Mercurial > hg > freeDiameter
annotate doc/acl_wl.conf.sample @ 1512:f98e2b6e8f42
Add 3GPP TS 29.368 V15.1.0 (2019-09)
Add AVPs:
- Device-Action, Grouped, code 3001, section 6. 4.2
- Device-Notification, Grouped, code 3002, section 6.4.3
- Trigger-Data, Grouped, code 3003, section 6.4.4
- Payload, OctetString, code 3004, section 6.4.5
- Action-Type, Enumerated, code 3005, section 6.4.6
- Priority-Indication, Enumerated, code 3006, section 6.4.7
- Reference-Number, Unsigned32, code 3007, section 6.4.8
- Request-Status, Enumerated, code 3008, section 6.4.9
- Delivery-Outcome, Enumerated, code 3009, section 6.4.10
- Application-Port-Identifier, Unsigned32, code 3010, section 6.4.11
- Old-Reference-Number, Unsigned32, code 3011, section 6.4.12
- Feature-Supported-In-Final-Target, Unsigned32, code 3012, section 6.4.13
author | Luke Mewburn <luke@mewburn.net> |
---|---|
date | Tue, 07 Apr 2020 16:04:36 +1000 |
parents | 0dff6a604b0a |
children |
rev | line source |
---|---|
161
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
1 # Configuration file for the peer whitelist extension. |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
2 # |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
3 # This extension is meant to allow connection from remote peers, without actively |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
4 # maintaining this connection ourselves (as it would be the case by declaring the |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
5 # peer in a ConnectPeer directive). |
1354
0dff6a604b0a
acl_wl: add reload support using SIGUSR1
Thomas Klausner <tk@giga.or.at>
parents:
162
diff
changeset
|
6 # |
0dff6a604b0a
acl_wl: add reload support using SIGUSR1
Thomas Klausner <tk@giga.or.at>
parents:
162
diff
changeset
|
7 # This extension supports configuration reload at runtime. Send |
0dff6a604b0a
acl_wl: add reload support using SIGUSR1
Thomas Klausner <tk@giga.or.at>
parents:
162
diff
changeset
|
8 # signal SIGUSR1 to the process to cause the process to reload its |
0dff6a604b0a
acl_wl: add reload support using SIGUSR1
Thomas Klausner <tk@giga.or.at>
parents:
162
diff
changeset
|
9 # config. |
0dff6a604b0a
acl_wl: add reload support using SIGUSR1
Thomas Klausner <tk@giga.or.at>
parents:
162
diff
changeset
|
10 # |
161
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
11 # The format of this file is very simple. It contains a list of peer names |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
12 # separated by spaces or newlines. |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
13 # |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
14 # The peer name must be a fqdn. We allow also a special "*" character as the |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
15 # first label of the fqdn, to allow all fqdn with the same domain name. |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
16 # Example: *.example.net will allow host1.example.net and host2.example.net |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
17 # |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
18 # At the beginning of a line, the following flags are allowed (case sensitive) -- either or both can appear: |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
19 # ALLOW_OLD_TLS : we accept unprotected CER/CEA exchange with Inband-Security-Id = TLS |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
20 # ALLOW_IPSEC : we accept implicitly protected connection with with peer (Inband-Security-Id = IPSec) |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
21 # It is specified for example as: |
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
22 # ALLOW_IPSEC vpn.example.net vpn2.example.net *.vpn.example.net |
162
79768bf7d208
Completed whitelist extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
161
diff
changeset
|
23 # These flag take effect from their position, until the end of the line. |
161
645ff1487c23
Draft for ACL white-list extension
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff
changeset
|
24 |