Mercurial > hg > freeDiameter
annotate doc/freediameter.conf.sample @ 1396:188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
If this is configured, the process will accept all connections from
peers matching ProcessingPeersPattern, but will NOT accept connections
from other peers until ProcessingPeersMinimum peers of the first
type are connected.
This allows relays to only go online if there are enough worker
peers connected behind them.
| author | Thomas Klausner <tk@giga.or.at> |
|---|---|
| date | Fri, 15 Nov 2019 11:38:30 +0100 |
| parents | afe0ecdb0692 |
| children | 239ba25870d8 |
| rev | line source |
|---|---|
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1 # This is a sample configuration file for freeDiameter daemon. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
2 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
3 # Most of the options can be omitted, as they default to reasonable values. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
4 # Only TLS-related options must be configured properly in usual setups. |
|
20
277ec00d793e
Backup before typhoon... Progress on server side
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
18
diff
changeset
|
5 |
|
925
e5a09fab5ef3
Add support for 'include' in freeDiameter configuration file
Sebastien Decugis <sdecugis@freediameter.net>
parents:
873
diff
changeset
|
6 # It is possible to use "include" keyword to import additional files |
|
e5a09fab5ef3
Add support for 'include' in freeDiameter configuration file
Sebastien Decugis <sdecugis@freediameter.net>
parents:
873
diff
changeset
|
7 # e.g.: include "/etc/freeDiameter.d/*.conf" |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
8 # This is exactly equivalent as copy & paste the content of the included file(s) |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
9 # where the "include" keyword is found. |
|
925
e5a09fab5ef3
Add support for 'include' in freeDiameter configuration file
Sebastien Decugis <sdecugis@freediameter.net>
parents:
873
diff
changeset
|
10 |
|
e5a09fab5ef3
Add support for 'include' in freeDiameter configuration file
Sebastien Decugis <sdecugis@freediameter.net>
parents:
873
diff
changeset
|
11 |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
12 ############################################################## |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
13 ## Peer identity and realm |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
14 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
15 # The Diameter Identity of this daemon. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
16 # This must be a valid FQDN that resolves to the local host. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
17 # Default: hostname's FQDN |
|
335
603791d2dcc4
Updated website information
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
303
diff
changeset
|
18 #Identity = "aaa.koganei.freediameter.net"; |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
19 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
20 # The Diameter Realm of this daemon. |
|
513
662b1f9258c3
Improve documentation as suggested by ????? ????????? (thank you)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
337
diff
changeset
|
21 # Default: the domain part of Identity (after the first dot). |
|
337
660208ca0e54
Changed confusing example value
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
335
diff
changeset
|
22 #Realm = "koganei.freediameter.net"; |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
23 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
24 ############################################################## |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
25 ## Transport protocol configuration |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
26 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
27 # The port this peer is listening on for incoming connections (TCP and SCTP). |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
28 # Default: 3868. Use 0 to disable. |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
29 #Port = 3868; |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
30 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
31 # The port this peer is listening on for incoming TLS-protected connections (TCP and SCTP). |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
32 # See TLS_old_method for more information about TLS flavours. |
|
1187
436e4342ecd0
Rollback to using TLS/SCTP in release 1.2.0. DTLS dev to happen in freeDiameter-dtls branch
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1181
diff
changeset
|
33 # Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter. |
|
1304
5a505af0bba0
Fix default secure port
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1246
diff
changeset
|
34 # Default: 5868. Use 0 to disable. |
|
5a505af0bba0
Fix default secure port
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1246
diff
changeset
|
35 #SecPort = 5868; |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
36 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
37 # Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
38 # on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
39 # CER/CEA exchange on a dedicated secure port. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
40 # This parameter only affects outgoing connections. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
41 # The setting can be also defined per-peer (see Peers configuration section). |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
42 # Default: use RFC6733 method with separate port for TLS. |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
43 #TLS_old_method; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
44 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
45 # Disable use of TCP protocol (only listen and connect over SCTP) |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
46 # Default : TCP enabled |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
47 #No_TCP; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
48 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
49 # Disable use of SCTP protocol (only listen and connect over TCP) |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
50 # Default : SCTP enabled |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
51 #No_SCTP; |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
52 # This option is ignored if freeDiameter is compiled with DISABLE_SCTP option. |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
53 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
54 # Prefer TCP instead of SCTP for establishing new connections. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
55 # This setting may be overwritten per peer in peer configuration blocs. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
56 # Default : SCTP is attempted first. |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
57 #Prefer_TCP; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
58 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
59 # Default number of streams per SCTP associations. |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
60 # This setting may be overwritten per peer basis. |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
61 # Default : 30 streams |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
62 #SCTP_streams = 30; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
63 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
64 ############################################################## |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
65 ## Endpoint configuration |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
66 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
67 # Disable use of IP addresses (only IPv6) |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
68 # Default : IP enabled |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
69 #No_IP; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
70 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
71 # Disable use of IPv6 addresses (only IP) |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
72 # Default : IPv6 enabled |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
73 #No_IPv6; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
74 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
75 # Specify local addresses the server must bind to |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
76 # Default : listen on all addresses available. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
77 #ListenOn = "202.249.37.5"; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
78 #ListenOn = "2001:200:903:2::202:1"; |
|
23
db6c40b8b307
Added some code in cnxctx.c mainly
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
22
diff
changeset
|
79 #ListenOn = "fe80::21c:5ff:fe98:7d62%eth0"; |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
80 |
|
1189
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
81 |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
82 ############################################################## |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
83 ## Server configuration |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
84 |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
85 # How many Diameter peers are allowed to be connecting at the same time ? |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
86 # This parameter limits the number of incoming connections from the time |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
87 # the connection is accepted until the first CER is received. |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
88 # Default: 5 unidentified clients in paralel. |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
89 #ThreadsPerServer = 5; |
|
50bf33dc8fe0
Limit number of incoming connections under processing to configurable value
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1187
diff
changeset
|
90 |
|
1396
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
91 # If this host is used as relay or proxy, it can be useful to limit |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
92 # connections from "outside" until enough processing nodes are available. |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
93 # This parameter defines a regex pattern for recognizing such nodes; |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
94 # Default: NO DEFAULT |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
95 #ProcessingPeersPattern = "worker[0-9]*.example.com"; |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
96 |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
97 # This next parameter defines how many of these processing peers |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
98 # must be connected before CERs from other hosts are accepted. |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
99 # If this is set, ProcessingPeersPattern must also be defined. |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
100 # If unset or less than 1, ProcessingPeersPattern and this variable do nothing. |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
101 # Default: 0 |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
102 #ProcessingPeersMinimum = 0; |
|
188c82b6690b
Add ProcessingPeersPattern and ProcessingPeersMinimum parameters.
Thomas Klausner <tk@giga.or.at>
parents:
1326
diff
changeset
|
103 |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
104 ############################################################## |
|
18
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
105 ## TLS Configuration |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
106 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
107 # TLS is managed by the GNUTLS library in the freeDiameter daemon. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
108 # You may find more information about parameters and special behaviors |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
109 # in the relevant documentation. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
110 # http://www.gnu.org/software/gnutls/manual/ |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
111 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
112 # Credentials of the local peer |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
113 # The X509 certificate and private key file to use for the local peer. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
114 # The files must contain PKCS-1 encoded RSA key, in PEM format. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
115 # (These parameters are passed to gnutls_certificate_set_x509_key_file function) |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
116 # Default : NO DEFAULT |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
117 #TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>"; |
|
303
32ba9cf7ba87
Add a reasonable default path for certificates
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
253
diff
changeset
|
118 TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key"; |
|
18
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
119 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
120 # Certificate authority / trust anchors |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
121 # The file containing the list of trusted Certificate Authorities (PEM list) |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
122 # (This parameter is passed to gnutls_certificate_set_x509_trust_file function) |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
123 # The directive can appear several times to specify several files. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
124 # Default : GNUTLS default behavior |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
125 #TLS_CA = "<file.PEM>"; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
126 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
127 # Certificate Revocation List file |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
128 # The information about revoked certificates. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
129 # The file contains a list of trusted CRLs in PEM format. They should have been verified before. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
130 # (This parameter is passed to gnutls_certificate_set_x509_crl_file function) |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
131 # Note: openssl CRL format might have interoperability issue with GNUTLS format. |
|
18
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
132 # Default : GNUTLS default behavior |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
133 #TLS_CRL = "<file.PEM>"; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
134 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
135 # GNU TLS Priority string |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
136 # This string allows to configure the behavior of GNUTLS key exchanges |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
137 # algorithms. See gnutls_priority_init function documentation for information. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
138 # You should also refer to the Diameter required TLS support here: |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
139 # http://tools.ietf.org/html/rfc6733#section-13.1 |
|
18
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
140 # Default : "NORMAL" |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
141 # Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL"; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
142 #TLS_Prio = "NORMAL"; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
143 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
144 # Diffie-Hellman parameters size |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
145 # Set the number of bits for generated DH parameters |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
146 # Valid value should be 768, 1024, 2048, 3072 or 4096. |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
147 # (This parameter is passed to gnutls_dh_params_generate2 function, |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
148 # it usually should match RSA key size) |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
149 # Default : 1024 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
150 #TLS_DH_Bits = 1024; |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
151 |
|
578
7c9a00bfd115
Allow TLS Diffie-Hellmann parameters to be loaded from a file (ticket #17)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
513
diff
changeset
|
152 # Alternatively, you can specify a file to load the PKCS#3 encoded |
|
7c9a00bfd115
Allow TLS Diffie-Hellmann parameters to be loaded from a file (ticket #17)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
513
diff
changeset
|
153 # DH parameters directly from. This accelerates the daemon start |
|
7c9a00bfd115
Allow TLS Diffie-Hellmann parameters to be loaded from a file (ticket #17)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
513
diff
changeset
|
154 # but is slightly less secure. If this file is provided, the |
|
7c9a00bfd115
Allow TLS Diffie-Hellmann parameters to be loaded from a file (ticket #17)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
513
diff
changeset
|
155 # TLS_DH_Bits parameters has no effect. |
|
7c9a00bfd115
Allow TLS Diffie-Hellmann parameters to be loaded from a file (ticket #17)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
513
diff
changeset
|
156 # Default : no default. |
|
7c9a00bfd115
Allow TLS Diffie-Hellmann parameters to be loaded from a file (ticket #17)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
513
diff
changeset
|
157 #TLS_DH_File = "<file.PEM>"; |
|
7c9a00bfd115
Allow TLS Diffie-Hellmann parameters to be loaded from a file (ticket #17)
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
513
diff
changeset
|
158 |
|
18
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
159 |
|
e7187583dcf8
Added CA helper script
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
13
diff
changeset
|
160 ############################################################## |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
161 ## Timers configuration |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
162 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
163 # The Tc timer of this peer. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
164 # It is the delay before a new attempt is made to reconnect a disconnected peer. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
165 # The value is expressed in seconds. The recommended value is 30 seconds. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
166 # Default: 30 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
167 #TcTimer = 30; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
168 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
169 # The Tw timer of this peer. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
170 # It is the delay before a watchdog message is sent, as described in RFC 3539. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
171 # The value is expressed in seconds. The default value is 30 seconds. Value must |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
172 # be greater or equal to 6 seconds. See details in the RFC. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
173 # Default: 30 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
174 #TwTimer = 30; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
175 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
176 ############################################################## |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
177 ## Applications configuration |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
178 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
179 # Disable the relaying of Diameter messages? |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
180 # For messages not handled locally, the default behavior is to forward the |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
181 # message to another peer if any is available, according to the routing |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
182 # algorithms. In addition the "0xffffff" application is advertised in CER/CEA |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
183 # exchanges. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
184 # Default: Relaying is enabled. |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
185 #NoRelay; |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
186 |
|
253
ad6c0118fb50
Configurable number of server threads
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
24
diff
changeset
|
187 # Number of server threads that can handle incoming messages at the same time. |
|
ad6c0118fb50
Configurable number of server threads
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
24
diff
changeset
|
188 # Default: 4 |
|
ad6c0118fb50
Configurable number of server threads
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
24
diff
changeset
|
189 #AppServThreads = 4; |
|
ad6c0118fb50
Configurable number of server threads
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
24
diff
changeset
|
190 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
191 # Other applications are configured by loaded extensions. |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
192 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
193 ############################################################## |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
194 ## Extensions configuration |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
195 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
196 # The freeDiameter framework merely provides support for |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
197 # Diameter Base Protocol. The specific application behaviors, |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
198 # as well as advanced functions, are provided |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
199 # by loadable extensions (plug-ins). |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
200 # These extensions may in addition receive the name of a |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
201 # configuration file, the format of which is extension-specific. |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
202 # |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
203 # Format: |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
204 #LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ; |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
205 # |
| 871 | 206 # Examples: |
|
873
a4257b7faba3
Fix extensions file extension in the sample file
Sebastien Decugis <sdecugis@freediameter.net>
parents:
871
diff
changeset
|
207 #LoadExtension = "extensions/sample.fdx"; |
|
a4257b7faba3
Fix extensions file extension in the sample file
Sebastien Decugis <sdecugis@freediameter.net>
parents:
871
diff
changeset
|
208 #LoadExtension = "extensions/sample.fdx":"conf/sample.conf"; |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
209 |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
210 # Extensions are named as follow: |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
211 # dict_* for extensions that add content to the dictionary definitions. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
212 # dbg_* for extensions useful only to retrieve more information on the framework execution. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
213 # acl_* : Access control list, to control which peers are allowed to connect. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
214 # rt_* : routing extensions that impact how messages are forwarded to other peers. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
215 # app_* : applications, these extensions usually register callbacks to handle specific messages. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
216 # test_* : dummy extensions that are useful only in testing environments. |
|
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
217 |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
218 |
|
1204
a4cdde705f30
Add options to dbg_msg_dumps.fdx to allow more control over the behavior
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1189
diff
changeset
|
219 # The dbg_msg_dump.fdx extension allows you to tweak the way freeDiameter displays some |
|
a4cdde705f30
Add options to dbg_msg_dumps.fdx to allow more control over the behavior
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1189
diff
changeset
|
220 # information about some events. This extension does not actually use a configuration file |
|
a4cdde705f30
Add options to dbg_msg_dumps.fdx to allow more control over the behavior
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1189
diff
changeset
|
221 # but receives directly a parameter in the string passed to the extension. Here are some examples: |
|
1246
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
222 ## LoadExtension = "dbg_msg_dumps.fdx" : "0x1111"; # Removes all default hooks, very quiet even in case of errors. |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
223 ## LoadExtension = "dbg_msg_dumps.fdx" : "0x2222"; # Display all events with few details. |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
224 ## LoadExtension = "dbg_msg_dumps.fdx" : "0x0080"; # Dump complete information about sent and received messages. |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
225 # The four digits respectively control: connections, routing decisions, sent/received messages, errors. |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
226 # The values for each digit are: |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
227 # 0 - default - keep the default behavior |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
228 # 1 - quiet - remove any specific log |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
229 # 2 - compact - display only a summary of the information |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
230 # 4 - full - display the complete information on a single long line |
|
02c98b9fb2a4
Updated documentation for dbg_msg_dumps
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1204
diff
changeset
|
231 # 8 - tree - display the complete information in an easier to read format spanning several lines. |
|
1204
a4cdde705f30
Add options to dbg_msg_dumps.fdx to allow more control over the behavior
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1189
diff
changeset
|
232 |
|
a4cdde705f30
Add options to dbg_msg_dumps.fdx to allow more control over the behavior
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1189
diff
changeset
|
233 |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
234 ############################################################## |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
235 ## Peers configuration |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
236 |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
237 # The local server listens for incoming connections. By default, |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
238 # all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl). |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
239 # |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
240 # In addition to incoming connections, the local peer can |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
241 # be configured to establish and maintain connections to some |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
242 # Diameter nodes and allow connections from these nodes. |
| 972 | 243 # This is achieved with the ConnectPeer directive described below. |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
244 # |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
245 # Note that the configured Diameter Identity MUST match |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
246 # the information received inside CEA, or the connection will be aborted. |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
247 # |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
248 # Format: |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
249 #ConnectPeer = "diameterid" [ { parameter1; parameter2; ...} ] ; |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
250 # Parameters that can be specified in the peer's parameter list: |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
251 # No_TCP; No_SCTP; No_IP; No_IPv6; Prefer_TCP; TLS_old_method; |
|
1187
436e4342ecd0
Rollback to using TLS/SCTP in release 1.2.0. DTLS dev to happen in freeDiameter-dtls branch
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1181
diff
changeset
|
252 # No_TLS; # assume transparent security instead of TLS. DTLS is not supported yet (will change in future versions). |
|
1304
5a505af0bba0
Fix default secure port
Sebastien Decugis <sdecugis@freediameter.net>
parents:
1246
diff
changeset
|
253 # Port = 5868; # The port to connect to |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
254 # TcTimer = 30; |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
255 # TwTimer = 30; |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
256 # ConnectTo = "202.249.37.5"; |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
257 # ConnectTo = "2001:200:903:2::202:1"; |
|
22
0b3b46da2c12
Progress on server code
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
21
diff
changeset
|
258 # TLS_Prio = "NORMAL"; |
|
706
4ffbc9f1e922
Large UNTESTED commit with the following changes:
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
578
diff
changeset
|
259 # Realm = "realm.net"; # Reject the peer if it does not advertise this realm. |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
260 # Examples: |
|
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
261 #ConnectPeer = "aaa.wide.ad.jp"; |
|
1165
515a5b8f930a
Updated documentation
Sebastien Decugis <sdecugis@freediameter.net>
parents:
972
diff
changeset
|
262 #ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ; |
|
12
418d2ce80dc8
Added support in configuration file for peers declaration
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
10
diff
changeset
|
263 |
|
8
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
264 |
|
3e143f047f78
Backup for the week-end
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
265 ############################################################## |
|
1326
afe0ecdb0692
Add config option if Route-Record AVPs should be added in Answers.
Thomas Klausner <tk@giga.or.at>
parents:
1304
diff
changeset
|
266 ## General settings |
|
afe0ecdb0692
Add config option if Route-Record AVPs should be added in Answers.
Thomas Klausner <tk@giga.or.at>
parents:
1304
diff
changeset
|
267 |
|
afe0ecdb0692
Add config option if Route-Record AVPs should be added in Answers.
Thomas Klausner <tk@giga.or.at>
parents:
1304
diff
changeset
|
268 # If Route-Record AVPs should be added in Answers. |
|
afe0ecdb0692
Add config option if Route-Record AVPs should be added in Answers.
Thomas Klausner <tk@giga.or.at>
parents:
1304
diff
changeset
|
269 # Possible values: Always, Never |
|
afe0ecdb0692
Add config option if Route-Record AVPs should be added in Answers.
Thomas Klausner <tk@giga.or.at>
parents:
1304
diff
changeset
|
270 # Default: Always |
|
afe0ecdb0692
Add config option if Route-Record AVPs should be added in Answers.
Thomas Klausner <tk@giga.or.at>
parents:
1304
diff
changeset
|
271 #RouteRecordInAnswers = Never; |