Mercurial > hg > freeDiameter

view doc/app_radgw.conf.sample @ 1473:8f953829c5d3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to 3GPP TS 29.212 V15.9.0 (2019-12) Update sections for various AVPs that were moved from section 5 to section 5a, 5b, or 5c. Add AVPs from 3GPP TS 29.212 V15.9.0 (2019-12): - Credit-Management-Status, Unsigned32, code 1082, section 5.3.102 - AN-GW-Status, Enumerated, code 2811, section 5.3.100 - User-Location-Info-Time, Time, code 2812, section 5.3.101 - CS-Service-Resource-Report, Grouped, code 2813, section E.6.3.6 - CS-Service-Resource-Failure-Cause, Enumerated, code 2814, section E.6.3.5 - CS-Service-Resource-Result-Operation, Enumerated, code 2815, section E.6.3.4 - Default-QoS-Information, Grouped, code 2816, section 5.3.103 - Default-QoS-Name, UTF8String, code 2817, section 5.3.104 - Conditional-APN-Aggregate-Max-Bitrate, Grouped, code 2818, section 5.3.105 - RAN-NAS-Release-Cause, OctetString, code 2819, section 5.3.106 - Presence-Reporting-Area-Elements-List, OctetString, code 2820, section 5.3.107 - Presence-Reporting-Area-Identifier, OctetString, code 2821, section 5.3.108 - Presence-Reporting-Area-Information, Grouped, code 2822, section 5.3.109 - Presence-Reporting-Area-Status, Unsigned32, code 2823, section 5.3.110 - NetLoc-Access-Support, Unsigned32, code 2824, section 5.3.111 - Fixed-User-Location-Info, Grouped, code 2825, section 5.3.112 - PCSCF-Restoration-Indication, Unsigned32, code 2826, section 5.3.113 - IP-CAN-Session-Charging-Scope, Enumerated, code 2827, section 5.3.114 - Monitoring-Flags, Unsigned32, code 2828, section 5.3.115 - Default-Access, Enumerated, code 2829, section 5.3.120 - NBIFOM-Mode, Enumerated, code 2830, section 5.3.117 - NBIFOM-Support, Enumerated, code 2831, section 5.3.116 - RAN-Rule-Support, Unsigned32, code 2832, section 5.3.122 - Access-Availability-Change-Reason, Unsigned32, code 2833, section 5.3.121 - Routing-Rule-Failure-Code, Unsigned32, code 2834, section 5.3.119 - Routing-Rule-Report, Grouped, code 2835, section 5.3.118 - Traffic-Steering-Policy-Identifier-DL, OctetString, code 2836, section 5.3.123 - Traffic-Steering-Policy-Identifier-UL, OctetString, code 2837, section 5.3.124 - Request-Type, Unsigned32, code 2838, section 5c.3.2 - Execution-Time, Time, code 2839, section 5.3.127 - Conditional-Policy-Information, Grouped, code 2840, section 5.3.128 - Resource-Release-Notification, Enumerated, code 2841, section 5.3.125 - Removal-Of-Access, Enumerated, code 2842, section 5.3.126 - TCP-Source-Port, Unsigned32, code 2843, section 5.3.129 - Default-Bearer-Indication, Enumerated, code 2844, section 5.3.132 - PRA-Install, Grouped, code 2845, section 5.3.130 - PRA-Remove, Grouped, code 2846, section 5.3.131 - 3GPP-PS-Data-Off-Status, Enumerated, code 2847, section 5.3.133 - Extended-APN-AMBR-DL, Unsigned32, code 2848, section 5.3.134 - Extended-APN-AMBR-UL, Unsigned32, code 2849, section 5.3.135 - Extended-GBR-DL, Unsigned32, code 2850, section 5.3.136 - Extended-GBR-UL, Unsigned32, code 2851, section 5.3.137 - Max-PLR-DL, Float32, code 2852, section 5.3.138 - Max-PLR-UL, Float32, code 2853, section 5.3.139 - UE-Status, Unsigned32, code 2854, section 5.3.140 - Presence-Reporting-Area-Node, Unsigned32, code 2855, section 5.3.141 Set Must AVP Flag M (Mandatory) per 3GPP TS 29.212 Table 5b.3.0.1 for: - ADC-Rule-Install, Grouped, code 1092, section 5b.3.1 - ADC-Rule-Remove, Grouped, code 1093, section 5b.3.2 - ADC-Rule-Definition, Grouped, code 1094, section 5b.3.3 - ADC-Rule-Base-Name, UTF8String, code 1095, section 5b.3.4 - ADC-Rule-Name, OctetString, code 1096, section 5b.3.5 - ADC-Rule-Report, Grouped, code 1097, section 5b.3.6 Retain ADC-Revalidation-Time, Time, code 2801, section 5.3.93 Removed in 3GPP TS 29.212 V12.1.0 (2013-06). Add HeNB-BBF-FQDN, UTF8String, code 2803, section 5.3.94 Removed in 3GPP TS 29.212 V11.8.0 (2013-03).
author Luke Mewburn <luke@mewburn.net>
date Wed, 18 Mar 2020 14:06:08 +1100
parents 6fe3e5cf9fb2
children
line wrap: on
line source

# This file contains information for configuring the app_radgw extension.
# To find how to have freeDiameter load this extension, please refer to the freeDiameter documentation.
#
# The app_radgw extension allows a freeDiameter agent to serve as a
# RADIUS/Diameter gateway. Typically, a RADIUS client (e.g. a NAS) will connect to
# this agent, and the message will be converted to Diameter and sent to a Diameter server.
#
# Note that this extension does not provide a fully functionnal RADIUS/Diameter gateway.
# You need to load plugins to handle specific RADIUS messages and convert them to 
# Diameter apps such as NASREQ, EAP, ... See the next section for information.


###########
# PLUGINS #
###########

# Additional plugins must be loaded to support specific RADIUS messages and attributes.

# Plugins are registered either for every message, or by port (auth or acct), or by port and code.
# The general format is:
# RGWX = plugin [: conf_file] [: port] [: code(s)] ;
#  Where:
#    plugin is the quoted file name (relative or absolute) of the plugin to load (.rgwx files).
#    conf_file (optional) is the quoted name of the configuration file.
#    port (optional), either auth or acct. 
#       If not specified, extension is called for messages incoming on both ports
#    code(s): space-separated list of command codes for which this extension must be called.
#       If not specified, the extension is called for all incoming messages.
#       The values are interpreted as hexadecimal.
#
# The plugins are called in the order they appear in this file.
# Here are some explained examples:
#  RGWX = "3579.rgwx";   Load this extension and call it for all messages. No configuration file.
#  RGWX = "3579.rgwx" : "3579.conf";  Same as previous but with a configuration file specified.
#  RGWX = "3579.rgwx" : auth; No configuration file, but called only for RADIUS messages received on authentication port.
#  RGWX = "3579.rgwx" : 4 8 b;  Called for messages with command code 4, 8, or 11 only.
#  RGWX = "3579.rgwx" : "3579.conf" : auth : 4 8 b;  All parameters combined.

# Once the list of extensions for an incoming message has been called (or if the list is empty), 
# an error is logged if some RADIUS attributes of the message have not been handled.

RGWX = "extensions/echodrop.rgwx" : "echodrop.rgwx.conf"; # See echodrop.rgwx.conf.sample file
RGWX = "extensions/auth.rgwx" : auth; 
RGWX = "extensions/acct.rgwx" : acct;
# RGWX = "extensions/debug.rgwx"; # Uncomment to see the result of the translation plugins.

# For some extensions (auth, acct), a false configuration file name 
# can be passed to specify flags, such as "nonai" to ignore NAI-based routing.

##################
# RADIUS Clients #
##################

# Each RADIUS client must be declared in the form: 
#   nas = IP / shared-secret ;
# IP can be ipv4 or ipv6
# port can be additionaly restricted with brackets: IP[port] (ex: 192.168.0.1[1812])
# shared-secret can be a quoted string, or a list of hexadecimal values.
# examples:
# nas = 192.168.100.1 / "secret key" ; # the shared secret buffer is 0x736563726574206b6579 (length 10 bytes)
# nas = fe00::1 / 73 65 63 72 65 74 20 6b 65 79; # same shared secret as previously
# When a packet is received from an IP not declared here, it is discarded.

# If the RADIUS client is a Proxy that forwards messages from different peers, it must be
# declared instead as follow:
#   pxy = IP / shared-secret ;
# Note that it is not recommended to use this gateway implementation with a proxy currently,
# since the management of duplicate messages might be insufficient.

# The old notation cli = ... is equivalent to nas = ... and kept for backward compatibility.


####################
#  Authentication  #
#  Authorization   #
####################

# Enable the RADIUS/Diameter authentication/authorization gateway?
# auth_server_enable = 1;

# The port on which the accounting server listens
# auth_server_port = 1812;

# The IPv4 on which to bind the server, or "disable" if IPv4 must not be used.
# auth_server_ip4 = 0.0.0.0;

# The IPv6 address to which the server is bound, or "disable"
# auth_server_ip6 = :: ;


################
#  Accounting  #
################

# Enable the RADIUS/Diameter accounting gateway?
# acct_server_enable = 1;

# The port on which the accounting server listens
# acct_server_port = 1813;

# The IPv4 on which to bind the server, or "disable" if no IPv4 is wanted.
# acct_server_ip4 = 0.0.0.0;

# The IPv6 address to which the server is bound, or "disable"
# acct_server_ip6 = :: ;
"Welcome to our mercurial repository"