ATTRIBUTE CableLabs-CCC-ID 48 octets CableLabs
ATTRIBUTE CableLabs-Financial-Entity-ID 49 string CableLabs
ATTRIBUTE CableLabs-Flow-Direction 50 integer CableLabs
ATTRIBUTE CableLabs-Signal-Type 51 integer CableLabs
ATTRIBUTE CableLabs-Alerting-Signal 52 integer CableLabs
ATTRIBUTE CableLabs-Subject-Audible-Signal 53 integer CableLabs
ATTRIBUTE CableLabs-Terminal-Display-Info 54 octets CableLabs
ATTRIBUTE CableLabs-Switch-Hook-Flash 55 string CableLabs
ATTRIBUTE CableLabs-Dialed-Digits 56 string CableLabs
ATTRIBUTE CableLabs-Misc-Signaling-Information 57 string CableLabs
ATTRIBUTE CableLabs-AM-Opaque-Data 61 integer CableLabs
ATTRIBUTE CableLabs-Subscriber-ID 62 integer CableLabs
ATTRIBUTE CableLabs-Volume-Usage-Limit 63 integer CableLabs
ATTRIBUTE CableLabs-Gate-Usage-Info 64 integer CableLabs
ATTRIBUTE CableLabs-Element-Requesting-QoS 65 integer CableLabs
ATTRIBUTE CableLabs-QoS-Release-Reason 66 integer CableLabs
ATTRIBUTE CableLabs-Policy-Denied-Reason 67 integer CableLabs
ATTRIBUTE CableLabs-Policy-Deleted-Reason 68 integer CableLabs
ATTRIBUTE CableLabs-Policy-Update-Reason 69 integer CableLabs
ATTRIBUTE CableLabs-Policy-Decision-Status 70 integer CableLabs
ATTRIBUTE CableLabs-Application-Manager-ID 71 integer CableLabs
ATTRIBUTE CableLabs-Time-Usage-Limit 72 integer CableLabs
ATTRIBUTE CableLabs-Gate-Time-Info 73 integer CableLabs
ATTRIBUTE CableLabs-Account-Code 80 string CableLabs
ATTRIBUTE CableLabs-Authorization-Code 81 string CableLabs
VALUE CableLabs-Event-Message Reserved 0
VALUE CableLabs-Event-Message Signaling-Start 1
VALUE CableLabs-Event-Message Signaling-Stop 2
VALUE CableLabs-Event-Message Database-Query 3
VALUE CableLabs-Event-Message Intelligent-Peripheral-Usage-Start 4
VALUE CableLabs-Event-Message Intelligent-Peripheral-Usage-Stop 5
VALUE CableLabs-Event-Message Service-Instance 6
VALUE CableLabs-Event-Message QoS-Reserve 7
VALUE CableLabs-Event-Message QoS-Release 8
VALUE CableLabs-Event-Message Service-Activation 9
VALUE CableLabs-Event-Message Service-Deactivation 10
VALUE CableLabs-Event-Message Media-Report 11
VALUE CableLabs-Event-Message Signal-Instance 12
VALUE CableLabs-Event-Message Interconnect-Signaling-Start 13
VALUE CableLabs-Event-Message Interconnect-Signaling-Stop 14
VALUE CableLabs-Event-Message Call-Answer 15
VALUE CableLabs-Event-Message Call-Disconnect 16
VALUE CableLabs-Event-Message Time-Change 17
VALUE CableLabs-Event-Message QoS-Commit 19
VALUE CableLabs-Event-Message Media-Alive 20
VALUE CableLabs-Event-Message Policy-Request 31
VALUE CableLabs-Event-Message Policy-Delete 32
VALUE CableLabs-Event-Message Policy-Update 33
VALUE CableLabs-Query-Type Reserved 0
VALUE CableLabs-Query-Type Toll-Free-Number-Looukp 1
VALUE CableLabs-Query-Type LNP-Number-Lookup 2
VALUE CableLabs-Query-Type Calling-Name-Delivery-Lookup 3
VALUE CableLabs-Channel-State Reserved 0
VALUE CableLabs-Channel-State Open 1
VALUE CableLabs-Channel-State Change 2
VALUE CableLabs-Channel-State Close 3
VALUE CableLabs-Direction-indicator Undefined 0
VALUE CableLabs-Direction-indicator Originating 1
VALUE CableLabs-Direction-indicator Terminating 2
VALUE CableLabs-Flow-Direction Reserved 0
VALUE CableLabs-Flow-Direction Upstream 1
VALUE CableLabs-Flow-Direction Downstream 2
VALUE CableLabs-Signal-Type Reserved 0
VALUE CableLabs-Signal-Type Network-Signal 1
VALUE CableLabs-Signal-Type Subject-Signal 2
VALUE CableLabs-Alerting-Signal Reserved 0
VALUE CableLabs-Alerting-Signal Ringing 1
VALUE CableLabs-Alerting-Signal Distinctive-Ringing-2 2
VALUE CableLabs-Alerting-Signal Distinctive ringing-3 3
VALUE CableLabs-Alerting-Signal Distinctive ringing-4 4
VALUE CableLabs-Alerting-Signal Ringsplash 5
VALUE CableLabs-Alerting-Signal Call-Waiting-Tone-1 6
VALUE CableLabs-Alerting-Signal Call-Waiting-Tone-2 7
VALUE CableLabs-Alerting-Signal Call-Waiting-Tone-3 8
VALUE CableLabs-Alerting-Signal Call-Waiting-Tone-4 9
VALUE CableLabs-Alerting-Signal Reserved 10
VALUE CableLabs-Alerting-Signal Distinctive-Ringing-0 11
VALUE CableLabs-Alerting-Signal Distinctive-Ringing-1 12
VALUE CableLabs-Alerting-Signal Distinctive-Ringing-5 13
VALUE CableLabs-Alerting-Signal Distinctive-Ringing-6 14
VALUE CableLabs-Alerting-Signal Distinctive-Ringing-7 15
VALUE CableLabs-AM-Opaque-Data Reserved 0
VALUE CableLabs-AM-Opaque-Data Dial-Tone 1
VALUE CableLabs-AM-Opaque-Data Stutter-Dial-Tone 2
VALUE CableLabs-AM-Opaque-Data Ring-Back-Tone 3
VALUE CableLabs-AM-Opaque-Data Reorder-Tone 4
VALUE CableLabs-AM-Opaque-Data Busy-Tone 5
VALUE CableLabs-AM-Opaque-Data Confirmation-Tone 6
VALUE CableLabs-AM-Opaque-Data Reserved 7
VALUE CableLabs-AM-Opaque-Data Message-Waiting-Indicator 8
VALUE CableLabs-AM-Opaque-Data Off-hook-Warning-Tone 9
VALUE CableLabs-AM-Opaque-Data Reserved 10
VALUE CableLabs-AM-Opaque-Data Reserved 11
VALUE CableLabs-AM-Opaque-Data Reserved 12
VALUE CableLabs-AM-Opaque-Data Reserved 13
VALUE CableLabs-AM-Opaque-Data Reserved 14
VALUE CableLabs-AM-Opaque-Data Reserved 15
VALUE CableLabs-AM-Opaque-Data Reserved 16
VALUE CableLabs-AM-Opaque-Data Reserved 17
VALUE CableLabs-AM-Opaque-Data Reserved 18
VALUE CableLabs-AM-Opaque-Data Reserved 19
VALUE CableLabs-AM-Opaque-Data Reserved 20
VALUE CableLabs-AM-Opaque-Data Reserved 21
VALUE CableLabs-Element-Requesting-QoS Client 0
VALUE CableLabs-Element-Requesting-QoS Policy-Server 1
VALUE CableLabs-Element-Requesting-QoS Embedded-Client 2
VALUE CableLabs-QoS-Release-Reason Gate-Closed-By-PS 1
VALUE CableLabs-QoS-Release-Reason Inactivity-Resource-Recovery-Timer-Expiration 2
VALUE CableLabs-QoS-Release-Reason CM-Failure 3
VALUE CableLabs-QoS-Release-Reason Pre-Empted 4
VALUE CableLabs-QoS-Release-Reason RSVP-PathTear-request 5
VALUE CableLabs-QoS-Release-Reason CM-Request 6
VALUE CableLabs-QoS-Release-Reason Admitted-Timer-Expiration 7
VALUE CableLabs-QoS-Release-Reason Other 127
VALUE CableLabs-Policy-Denied-Reason Policy-Server-Admission-Control-Failure 1
VALUE CableLabs-Policy-Denied-Reason Insufficient-Resources 2
VALUE CableLabs-Policy-Denied-Reason Unknown-Subscriber 3
VALUE CableLabs-Policy-Denied-Reason Unauthorized-AMID 4
VALUE CableLabs-Policy-Denied-Reason Undefined-Service-Class-Name 5
VALUE CableLabs-Policy-Denied-Reason Incompatible-Envelope 6
VALUE CableLabs-Policy-Denied-Reason Other 127
VALUE CableLabs-Policy-Deleted-Reason Application-Manager-Request 1
VALUE CableLabs-Policy-Deleted-Reason CMTS-Decistion 2
VALUE CableLabs-Policy-Deleted-Reason Other 127
VALUE CableLabs-Policy-Update-Reason Traffic-Profile 1
VALUE CableLabs-Policy-Update-Reason Classifier 2
VALUE CableLabs-Policy-Update-Reason Volume-Limit 3
VALUE CableLabs-Policy-Update-Reason Time-Limit 4
VALUE CableLabs-Policy-Update-Reason Opaque-Data 5
VALUE CableLabs-Policy-Update-Reason Multiple-Updates 6
VALUE CableLabs-Policy-Update-Reason Other 127
VALUE CableLabs-Policy-Decision-Status Policy Approved 1
VALUE CableLabs-Policy-Decision-Status Policy Denied 2

21
dicts/dictionary.cabletron Normal file
View File

@ -0,0 +1,21 @@
#
# http://www.cabletron.com (now http://www.enterasys.com)
# $Id: dictionary.cabletron 45 2006-11-14 17:45:00Z lem $
#
VENDOR Cabletron 52
ATTRIBUTE Cabletron-Protocol-Enable 201 integer Cabletron
ATTRIBUTE Cabletron-Protocol-Callable 202 integer Cabletron
VALUE Cabletron-Protocol-Enable IP-Enable 1
VALUE Cabletron-Protocol-Enable Bridge-Enable 2
VALUE Cabletron-Protocol-Enable IP-BR-Enable 3
VALUE Cabletron-Protocol-Enable BR-IPX-Enable 6
VALUE Cabletron-Protocol-Enable IP-BR-IPX-Enable 7
VALUE Cabletron-Protocol-Callable IP-Callable 1
VALUE Cabletron-Protocol-Callable Bridge-Callable 2
VALUE Cabletron-Protocol-Callable IP-BR-Callable 3
VALUE Cabletron-Protocol-Callable BR-IPX-Callable 6
VALUE Cabletron-Protocol-Callable IP-BR-IPX-Callable 7

144
dicts/dictionary.cisco Normal file
View File

@ -0,0 +1,144 @@
#
# dictionary.cisco
#
# Accounting VSAs originally by
# "Marcelo M. Sosa Lugones" <marcelo@sosa.com.ar>
#
# Version: $Id: dictionary.cisco 45 2006-11-14 17:45:00Z lem $
#
# For documentation on Cisco RADIUS attributes, see:
#
# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_serv/vapp_dev/vsaig3.htm
#
VENDOR Cisco 9
#
# Standard attribute
#
ATTRIBUTE Cisco-AVPair 1 string Cisco
ATTRIBUTE Cisco-NAS-Port 2 string Cisco
#
# T.37 Store-and-Forward attributes.
#
ATTRIBUTE Cisco-Fax-Account-Id-Origin 3 string Cisco
ATTRIBUTE Cisco-Fax-Msg-Id 4 string Cisco
ATTRIBUTE Cisco-Fax-Pages 5 string Cisco
ATTRIBUTE Cisco-Fax-Coverpage-Flag 6 string Cisco
ATTRIBUTE Cisco-Fax-Modem-Time 7 string Cisco
ATTRIBUTE Cisco-Fax-Connect-Speed 8 string Cisco
ATTRIBUTE Cisco-Fax-Recipient-Count 9 string Cisco
ATTRIBUTE Cisco-Fax-Process-Abort-Flag 10 string Cisco
ATTRIBUTE Cisco-Fax-Dsn-Address 11 string Cisco
ATTRIBUTE Cisco-Fax-Dsn-Flag 12 string Cisco
ATTRIBUTE Cisco-Fax-Mdn-Address 13 string Cisco
ATTRIBUTE Cisco-Fax-Mdn-Flag 14 string Cisco
ATTRIBUTE Cisco-Fax-Auth-Status 15 string Cisco
ATTRIBUTE Cisco-Email-Server-Address 16 string Cisco
ATTRIBUTE Cisco-Email-Server-Ack-Flag 17 string Cisco
ATTRIBUTE Cisco-Gateway-Id 18 string Cisco
ATTRIBUTE Cisco-Call-Type 19 string Cisco
ATTRIBUTE Cisco-Port-Used 20 string Cisco
ATTRIBUTE Cisco-Abort-Cause 21 string Cisco
#
# Voice over IP attributes.
#
ATTRIBUTE h323-remote-address 23 string Cisco
ATTRIBUTE h323-conf-id 24 string Cisco
ATTRIBUTE h323-setup-time 25 string Cisco
ATTRIBUTE h323-call-origin 26 string Cisco
ATTRIBUTE h323-call-type 27 string Cisco
ATTRIBUTE h323-connect-time 28 string Cisco
ATTRIBUTE h323-disconnect-time 29 string Cisco
ATTRIBUTE h323-disconnect-cause 30 string Cisco
ATTRIBUTE h323-voice-quality 31 string Cisco
ATTRIBUTE h323-gw-id 33 string Cisco
ATTRIBUTE h323-incoming-conf-id 35 string Cisco
ATTRIBUTE h323-credit-amount 101 string Cisco
ATTRIBUTE h323-credit-time 102 string Cisco
ATTRIBUTE h323-return-code 103 string Cisco
ATTRIBUTE h323-prompt-id 104 string Cisco
ATTRIBUTE h323-time-and-day 105 string Cisco
ATTRIBUTE h323-redirect-number 106 string Cisco
ATTRIBUTE h323-preferred-lang 107 string Cisco
ATTRIBUTE h323-redirect-ip-address 108 string Cisco
ATTRIBUTE h323-billing-model 109 string Cisco
ATTRIBUTE h323-currency 110 string Cisco
ATTRIBUTE subscriber 111 string Cisco
ATTRIBUTE gw-rxd-cdn 112 string Cisco
ATTRIBUTE gw-final-xlated-cdn 113 string Cisco
# SIP Attributes
ATTRIBUTE call-id 141 string Cisco
ATTRIBUTE session-protocol 142 string Cisco
ATTRIBUTE method 143 string Cisco
ATTRIBUTE prev-hop-via 144 string Cisco
ATTRIBUTE prev-hop-ip 145 string Cisco
ATTRIBUTE incoming-req-uri 146 string Cisco
ATTRIBUTE outgoing-req-uri 147 string Cisco
ATTRIBUTE next-hop-ip 148 string Cisco
ATTRIBUTE next-hop-dn 149 string Cisco
ATTRIBUTE sip-hdr 150 string Cisco
#
# Extra attributes sent by the Cisco, if you configure
# "radius-server vsa accounting" (requires IOS11.2+).
#
ATTRIBUTE Cisco-Multilink-ID 187 integer Cisco
ATTRIBUTE Cisco-Num-In-Multilink 188 integer Cisco
ATTRIBUTE Cisco-Pre-Input-Octets 190 integer Cisco
ATTRIBUTE Cisco-Pre-Output-Octets 191 integer Cisco
ATTRIBUTE Cisco-Pre-Input-Packets 192 integer Cisco
ATTRIBUTE Cisco-Pre-Output-Packets 193 integer Cisco
ATTRIBUTE Cisco-Maximum-Time 194 integer Cisco
ATTRIBUTE Cisco-Disconnect-Cause 195 integer Cisco
ATTRIBUTE Cisco-Data-Rate 197 integer Cisco
ATTRIBUTE Cisco-PreSession-Time 198 integer Cisco
ATTRIBUTE Cisco-PW-Lifetime 208 integer Cisco
ATTRIBUTE Cisco-IP-Direct 209 integer Cisco
ATTRIBUTE Cisco-PPP-VJ-Slot-Comp 210 integer Cisco
ATTRIBUTE Cisco-PPP-Async-Map 212 integer Cisco
ATTRIBUTE Cisco-IP-Pool-Definition 217 string Cisco
ATTRIBUTE Cisco-Assign-IP-Pool 218 integer Cisco
ATTRIBUTE Cisco-Route-IP 228 integer Cisco
ATTRIBUTE Cisco-Link-Compression 233 integer Cisco
ATTRIBUTE Cisco-Target-Util 234 integer Cisco
ATTRIBUTE Cisco-Maximum-Channels 235 integer Cisco
ATTRIBUTE Cisco-Data-Filter 242 integer Cisco
ATTRIBUTE Cisco-Call-Filter 243 integer Cisco
ATTRIBUTE Cisco-Idle-Limit 244 integer Cisco
ATTRIBUTE Cisco-Account-Info 250 string Cisco
ATTRIBUTE Cisco-Service-Info 251 string Cisco
ATTRIBUTE Cisco-Command-Code 252 string Cisco
ATTRIBUTE Cisco-Control-Info 253 string Cisco
ATTRIBUTE Cisco-Xmit-Rate 255 integer Cisco
VALUE Cisco-Disconnect-Cause Unknown 2
VALUE Cisco-Disconnect-Cause CLID-Authentication-Failure 4
VALUE Cisco-Disconnect-Cause No-Carrier 10
VALUE Cisco-Disconnect-Cause Lost-Carrier 11
VALUE Cisco-Disconnect-Cause No-Detected-Result-Codes 12
VALUE Cisco-Disconnect-Cause User-Ends-Session 20
VALUE Cisco-Disconnect-Cause Idle-Timeout 21
VALUE Cisco-Disconnect-Cause Exit-Telnet-Session 22
VALUE Cisco-Disconnect-Cause No-Remote-IP-Addr 23
VALUE Cisco-Disconnect-Cause Exit-Raw-TCP 24
VALUE Cisco-Disconnect-Cause Password-Fail 25
VALUE Cisco-Disconnect-Cause Raw-TCP-Disabled 26
VALUE Cisco-Disconnect-Cause Control-C-Detected 27
VALUE Cisco-Disconnect-Cause EXEC-Program-Destroyed 28
VALUE Cisco-Disconnect-Cause Timeout-PPP-LCP 40
VALUE Cisco-Disconnect-Cause Failed-PPP-LCP-Negotiation 41
VALUE Cisco-Disconnect-Cause Failed-PPP-PAP-Auth-Fail 42
VALUE Cisco-Disconnect-Cause Failed-PPP-CHAP-Auth 43
VALUE Cisco-Disconnect-Cause Failed-PPP-Remote-Auth 44
VALUE Cisco-Disconnect-Cause PPP-Remote-Terminate 45
VALUE Cisco-Disconnect-Cause PPP-Closed-Event 46
VALUE Cisco-Disconnect-Cause Session-Timeout 100
VALUE Cisco-Disconnect-Cause Session-Failed-Security 101
VALUE Cisco-Disconnect-Cause Session-End-Callback 102
VALUE Cisco-Disconnect-Cause Invalid-Protocol 120

10
dicts/dictionary.cisco.bbsm Normal file
View File

@ -0,0 +1,10 @@
#
# Cisco Building Broadband Service Manager Dictionary
#
# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/ad.htm
#
# $Id: dictionary.cisco.bbsm 45 2006-11-14 17:45:00Z lem $
#
VENDOR Cisco-BBSM 5263
ATTRIBUTE CBBSM-Bandwidth 1 integer Cisco-BBSM

232
dicts/dictionary.cisco.vpn3000 Normal file
View File

@ -0,0 +1,232 @@
#
# Cisco VPN 3000 Concentrator Dictionary
#
# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/ad.htm
# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/ad.htm
#
# $Id: dictionary.cisco.vpn3000 45 2006-11-14 17:45:00Z lem $
#
VENDOR Cisco-VPN3000 3076
ATTRIBUTE CVPN3000-Access-Hours 1 string Cisco-VPN3000
ATTRIBUTE CVPN3000-Simultaneous-Logins 2 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Primary-DNS 5 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Secondary-DNS 6 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Primary-WINS 7 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Secondary-WINS 8 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-SEP-Card-Assignment 9 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Priority-On-SEP 10 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Tunneling-Protocols 11 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Sec-Association 12 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Authentication 13 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Banner1 15 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Allow-Passwd-Store 16 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Use-Client-Address 17 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-PPTP-Min-Auth-Protocol 18 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-L2TP-Min-Auth-Protocol 19 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-PPTP-Encryption 20 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-L2TP-Encryption 21 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Auth-Server-Type 22 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Auth-Server-Password 23 string Cisco-VPN3000
ATTRIBUTE CVPN3000-Request-Auth-Vector 24 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-LTL-Keepalives 25 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Group-Name 26 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Split-Tunnel-List 27 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Default-Domain 28 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Split-DNS-Names 29 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Tunnel-Type 30 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Mode-Config 31 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Auth-Server-Priority 32 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-User-Group-Lock 33 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Over-UDP 34 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Over-UDP-Port 35 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Banner2 36 string Cisco-VPN3000
ATTRIBUTE CVPN3000-PPTP-MPPC-Compression 37 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-L2TP-MPPC-Compression 38 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-IP-Compression 39 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-IKE-Peer-ID-Check 40 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IKE-Keep-Alives 41 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Auth-On-Rekey 42 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Reqrd-Client-Fw-Vendor-Code 45 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Reqrd-Client-Fw-Product-Code 46 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Reqrd-Client-Fw-Description 47 string Cisco-VPN3000
ATTRIBUTE CVPN3000-Require-HW-Client-Auth 48 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Require-Individual-User-Auth 49 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Authd-User-Idle-Timeout 50 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Cisco-IP-Phone-Bypass 51 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-User-Auth-Server-Name 52 string Cisco-VPN3000
ATTRIBUTE CVPN3000-User-Auth-Server-Port 53 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-User-Auth-Server-Secret 54 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Split-Tunneling-Policy 55 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Reqrd-Client-Fw-Cap 56 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Client-Fw-Filter-Name 57 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Client-Fw-Filter-Opt 58 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Backup-Servers 59 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Backup-Server-List 60 string Cisco-VPN3000
ATTRIBUTE CVPN3000-DHCP-Network-Scope 61 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-MS-Client-Icpt-DHCP-Conf-Msg 62 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-MS-Client-Subnet-Mask 63 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Allow-Network-Extension-Mode 64 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Authorization-Type 65 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Authorization-Required 66 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-DN-Field 67 string Cisco-VPN3000
ATTRIBUTE CVPN3000-IPSec-Confidence-Level 68 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-WebVPN-Content-Filter-Parameters 69 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-WebVPN-Enable-functions 70 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-LEAP-Bypass 75 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Partition-Primary-DHCP 128 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Partition-Secondary-DHCP 129 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Partition-Premise-Router 131 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Partition-Max-Sessions 132 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Partition-Mobile-IP-Key 133 string Cisco-VPN3000
ATTRIBUTE CVPN3000-Partition-Mobile-IP-Address 134 ipaddr Cisco-VPN3000
ATTRIBUTE CVPN3000-Strip-Realm 135 integer Cisco-VPN3000
ATTRIBUTE CVPN3000-Partition-Mobile-IP-SPI 136 integer Cisco-VPN3000
VALUE CVPN3000-Tunneling-Protocols PPTP 1
VALUE CVPN3000-Tunneling-Protocols L2TP 2
VALUE CVPN3000-Tunneling-Protocols PPTP-And-L2TP 3
VALUE CVPN3000-Tunneling-Protocols IPSec 4
VALUE CVPN3000-Tunneling-Protocols PPTP-And-IPSec 5
VALUE CVPN3000-Tunneling-Protocols L2TP-And-IPSec 6
VALUE CVPN3000-Tunneling-Protocols PPTP-L2TP-IPSec 7
VALUE CVPN3000-Tunneling-Protocols L2TPoverIPSec 8
VALUE CVPN3000-Tunneling-Protocols PPTP-And-L2TP-over-IPSec 9
VALUE CVPN3000-Tunneling-Protocols L2TP-And-L2TP-over-IPSec 10
VALUE CVPN3000-Tunneling-Protocols PPTP-L2TP-L2TP-OVER-IPSec 11
VALUE CVPN3000-IPSec-Authentication None 0
VALUE CVPN3000-IPSec-Authentication RADIUS 1
VALUE CVPN3000-IPSec-Authentication NT-Domain 3
VALUE CVPN3000-IPSec-Authentication SDI 4
VALUE CVPN3000-IPSec-Authentication Internal 5
VALUE CVPN3000-IPSec-Authentication Radius-with-Expiry 6
VALUE CVPN3000-IPSec-Authentication KERBEROS-ActiveDirectory 7
VALUE CVPN3000-IPSec-Allow-Passwd-Store False 0
VALUE CVPN3000-IPSec-Allow-Passwd-Store True 1
VALUE CVPN3000-Use-Client-Address False 0
VALUE CVPN3000-Use-Client-Address True 1
VALUE CVPN3000-PPTP-Encryption Required 1
VALUE CVPN3000-PPTP-Encryption 40-Bits 2
VALUE CVPN3000-PPTP-Encryption 40-Bits-Required 3
VALUE CVPN3000-PPTP-Encryption 128-Bits 4
VALUE CVPN3000-PPTP-Encryption 128-Bits-Required 5
VALUE CVPN3000-PPTP-Encryption 40-Or-128-Bits 6
VALUE CVPN3000-PPTP-Encryption 40-Or-128-Bits-Required 7
VALUE CVPN3000-PPTP-Encryption Stateless-Required 8
VALUE CVPN3000-PPTP-Encryption Encryption-Stateless-Required 9
VALUE CVPN3000-PPTP-Encryption 40-Bits-Stateless-Required 10
VALUE CVPN3000-PPTP-Encryption 40-Bits-Encryption-Stateless-Required 11
VALUE CVPN3000-PPTP-Encryption 128-Bits-Stateless-Required 12
VALUE CVPN3000-PPTP-Encryption 128-Bits-Encryption-Stateless-Required 13
VALUE CVPN3000-PPTP-Encryption 40-Or-128-Bits-Stateless-Required 14
VALUE CVPN3000-PPTP-Encryption 40-Or-128-Bits-Encryption-Stateless-Required 15
VALUE CVPN3000-L2TP-Encryption Required 1
VALUE CVPN3000-L2TP-Encryption 40-Bits 2
VALUE CVPN3000-L2TP-Encryption 40-Bits-Required 3
VALUE CVPN3000-L2TP-Encryption 128-Bits 4
VALUE CVPN3000-L2TP-Encryption 128-Bits-Required 5
VALUE CVPN3000-L2TP-Encryption 40-Or-128-Bits 6
VALUE CVPN3000-L2TP-Encryption 40-Or-128-Bits-Required 7
VALUE CVPN3000-L2TP-Encryption Stateless-Required 8
VALUE CVPN3000-L2TP-Encryption Encryption-Stateless-Required 9
VALUE CVPN3000-L2TP-Encryption 40-Bits-Stateless-Required 10
VALUE CVPN3000-L2TP-Encryption 40-Bits-Encryption-Stateless-Required 11
VALUE CVPN3000-L2TP-Encryption 128-Bits-Stateless-Required 12
VALUE CVPN3000-L2TP-Encryption 128-Bits-Encryption-Stateless-Required 13
VALUE CVPN3000-L2TP-Encryption 40-Or-128-Bits-Stateless-Required 14
VALUE CVPN3000-L2TP-Encryption 40-Or-128-Bits-Encryption-Stateless-Required 15
VALUE CVPN3000-IPSec-Tunnel-Type LAN-To-LAN 1
VALUE CVPN3000-IPSec-Tunnel-Type Remote-Access 2
VALUE CVPN3000-IPSec-Mode-Config Off 0
VALUE CVPN3000-IPSec-Mode-Config On 1
VALUE CVPN3000-IPSec-User-Group-Lock Off 0
VALUE CVPN3000-IPSec-User-Group-Lock On 1
VALUE CVPN3000-IPSec-Over-UDP Off 0
VALUE CVPN3000-IPSec-Over-UDP On 1
VALUE CVPN3000-PPTP-MPPC-Compression Off 0
VALUE CVPN3000-PPTP-MPPC-Compression On 1
VALUE CVPN3000-L2TP-MPPC-Compression Off 0
VALUE CVPN3000-L2TP-MPPC-Compression On 1
VALUE CVPN3000-IPSec-IP-Compression Off 0
VALUE CVPN3000-IPSec-IP-Compression On 1
VALUE CVPN3000-IPSec-IP-Compression None 0
VALUE CVPN3000-IPSec-IP-Compression LZS 1
VALUE CVPN3000-IPSec-IKE-Peer-IDCheck Required 1
VALUE CVPN3000-IPSec-IKE-Peer-IDCheck If-Supported-By-Certifiate 2
VALUE CVPN3000-IPSec-IKE-Peer-IDCheck Do-Not-Check 3
VALUE CVPN3000-IKE-Keep-Alives Off 0
VALUE CVPN3000-IKE-Keep-Alives On 1
VALUE CVPN3000-IPSec-Auth-On-Rekey Off 0
VALUE CVPN3000-IPSec-Auth-On-Rekey On 1
VALUE CVPN3000-Reqrd-Client-Fw-Vendor-Code Cisco-With-CIC 1
VALUE CVPN3000-Reqrd-Client-Fw-Vendor-Code Zone-Labs 2
VALUE CVPN3000-Reqrd-Client-Fw-Vendor-Code Network-ICE 3
VALUE CVPN3000-Reqrd-Client-Fw-Vendor-Code Sygate 4
VALUE CVPN3000-Reqrd-Client-Fw-Vendor-Code Cisco-With-CSA 5
VALUE CVPN3000-Require-HW-Client-Auth No 0
VALUE CVPN3000-Require-HW-Client-Auth Yes 1
VALUE CVPN3000-Require-Individual-User-Auth No 0
VALUE CVPN3000-Require-Individual-User-Auth Yes 1
VALUE CVPN3000-Cisco-IP-Phone-Bypass No 0
VALUE CVPN3000-Cisco-IP-Phone-Bypass Yes 1
VALUE CVPN3000-IPSec-Split-Tunneling-Policy Tunnel-Everything 0
VALUE CVPN3000-IPSec-Split-Tunneling-Policy Only-Tunnel-Listed-Networks 1
VALUE CVPN3000-IPSec-Reqrd-Client-Fw-Cap None 0
VALUE CVPN3000-IPSec-Reqrd-Client-Fw-Cap Policy-Defined-By-Remote-FW-AYT 1
VALUE CVPN3000-IPSec-Reqrd-Client-Fw-Cap Policy-Pushed-CPP 2
VALUE CVPN3000-IPSec-Reqrd-Client-Fw-Cap Policy-From-Server 4
VALUE CVPN3000-IPSec-Client-Fw-Filter-Opt Required 0
VALUE CVPN3000-IPSec-Client-Fw-Filter-Opt Optional 1
VALUE CVPN3000-IPSec-Backup-Servers User-Client-Configured-List 1
VALUE CVPN3000-IPSec-Backup-Servers Disable-And-Clear-Client-List 2
VALUE CVPN3000-IPSec-Backup-Servers Use-Backup-Server-List 3
VALUE CVPN3000-IPSec-Backup-Servers User-Client-Configured-List 1
VALUE CVPN3000-MS-Client-Icpt-DHCP-Conf-Msg No 0
VALUE CVPN3000-MS-Client-Icpt-DHCP-Conf-Msg Yes 1
VALUE CVPN3000-Allow-Network-Extension-Mode No 0
VALUE CVPN3000-Allow-Network-Extension-Mode Yes 1
VALUE CVPN3000-WebVPN-Content-Filter-Parameters JavaAndActiveX 1
VALUE CVPN3000-WebVPN-Content-Filter-Parameters JavaScript 2
VALUE CVPN3000-WebVPN-Content-Filter-Parameters JavaAndActiveX-Javascript 3
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Images 4
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Images-JavaAndActiveX 5
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Images-Javascript 6
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Images-Javascript-JavaAndActiveX 7
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Cookies 8
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Cookies-JavaAndActiveX 9
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Cookies-Javascript 10
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Cookies-Javascript-JavaAndActiveX 11
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Cookies-Images 12
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Cookies-Images-JavaAndActiveX 13
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Cookies-Images-Javascript 14
VALUE CVPN3000-WebVPN-Content-Filter-Parameters Cookies-Images-Javascript-JavaAndActiveX 15
VALUE CVPN3000-Strip-Realm No 0
VALUE CVPN3000-Strip-Realm Yes 1

16
dicts/dictionary.cisco.vpn5000 Normal file
View File

@ -0,0 +1,16 @@
#
# Cisco VPN 5000 Concentrator Dictionary
#
# http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/ad.htm
#
# $Id: dictionary.cisco.vpn5000 45 2006-11-14 17:45:00Z lem $
#
VENDOR Cisco-VPN5000 255
ATTRIBUTE CVPN5000-Tunnel-Throughput 1 integer Cisco-VPN5000
ATTRIBUTE CVPN5000-Client-Assigned-IP 2 string Cisco-VPN5000
ATTRIBUTE CVPN5000-Client-Real-IP 3 string Cisco-VPN5000
ATTRIBUTE CVPN5000-VPN-GroupInfo 4 string Cisco-VPN5000
ATTRIBUTE CVPN5000-VPN-Password 5 string Cisco-VPN5000
ATTRIBUTE CVPN5000-Echo 6 integer Cisco-VPN5000
ATTRIBUTE CVPN5000-Client-Assigned-IPX 7 integer Cisco-VPN5000

11
dicts/dictionary.colubris Normal file
View File

@ -0,0 +1,11 @@
# Colubris dictionary - dictionary.colubris
#
# Enable by putting the line "$INCLUDE dictionary.colubris" into
# the main dictionary file.
#
#
VENDOR Colubris 8744
#
# Vendor-specific attributes
#
ATTRIBUTE Colubris-AVPair 0 string Colubris

19
dicts/dictionary.columbia_university Normal file
View File

@ -0,0 +1,19 @@
VALUE Service-Type Sip-session 12
# Columbia University VSAs, from:
#
# http://www.cs.columbia.edu/IRT/cinema/release/radius_notes.html
#
# $Id: dictionary.columbia_university 45 2006-11-14 17:45:00Z lem $
#
VENDOR Columbia-University 11862
ATTRIBUTE Sip-Method 0 integer Columbia-University
ATTRIBUTE Sip-From 1 string Columbia-University
ATTRIBUTE Sip-To 2 string Columbia-University
ATTRIBUTE Sip-Translated-Request-URI 4 string Columbia-University
VALUE Sip-Method INVITE 0
VALUE Sip-Method BYE 1
VALUE Sip-Method REGISTER 2
VALUE Sip-Method OTHER 3

49
dicts/dictionary.compat Normal file
View File

@ -0,0 +1,49 @@
#
# Obsolete names for backwards compatibility with older users files.
# Move the $INCLUDE in the main dictionary file to the end if you want
# these names to be used in the "details" logfile.
#
ATTRIBUTE Password 2 string
ATTRIBUTE Client-Id 4 ipaddr
ATTRIBUTE Client-Port-Id 5 integer
ATTRIBUTE User-Service-Type 6 integer
ATTRIBUTE Framed-Address 8 ipaddr
ATTRIBUTE Framed-Netmask 9 ipaddr
ATTRIBUTE Framed-Filter-Id 11 string
ATTRIBUTE Login-Host 14 ipaddr
ATTRIBUTE Login-Port 16 integer
ATTRIBUTE Old-Password 17 string
ATTRIBUTE Port-Message 18 string
ATTRIBUTE Dialback-No 19 string
ATTRIBUTE Dialback-Name 20 string
ATTRIBUTE Challenge-State 24 string
VALUE Framed-Compression Van-Jacobsen-TCP-IP 1
VALUE Framed-Compression VJ-TCP-IP 1
VALUE Service-Type Shell-User 6
VALUE Auth-Type Unix 1
VALUE Service-Type Dialback-Login-User 3
VALUE Service-Type Dialback-Framed-User 4
#
# For compatibility with MERIT users files.
#
ATTRIBUTE Login-Callback-Number 19 string
ATTRIBUTE Framed-Callback-Id 20 string
ATTRIBUTE Client-Port-DNIS 30 string
ATTRIBUTE Caller-ID 31 string
VALUE Service-Type Login 1
VALUE Service-Type Framed 2
VALUE Service-Type Callback-Login 3
VALUE Service-Type Callback-Framed 4
VALUE Service-Type Exec-User 7
#
# For compatibility with ESVA RADIUS, Old Cistron RADIUS
#
ATTRIBUTE Session 1034 integer
ATTRIBUTE User-Name-Is-Star 1035 integer
VALUE User-Name-Is-Star No 0
VALUE User-Name-Is-Star Yes 1
VALUE Auth-Type None 254
ATTRIBUTE PostAuth-Type 1014 integer
VALUE PostAuth-Type Local 0

15
dicts/dictionary.cosine Normal file
View File

@ -0,0 +1,15 @@
#
# Cosine IPSX Dictionary
#
# $Id: dictionary.cosine 45 2006-11-14 17:45:00Z lem $
#
VENDOR Cosine 3085
ATTRIBUTE Cosine-Connection-Profile-Name 1 string Cosine
ATTRIBUTE Cosine-Enterprise-ID 2 string Cosine
ATTRIBUTE Cosine-Address-Pool-Name 3 string Cosine
ATTRIBUTE Cosine-DS-Byte 4 integer Cosine
ATTRIBUTE Cosine-VPI-VCI 5 octets Cosine
ATTRIBUTE Cosine-DLCI 6 integer Cosine
ATTRIBUTE Cosine-LNS-IP-Address 7 ipaddr Cosine
ATTRIBUTE Cosine-CLI-User-Permission-ID 8 string Cosine

130
dicts/dictionary.erx Normal file
View File

@ -0,0 +1,130 @@
#
# dictionary.erx
#
# Unisphere's broadband RAS
# From Terje Krogdahl <tekr@nextra.com>
# Last touched by Paul Hampson <Paul.Hampson@Pobox.Com>
#
# Version: $Id: dictionary.erx 45 2006-11-14 17:45:00Z lem $
#
# Juniper ERX dictionaries are available at:
# http://www.juniper.net/techpubs/software/erx/junose52/unisphere5-2.dct
# http://www.juniper.net/techpubs/software/erx/erx50x/swconfig-broadband/html/radius-attributes.html
# (The below are from when it was the Unisphere ERX)
# http://www.juniper.net/techpubs/software/erx/erx410/unisphere4-1.dct
# http://www.juniper.net/techpubs/software/erx/erx403/unisphere4-0.dct
# http://www.juniper.net/techpubs/software/erx/erx3xx/unisphere3-2.dct
# http://www.juniper.net/techpubs/software/erx/erx3xx/unisphere3-0.dct
#
# As a note on ERX broken-ness, If you don't send a Framed-IP-Address
# in the Access-Accept packet, the ERX disconnects the user, and
# sends an Accounting-Request packet with Acct-Status-Type = Stop
#
# It does NOT send a 'Start' packet, so this behaviour confuses the
# heck out of most admins, who do everything right, but have the ERX
# do stupid things.
#
#
VENDOR ERX 4874
ATTRIBUTE ERX-Virtual-Router-Name 1 string ERX
ATTRIBUTE ERX-Address-Pool-Name 2 string ERX
ATTRIBUTE ERX-Local-Loopback-Interface 3 string ERX
ATTRIBUTE ERX-Primary-Dns 4 ipaddr ERX
ATTRIBUTE ERX-Secondary-Dns 5 ipaddr ERX
ATTRIBUTE ERX-Primary-Wins 6 ipaddr ERX
ATTRIBUTE ERX-Secondary-Wins 7 ipaddr ERX
ATTRIBUTE ERX-Tunnel-Virtual-Router 8 string ERX
ATTRIBUTE ERX-Tunnel-Password 9 string ERX
ATTRIBUTE ERX-Ingress-Policy-Name 10 string ERX
ATTRIBUTE ERX-Egress-Policy-Name 11 string ERX
ATTRIBUTE ERX-Ingress-Statistics 12 string ERX
ATTRIBUTE ERX-Egress-Statistics 13 string ERX
ATTRIBUTE ERX-Atm-Service-Category 14 integer ERX
ATTRIBUTE ERX-Atm-PCR 15 integer ERX
ATTRIBUTE ERX-Atm-SCR 16 integer ERX
ATTRIBUTE ERX-Atm-MBS 17 integer ERX
ATTRIBUTE ERX-Cli-Initial-Access-Level 18 string ERX
ATTRIBUTE ERX-Cli-Allow-All-VR-Access 19 integer ERX
ATTRIBUTE ERX-Alternate-Cli-Access-Level 20 string ERX
ATTRIBUTE ERX-Alternate-Cli-Vrouter-Name 21 string ERX
ATTRIBUTE ERX-Sa-Validate 22 integer ERX
ATTRIBUTE ERX-Igmp-Enable 23 integer ERX
ATTRIBUTE ERX-Pppoe-Description 24 string ERX
ATTRIBUTE ERX-Redirect-VR-Name 25 string ERX
ATTRIBUTE ERX-Qos-Profile-Name 26 string ERX
ATTRIBUTE ERX-Pppoe-Max-Sessions 27 integer ERX
ATTRIBUTE ERX-Pppoe-Url 28 string ERX
ATTRIBUTE ERX-Qos-Profile-Interface-Type 29 integer ERX
ATTRIBUTE ERX-Tunnel-Nas-Port-Method 30 integer ERX
ATTRIBUTE ERX-Service-Bundle 31 string ERX
ATTRIBUTE ERX-Tunnel-Tos 32 integer ERX
ATTRIBUTE ERX-Tunnel-Maximum-Sessions 33 integer ERX
ATTRIBUTE ERX-Framed-Ip-Route-Tag 34 string ERX
ATTRIBUTE ERX-Dial-Out-Number 35 string ERX
ATTRIBUTE ERX-PPP-Username 36 string ERX
ATTRIBUTE ERX-PPP-Password 37 string ERX
ATTRIBUTE ERX-PPP-Auth-Protocol 38 integer ERX
ATTRIBUTE ERX-Minimum-BPS 39 integer ERX
ATTRIBUTE ERX-Maximum-BPS 40 integer ERX
ATTRIBUTE ERX-Bearer-Type 41 integer ERX
ATTRIBUTE ERX-Input-Gigapkts 42 integer ERX
ATTRIBUTE ERX-Output-Gigapkts 43 integer ERX
ATTRIBUTE ERX-Tunnel-Interface-Id 44 string ERX
ATTRIBUTE ERX-IpV6-Virtual-Router 45 string ERX
ATTRIBUTE ERX-IpV6-Local-Interface 46 string ERX
ATTRIBUTE ERX-Ipv6-Primary-Dns 47 string ERX
ATTRIBUTE ERX-Ipv6-Secondary-Dns 48 string ERX
ATTRIBUTE Sdx-Service-Name 49 string ERX
ATTRIBUTE Sdx-Session-Volume-Quota 50 string ERX
ATTRIBUTE Sdx-Tunnel-Disconnect-Cause-Info 51 string ERX
#
# Values Attribute Name Number
#
VALUE ERX-Ingress-Statistics disable 0
VALUE ERX-Ingress-Statistics enable 1
VALUE ERX-Egress-Statistics disable 0
VALUE ERX-Egress-Statistics enable 1
VALUE ERX-Atm-Service-Category UBR 1
VALUE ERX-Atm-Service-Category UBRPCR 2
VALUE ERX-Atm-Service-Category nrtVBR 3
VALUE ERX-Atm-Service-Category CBR 4
VALUE ERX-CLI-Allow-All-VR-Access disable 0
VALUE ERX-CLI-Allow-All-VR-Access enable 1
VALUE ERX-Sa-Validate disable 0
VALUE ERX-Sa-Validate enable 1
VALUE ERX-Igmp-Enable disable 0
VALUE ERX-Igmp-Enable enable 1
VALUE ERX-Qos-Profile-Interface-Type IP 1
VALUE ERX-Qos-Profile-Interface-Type ATM 2
VALUE ERX-Qos-Profile-Interface-Type HDLC 3
VALUE ERX-Qos-Profile-Interface-Type ETHERNET 4
VALUE ERX-Qos-Profile-Interface-Type SERVER-PORT 5
VALUE ERX-Qos-Profile-Interface-Type ATM-1483 6
VALUE ERX-Qos-Profile-Interface-Type FRAME-RELAY 7
VALUE ERX-Qos-Profile-Interface-Type MPLS-MINOR 8
VALUE ERX-Qos-Profile-Interface-Type CBF 9
VALUE ERX-Qos-Profile-Interface-Type IP-TUNNEL 10
VALUE ERX-Qos-Profile-Interface-Type VLAN-SUB 11
VALUE ERX-Qos-Profile-Interface-Type PPPOE-SUB 12
VALUE ERX-Tunnel-Nas-Port-Method None 0
VALUE ERX-Tunnel-Nas-Port-Method CISCO-CLID 1
VALUE ERX-PPP-Auth-Protocol None 0
VALUE ERX-PPP-Auth-Protocol PAP 1
VALUE ERX-PPP-Auth-Protocol CHAP 2
VALUE ERX-PPP-Auth-Protocol PAP-CHAP 3
VALUE ERX-PPP-Auth-Protocol CHAP-PAP 4
VALUE ERX-Bearer-Type None 0
VALUE ERX-Bearer-Type Analog 1
VALUE ERX-Bearer-Type Digital 2

15
dicts/dictionary.extreme Normal file
View File

@ -0,0 +1,15 @@
#
# Dictionary for Extreme Networks VSA's.
# http://www.extremenetworks.com/
#
# $Id: dictionary.extreme 45 2006-11-14 17:45:00Z lem $
#
VENDOR Extreme 1916
ATTRIBUTE Extreme-Netlogin-Vlan 203 string Extreme
ATTRIBUTE Extreme-Netlogin-Url 204 string Extreme
ATTRIBUTE Extreme-Netlogin-Url-Desc 205 string Extreme
ATTRIBUTE Extreme-Netlogin-Only 206 integer Extreme
VALUE Extreme-Netlogin-Only Disabled 0
VALUE Extreme-Netlogin-Only Enabled 1

30
dicts/dictionary.foundry Normal file
View File

@ -0,0 +1,30 @@
#
# dictionary.foundry
#
# As posted to the list by Thomas Keitel <tkeitel@arc.nasa.gov>
#
# Version: $Id: dictionary.foundry 45 2006-11-14 17:45:00Z lem $
#
VENDOR Foundry 1991
ATTRIBUTE Foundry-Privilege-Level 1 integer Foundry
ATTRIBUTE Foundry-Command-String 2 string Foundry
ATTRIBUTE Foundry-Command-Exception-Flag 3 integer Foundry
ATTRIBUTE Foundry-INM-Privilege 4 integer Foundry
VALUE Foundry-INM-Privilege AAA_pri_0 0
VALUE Foundry-INM-Privilege AAA_pri_1 1
VALUE Foundry-INM-Privilege AAA_pri_2 2
VALUE Foundry-INM-Privilege AAA_pri_3 3
VALUE Foundry-INM-Privilege AAA_pri_4 4
VALUE Foundry-INM-Privilege AAA_pri_5 5
VALUE Foundry-INM-Privilege AAA_pri_6 6
VALUE Foundry-INM-Privilege AAA_pri_7 7
VALUE Foundry-INM-Privilege AAA_pri_8 8
VALUE Foundry-INM-Privilege AAA_pri_9 9
VALUE Foundry-INM-Privilege AAA_pri_10 10
VALUE Foundry-INM-Privilege AAA_pri_11 11
VALUE Foundry-INM-Privilege AAA_pri_12 12
VALUE Foundry-INM-Privilege AAA_pri_13 13
VALUE Foundry-INM-Privilege AAA_pri_14 14
VALUE Foundry-INM-Privilege AAA_pri_15 15

14
dicts/dictionary.freeradius Normal file
View File

@ -0,0 +1,14 @@
#
# The FreeRADIUS Vendor-Specific dictionary.
#
# Version: $Id: dictionary.freeradius 45 2006-11-14 17:45:00Z lem $
#
# For a complete list of Private Enterprise Codes, see:
#
# http://www.isi.edu/in-notes/iana/assignments/enterprise-numbers
#
VENDOR FreeRADIUS 11344
ATTRIBUTE FreeRADIUS-Proxied-To 1 ipaddr FreeRADIUS

100
dicts/dictionary.gandalf Normal file
View File

@ -0,0 +1,100 @@
# Gandalf dictionary
#
# Version: 1.00 24-July-2003 Blaise St-Laurent <bstlaurent@okiok.com>
#
# Notes: Dictionary was made specifically for the Gandalf XpressWay
# RLAN with Link Authentication through RADIUS
#
# $Id: dictionary.gandalf 45 2006-11-14 17:45:00Z lem $
#
VENDOR Gandalf 64
#
# Vendor-specific attributes
#
ATTRIBUTE Gandalf-Remote-LAN-Name 0 string Gandalf
ATTRIBUTE Gandalf-Operational-Modes 1 integer Gandalf
ATTRIBUTE Gandalf-Compression-Status 2 integer Gandalf
ATTRIBUTE Gandalf-Min-Outgoing-Bearer 3 integer Gandalf
ATTRIBUTE Gandalf-Authentication-String 5 string Gandalf
ATTRIBUTE Gandalf-PPP-Authentication 6 integer Gandalf
ATTRIBUTE Gandalf-PPP-NCP-Type 7 integer Gandalf
ATTRIBUTE Gandalf-Fwd-Multicast-In 8 integer Gandalf
ATTRIBUTE Gandalf-Fwd-Broadcast-In 9 integer Gandalf
ATTRIBUTE Gandalf-Fwd-Unicast-In 10 integer Gandalf
ATTRIBUTE Gandalf-Fwd-Multicast-Out 11 integer Gandalf
ATTRIBUTE Gandalf-Fwd-Broadcast-Out 12 integer Gandalf
ATTRIBUTE Gandalf-Fwd-Unicast-Out 13 integer Gandalf
ATTRIBUTE Gandalf-Around-The-Corner 14 integer Gandalf
ATTRIBUTE Gandalf-Channel-Group-Name-1 15 string Gandalf
ATTRIBUTE Gandalf-Dial-Prefix-Name-1 16 string Gandalf
ATTRIBUTE Gandalf-Phone-Number-1 17 string Gandalf
ATTRIBUTE Gandalf-Calling-Line-ID-1 18 string Gandalf
ATTRIBUTE Gandalf-Channel-Group-Name-2 19 string Gandalf
ATTRIBUTE Gandalf-Dial-Prefix-Name-2 20 string Gandalf
ATTRIBUTE Gandalf-Phone-Number-2 21 string Gandalf
ATTRIBUTE Gandalf-Calling-Line-ID-2 22 string Gandalf
ATTRIBUTE Gandalf-IPX-Spoofing-State 23 integer Gandalf
ATTRIBUTE Gandalf-IPX-Watchdog-Spoof 24 integer Gandalf
ATTRIBUTE Gandalf-SAP-Group-Name-1 25 string Gandalf
ATTRIBUTE Gandalf-SAP-Group-Name-2 26 string Gandalf
ATTRIBUTE Gandalf-SAP-Group-Name-3 27 string Gandalf
ATTRIBUTE Gandalf-SAP-Group-Name-4 28 string Gandalf
ATTRIBUTE Gandalf-SAP-Group-Name-5 29 string Gandalf
ATTRIBUTE Gandalf-Hunt-Group 30 string Gandalf
ATTRIBUTE Gandalf-Modem-Mode 31 integer Gandalf
ATTRIBUTE Gandalf-Modem-Required-1 32 integer Gandalf
ATTRIBUTE Gandalf-Modem-Required-2 33 integer Gandalf
VALUE Gandalf-Operational-Modes Disabled 1
VALUE Gandalf-Operational-Modes Called-Only 2
VALUE Gandalf-Operational-Modes Calling-Called 3
VALUE Gandalf-Operational-Modes Calling-Only 4
VALUE Gandalf-Compression-Status Disabled 1
VALUE Gandalf-Compression-Status Enabled 2
VALUE Gandalf-Min-Outgoing-Bearer Unrestricted-64K 1
VALUE Gandalf-Min-Outgoing-Bearer Digital-56K 2
VALUE Gandalf-Min-Outgoing-Bearer 3100Hz-Audio 3
VALUE Gandalf-PPP-Authentication CHAP 1
VALUE Gandalf-PPP-Authentication PAP 2
VALUE Gandalf-PPP-Authentication PAP-Sending-on-Incoming-Calls 3
VALUE Gandalf-PPP-NCP-Type BCP 2
VALUE Gandalf-PPP-NCP-Type IPCP 3
VALUE Gandalf-Fwd-Multicast-In Disabled 1
VALUE Gandalf-Fwd-Multicast-In Enabled 2
VALUE Gandalf-Fwd-Broadcast-In Disabled 1
VALUE Gandalf-Fwd-Broadcast-In Enabled 2
VALUE Gandalf-Fwd-Unicast-In Disabled 1
VALUE Gandalf-Fwd-Unicast-In Enabled 2
VALUE Gandalf-Fwd-Multicast-Out Disabled 1
VALUE Gandalf-Fwd-Multicast-Out Enabled 2
VALUE Gandalf-Fwd-Broadcast-Out Disabled 1
VALUE Gandalf-Fwd-Broadcast-Out Enabled 2
VALUE Gandalf-Fwd-Unicast-Out Disabled 1
VALUE Gandalf-Fwd-Unicast-Out Enabled 2
VALUE Gandalf-IPX-Spoofing-State Forward 1
VALUE Gandalf-IPX-Spoofing-State Spoof 2
VALUE Gandalf-IPX-Spoofing-State Filter-all-outgoing-RIP-SAP 3
VALUE Gandalf-IPX-Watchdog-Spoof Disabled 1
VALUE Gandalf-IPX-Watchdog-Spoof Enabled 2
VALUE Gandalf-Modem-Mode Disabled 1
VALUE Gandalf-Modem-Mode Enabled 2
VALUE Gandalf-Modem-Required-1 Disabled 1
VALUE Gandalf-Modem-Required-1 Enabled 2
VALUE Gandalf-Modem-Required-2 Disabled 1
VALUE Gandalf-Modem-Required-2 Enabled 2

16
dicts/dictionary.garderos Normal file
View File

@ -0,0 +1,16 @@
#
# dictionary.garderos
#
# Version: $Id: dictionary.garderos 45 2006-11-14 17:45:00Z lem $
#
# For documentation on Garderos attributes, see:
#
# http://www.garderos.com
VENDOR Garderos 16108
#
# Standard attribute
#
ATTRIBUTE Garderos-Location-Name 1 string Garderos
ATTRIBUTE Garderos-Service-Name 2 string Garderos

15
dicts/dictionary.gemtek Normal file
View File

@ -0,0 +1,15 @@
#
# Gemtek Systems VSA's
# Version: dictionary.gemtek, v1.2 2004/07/13
VENDOR Gemtek 10529
# Attributes for volume accounting limit.
ATTRIBUTE Acct-Session-Input-Octets 21 integer Gemtek
ATTRIBUTE Acct-Session-Input-Gigawords 22 integer Gemtek
ATTRIBUTE Acct-Session-Output-Octets 23 integer Gemtek
ATTRIBUTE Acct-Session-Output-Gigawords 24 integer Gemtek
ATTRIBUTE Acct-Session-Octets 25 integer Gemtek
ATTRIBUTE Acct-Session-Gigawords 26 integer Gemtek

675
dicts/dictionary.huawei Normal file
View File

@ -0,0 +1,675 @@
# Huawei Vendor-Specific Attributes.
VENDOR Huawei 2011
ATTRIBUTE Input-Average-Rate 2 integer Huawei
ATTRIBUTE Input-Peak-Rate 3 integer Huawei
ATTRIBUTE Output-Average-Rate 5 integer Huawei
ATTRIBUTE Output-Peak-Rate 6 integer Huawei
ATTRIBUTE In-Kb-Before-T-Switch 7 integer Huawei
ATTRIBUTE Out-Kb-Before-T-Switch 8 integer Huawei
ATTRIBUTE In-Pkt-Before-T-Switch 9 integer Huawei
ATTRIBUTE Out-Pkt-Before-T-Switch 10 integer Huawei
ATTRIBUTE In-Kb-After-T-Switch 11 integer Huawei
ATTRIBUTE Out-Kb-After-T-Switch 12 integer Huawei
ATTRIBUTE In-Pkt-After-T-Switch 13 integer Huawei
ATTRIBUTE Out-Pkt-After-T-Switch 14 integer Huawei
ATTRIBUTE Remanent-Volume 15 integer Huawei
ATTRIBUTE Tariff-Switch-Interval 16 integer Huawei
ATTRIBUTE Subscriber-QoS-Profile 17 string Huawei
ATTRIBUTE Command 20 integer Huawei
ATTRIBUTE Priority 22 integer Huawei
ATTRIBUTE Control-Identifier 24 integer Huawei
ATTRIBUTE Result-Code 25 integer Huawei
ATTRIBUTE Connect-ID 26 integer Huawei
ATTRIBUTE PortalURL 27 string Huawei
ATTRIBUTE Ftp-directory 28 string Huawei
ATTRIBUTE Exec-Privilege 29 integer Huawei
ATTRIBUTE Qos-Profile 31 string Huawei
ATTRIBUTE Startup-Stamp 59 integer Huawei
ATTRIBUTE Ip-Host-Addr 60 string Huawei
ATTRIBUTE PPP-NCP-Type 70 integer Huawei
ATTRIBUTE VSI-Name 71 string Huawei
ATTRIBUTE Max-Multilist-Num 77 integer Huawei
ATTRIBUTE data-filter 82 string Huawei
ATTRIBUTE Tunnel-Session-Limit 80 integer Huawei
ATTRIBUTE Access-Service 83 string Huawei
ATTRIBUTE Policy-Route 87 ipaddr Huawei
ATTRIBUTE Framed-Pool 88 string Huawei
ATTRIBUTE Queue-Profile 91 string Huawei
ATTRIBUTE Layer4-Session-Limit 92 integer Huawei
ATTRIBUTE Multicast-Profile 93 string Huawei
ATTRIBUTE Vpn-Intance 94 string Huawei
ATTRIBUTE Policy-Name 95 string Huawei
ATTRIBUTE TunnelGroupName 96 string Huawei
ATTRIBUTE LI-ID 101 string Huawei
ATTRIBUTE LI-Md-Address 102 ipaddr Huawei
ATTRIBUTE LI-Enable 105 integer Huawei
ATTRIBUTE Primary-DNS 135 ipaddr Huawei
ATTRIBUTE Secondary-DNS 136 ipaddr Huawei
ATTRIBUTE Domain-Name 138 string Huawei
ATTRIBUTE ANCP-Profile 139 string Huawei
ATTRIBUTE Loopback-Address 141 string Huawei
ATTRIBUTE QOS-Profile-Type 142 integer Huawei
ATTRIBUTE Version 254 string Huawei
ATTRIBUTE Product-ID 255 string Huawei
ATTRIBUTE Loopback-Ip 141 string Huawei

38
dicts/dictionary.itk Normal file
View File

@ -0,0 +1,38 @@
#
# http://www.digieurope.com/
# $Id: dictionary.itk 45 2006-11-14 17:45:00Z lem $
#
VENDOR ITK 1195
ATTRIBUTE ITK-Auth-Serv-IP 100 ipaddr ITK
ATTRIBUTE ITK-Auth-Serv-Prot 101 integer ITK
ATTRIBUTE ITK-Provider-Id 102 integer ITK
ATTRIBUTE ITK-Usergroup 103 integer ITK
ATTRIBUTE ITK-Banner 104 string ITK
ATTRIBUTE ITK-Username-Prompt 105 string ITK
ATTRIBUTE ITK-Password-Prompt 106 string ITK
ATTRIBUTE ITK-Welcome-Message 107 string ITK
ATTRIBUTE ITK-Prompt 108 string ITK
ATTRIBUTE ITK-IP-Pool 109 integer ITK
ATTRIBUTE ITK-Tunnel-IP 110 ipaddr ITK
ATTRIBUTE ITK-Tunnel-Prot 111 integer ITK
ATTRIBUTE ITK-Acct-Serv-IP 112 ipaddr ITK
ATTRIBUTE ITK-Acct-Serv-Prot 113 integer ITK
ATTRIBUTE ITK-Filter-Rule 114 string ITK
ATTRIBUTE ITK-Channel-Binding 115 integer ITK
ATTRIBUTE ITK-Start-Delay 116 integer ITK
ATTRIBUTE ITK-NAS-Name 117 string ITK
ATTRIBUTE ITK-ISDN-Prot 118 integer ITK
ATTRIBUTE ITK-PPP-Auth-Type 119 integer ITK
ATTRIBUTE ITK-Dialout-Type 120 integer ITK
ATTRIBUTE ITK-Ftp-Auth-IP 121 ipaddr ITK
ATTRIBUTE ITK-Users-Default-Entry 122 string ITK
ATTRIBUTE ITK-Users-Default-Pw 123 string ITK
ATTRIBUTE ITK-Auth-Req-Type 124 string ITK
ATTRIBUTE ITK-Modem-Pool-Id 125 integer ITK
ATTRIBUTE ITK-Modem-Init-String 126 string ITK
ATTRIBUTE ITK-PPP-Client-Server-Mode 127 integer ITK
ATTRIBUTE ITK-PPP-Compression-Prot 128 string ITK
ATTRIBUTE ITK-Username 129 string ITK
ATTRIBUTE ITK-Dest-No 130 string ITK
ATTRIBUTE ITK-DDI 131 string ITK

15
dicts/dictionary.juniper Normal file
View File

@ -0,0 +1,15 @@
#
# dictionary.juniper
#
# As posted to the list by Eric Kilfoil <ekilfoil@uslec.net>
#
# Version: $Id: dictionary.juniper 45 2006-11-14 17:45:00Z lem $
#
VENDOR Juniper 2636
ATTRIBUTE Juniper-Local-User-Name 1 string Juniper
ATTRIBUTE Juniper-Allow-Commands 2 string Juniper
ATTRIBUTE Juniper-Deny-Commands 3 string Juniper
ATTRIBUTE Juniper-Allow-Configuration 4 string Juniper
ATTRIBUTE Juniper-Deny-Configuration 5 string Juniper

2084
dicts/dictionary.karlnet Normal file
View File

File diff suppressed because it is too large Load Diff

59
dicts/dictionary.livingston Normal file
View File

@ -0,0 +1,59 @@
#
# Vendor-Specific attributes use the SMI Network Management Private
# Enterprise Code from the "Assigned Numbers" RFC
#
VENDOR Livingston 307
#
# Livingston Vendor-Specific Attributes (requires ComOS 3.8)
#
ATTRIBUTE LE-Terminate-Detail 2 string Livingston
ATTRIBUTE LE-Advice-of-Charge 3 string Livingston
ATTRIBUTE LE-Connect-Detail 4 string Livingston
ATTRIBUTE LE-IP-Pool 6 string Livingston
ATTRIBUTE LE-IP-Gateway 7 ipaddr Livingston
ATTRIBUTE LE-Modem-Info 8 string Livingston
ATTRIBUTE LE-IPSec-Log-Options 9 integer Livingston
ATTRIBUTE LE-IPSec-Deny-Action 10 integer Livingston
ATTRIBUTE LE-IPSec-Active-Profile 11 string Livingston
ATTRIBUTE LE-IPSec-Outsource-Profile 12 string Livingston
ATTRIBUTE LE-IPSec-Passive-Profile 13 string Livingston
ATTRIBUTE LE-NAT-TCP-Session-Timeout 14 integer Livingston
ATTRIBUTE LE-NAT-Other-Session-Timeout 15 integer Livingston
ATTRIBUTE LE-NAT-Log-Options 16 integer Livingston
ATTRIBUTE LE-NAT-Sess-Dir-Fail-Action 17 integer Livingston
ATTRIBUTE LE-NAT-Inmap 18 string Livingston
ATTRIBUTE LE-NAT-Outmap 19 string Livingston
ATTRIBUTE LE-NAT-Outsource-Inmap 20 string Livingston
ATTRIBUTE LE-NAT-Outsource-Outmap 21 string Livingston
ATTRIBUTE LE-Admin-Group 22 string Livingston
ATTRIBUTE LE-Multicast-Client 23 integer Livingston
VALUE LE-IPSec-Deny-Action Drop 1
VALUE LE-IPSec-Deny-Action ICMP-Reject 2
VALUE LE-IPSec-Deny-Action Pass-Through 3
VALUE LE-IPSec-Log-Options SA-Success-On 1
VALUE LE-IPSec-Log-Options SA-Failure-On 2
VALUE LE-IPSec-Log-Options Console-On 3
VALUE LE-IPSec-Log-Options Syslog-On 4
VALUE LE-IPSec-Log-Options SA-Success-Off 5
VALUE LE-IPSec-Log-Options SA-Failure-Off 6
VALUE LE-IPSec-Log-Options Console-Off 7
VALUE LE-IPSec-Log-Options Syslog-Off 8
VALUE LE-NAT-Sess-Dir-Fail-Action Drop 1
VALUE LE-NAT-Sess-Dir-Fail-Action ICMP-Reject 2
VALUE LE-NAT-Sess-Dir-Fail-Action Pass-Through 3
VALUE LE-NAT-Log-Options Session-Success-On 1
VALUE LE-NAT-Log-Options Session-Failure-On 2
VALUE LE-NAT-Log-Options Console-On 3
VALUE LE-NAT-Log-Options Syslog-On 4
VALUE LE-NAT-Log-Options Success-Off 5
VALUE LE-NAT-Log-Options Failure-Off 6
VALUE LE-NAT-Log-Options Console-Off 7
VALUE LE-NAT-Log-Options Syslog-Off 8
VALUE LE-Multicast-Client On 1

25
dicts/dictionary.localweb Normal file
View File

@ -0,0 +1,25 @@
##############################################################################
#
# Local-Web Accesspoints
#
##############################################################################
VENDOR Local-Web 19220
ATTRIBUTE Local-Web-Client-Ip 192 string Local-Web
ATTRIBUTE Local-Web-Border-Router 193 string Local-Web
ATTRIBUTE Local-Web-Tx-Limit 200 integer Local-Web
ATTRIBUTE Local-Web-Rx-Limit 201 integer Local-Web
ATTRIBUTE Local-Web-Acct-Time 210 integer Local-Web
ATTRIBUTE Local-Web-Acct-Duration 211 integer Local-Web
ATTRIBUTE Local-Web-Acct-Interim-Tx-Bytes 212 integer Local-Web
ATTRIBUTE Local-Web-Acct-Interim-Rx-Bytes 213 integer Local-Web
ATTRIBUTE Local-Web-Acct-Interim-Tx-Gigawords 214 integer Local-Web
ATTRIBUTE Local-Web-Acct-Interim-Rx-Gigawords 215 integer Local-Web
ATTRIBUTE Local-Web-Acct-Interim-Tx-Mgmt 216 integer Local-Web
ATTRIBUTE Local-Web-Acct-Interim-Rx-Mgmt 217 integer Local-Web
ATTRIBUTE Local-Web-Acct-Tx-Mgmt 230 integer Local-Web
ATTRIBUTE Local-Web-Acct-Rx-Mgmt 231 integer Local-Web
ATTRIBUTE Local-Web-Reauth-Counter 240 integer Local-Web

13
dicts/dictionary.merit Normal file
View File

@ -0,0 +1,13 @@
#
# For Merit.
#
# $Id: dictionary.merit 45 2006-11-14 17:45:00Z lem $
#
VENDOR Merit 61
ATTRIBUTE Merit-Proxy-Action 211 string Merit
ATTRIBUTE Merit-User-Id 222 string Merit
ATTRIBUTE Merit-User-Realm 223 string Merit

80
dicts/dictionary.microsoft Normal file
View File

@ -0,0 +1,80 @@
#
# Microsoft's VSA's, from RFC 2548
#
# $Id: dictionary.microsoft 45 2006-11-14 17:45:00Z lem $
#
VENDOR Microsoft 311
ATTRIBUTE MS-CHAP-Response 1 octets Microsoft
ATTRIBUTE MS-CHAP-Error 2 string Microsoft
ATTRIBUTE MS-CHAP-CPW-1 3 octets Microsoft
ATTRIBUTE MS-CHAP-CPW-2 4 octets Microsoft
ATTRIBUTE MS-CHAP-LM-Enc-PW 5 octets Microsoft
ATTRIBUTE MS-CHAP-NT-Enc-PW 6 octets Microsoft
ATTRIBUTE MS-MPPE-Encryption-Policy 7 octets Microsoft
# This is referred to as both singular and plural in the RFC.
# Plural seems to make more sense.
ATTRIBUTE MS-MPPE-Encryption-Type 8 octets Microsoft
ATTRIBUTE MS-MPPE-Encryption-Types 8 octets Microsoft
ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft
ATTRIBUTE MS-CHAP-Domain 10 string Microsoft
ATTRIBUTE MS-CHAP-Challenge 11 octets Microsoft
ATTRIBUTE MS-CHAP-MPPE-Keys 12 octets Microsoft
ATTRIBUTE MS-BAP-Usage 13 integer Microsoft
ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft
ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft
ATTRIBUTE MS-MPPE-Send-Key 16 octets Microsoft
ATTRIBUTE MS-MPPE-Recv-Key 17 octets Microsoft
ATTRIBUTE MS-RAS-Version 18 string Microsoft
ATTRIBUTE MS-Old-ARAP-Password 19 octets Microsoft
ATTRIBUTE MS-New-ARAP-Password 20 octets Microsoft
ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft
ATTRIBUTE MS-Filter 22 octets Microsoft
ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft
ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft
ATTRIBUTE MS-CHAP2-Response 25 octets Microsoft
ATTRIBUTE MS-CHAP2-Success 26 octets Microsoft
ATTRIBUTE MS-CHAP2-CPW 27 octets Microsoft
ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft
ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft
ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft
ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft
ATTRIBUTE MS-ARAP-Challenge 33 octets Microsoft
#
# Integer Translations
#
# MS-BAP-Usage Values
VALUE MS-BAP-Usage Not-Allowed 0
VALUE MS-BAP-Usage Allowed 1
VALUE MS-BAP-Usage Required 2
# MS-ARAP-Password-Change-Reason Values
VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1
VALUE MS-ARAP-PW-Change-Reason Expired-Password 2
VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3
VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4
# MS-Acct-Auth-Type Values
VALUE MS-Acct-Auth-Type PAP 1
VALUE MS-Acct-Auth-Type CHAP 2
VALUE MS-Acct-Auth-Type MS-CHAP-1 3
VALUE MS-Acct-Auth-Type MS-CHAP-2 4
VALUE MS-Acct-Auth-Type EAP 5
# MS-Acct-EAP-Type Values
VALUE MS-Acct-EAP-Type MD5 4
VALUE MS-Acct-EAP-Type OTP 5
VALUE MS-Acct-EAP-Type Generic-Token-Card 6
VALUE MS-Acct-EAP-Type TLS 13

13
dicts/dictionary.mikrotik Normal file
View File

@ -0,0 +1,13 @@
# http://www.mikrotik.com
#
# http://www.mikrotik.com/Documentation/manual_2.7/Basic/AAA.html#ht37996460
#
# $Id: dictionary.mikrotik 45 2006-11-14 17:45:00Z lem $
#
VENDOR Mikrotik 14988
ATTRIBUTE Mikrotik-Recv-Limit 1 integer Mikrotik
ATTRIBUTE Mikrotik-Xmit-Limit 2 integer Mikrotik
# this attribute is unused
ATTRIBUTE Mikrotik-Group 3 string Mikrotik

15
dicts/dictionary.navini Normal file
View File

@ -0,0 +1,15 @@
#
# dictionary.navini
#
# By
# "Paul Shields" <pshields@navini.com>
#
# Version: $Id: dictionary.navini 45 2006-11-14 17:45:00Z lem $
#
VENDOR Navini 6504
#
# Standard attribute
#
ATTRIBUTE Navini-AVPair 1 string Navini

24
dicts/dictionary.netscreen Normal file
View File

@ -0,0 +1,24 @@
#
# From:
# http://www.netscreen.com/support/downloads/4.0_configuring_screenOS_for_NTdomain_v11.pdf
#
VENDOR Netscreen 3224
ATTRIBUTE NS-Admin-Privilege 1 integer Netscreen
ATTRIBUTE NS-VSYS-Name 2 string Netscreen
ATTRIBUTE NS-User-Group 3 string Netscreen
ATTRIBUTE NS-Primary-DNS 4 ipaddr Netscreen
ATTRIBUTE NS-Secondary-DNS 5 ipaddr Netscreen
ATTRIBUTE NS-Primary-WINS 6 ipaddr Netscreen
ATTRIBUTE NS-Secondary-WINS 7 ipaddr Netscreen
#
# Values VSYS-Admin and Read-Only-VSYS-Admin require a NS-VSYS-Name
# attribute in the response packet.
#
VALUE NS-Admin-Privilege Root-Admin 1
VALUE NS-Admin-Privilege All-VSYS-Root-Admin 2
VALUE NS-Admin-Privilege VSYS-Admin 3
VALUE NS-Admin-Privilege Read-Only-Admin 4
VALUE NS-Admin-Privilege Read-Only-VSYS-Admin 5

28
dicts/dictionary.nokia Normal file
View File

@ -0,0 +1,28 @@
#
# Nokia dictionary
# $Id: dictionary.nokia 45 2006-11-14 17:45:00Z lem $
#
# Enable by putting the line "$INCLUDE dictionary.nokia" into
# the main dictionary file. Don't forget to comment out the
# $INCLUDE dictionary.ascend, because these over-lap with the
# standard RADIUS attributes, which are also illegitimately used
# by Ascend.
#
# It's apparently rocket science for people to define their own
# VSA's.
#
#
# The format of this attribute is binary coded decimal (BCD)
# with the last four bits all set to 1 if there are an odd
# number of digits,
#
# e.g 123 is encoded as hexadecimal bytes 21 F3
#
# This is an incredibly stupid way of encoding the data.
#
ATTRIBUTE Nokia-IMSI 224 octets
ATTRIBUTE Nokia-Charging-Id 225 integer
ATTRIBUTE Nokia-Prepaid-Ind 226 integer
ATTRIBUTE Nokia-GGSN-IP-Address 227 ipaddr
ATTRIBUTE Nokia-SGSN-IP-Address 228 ipaddr

21
dicts/dictionary.nomadix Normal file
View File

@ -0,0 +1,21 @@
#
# Version: $Id: dictionary.nomadix 45 2006-11-14 17:45:00Z lem $
#
VENDOR Nomadix 3309
#
ATTRIBUTE Nomadix-Bw-Up 1 integer Nomadix
ATTRIBUTE Nomadix-Bw-Down 2 integer Nomadix
ATTRIBUTE Nomadix-URL-Redirection 3 string Nomadix
ATTRIBUTE Nomadix-IP-Upsell 4 integer Nomadix
ATTRIBUTE Nomadix-Expiration 5 string Nomadix
ATTRIBUTE Nomadix-Subnet 6 string Nomadix
ATTRIBUTE Nomadix-MaxBytesUp 7 integer Nomadix
ATTRIBUTE Nomadix-MaxBytesDown 8 integer Nomadix
ATTRIBUTE Nomadix-EndofSession 9 integer Nomadix
ATTRIBUTE Nomadix-Logoff-URL 10 string Nomadix
ATTRIBUTE Nomadix-Net-VLAN 11 integer Nomadix
ATTRIBUTE Nomadix-Config-URL 12 string Nomadix
ATTRIBUTE Nomadix-Goodbye-URL 13 string Nomadix
VALUE Nomadix-Ip-Upsell PrivatePool 0
VALUE Nomadix-Ip-Upsell PublicPool 1

13
dicts/dictionary.propel Normal file
View File

@ -0,0 +1,13 @@
#
# Found on the net.
#
# $Id: dictionary.propel 45 2006-11-14 17:45:00Z lem $
#
VENDOR Propel 14895
ATTRIBUTE Propel-Accelerate 1 integer Propel
ATTRIBUTE Propel-Dialed-Digits 2 string Propel
ATTRIBUTE Propel-Client-IP-Address 3 ipaddr Propel
ATTRIBUTE Propel-Client-NAS-IP-Address 4 ipaddr Propel
ATTRIBUTE Propel-Client-Source-ID 5 integer Propel

43
dicts/dictionary.quintum Normal file
View File

@ -0,0 +1,43 @@
#
# dictionary.quintum
#
# Copied mostly from the Cisco dictionary, by
# Jeremy McNamara <jj@indie.org>
#
# Version: $Id: dictionary.quintum 45 2006-11-14 17:45:00Z lem $
#
VENDOR Quintum 6618
#
# Standard attribute
#
ATTRIBUTE Quintum-AVPair 1 string Quintum
ATTRIBUTE Quintum-NAS-Port 2 string Quintum
#
# Voice over IP attributes.
#
ATTRIBUTE Quintum-h323-remote-address 23 string Quintum
ATTRIBUTE Quintum-h323-conf-id 24 string Quintum
ATTRIBUTE Quintum-h323-setup-time 25 string Quintum
ATTRIBUTE Quintum-h323-call-origin 26 string Quintum
ATTRIBUTE Quintum-h323-call-type 27 string Quintum
ATTRIBUTE Quintum-h323-connect-time 28 string Quintum
ATTRIBUTE Quintum-h323-disconnect-time 29 string Quintum
ATTRIBUTE Quintum-h323-disconnect-cause 30 string Quintum
ATTRIBUTE Quintum-h323-voice-quality 31 string Quintum
ATTRIBUTE Quintum-h323-gw-id 33 string Quintum
ATTRIBUTE Quintum-h323-incoming-conf-id 35 string Quintum
ATTRIBUTE Quintum-h323-credit-amount 101 string Quintum
ATTRIBUTE Quintum-h323-credit-time 102 string Quintum
ATTRIBUTE Quintum-h323-return-code 103 string Quintum
ATTRIBUTE Quintum-h323-prompt-id 104 string Quintum
ATTRIBUTE Quintum-h323-time-and-day 105 string Quintum
ATTRIBUTE Quintum-h323-redirect-number 106 string Quintum
ATTRIBUTE Quintum-h323-preferred-lang 107 string Quintum
ATTRIBUTE Quintum-h323-redirect-ip-address 108 string Quintum
ATTRIBUTE Quintum-h323-billing-model 109 string Quintum
ATTRIBUTE Quintum-h323-currency-type 110 string Quintum

393
dicts/dictionary.redback Normal file
View File

@ -0,0 +1,393 @@
#
# Redback dictionary.
#
# Version: 1.00 14-Sep-2000 Chris Adams <cmadams@hiwaay.net>
# $Id: dictionary.redback 45 2006-11-14 17:45:00Z lem $
#
VENDOR Redback 2352
#
# Redback Vendor Specific Extensions
#
# The first set here uses '_' as the separator, as Redback has changed
# their documentation to use '-' vs. '_'. The older '_' style entries
# are listed first so that they will still be accepted,
# yet not preferred.
#
#
# Redback Vendor Specific Extensions ( older style syntax )
#
# The names use underscores (_) instead of dashes (-), because
# that's what Redback used in their older documentation and examples.
#
ATTRIBUTE Client_DNS_Pri 1 ipaddr Redback
ATTRIBUTE Client_DNS_Sec 2 ipaddr Redback
ATTRIBUTE DHCP_Max_Leases 3 integer Redback
ATTRIBUTE Context_Name 4 string Redback
ATTRIBUTE Bridge_Group 5 string Redback
ATTRIBUTE BG_Aging_Time 6 string Redback
ATTRIBUTE BG_Path_Cost 7 string Redback
ATTRIBUTE BG_Span_Dis 8 string Redback
ATTRIBUTE BG_Trans_BPDU 9 string Redback
ATTRIBUTE Rate_Limit_Rate 10 integer Redback
ATTRIBUTE Rate_Limit_Burst 11 integer Redback
ATTRIBUTE Police_Rate 12 integer Redback
ATTRIBUTE Police_Burst 13 integer Redback
ATTRIBUTE Source_Validation 14 integer Redback
ATTRIBUTE Tunnel_Domain 15 integer Redback
ATTRIBUTE Tunnel_Local_Name 16 string Redback
ATTRIBUTE Tunnel_Remote_Name 17 string Redback
ATTRIBUTE Tunnel_Function 18 integer Redback
ATTRIBUTE Tunnel_Max_Sessions 21 integer Redback
ATTRIBUTE Tunnel_Max_Tunnels 22 integer Redback
ATTRIBUTE Tunnel_Session_Auth 23 integer Redback
ATTRIBUTE Tunnel_Window 24 integer Redback
ATTRIBUTE Tunnel_Retransmit 25 integer Redback
ATTRIBUTE Tunnel_Cmd_Timeout 26 integer Redback
ATTRIBUTE PPPOE_URL 27 string Redback
ATTRIBUTE PPPOE_MOTM 28 string Redback
ATTRIBUTE Tunnel_Group 29 integer Redback
ATTRIBUTE Tunnel_Context 30 string Redback
ATTRIBUTE Tunnel_Algorithm 31 integer Redback
ATTRIBUTE Tunnel_Deadtime 32 integer Redback
ATTRIBUTE Mcast_Send 33 integer Redback
ATTRIBUTE Mcast_Receive 34 integer Redback
ATTRIBUTE Mcast_MaxGroups 35 integer Redback
ATTRIBUTE Ip_Address_Pool_Name 36 string Redback
ATTRIBUTE Tunnel_DNIS 37 integer Redback
ATTRIBUTE Medium_Type 38 integer Redback
ATTRIBUTE PVC_Encapsulation_Type 39 integer Redback
ATTRIBUTE PVC_Profile_Name 40 string Redback
ATTRIBUTE PVC_Circuit_Padding 41 integer Redback
ATTRIBUTE Bind_Type 42 integer Redback
ATTRIBUTE Bind_Auth_Protocol 43 integer Redback
ATTRIBUTE Bind_Auth_Max_Sessions 44 integer Redback
ATTRIBUTE Bind_Bypass_Bypass 45 string Redback
ATTRIBUTE Bind_Auth_Context 46 string Redback
ATTRIBUTE Bind_Auth_Service_Grp 47 string Redback
ATTRIBUTE Bind_Bypass_Context 48 string Redback
ATTRIBUTE Bind_Int_Context 49 string Redback
ATTRIBUTE Bind_Tun_Context 50 string Redback
ATTRIBUTE Bind_Ses_Context 51 string Redback
ATTRIBUTE Bind_Dot1q_Slot 52 integer Redback
ATTRIBUTE Bind_Dot1q_Port 53 integer Redback
ATTRIBUTE Bind_Dot1q_Vlan_Tag_Id 54 integer Redback
ATTRIBUTE Bind_Int_Interface_Name 55 string Redback
ATTRIBUTE Bind_L2TP_Tunnel_Name 56 string Redback
ATTRIBUTE Bind_L2TP_Flow_Control 57 integer Redback
ATTRIBUTE Bind_Sub_User_At_Context 58 string Redback
ATTRIBUTE Bind_Sub_Password 59 string Redback
ATTRIBUTE Ip_Host_Addr 60 string Redback
ATTRIBUTE IP_TOS_Field 61 integer Redback
ATTRIBUTE NAS_Real_Port 62 integer Redback
ATTRIBUTE Tunnel_Session_Auth_Ctx 63 string Redback
ATTRIBUTE Tunnel_Session_Auth_Service_Grp 64 string Redback
ATTRIBUTE Tunnel_Rate_Limit_Rate 65 integer Redback
ATTRIBUTE Tunnel_Rate_Limit_Burst 66 integer Redback
ATTRIBUTE Tunnel_Police_Rate 67 integer Redback
ATTRIBUTE Tunnel_Police_Burst 68 integer Redback
ATTRIBUTE Tunnel_L2F_Second_Password 69 string Redback
ATTRIBUTE TTY_Level_Max 72 integer Redback
ATTRIBUTE TTY_Level_Start 73 integer Redback
ATTRIBUTE Acct_Input_Octets_64 128 octets Redback
ATTRIBUTE Acct_Output_Octets_64 129 octets Redback
ATTRIBUTE Acct_Input_Packets_64 130 octets Redback
ATTRIBUTE Acct_Output_Packets_64 131 octets Redback
ATTRIBUTE Assigned_IP_Address 132 ipaddr Redback
ATTRIBUTE Acct_Mcast_In_Octets 133 integer Redback
ATTRIBUTE Acct_Mcast_Out_Octets 134 integer Redback
ATTRIBUTE Acct_Mcast_In_Packets 135 integer Redback
ATTRIBUTE Acct_Mcast_Out_Packets 136 integer Redback
ATTRIBUTE LAC_Port 137 integer Redback
ATTRIBUTE LAC_Real_Port 138 integer Redback
ATTRIBUTE LAC_Port_Type 139 integer Redback
ATTRIBUTE LAC_Real_Port_Type 140 integer Redback
ATTRIBUTE Acct_Dyn_Ac_Ent 141 string Redback
ATTRIBUTE Session_Error_Code 142 integer Redback
ATTRIBUTE Session_Error_Msg 143 string Redback
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_RAW 1
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_ROUTE1483 2
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_AUTO1483 3
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_MULTI 4
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_BRIDGE1483 5
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP 6
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP_SERIAL 7
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP_NLPID 8
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP_AUTO 9
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPPOE 10
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_L2TP 11
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ATM_PPP_LLC 12
VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_AUTO1490 13
VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_MULTI 14
VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_BRIDGE1490 15
VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_PPP 16
VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_PPP_AUTO 17
VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_PPPOE 18
VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_ROUTE1490 19
VALUE PVC_Encapsulation_Type AAA_ENCAPS_FRAME_L2TP 20
VALUE PVC_Encapsulation_Type AAA_ENCAPS_L2TP_VC_MUXED 21
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ETH 22
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ETH_PPPOE 23
VALUE PVC_Encapsulation_Type AAA_ENCAPS_ETH_MULTI 24
VALUE PVC_Circuit_Padding AAA_CIRCUIT_PADDING 1
VALUE PVC_Circuit_Padding AAA_CIRCUIT_NO_PADDING 2
VALUE Bind_Type AAA_AUTH_BIND 1
VALUE Bind_Type AAA_BYPASS_BIND 2
VALUE Bind_Type AAA_INTERFACE_BIND 3
VALUE Bind_Type AAA_SUBSCRIBE_BIND 4
VALUE Bind_Type AAA_TUNNEL_BIND 5
VALUE Bind_Type AAA_SESSION_BIND 6
VALUE Bind_Type AAA_Q8021_BIND 7
VALUE Bind_Type AAA_MULTI_BIND 8
VALUE Bind_Auth_Protocol AAA_PPP_PAP 1
VALUE Bind_Auth_Protocol AAA_PPP_CHAP 2
VALUE Bind_Auth_Protocol AAA_PPP_CHAP_WAIT 3
VALUE Bind_Auth_Protocol AAA_PPP_CHAP_PAP 4
VALUE Bind_Auth_Protocol AAA_PPP_CHAP_WAIT_PAP 5
VALUE Tunnel_Function LAC-Only 1
VALUE Tunnel_Function LNS-Only 2
VALUE Tunnel_Function LAC-LNS 3
VALUE Tunnel_Session_auth CHAP 1
VALUE Tunnel_Session_auth PAP 2
VALUE Tunnel_Session_auth CHAP-PAP 3
VALUE Mcast_Send NO-SEND 1
VALUE Mcast_Send SEND 2
VALUE Mcast_Send UNSOLICITED-SEND 3
VALUE Mcast_Receive NO-RECEIVE 1
VALUE Mcast_Receive RECEIVE 2
VALUE Tunnel_DNIS DNIS 1
VALUE Tunnel_DNIS DNIS-Only 2
VALUE LAC_Port_Type NAS_PORT_TYPE_10BT 40
VALUE LAC_Port_Type NAS_PORT_TYPE_100BT 41
VALUE LAC_Port_Type NAS_PORT_TYPE_DS3_FR 42
VALUE LAC_Port_Type NAS_PORT_TYPE_DS3_ATM 43
VALUE LAC_Port_Type NAS_PORT_TYPE_OC3 44
VALUE LAC_Port_Type NAS_PORT_TYPE_HSSI 45
VALUE LAC_Port_Type NAS_PORT_TYPE_EIA530 46
VALUE LAC_Port_Type NAS_PORT_TYPE_T1 47
VALUE LAC_Port_Type NAS_PORT_TYPE_CHAN_T3 48
VALUE LAC_Port_Type NAS_PORT_TYPE_DS1_FR 49
VALUE LAC_Port_Type NAS_PORT_TYPE_E3_ATM 50
VALUE LAC_Port_Type NAS_PORT_TYPE_IMA_ATM 51
VALUE LAC_Port_Type NAS_PORT_TYPE_DS3_ATM_2 52
VALUE LAC_Port_Type NAS_PORT_TYPE_OC3_ATM_2 53
VALUE LAC_Port_Type NAS_PORT_TYPE_1000BSX 54
VALUE LAC_Port_Type NAS_PORT_TYPE_E1_FR 55
VALUE LAC_Port_Type NAS_PORT_TYPE_E1_ATM 56
VALUE LAC_Port_Type NAS_PORT_TYPE_E3_FR 57
VALUE LAC_Port_Type NAS_PORT_TYPE_OC3_POS 58
VALUE LAC_Port_Type NAS_PORT_TYPE_OC12_POS 59
VALUE LAC_Port_Type NAS_PORT_TYPE_PPPOE 60
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_10BT 40
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_100BT 41
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_DS3_FR 42
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_DS3_ATM 43
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_OC3 44
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_HSSI 45
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_EIA530 46
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_T1 47
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_CHAN_T3 48
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_DS1_FR 49
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_E3_ATM 50
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_IMA_ATM 51
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_DS3_ATM_2 52
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_OC3_ATM_2 53
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_1000BSX 54
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_E1_FR 55
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_E1_ATM 56
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_E3_FR 57
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_OC3_POS 58
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_OC12_POS 59
VALUE LAC_Real_Port_Type NAS_PORT_TYPE_PPPOE 60
#
# New names.
#
ATTRIBUTE Client-DNS-Pri 1 ipaddr Redback
ATTRIBUTE Client-DNS-Sec 2 ipaddr Redback
ATTRIBUTE DHCP-Max-Leases 3 integer Redback
ATTRIBUTE Context-Name 4 string Redback
ATTRIBUTE Bridge-Group 5 string Redback
ATTRIBUTE BG-Aging-Time 6 string Redback
ATTRIBUTE BG-Path-Cost 7 string Redback
ATTRIBUTE BG-Span-Dis 8 string Redback
ATTRIBUTE BG-Trans-BPDU 9 string Redback
ATTRIBUTE Rate-Limit-Rate 10 integer Redback
ATTRIBUTE Rate-Limit-Burst 11 integer Redback
ATTRIBUTE Police-Rate 12 integer Redback
ATTRIBUTE Police-Burst 13 integer Redback
ATTRIBUTE Source-Validation 14 integer Redback
ATTRIBUTE Tunnel-Domain 15 integer Redback
ATTRIBUTE Tunnel-Local-Name 16 string Redback
ATTRIBUTE Tunnel-Remote-Name 17 string Redback
ATTRIBUTE Tunnel-Function 18 integer Redback
ATTRIBUTE Tunnel-Max-Sessions 21 integer Redback
ATTRIBUTE Tunnel-Max-Tunnels 22 integer Redback
ATTRIBUTE Tunnel-Session-Auth 23 integer Redback
ATTRIBUTE Tunnel-Window 24 integer Redback
ATTRIBUTE Tunnel-Retransmit 25 integer Redback
ATTRIBUTE Tunnel-Cmd-Timeout 26 integer Redback
ATTRIBUTE PPPOE-URL 27 string Redback
ATTRIBUTE PPPOE-MOTM 28 string Redback
ATTRIBUTE Tunnel-Group 29 integer Redback
ATTRIBUTE Tunnel-Context 30 string Redback
ATTRIBUTE Tunnel-Algorithm 31 integer Redback
ATTRIBUTE Tunnel-Deadtime 32 integer Redback
ATTRIBUTE Mcast-Send 33 integer Redback
ATTRIBUTE Mcast-Receive 34 integer Redback
ATTRIBUTE Mcast-MaxGroups 35 integer Redback
ATTRIBUTE Ip-Address-Pool-Name 36 string Redback
ATTRIBUTE Tunnel-DNIS 37 integer Redback
ATTRIBUTE Medium-Type 38 integer Redback
ATTRIBUTE PVC-Encapsulation-Type 39 integer Redback
ATTRIBUTE PVC-Profile-Name 40 string Redback
ATTRIBUTE PVC-Circuit-Padding 41 integer Redback
ATTRIBUTE Bind-Type 42 integer Redback
ATTRIBUTE Bind-Auth-Protocol 43 integer Redback
ATTRIBUTE Bind-Auth-Max-Sessions 44 integer Redback
ATTRIBUTE Bind-Bypass-Bypass 45 string Redback
ATTRIBUTE Bind-Auth-Context 46 string Redback
ATTRIBUTE Bind-Auth-Service-Grp 47 string Redback
ATTRIBUTE Bind-Bypass-Context 48 string Redback
ATTRIBUTE Bind-Int-Context 49 string Redback
ATTRIBUTE Bind-Tun-Context 50 string Redback
ATTRIBUTE Bind-Ses-Context 51 string Redback
ATTRIBUTE Bind-Dot1q-Slot 52 integer Redback
ATTRIBUTE Bind-Dot1q-Port 53 integer Redback
ATTRIBUTE Bind-Dot1q-Vlan-Tag-Id 54 integer Redback
ATTRIBUTE Bind-Int-Interface-Name 55 string Redback
ATTRIBUTE Bind-L2TP-Tunnel-Name 56 string Redback
ATTRIBUTE Bind-L2TP-Flow-Control 57 integer Redback
ATTRIBUTE Bind-Sub-User-At-Context 58 string Redback
ATTRIBUTE Bind-Sub-Password 59 string Redback
ATTRIBUTE Ip-Host-Addr 60 string Redback
ATTRIBUTE IP-TOS-Field 61 integer Redback
ATTRIBUTE NAS-Real-Port 62 integer Redback
ATTRIBUTE Tunnel-Session-Auth-Ctx 63 string Redback
ATTRIBUTE Tunnel-Session-Auth-Service-Grp 64 string Redback
ATTRIBUTE Tunnel-Rate-Limit-Rate 65 integer Redback
ATTRIBUTE Tunnel-Rate-Limit-Burst 66 integer Redback
ATTRIBUTE Tunnel-Police-Rate 67 integer Redback
ATTRIBUTE Tunnel-Police-Burst 68 integer Redback
ATTRIBUTE Tunnel-L2F-Second-Password 69 string Redback
ATTRIBUTE TTY-Level-Max 72 integer Redback
ATTRIBUTE TTY-Level-Start 73 integer Redback
ATTRIBUTE Acct-Input-Octets-64 128 octets Redback
ATTRIBUTE Acct-Output-Octets-64 129 octets Redback
ATTRIBUTE Acct-Input-Packets-64 130 octets Redback
ATTRIBUTE Acct-Output-Packets-64 131 octets Redback
ATTRIBUTE Assigned-IP-Address 132 ipaddr Redback
ATTRIBUTE Acct-Mcast-In-Octets 133 integer Redback
ATTRIBUTE Acct-Mcast-Out-Octets 134 integer Redback
ATTRIBUTE Acct-Mcast-In-Packets 135 integer Redback
ATTRIBUTE Acct-Mcast-Out-Packets 136 integer Redback
ATTRIBUTE LAC-Port 137 integer Redback
ATTRIBUTE LAC-Real-Port 138 integer Redback
ATTRIBUTE LAC-Port-Type 139 integer Redback
ATTRIBUTE LAC-Real-Port-Type 140 integer Redback
ATTRIBUTE Acct-Dyn-Ac-Ent 141 string Redback
ATTRIBUTE Session-Error-Code 142 integer Redback
ATTRIBUTE Session-Error-Msg 143 string Redback
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-RAW 1
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-ROUTE1483 2
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-AUTO1483 3
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-MULTI 4
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-BRIDGE1483 5
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP 6
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP-SERIAL 7
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP-NLPID 8
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP-AUTO 9
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPPOE 10
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-L2TP 11
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ATM-PPP-LLC 12
VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-AUTO1490 13
VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-MULTI 14
VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-BRIDGE1490 15
VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-PPP 16
VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-PPP-AUTO 17
VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-PPPOE 18
VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-ROUTE1490 19
VALUE PVC-Encapsulation-Type AAA-ENCAPS-FRAME-L2TP 20
VALUE PVC-Encapsulation-Type AAA-ENCAPS-L2TP-VC-MUXED 21
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ETH 22
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ETH-PPPOE 23
VALUE PVC-Encapsulation-Type AAA-ENCAPS-ETH-MULTI 24
VALUE PVC-Circuit-Padding AAA-CIRCUIT-PADDING 1
VALUE PVC-Circuit-Padding AAA-CIRCUIT-NO-PADDING 2
VALUE Bind-Type AAA-AUTH-BIND 1
VALUE Bind-Type AAA-BYPASS-BIND 2
VALUE Bind-Type AAA-INTERFACE-BIND 3
VALUE Bind-Type AAA-SUBSCRIBE-BIND 4
VALUE Bind-Type AAA-TUNNEL-BIND 5
VALUE Bind-Type AAA-SESSION-BIND 6
VALUE Bind-Type AAA-Q8021-BIND 7
VALUE Bind-Type AAA-MULTI-BIND 8
VALUE Bind-Auth-Protocol AAA-PPP-PAP 1
VALUE Bind-Auth-Protocol AAA-PPP-CHAP 2
VALUE Bind-Auth-Protocol AAA-PPP-CHAP-WAIT 3
VALUE Bind-Auth-Protocol AAA-PPP-CHAP-PAP 4
VALUE Bind-Auth-Protocol AAA-PPP-CHAP-WAIT-PAP 5
VALUE Tunnel-Function LAC-Only 1
VALUE Tunnel-Function LNS-Only 2
VALUE Tunnel-Function LAC-LNS 3
VALUE Tunnel-Session-auth CHAP 1
VALUE Tunnel-Session-auth PAP 2
VALUE Tunnel-Session-auth CHAP-PAP 3
VALUE Mcast-Send NO-SEND 1
VALUE Mcast-Send SEND 2
VALUE Mcast-Send UNSOLICITED-SEND 3
VALUE Mcast-Receive NO-RECEIVE 1
VALUE Mcast-Receive RECEIVE 2
VALUE Tunnel-DNIS DNIS 1
VALUE Tunnel-DNIS DNIS-Only 2
VALUE LAC-Port-Type NAS-PORT-TYPE-10BT 40
VALUE LAC-Port-Type NAS-PORT-TYPE-100BT 41
VALUE LAC-Port-Type NAS-PORT-TYPE-DS3-FR 42
VALUE LAC-Port-Type NAS-PORT-TYPE-DS3-ATM 43
VALUE LAC-Port-Type NAS-PORT-TYPE-OC3 44
VALUE LAC-Port-Type NAS-PORT-TYPE-HSSI 45
VALUE LAC-Port-Type NAS-PORT-TYPE-EIA530 46
VALUE LAC-Port-Type NAS-PORT-TYPE-T1 47
VALUE LAC-Port-Type NAS-PORT-TYPE-CHAN-T3 48
VALUE LAC-Port-Type NAS-PORT-TYPE-DS1-FR 49
VALUE LAC-Port-Type NAS-PORT-TYPE-E3-ATM 50
VALUE LAC-Port-Type NAS-PORT-TYPE-IMA-ATM 51
VALUE LAC-Port-Type NAS-PORT-TYPE-DS3-ATM-2 52
VALUE LAC-Port-Type NAS-PORT-TYPE-OC3-ATM-2 53
VALUE LAC-Port-Type NAS-PORT-TYPE-1000BSX 54
VALUE LAC-Port-Type NAS-PORT-TYPE-E1-FR 55
VALUE LAC-Port-Type NAS-PORT-TYPE-E1-ATM 56
VALUE LAC-Port-Type NAS-PORT-TYPE-E3-FR 57
VALUE LAC-Port-Type NAS-PORT-TYPE-OC3-POS 58
VALUE LAC-Port-Type NAS-PORT-TYPE-OC12-POS 59
VALUE LAC-Port-Type NAS-PORT-TYPE-PPPOE 60
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-10BT 40
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-100BT 41
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-DS3-FR 42
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-DS3-ATM 43
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-OC3 44
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-HSSI 45
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-EIA530 46
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-T1 47
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-CHAN-T3 48
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-DS1-FR 49
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-E3-ATM 50
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-IMA-ATM 51
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-DS3-ATM-2 52
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-OC3-ATM-2 53
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-1000BSX 54
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-E1-FR 55
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-E1-ATM 56
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-E3-FR 57
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-OC3-POS 58
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-OC12-POS 59
VALUE LAC-Real-Port-Type NAS-PORT-TYPE-PPPOE 60

16
dicts/dictionary.redcreek Normal file
View File

@ -0,0 +1,16 @@
#
# http://www.redcreek.com
# $Id: dictionary.redcreek 45 2006-11-14 17:45:00Z lem $
#
VENDOR RedCreek 1958
ATTRIBUTE RedCreek-Tunneled-IP-Addr 5 ipaddr RedCreek
ATTRIBUTE RedCreek-Tunneled-IP-Netmask 6 ipaddr RedCreek
ATTRIBUTE RedCreek-Tunneled-Gateway 7 ipaddr RedCreek
ATTRIBUTE RedCreek-Tunneled-DNS-Server 8 string RedCreek
ATTRIBUTE RedCreek-Tunneled-WINS-Server1 9 string RedCreek
ATTRIBUTE RedCreek-Tunneled-WINS-Server2 10 string RedCreek
ATTRIBUTE RedCreek-Tunneled-HostName 11 string RedCreek
ATTRIBUTE RedCreek-Tunneled-DomainName 12 string RedCreek
ATTRIBUTE RedCreek-Tunneled-Search-List 13 string RedCreek

19
dicts/dictionary.shasta Normal file
View File

@ -0,0 +1,19 @@
#
# dictionary.shasta
#
# Nortel Shasta VSAs
# Andre Gustavo de C. Albuquerque <gustavoa@nortelnetworks.com>
#
VENDOR Shasta 3199
#
# Standard attribute
#
ATTRIBUTE Shasta-User-Privilege 1 integer Shasta
ATTRIBUTE Shasta-Service-Profile 2 string Shasta
ATTRIBUTE Shasta-VPN-Name 3 string Shasta
VALUE Shasta-User-Privilege User 1
VALUE Shasta-User-Privilege Super-User 2
VALUE Shasta-User-Privilege SSuper-User 3

93
dicts/dictionary.shiva Normal file
View File

@ -0,0 +1,93 @@
#
# Shiva dictionary.
#
# Shiva Inc.
# http://www.shiva.com/
#
# For more information on magic values for Shiva-User-Attributes,
# see their web page, at:
#
# http://www.shiva.com/prod/kbase/mapping.html
#
# Enable by putting the line "$INCLUDE dictionary.shiva" into
# the main dictionary file.
#
# Version: 1.00 27-Apr-1999 contributed by Alan DeKok
# $Id: dictionary.shiva 45 2006-11-14 17:45:00Z lem $
#
VENDOR Shiva 166
# Shiva Extensions
#
# This next attribute is Shiva's attempt to create their own
# VSA in the main dictionary. Don't use it. It's a bad idea.
#
#ATTRIBUTE Shiva-User-Attributes 51 string
ATTRIBUTE Shiva-User-Attributes 1 string Shiva
ATTRIBUTE Shiva-Called-Number 90 string Shiva
ATTRIBUTE Shiva-Calling-Number 91 string Shiva
ATTRIBUTE Shiva-Customer-Id 92 string Shiva
ATTRIBUTE Shiva-Type-Of-Service 93 integer Shiva
ATTRIBUTE Shiva-Link-Speed 94 integer Shiva
ATTRIBUTE Shiva-Links-In-Bundle 95 integer Shiva
ATTRIBUTE Shiva-Compression-Type 96 integer Shiva
ATTRIBUTE Shiva-Link-Protocol 97 integer Shiva
ATTRIBUTE Shiva-Network-Protocols 98 integer Shiva
ATTRIBUTE Shiva-Session-Id 99 integer Shiva
ATTRIBUTE Shiva-Disconnect-Reason 100 integer Shiva
ATTRIBUTE Shiva-Acct-Serv-Switch 101 ipaddr Shiva
ATTRIBUTE Shiva-Event-Flags 102 integer Shiva
ATTRIBUTE Shiva-Function 103 integer Shiva
ATTRIBUTE Shiva-Connect-Reason 104 integer Shiva
# Shiva Type Of Service Values
VALUE Shiva-Type-Of-Service Analog 1
VALUE Shiva-Type-Of-Service Digitized-Analog 2
VALUE Shiva-Type-Of-Service Digital 3
VALUE Shiva-Type-Of-Service Digital-V110 4
VALUE Shiva-Type-Of-Service Digital-V120 5
VALUE Shiva-Type-Of-Service Digital-Leased-Line 6
# Shiva Link Protocol Values
VALUE Shiva-Link-Protocol HDLC 1
VALUE Shiva-Link-Protocol ARAV1 2
VALUE Shiva-Link-Protocol ARAV2 3
VALUE Shiva-Link-Protocol SHELL 4
VALUE Shiva-Link-Protocol AALAP 5
VALUE Shiva-Link-Protocol SLIP 6
# Shiva Connect Reason Values
VALUE Shiva-Connect-Reason Remote 1
VALUE Shiva-Connect-Reason Dialback 2
VALUE Shiva-Connect-Reason Virtual-Connection 3
VALUE Shiva-Connect-Reason Bandwidth-On-Demand 4
# Shiva Disconnect Reason Values
VALUE Shiva-Disconnect-Reason Remote 1
VALUE Shiva-Disconnect-Reason Error 2
VALUE Shiva-Disconnect-Reason Idle-Timeout 3
VALUE Shiva-Disconnect-Reason Session-Timeout 4
VALUE Shiva-Disconnect-Reason Admin-Disconnect 5
VALUE Shiva-Disconnect-Reason Dialback 6
VALUE Shiva-Disconnect-Reason Virtual-Connection 7
VALUE Shiva-Disconnect-Reason Bandwidth-On-Demand 8
VALUE Shiva-Disconnect-Reason Failed-Authentication 9
VALUE Shiva-Disconnect-Reason Preempted 10
VALUE Shiva-Disconnect-Reason Blocked 11
VALUE Shiva-Disconnect-Reason Tariff-Management 12
VALUE Shiva-Disconnect-Reason Backup 13
# Shiva Function Values
VALUE Shiva-Function Unknown 0
VALUE Shiva-Function Dialin 1
VALUE Shiva-Function Dialout 2
VALUE Shiva-Function Lan-To-Lan 3

58
dicts/dictionary.sonicwall Normal file
View File

@ -0,0 +1,58 @@
#
# Sonicwall Firewall dictionary
#
# $Id: dictionary.sonicwall 45 2006-11-14 17:45:00Z lem $
#
VENDOR SonicWall 8741
# Backwards compatibility.
# ATTRIBUTE SS3-Firewall-User-Privilege 1 integer SonicWall
# New names.
ATTRIBUTE SonicWall-User-Privilege 1 integer SonicWall
VALUE SonicWall-User-Privilege Remote-Access 1 # deprecated
VALUE SonicWall-User-Privilege Bypass-Filters 2
VALUE SonicWall-User-Privilege VPN-Client-Access 3 # standard
VALUE SonicWall-User-Privilege Access-To-VPN 4 # standard
VALUE SonicWall-User-Privilege Limited-Management 5
VALUE SonicWall-User-Privilege L2TP-Client-Access 6 # standard
VALUE SonicWall-User-Privilege Wireless-Guest 7 # standard
VALUE SonicWall-User-Privilege Wireless-Add-ACL 8
VALUE SonicWall-User-Privilege Internet-Access 9 # standard
# Those values indicated as "standard" are applicable only on a SonicWall
# firewall running standard firmware and not on one running enhanced firmware.
#
# This attribute is to use in place of SonicWall-User-Privilege with RADIUS
# servers that allow only one instance of a Vendor-Specific attribute to be
# set (such as the ACE Server from RSA). Note that it is commented out in this
# file because it is not needed in any servers that support multiple VSA's.
#
# The value of this attribute is a text string giving a comma-separated list
# of one or more privileges, each corresponding to a value of the
# SonicWall-User-Privilege attribute above (and note that some are applicable
# only on a SonicWall firewall running standard firmware as indicated above):
# "BF,VC,VA,LM,LA,WG,WA,IA"
# "RA" for "Remote-Access" is now deprecated.
ATTRIBUTE SonicWall-User-Privileges 2 string SonicWall
# Multiple of these can be set for a user, each specifying the name of a
# user group to which that user has membership. Note that this can
# alternatively be achieved by use of the Filter-Id attribute.
# This is applicable only on a SonicWall firewall running enhanced firmware.
#
ATTRIBUTE SonicWall-User-Group 3 string SonicWall
# This attribute is to use in place of SonicWall-User-Group with RADIUS
# servers that allow only one instance of a Vendor-Specific attribute to be
# set (such as the ACE Server from RSA). Note that it is commented out in this
# file because it is not needed in any servers that support multiple VSA's.
#
# The value of this attribute is a text string giving a comma-separated list
# of the names of one or more user groups to which that user has membership.
# This is applicable only on a SonicWall firewall running enhanced firmware.
#
ATTRIBUTE SonicWall-User-Groups 4 string SonicWall

18
dicts/dictionary.springtide Normal file
View File

@ -0,0 +1,18 @@
##############################################################################
#
# SpringTide VSAs
#
# $Id: dictionary.springtide 45 2006-11-14 17:45:00Z lem $
#
##############################################################################
VENDOR SpringTide 3551
ATTRIBUTE ST-Acct-VC-Connection-Id 1 string SpringTide
ATTRIBUTE ST-Service-Name 2 string SpringTide
ATTRIBUTE ST-Service-Domain 3 integer SpringTide
ATTRIBUTE ST-Policy-Name 4 string SpringTide
ATTRIBUTE ST-Primary-DNS-Server 5 ipaddr SpringTide
ATTRIBUTE ST-Secondary-DNS-Server 6 ipaddr SpringTide
ATTRIBUTE ST-Primary-NBNS-Server 7 ipaddr SpringTide
ATTRIBUTE ST-Secondary-NBNS-Server 8 ipaddr SpringTide

17
dicts/dictionary.t_systems_nova Normal file
View File

@ -0,0 +1,17 @@
VENDOR T-Systems-Nova 16787
ATTRIBUTE T-Systems-Nova-Location-ID 1 string T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Location-Name 2 string T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Logoff-URL 3 string T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Redirection-URL 4 string T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Bandwidth-Min-Up 5 integer T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Bandwidth-Min-Down 6 integer T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Bandwidth-Max-Up 7 integer T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Bandwidth-Max-Down 8 integer T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Session-Terminate-Time 9 integer T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Session-Terminate-End-Of-Day 10 integer T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Billing-Class-Of-Service 11 string T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Service-Name 12 string T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Price-Of-Service 13 integer T-Systems-Nova
ATTRIBUTE T-Systems-Nova-Visiting-Provider-Code 14 string T-Systems-Nova
ATTRIBUTE T-Systems-Nova-UnknownAVP 15 string T-Systems-Nova

10
dicts/dictionary.telebit Normal file
View File

@ -0,0 +1,10 @@
#
# Telebit dictionary
# $Id: dictionary.telebit 45 2006-11-14 17:45:00Z lem $
#
VENDOR Telebit 117
ATTRIBUTE Telebit-Login-Command 1 string Telebit
ATTRIBUTE Telebit-Port-Name 2 string Telebit
ATTRIBUTE Telebit-Activate-Command 3 string Telebit
ATTRIBUTE Telebit-Accounting-Info 4 string Telebit

26
dicts/dictionary.trapeze Normal file
View File

@ -0,0 +1,26 @@
#
# dictionary.trapeze
#
# For use with FreeRadius and Trapeze Networks MSS software 1.1
# or greater.
#
# For assistance, email support@trapezenetworks.com.
#
# $Id: dictionary.trapeze 45 2006-11-14 17:45:00Z lem $
#
#
VENDOR Trapeze 14525
# Attributes for MSS 1.1 and later
ATTRIBUTE Trapeze-VLAN-Name 1 string Trapeze
ATTRIBUTE Trapeze-Mobility-Profile 2 string Trapeze
ATTRIBUTE Trapeze-Encryption-Type 3 string Trapeze
ATTRIBUTE Trapeze-Time-Of-Day 4 string Trapeze
# New attributes for MSS 3.0 and later
ATTRIBUTE Trapeze-SSID 5 string Trapeze
ATTRIBUTE Trapeze-End-Date 6 string Trapeze
ATTRIBUTE Trapeze-Start-Date 7 string Trapeze
ATTRIBUTE Trapeze-URL 8 string Trapeze

61
dicts/dictionary.tunnel Normal file
View File

@ -0,0 +1,61 @@
#
# dictionary.tunnel
#
# Experimental tunneling attributes.
#
#
# Version: $Id: dictionary.tunnel 45 2006-11-14 17:45:00Z lem $
#
#
# Tunneling Attributes
#
ATTRIBUTE Tunnel-Type 64 integer
ATTRIBUTE Tunnel-Medium-Type 65 integer
ATTRIBUTE Tunnel-Client-Endpoint 66 string
ATTRIBUTE Tunnel-Server-Endpoint 67 string
ATTRIBUTE Tunnel-Connection-Id 68 string
ATTRIBUTE Tunnel-Password 69 string
ATTRIBUTE Tunnel-Private-Group-Id 81 string
ATTRIBUTE Tunnel-Assignment-Id 82 string
ATTRIBUTE Tunnel-Preference 83 integer
ATTRIBUTE Acct-Tunnel-Packets-Lost 86 integer
ATTRIBUTE Tunnel-Client-Auth-Id 90 string
ATTRIBUTE Tunnel-Server-Auth-Id 91 string
VALUE Framed-Protocol PPTP 9
# Tunnel Type
VALUE Tunnel-Type PPTP 1
VALUE Tunnel-Type L2F 2
VALUE Tunnel-Type L2TP 3
VALUE Tunnel-Type ATMP 4
VALUE Tunnel-Type VTP 5
VALUE Tunnel-Type AH 6
VALUE Tunnel-Type IP 7
VALUE Tunnel-Type MIN-IP 8
VALUE Tunnel-Type ESP 9
VALUE Tunnel-Type GRE 10
VALUE Tunnel-Type DVS 11
VALUE Tunnel-Type IP-in-IP 12
VALUE Tunnel-Type VLAN 13
#
# Tunnel Medium Type
VALUE Tunnel-Medium-Type IP 1
VALUE Tunnel-Medium-Type X25 2
VALUE Tunnel-Medium-Type ATM 3
VALUE Tunnel-Medium-Type Frame-Relay 4
VALUE Tunnel-Medium-Type BBN-1822 5
VALUE Tunnel-Medium-Type IEEE-802 6
VALUE Tunnel-Medium-Type E.163 7
VALUE Tunnel-Medium-Type E.164 8
VALUE Tunnel-Medium-Type F.69 9
VALUE Tunnel-Medium-Type X.121 10
VALUE Tunnel-Medium-Type IPX 11
VALUE Tunnel-Medium-Type Appletalk 12
VALUE Tunnel-Medium-Type DecNet-IV 13
VALUE Tunnel-Medium-Type Banyan-Vines 14
VALUE Tunnel-Medium-Type E.164-NSAP 15

89
dicts/dictionary.unisphere Normal file
View File

@ -0,0 +1,89 @@
#
# $Id: dictionary.unisphere 45 2006-11-14 17:45:00Z lem $
#
# reference:
# 'unisphere5-3.dct' file from Juniper Networks
# http://www.juniper.net/techpubs/software/erx/junose53/unisphere5-3.dct
#
Vendor Unisphere 4878
ATTRIBUTE Unisphere-Virtual-Router 1 string Unisphere
ATTRIBUTE Unisphere-Local-Address-Pool 2 string Unisphere
ATTRIBUTE Unisphere-Local-Interface 3 string Unisphere
ATTRIBUTE Unisphere-Primary-Dns 4 ipaddr Unisphere
ATTRIBUTE Unisphere-Secondary-Dns 5 ipaddr Unisphere
ATTRIBUTE Unisphere-Primary-Wins 6 ipaddr Unisphere
ATTRIBUTE Unisphere-Secondary-Wins 7 ipaddr Unisphere
ATTRIBUTE Unisphere-Tunnel-Virtual-Router 8 string Unisphere
ATTRIBUTE Unisphere-Tunnel-Password 9 string Unisphere
ATTRIBUTE Unisphere-Ingress-Policy-Name 10 string Unisphere
ATTRIBUTE Unisphere-Egress-Policy-Name 11 string Unisphere
ATTRIBUTE Unisphere-Ingress-Statistics 12 integer Unisphere
ATTRIBUTE Unisphere-Egress-Statistics 13 integer Unisphere
ATTRIBUTE Unisphere-Service-Category 14 integer Unisphere
ATTRIBUTE Unisphere-pcr 15 integer Unisphere
ATTRIBUTE Unisphere-scr 16 integer Unisphere
ATTRIBUTE Unisphere-mbs 17 integer Unisphere
ATTRIBUTE Unisphere-Init-CLI-Access-Level 18 string Unisphere
ATTRIBUTE Unisphere-Allow-All-VR-Access 19 integer Unisphere
ATTRIBUTE Unisphere-Alt-CLI-Access-Level 20 string Unisphere
ATTRIBUTE Unisphere-Alt-CLI-VRouter-Name 21 string Unisphere
ATTRIBUTE Unisphere-SA-Validate 22 integer Unisphere
ATTRIBUTE Unisphere-Igmp-enable 23 integer Unisphere
ATTRIBUTE Unisphere-Pppoe-Description 24 string Unisphere
ATTRIBUTE Unisphere-Redirect-VRouter-Name 25 string Unisphere
ATTRIBUTE Unisphere-Qos-Profile-Name 26 string Unisphere
ATTRIBUTE Unisphere-PppoE-Url 28 string Unisphere
ATTRIBUTE Unisphere-Service-Bundle 31 string Unisphere
ATTRIBUTE Unisphere-Tunnel-Max-Sessions 33 integer Unisphere
ATTRIBUTE Unisphere-Framed-Ip-Route-Tag 34 integer Unisphere
ATTRIBUTE Unisphere-Tunnel-Dialout-Number 35 string Unisphere
ATTRIBUTE Unisphere-Ppp-Username 36 string Unisphere
ATTRIBUTE Unisphere-Ppp-Password 37 string Unisphere
ATTRIBUTE Unisphere-Ppp-Protocol 38 integer Unisphere
ATTRIBUTE Unisphere-Tunnel-Min-Bps 39 integer Unisphere
ATTRIBUTE Unisphere-Tunnel-Max-Bps 40 integer Unisphere
ATTRIBUTE Unisphere-Tunnel-Bearer-Type 41 integer Unisphere
ATTRIBUTE Unisphere-Input-Gigapackets 42 integer Unisphere
ATTRIBUTE Unisphere-Output-Gigapackets 43 integer Unisphere
ATTRIBUTE Unisphere-Tunnel-Interface-Id 44 string Unisphere
ATTRIBUTE Unisphere-IpV6-Virtual-Router 45 string Unisphere
ATTRIBUTE Unisphere-IpV6-Local-Interface 46 string Unisphere
ATTRIBUTE Unisphere-Ipv6-Primary-Dns 47 string Unisphere
ATTRIBUTE Unisphere-Ipv6-Secondary-Dns 48 string Unisphere
ATTRIBUTE Unisphere-Disconnect-Cause 51 octets Unisphere
ATTRIBUTE Unisphere-Service-Description 53 string Unisphere
ATTRIBUTE Unisphere-Dhcp-Options 55 octets Unisphere
ATTRIBUTE Unisphere-Dhcp-Mac-Addr 56 string Unisphere
ATTRIBUTE Unisphere-Dhcp-Gi-Address 57 ipaddr Unisphere
VALUE Unisphere-Ingress-Statistics disable 0
VALUE Unisphere-Ingress-Statistics enable 1
VALUE Unisphere-Egress-Statistics disable 0
VALUE Unisphere-Egress-Statistics enable 1
VALUE Unisphere-Service-Category UBR 1
VALUE Unisphere-Service-Category UBRPCR 2
VALUE Unisphere-Service-Category nrtVBR 3
VALUE Unisphere-Service-Category CBR 4
VALUE Unisphere-Allow-All-VR-Access disable 0
VALUE Unisphere-Allow-All-VR-Access enable 1
VALUE Unisphere-SA-Validate disable 0
VALUE Unisphere-SA-Validate enable 1
VALUE Unisphere-Igmp-enable disable 0
VALUE Unisphere-Igmp-enable enable 1
VALUE Unisphere-Ppp-Protocol none 0
VALUE Unisphere-Ppp-Protocol pap 1
VALUE Unisphere-Ppp-Protocol chap 2
VALUE Unisphere-Ppp-Protocol pap-chap 3
VALUE Unisphere-Ppp-Protocol chap-pap 4
VALUE Unisphere-Tunnel-Bearer-Type none 0
VALUE Unisphere-Tunnel-Bearer-Type analog 1
VALUE Unisphere-Tunnel-Bearer-Type digital 2

15
dicts/dictionary.unix Normal file
View File

@ -0,0 +1,15 @@
#
# Allegedly for ProFTPd.
#
# $Id: dictionary.unix 45 2006-11-14 17:45:00Z lem $
#
VENDOR Unix 4
ATTRIBUTE Unix-FTP-UID 10 integer Unix
ATTRIBUTE Unix-FTP-GID 11 integer Unix
ATTRIBUTE Unix-FTP-Home 12 string Unix
ATTRIBUTE Unix-FTP-Shell 13 string Unix
ATTRIBUTE Unix-FTP-Group-Names 14 string Unix
ATTRIBUTE Unix-FTP-Group-Ids 15 string Unix

1386
dicts/dictionary.usr Normal file
View File

File diff suppressed because it is too large Load Diff

23
dicts/dictionary.valemount Normal file
View File

@ -0,0 +1,23 @@
#
# Valemount Networks Corporation specific radius attributes
# networks@valemount.com
#
# $Id: dictionary.valemount 45 2006-11-14 17:45:00Z lem $
#
VENDOR ValemountNetworks 16313
# Rates to give PPPoE customers, can be used in Authentication replies,
# in bits/s
ATTRIBUTE VNC-PPPoE-CBQ-RX 1 integer ValemountNetworks
ATTRIBUTE VNC-PPPoE-CBQ-TX 2 integer ValemountNetworks
# Fallback support for each direction. (1 / 0)
ATTRIBUTE VNC-PPPoE-CBQ-RX-Fallback 3 integer ValemountNetworks
ATTRIBUTE VNC-PPPoE-CBQ-TX-Fallback 4 integer ValemountNetworks
ATTRIBUTE VNC-Splash 10 integer ValemountNetworks
VALUE VNC-Splash Show 1
VALUE VNC-Splash No-Show 0

50
dicts/dictionary.versanet Normal file
View File

@ -0,0 +1,50 @@
#
# dictionary.versanet Vendor specfic attributes for versanet
#
#
# VersaNet Communications, Inc.
# Http://www.versa-net.com
#
#
#Versanet add Vendor specific terminal cause in our radius group.
#You can follow this to set it in NAS box.
#
# >> gr radius
# >> sh
# >> set 34 23
# >> co
#
#This will let our unit transfer every detail terminal cause
#information to Redius server's accounting log file and
#save as "Vendor Specific=Terminate Cause".
#
# Version: @(#)dictionary.versanet 1.00 22-Jul-1999 support@versanetcomm.com
#
VENDOR Versanet 2180
ATTRIBUTE Versanet-Termination-Cause 1 integer Versanet
VALUE Versanet-Termination-Cause Normal-Hangup-No-Error-Occurred 0
VALUE Versanet-Termination-Cause Call-Waiting-Caused-Disconnect 3
VALUE Versanet-Termination-Cause Physical-Carrier-Loss 4
VALUE Versanet-Termination-Cause No-err-correction-at-other-end 5
VALUE Versanet-Termination-Cause No-resp-to-feature-negotiation 6
VALUE Versanet-Termination-Cause 1st-modem-async-only-2nd-sync 7
VALUE Versanet-Termination-Cause No-framing-technique-in-common 8
VALUE Versanet-Termination-Cause No-protocol-in-common 9
VALUE Versanet-Termination-Cause Bad-resp-to-feature-negotiation 10
VALUE Versanet-Termination-Cause No-sync-info-from-remote-modem 11
VALUE Versanet-Termination-Cause Normal-Hangup-by-Remote-modem 12
VALUE Versanet-Termination-Cause Retransmission-limit-reached 13
VALUE Versanet-Termination-Cause Protocol-violation-occurred 14
VALUE Versanet-Termination-Cause Lost-DTR 15
VALUE Versanet-Termination-Cause Received-GSTN-cleardown 16
VALUE Versanet-Termination-Cause Inactivity-timeout 17
VALUE Versanet-Termination-Cause Speed-not-supported 18
VALUE Versanet-Termination-Cause Long-space-disconnect 19
VALUE Versanet-Termination-Cause Key-abort-disconnect 20
VALUE Versanet-Termination-Cause Clears-previous-disc-reason 21
VALUE Versanet-Termination-Cause No-connection-established 22
VALUE Versanet-Termination-Cause Disconnect-after-three-retrains 23

31
dicts/dictionary.wispr Normal file
View File

@ -0,0 +1,31 @@
#
# dictionary.wispr
#
# VSAs originally by
# "James Underwood" <underwood@comcast.net>
#
# Version: $Id: dictionary.wispr 45 2006-11-14 17:45:00Z lem $
#
# For documentation on WISPr RADIUS attributes, see:
#
# Wi-Fi Alliance - Wireless ISP Roaming - Best Current Practices v1,
# Feb 2003, p 14
#
# http://www.weca.net/OpenSection/downloads/WISPr_V1.0.pdf
VENDOR WISPr 14122
#
# Standard attribute
#
ATTRIBUTE WISPr-Location-ID 1 string WISPr
ATTRIBUTE WISPr-Location-Name 2 string WISPr
ATTRIBUTE WISPr-Logoff-URL 3 string WISPr
ATTRIBUTE WISPr-Redirection-URL 4 string WISPr
ATTRIBUTE WISPr-Bandwidth-Min-Up 5 integer WISPr
ATTRIBUTE WISPr-Bandwidth-Min-Down 6 integer WISPr
ATTRIBUTE WISPr-Bandwidth-Max-Up 7 integer WISPr
ATTRIBUTE WISPr-Bandwidth-Max-Down 8 integer WISPr
ATTRIBUTE WISPr-Session-Terminate-Time 9 string WISPr
ATTRIBUTE WISPr-Session-Terminate-End-Of-Day 10 string WISPr
ATTRIBUTE WISPr-Billing-Class-Of-Service 11 string WISPr

16
dicts/dictionary.xedia Normal file
View File

@ -0,0 +1,16 @@
##############################################################################
#
# XEDIA, AP series routers
# From Yard RADIUS, and Piotr Orlewicz, porlewicz@teleton.pl www.real-data.pl
#
# $Id: dictionary.xedia 45 2006-11-14 17:45:00Z lem $
#
#############################################################################
VENDOR Xedia 838
ATTRIBUTE Xedia-DNS-Server 1 ipaddr Xedia
ATTRIBUTE Xedia-NetBios-Server 2 ipaddr Xedia
ATTRIBUTE Xedia-Address-Pool 3 string Xedia
ATTRIBUTE Xedia-PPP-Echo-Interval 4 integer Xedia
ATTRIBUTE Xedia-SSH-Privileges 5 integer Xedia
ATTRIBUTE Xedia-Client-Access-Network 6 string Xedia

191
examples/example-client.pl Normal file
View File

@ -0,0 +1,191 @@
#!/usr/bin/perl
use Time::HiRes qw(gettimeofday tv_interval);
use Net::Inet qw(:routines);
use Net::Radius::Dictionary;
use Net::Radius::Packet;
use Net::Gen qw(:af);
use POSIX qw(uname);
use Net::UDP;
use warnings;
use strict;
use Fcntl;
# This is a simple test program to originate RADIUS authentication
# and accounting requests for testing a RADIUS server.
# $Id: example-client.pl 7 2003-01-08 03:42:41Z lem $
# test user details
my $user = "testuser";
my $password = "testpassword";
# details of RADIUS authentication and accounting servers
my $authhost = "radius.server.domain.com";
my $authport = 1645;
my $accthost = "radius.server.domain.com";
my $acctport = 1646;
my $secret = "testkey"; # Shared secret for this client
# Parse the RADIUS dictionary file (must have dictionary in current dir)
my $dict = new Net::Radius::Dictionary "dictionary"
or die "Couldn't read dictionary: $!";
# Set up the network socket
my $s = new Net::UDP or die $!;
my ($authaddr, $acctaddr, $paddr);
$paddr = gethostbyname($authhost) or die "Can't resolve host $authhost\n";
$authaddr = pack_sockaddr_in(AF_INET, $authport, $paddr);
$paddr = gethostbyname($accthost) or die "Can't resolve host $accthost\n";
$acctaddr = pack_sockaddr_in(AF_INET, $acctport, $paddr);
# discover my own IP address
my $myip = join '.',unpack "C4",gethostbyname((uname)[1]);
my $ident = 1;
my $whence;
# subroutine to make string of 16 random bytes
sub bigrand() {
pack "n8",
rand(65536), rand(65536), rand(65536), rand(65536),
rand(65536), rand(65536), rand(65536), rand(65536);
}
my ($rec, $req, $resp);
# Create a request packet
$req = new Net::Radius::Packet $dict;
$req->set_code('Access-Request');
$req->set_attr('User-Name' => $user);
$req->set_attr('Service-Type' => 'Framed');
$req->set_attr('Framed-Protocol' => 'PPP');
$req->set_attr('NAS-Port' => 1234);
$req->set_attr('NAS-Identifier' => 'PerlTester');
$req->set_attr('NAS-IP-Address' => $myip);
$req->set_attr('Called-Station-Id' => '0000');
$req->set_attr('Calling-Station-Id' => '01234567890');
$req->set_identifier($ident);
$req->set_authenticator(bigrand); # random authenticator required
$req->set_password($password, $secret); # encode and store password
# Send to the server. Encoding with auth_resp is NOT required.
$s->sendto($req->pack, $authaddr);
# $req->dump;
# wait for response
$rec = $s->recv(undef, undef, $whence);
$resp = new Net::Radius::Packet $dict, $rec;
# $resp->dump;
if ($whence ne $authaddr || $resp->identifier != $ident) {
die "unexpected reply to Radius authentication!\n";
}
if ($resp->code ne 'Access-Accept') {
die "Radius response not Access-Accept\n";
}
# note the start time of the session
my $sessiontime = time;
# now construct and send the Accounting-Start packet,
# using the Authentication packet as a starting-point.
$ident = ($ident + 1) & 255;
my $class = $resp->attr('Class'); # to return to Radius
# remove password from packet
$req->unset_attr('User-Password');
# add accounting items
$req->set_code('Accounting-Request');
$req->set_attr('Acct-Status-Type', 'Start');
$req->set_attr('Acct-Delay-Time', 0);
$req->set_attr('Acct-Authentic', 'RADIUS');
$req->set_attr('Class', $class) if $class; # include Class if server gave one
# some example values
$req->set_attr('Acct-Session-Id', '12345678');
$req->set_attr('Framed-IP-Address', '10.0.1.2');
$req->set_identifier($ident);
# for accounting packets, start with a null authenticator
$req->set_authenticator("");
# ... and then hash it with the secret like a response
$s->sendto(auth_resp($req->pack,$secret), $acctaddr);
# $req->dump;
# wait for response
$rec = $s->recv(undef, undef, $whence);
$resp = new Net::Radius::Packet $dict, $rec;
# $resp->dump;
if ($whence ne $acctaddr || $resp->identifier != $ident) {
die "unexpected reply to Radius accounting start!\n";
}
if ($resp->code ne 'Accounting-Response') {
die "Radius response not Accounting-Response\n";
}
# sleep for a while to simulate an online session
sleep 20;
# calculate the duration of the session
$sessiontime = time - $sessiontime;
# now construct and send the Accounting-Stop packet,
# using the Accounting-Start packet as a starting point.
$ident = ($ident + 1) & 255;
# add the end-of-session values
$req->set_attr('Acct-Status-Type', 'Stop');
$req->set_attr('Acct-Delay-Time', 0);
$req->set_attr('Acct-Session-Time', $sessiontime);
# make up some values for this example
$req->set_attr('Acct-Input-Octets', $sessiontime * 3000);
$req->set_attr('Acct-Output-Octets', $sessiontime * 300);
$req->set_attr('Acct-Input-Packets', $sessiontime * 30);
$req->set_attr('Acct-Output-Packets', $sessiontime * 10);
$req->set_attr('Acct-Terminate-Cause', 'User-Request');
$req->set_identifier($ident);
# for accounting packets, start with a null authenticator
$req->set_authenticator("");
# ... and then hash it with the secret like a response
$s->sendto(auth_resp($req->pack,$secret), $acctaddr);
# $req->dump;
# wait for response
$rec = $s->recv(undef, undef, $whence);
$resp = new Net::Radius::Packet $dict, $rec;
# $resp->dump;
if ($whence ne $acctaddr || $resp->identifier != $ident) {
die "unexpected reply to Radius accounting stop!\n";
}
if ($resp->code ne 'Accounting-Response') {
die "Radius response not Accounting-Response\n";
}
exit;

124
examples/example-menu.pl Normal file
View File

@ -0,0 +1,124 @@
#!/usr/bin/perl
use Net::Radius::Dictionary;
use Net::Radius::Packet;
use Net::Inet;
use Net::UDP;
use warnings;
use strict;
use Fcntl;
# This is a VERY simple RADIUS authentication server which accepts
# any user whos User-Name and Password match according to the Unix
# getpwnam() function. It then displays a menu asking whether they
# wish to telnet or start PPP. If telnet is chosen, they are asked
# for a host name.
# NOTE - This server must be run as root on systems with shadow passwords.
# $Id: example-menu.pl 7 2003-01-08 03:42:41Z lem $
my $secret = "mysecret"; # Shared secret on the term server
# Function to check name and password. Returns undef if no such user.
sub check_pass {
my ($user, $pass) = @_;
if (my $pwd = (getpwnam($user))[1]) {
$pwd =~ /^\$.+\$(.+)\$/ or $pwd =~ /^(..)/;
my $salt = $1;
if (crypt($pass, $salt) eq $pwd) {
return 1;
}
else {
return 0;
}
}
else {
return undef;
}
}
# Parse the RADIUS dictionary file (must have dictionary in current dir)
my $dict = new Net::Radius::Dictionary "dictionary"
or die "Couldn't read dictionary: $!";
# Set up the network socket (must have radius in /etc/services)
my $s = new Net::UDP { thisservice => "radius" } or die $!;
$s->bind or die "Couldn't bind: $!";
$s->fcntl(F_SETFL, $s->fcntl(F_GETFL,0) | O_NONBLOCK)
or die "Couldn't make socket non-blocking: $!";
# Loop forever, recieving packets and replying to them
while (1) {
my ($rec, $whence);
# Wait for a packet
my $nfound = $s->select(1, 0, 1, undef);
if ($nfound > 0) {
# Get the data
$rec = $s->recv(undef, undef, $whence);
# Unpack it
my $p = new Net::Radius::Packet $dict, $rec;
if ($p->code eq 'Access-Request') {
# Initialize the response packet we'll send back
my $rp = new Net::Radius::Packet $dict;
$rp->set_identifier($p->identifier);
$rp->set_authenticator($p->authenticator);
if (not defined($p->attr('State'))) {
print $p->attr('User-Name'), " attempting login with password ",
$p->password($secret), "\n";
# Check against the Unix passwd file
if (check_pass($p->attr('User-Name'), $p->password($secret))) {
print "Login valid. Sending menu.\n";
$rp->set_code('Access-Challenge');
$rp->set_attr('State', 'menu');
$rp->set_attr('Reply-Message',
"\r\nWelcome to BlahNet.\r\n" .
"Please choose from the following menu:\r\n\r\n" .
"1: PPP\r\n2: Telnet\r\n");
}
else {
print "Invalid login.\n";
$rp->set_code('Access-Reject');
$rp->set_attr('Reply-Message', "\r\nInvalid login.\r\n");
}
}
else {
# We are dealing with a response to a previous challenge
if ($p->attr('State') eq 'menu') {
if ($p->password($secret) eq '1') {
print "PPP login selected.\n";
$rp->set_code('Access-Accept');
$rp->set_attr('Service-Type', 'Framed-User');
$rp->set_attr('Framed-Protocol', 'PPP');
}
elsif ($p->password($secret) eq '2') {
print "Telnet login selected.\n";
$rp->set_code('Access-Challenge');
$rp->set_attr('Reply-Message', "\r\nWhich host?\r\n");
$rp->set_attr('State', 'host');
}
else {
print "Invalid menu option.\n";
$rp->set_code('Access-Reject');
$rp->set_attr('Reply-Message', "\r\nInvalid response.\r\n");
}
}
elsif ($p->attr('State') eq 'host') {
print "Telnet host chosen: ", $p->password($secret), "\n";
$rp->set_code('Access-Accept');
$rp->set_attr('Service-Type', 'Login-User');
$rp->set_attr('Login-Service', 'Telnet');
$rp->set_attr('Login-IP-Host', $p->password($secret));
$rp->set_attr('Reply-Message', "Connecting...\r\n");
}
}
# Authenticate with the secret and send to the server.
$s->sendto(auth_resp($rp->pack, $secret), $whence);
}
else {
# It's not an Access-Request
print "Unexpected packet type recieved.";
$p->dump;
}
}
}

84
examples/example-unix.pl Normal file
View File

@ -0,0 +1,84 @@
#!/usr/bin/perl
use Net::Radius::Dictionary;
use Net::Radius::Packet;
use Net::Inet;
use Net::UDP;
use warnings;
use strict;
use Fcntl;
# This is a VERY simple RADIUS authentication server which accepts
# any user whos User-Name and Password match according to the Unix
# getpwnam() function.
# NOTE - This server must be run as root on systems with shadow passwords.
my $secret = "mysecret"; # Shared secret on the term server
# Function to check name and password. Returns undef if no such user.
sub check_pass {
my ($user, $pass) = @_;
if (my $pwd = (getpwnam($user))[1]) {
$pwd =~ /^\$.+\$(.+)\$/ or $pwd =~ /^(..)/;
my $salt = $1;
if (crypt($pass, $salt) eq $pwd) {
return 1;
}
else {
return 0;
}
}
else {
return undef;
}
}
# Parse the RADIUS dictionary file (must have dictionary in current dir)
my $dict = new Net::Radius::Dictionary "dictionary"
or die "Couldn't read dictionary: $!";
# Set up the network socket (must have radius in /etc/services)
my $s = new Net::UDP { thisservice => "radius" } or die $!;
$s->bind or die "Couldn't bind: $!";
$s->fcntl(F_SETFL, $s->fcntl(F_GETFL,0) | O_NONBLOCK)
or die "Couldn't make socket non-blocking: $!";
# Loop forever, recieving packets and replying to them
while (1) {
my ($rec, $whence);
# Wait for a packet
my $nfound = $s->select(1, 0, 1, undef);
if ($nfound > 0) {
# Get the data
$rec = $s->recv(undef, undef, $whence);
# Unpack it
my $p = new Net::Radius::Packet $dict, $rec;
if ($p->code eq 'Access-Request') {
# Print some details about the incoming request (try ->dump here)
print $p->attr('User-Name'), " attempting login with password ",
$p->password($secret), "\n";
# Initialize the response packet we'll send back
my $rp = new Net::Radius::Packet $dict;
$rp->set_identifier($p->identifier);
$rp->set_authenticator($p->authenticator);
# Check against the Unix passwd file
if (check_pass($p->attr('User-Name'), $p->password($secret))) {
print "Login valid.\n";
$rp->set_code('Access-Accept');
}
else {
print "Invalid login.\n";
$rp->set_code('Access-Reject');
$rp->set_attr('Reply-Message', "\r\nInvalid login.\r\n");
}
# Authenticate with the secret and send to the server.
$s->sendto(auth_resp($rp->pack, $secret), $whence);
}
else {
# It's not an Access-Request
print "Unexpected packet type recieved.";
$p->dump;
}
}
}

58
examples/example-yes.pl Normal file
View File

@ -0,0 +1,58 @@
#!/usr/bin/perl
use Net::Radius::Dictionary;
use Net::Radius::Packet;
use Net::Inet;
use Net::UDP;
use warnings;
use strict;
use Fcntl;
# This is a VERY simple RADIUS authentication server which responds
# to Access-Request packets with Access-Accept. This allows anyone
# to log in.
# $Id: example-yes.pl 7 2003-01-08 03:42:41Z lem $
my $secret = "mysecret"; # Shared secret on the term server
# Parse the RADIUS dictionary file (must have dictionary in current dir)
my $dict = new Net::Radius::Dictionary "dictionary"
or die "Couldn't read dictionary: $!";
# Set up the network socket (must have radius in /etc/services)
my $s = new Net::UDP { thisservice => "radius" } or die $!;
$s->bind or die "Couldn't bind: $!";
$s->fcntl(F_SETFL, $s->fcntl(F_GETFL,0) | O_NONBLOCK)
or die "Couldn't make socket non-blocking: $!";
# Loop forever, recieving packets and replying to them
while (1) {
my ($rec, $whence);
# Wait for a packet
my $nfound = $s->select(1, 0, 1, undef);
if ($nfound > 0) {
# Get the data
$rec = $s->recv(undef, undef, $whence);
# Unpack it
my $p = new Net::Radius::Packet $dict, $rec;
if ($p->code eq 'Access-Request') {
# Print some details about the incoming request (try ->dump here)
print $p->attr('User-Name'), " logging in with password ",
$p->password($secret), "\n";
# Create a response packet
my $rp = new Net::Radius::Packet $dict;
$rp->set_code('Access-Accept');
$rp->set_identifier($p->identifier);
$rp->set_authenticator($p->authenticator);
# (No attributes are needed.. but you could set IP addr, etc. here)
# Authenticate with the secret and send to the server.
$s->sendto(auth_resp($rp->pack, $secret), $whence);
}
else {
# It's not an Access-Request
print "Unexpected packet type recieved.";
$p->dump;
}
}
}

142
examples/radius2ldap.pl Normal file
View File

@ -0,0 +1,142 @@
#!/usr/bin/perl
use Net::Radius::Dictionary;
use Net::Radius::Packet;
use Net::LDAP::Util;
use Net::Inet;
use Net::LDAP;
use Net::UDP;
use warnings;
use Socket;
use strict;
use Fcntl;
# This is a simple RADIUS authentication server which accepts
# any user whose User-Name and Password validiate via LDAP
# NOTE - This server must be run as root on systems with shadow passwords.
# $Id: radius2ldap.pl 7 2003-01-08 03:42:41Z lem $
my $testing = 0; # set non-zero if testing
my %hostname_secret = ('rad1' => 'secret1', 'rad2' => '2secret',
'testhost' => 'testsecret');
my %host_secret; #same as above translated to 4 byte address keys
foreach my $host(keys %hostname_secret) {
$host_secret{inet_aton($host)} = $hostname_secret{$host};
}
my $uselogfile = "/var/log/rad2ldaplog";
my $errlogf = "/var/log/rad2ldaperrs";
open ERRLOG, ">>$errlogf";
print ERRLOG "Started ",scalar(localtime()),"\n";
close ERRLOG;
my $ldap;
connect_and_bind();
# Parse the RADIUS dictionary file
my $dict = new Net::Radius::Dictionary "/usr/local/lib/radius.dictionary"
or die "Couldn't read dictionary: $!";
# Set up the network socket (must have radius in /etc/services)
my $s = new Net::UDP { thisservice => "radius" } or die $!;
$s->bind or die "Couldn't bind: $!";
$s->fcntl(F_SETFL, $s->fcntl(F_GETFL,0) | O_NONBLOCK)
or die "Couldn't make socket non-blocking: $!";
# Loop forever, receiving packets and replying to them
while (1) {
my ($rec, $whence);
# Wait for a packet
my $nfound = $s->select(1, 0, 1, undef);
if ($nfound > 0) {
# Get the data
$rec = $s->recv(undef, undef, $whence);
my $fromname = inet_ntoa(substr($whence,4,4));
print "from $fromname " if $testing;
# Unpack it
my $p = new Net::Radius::Packet $dict, $rec;
if ($p->code eq 'Access-Request') {
open LOG, ">>$uselogfile";
# Print some details about the incoming request (try ->dump here)
print $p->attr('User-Name'), " attempting login with password ",
$p->password($host_secret{substr($whence,4,4)}), "\n" if $testing;
print LOG $p->attr('User-Name');
# Initialize the response packet we'll send back
my $rp = new Net::Radius::Packet $dict;
$rp->set_identifier($p->identifier);
$rp->set_authenticator($p->authenticator);
# Check against the authorization source passwd file
if (check_pass($p->attr('User-Name'),
$p->password($host_secret{substr($whence,4,4)}))) {
$rp->set_code('Access-Accept');
print LOG " OK ";
}
else {
print "Invalid login.\n" if $testing;
$rp->set_code('Access-Reject');
$rp->set_attr('Reply-Message', "\r\nInvalid login.\r\n");
print LOG " bad ";
}
# Authenticate with the secret and send to the server.
$s->sendto(auth_resp($rp->pack,
$host_secret{substr($whence,4,4)}), $whence);
print LOG scalar(localtime()),"\n";
close LOG;
}
else {
# It's not an Access-Request
print "Unexpected packet type recieved." if $testing;
$p->dump;
open ERRLOG, ">>$errlogf";
print ERRLOG "Bad packet type received ",localtime(),"\n";
close ERRLOG;
}
}
}
sub connect_and_bind {
# make a connection to an LDAP server and bind to it.
$ldap->unbind if $ldap;
$ldap = Net::LDAP->new("ldaphost1.dirplace.com");
$ldap = Net::LDAP->new("ldaphost2.dirplace.com") unless $ldap;
$ldap = Net::LDAP->new("ldapbackup.elsewhere.com") unless $ldap;
die "$@" unless $ldap;;
$ldap->bind (version => 3) or die $@;
}
sub check_pass {
# Function to check name and password. Returns undef if no such user.
my ($login, $password) = @_;
return undef unless $password;
my $retries = 0;
while (1) {
return undef if $retries > 2;
my $mesg = $ldap->search(base => "o=myorg",
filter => "(uid=$login)",
attrs => ["sn"]);
# login doesn't exist
return undef
if (Net::LDAP::Util::ldap_error_name($mesg->code)
eq "LDAP_NO_SUCH_OBJECT" ||
(($mesg->code == 0) and ($mesg->count() != 1)));
if ($mesg->code) {
++$retries;
print "retry search due to ", Net::LDAP::Util::ldap_error_name($mesg->code),"\n" if $testing;
open ERRLOG, ">>$errlogf";
print ERRLOG "retry search due to ", Net::LDAP::Util::ldap_error_name($mesg->code),scalar(localtime()),"\n";
close ERRLOG;
connect_and_bind();
next;
}
my $entry = $mesg->entry(0);
my $dn = $entry->dn;
# print "Dn is $dn\n" if $testing;
$mesg = $ldap->bind (dn => $dn, password => $password, version => 3) ;
return 0 if Net::LDAP::Util::ldap_error_name($mesg->code) eq "LDAP_INVALID_CREDENTIALS";
return 1 if $mesg->code == 0;
++$retries;
print "retry auth due to", Net::LDAP::Util::ldap_error_name($mesg->code),"\n" if $testing;
connect_and_bind();
}
}

104
examples/tutorial.pl Normal file
View File

@ -0,0 +1,104 @@
##
## This file shows the very basics of using these modules by commenting
## on common tasks required within a server or a client. It assumes you're
## familiar with the RADIUS protocol. If you're not, check the included RFCs
## and your equipment's manual.
##
## Luis E. Muñoz <luismunoz@cpan.org>
##
## THIS FILE IS CURRENTLY UNDER REVIEW. PLEASE REFER TO example-*.pl FOR
## SPECIFIC USAGE EXAMPLES INVOLVING UP TO DATE METHODS.
##
###################################
###################################
use Net::Radius::Packet;
use Net::Radius::Dictionary;
# The first thing you need, is a dictionary file. We will assume that
# this pathname is correct. The dictionary contains the specifications
# for the attributes that this module understands, and must contain
# information for the attributes that your vendor provides. Normally,
# vendors support a set of standard attributes, and might also have
# proprietary attributes that you can add to this file.
my $dict = new Net::Radius::Dictionary "../dictionary"
or die "Cannot read or parse the dictionary: $!\n";
# As you see, there's no point in going on if you do not have a
# dictionary object to work with.
# Our first task, is to fill a packet. Let's create a packet that
# looks like the one sent from a NAS or access device...
my $packet = new Net::Radius::Packet $dict;
# The packet object needs to know which dictionary to use to encode and
# decode the attributes you will use.
# One of the common packets we'll receive from devices are going to be
# 'Access-Request' packets. Let's do it.
$packet->set_code('Access-Request');
# Now let's add an identifier, which is like a counter that the NAS uses
# to keep track of which reply belongs to which request.
$packet->set_identifier(1);
# At this point, we have set some information in the packet. However, we
# should add some useful attributes to it. First, we add some attributes
# that are standard and should be in the dictionary. Otherwise, the generated
# packet won't contain the intended data.
$packet->set_attr('User-Name', 'you');
$packet->set_attr('NAS-IP-Address', '127.0.0.1');
$packet->set_attr('NAS-Port', 1);
# Some equipment also can use a 'Vendor-Specific Attribute' to control
# some part of its behavior. These attributes are there so that each
# vendor can extend the protocol in a somewhat standard way. Let's
# add a vendor attribute for a Cisco piece of equipment. Note that
# Cisco is vendor 9.
$packet->set_vsattr(9, 'cisco-avpair', 'This is my VSA 1');
# You can add multiple instances of the attribute/value to the packetr
# just like below.
$packet->set_vsattr(9, 'cisco-avpair', 'This is my VSA 2');
# At this point, you have a nice example packet. In order to use this
# packet, we must first "sign" it as the NAS would. This is done in
# this particular kind of packet with the help of the user-supplied
# password, as seen below.
$packet->set_attr('User-Password', 'My-Password');
# However the password must be protected by snooping. We do so using
# a 'shared-secret'. This is a secret password that is known only to
# this module and the NAS (as well as your network guys).
$packet->set_attr('User-Password', $packet->password('My-Shared-Secret'));
# Before the actual signing takes place, we must convert the object to
# an actual packet that can be sent through the network, like in this
# example.
my $p = $packet->pack;
# The final step in signing the packet is done below. $data will
# contain the definitive data that must be sent to the server. Note
# that the shared secret MUST be the same used to protect the password
# for authentication to occur.
my $data = auth_resp($p, 'My-Shared-Secret');
# After this, we can take a look at how our finished packed looks...
my $np = new Net::Radius::Packet $dict, $data;
$np->dump;
# The accompaining examples in this directory explain what to do at the
# server...

17
packets/README Normal file
View File

@ -0,0 +1,17 @@
-*- text -*-
This directory contains RADIUS packets that have been processed by the
bin2packet script included in the contrib/ directory of this
distribution.
Packets can be added to this directory simply, by issuing the
following command:
$ cd packets
$ bin2packet dump
Where 'dump' is a file containing a RADIUS packet (payload), as
extracted by ethereal.

BIN
packets/broadsoft-areq-00.p Normal file
View File

Binary file not shown.

BIN
packets/cisco-acs-ar-01.p Normal file
View File

Binary file not shown.

BIN
packets/cisco-acs-ar-02.p Normal file
View File

Binary file not shown.

BIN
packets/cisco-acs-ar-03.p Normal file
View File

Binary file not shown.

BIN
packets/cisco-ios-12.2.18-01.p Normal file
View File

Binary file not shown.

BIN
packets/cisco-ios-12.2.18-02.p Normal file
View File

Binary file not shown.

BIN
packets/cisco-vpn3k-ar.p Normal file
View File

Binary file not shown.

BIN
packets/huawei-me60-accreq-01.p Normal file
View File

Binary file not shown.

BIN
packets/huawei-me60-acctreq-01.p Normal file
View File

Binary file not shown.

BIN
packets/huawei-me60-acctreq-02.p Normal file
View File

Binary file not shown.

BIN
packets/rsa-aa-01.p Normal file
View File

Binary file not shown.

BIN
packets/rsa-aa-02.p Normal file
View File

Binary file not shown.

BIN
packets/rsa-ac-01.p Normal file
View File

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More