Mercurial > hg > freeDiameter

view doc/app_radgw.conf.sample @ 1510:a2fb51309cd2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add 3GPP TS 29.345 V15.1.0 (2019-09) Add AVPs: - App-Layer-User-Id, UTF8String, code 3801, section 6.3.2 - Assistance-info, Grouped, code 3802, section 6.3.3 - Assistance-Info-Validity-Timer, Unsigned32, code 3803, section 6.3.4 - Discovery-Type, Unsigned32, code 3804, section 6.3.5 - Filter-Id, OctetString, code 3805, section 6.3.9 - MAC-Address, UTF8String, code 3806, section 6.3.11 - Match-Report, Grouped, code 3807, section 6.3.12 - Operating-Channel, Unsigned32, code 3808, section 6.3.14 - P2P-Features, Unsigned32, code 3809, section 6.3.15 - ProSe-App-Code, OctetString, code 3810, section 6.3.16 - ProSe-App-Id, UTF8String, code 3811, section 6.3.17 - ProSe-App-Mask, OctetString, code 3812, section 6.3.18 - ProSe-Discovery-Filter, Grouped, code 3813, section 6.3.20 - PRR-Flags, Unsigned32, code 3814, section 6.3.21 - ProSe-Validity-Timer, Unsigned32, code 3815, section 6.3.22 - Requesting-EPUID, UTF8String, code 3816, section 6.3.23 - Targeted-EPUID, UTF8String, code 3817, section 6.3.26 - Time-Window, Unsigned32, code 3818, section 6.3.27 - WiFi-P2P-Assistance-Info, Grouped, code 3819, section 6.3.30 - WLAN-Assistance-Info, Grouped, code 3820, section 6.3.31 - WLAN-Link-Layer-Id, OctetString, code 3821, section 6.3.32 - WLAN-Link-Layer-Id-List, Grouped, code 3822, section 6.3.33 - Location-Update-Trigger, Grouped, code 3823, section 6.3.42 - Location-Update-Event-Type, Unsigned32, code 3824, section 6.3.43 - Change-Of-Area-Type, Grouped, code 3825, section 6.3.44 - Location-Update-Event-Trigger, Unsigned32, code 3826, section 6.3.45 - Report-Cardinality, Enumerated, code 3827, section 6.3.46 - Minimum-Interval-Time, Unsigned32, code 3828, section 6.3.47 - Periodic-Location-Type, Grouped, code 3829, section 6.3.48 - Location-Report-Interval-Time, Unsigned32, code 3830, section 6.3.49 - Total-Number-Of-Reports, Unsigned32, code 3831, section 6.3.50 - Validity-Time-Announce, Unsigned32, code 3832, section 6.3.36 - Validity-Time-Monitor, Unsigned32, code 3833, section 6.3.37 - Validity-Time-Communication, Unsigned32, code 3834, section 6.3.38 - ProSe-App-Code-Info, Grouped, code 3835, section 6.3.39 - MIC, OctetString, code 3836, section 6.3.40 - UTC-based-Counter, Unsigned32, code 3837, section 6.3.41 - ProSe-Match-Refresh-Timer, Unsigned32, code 3838, section 6.3.52 - ProSe-Metadata-Index-Mask, OctetString, code 3839, section 6.3.60 - App-Identifier, Grouped, code 3840, section 6.3.61 - OS-ID, OctetString, code 3841, section 6.3.62 - OS-App-ID, UTF8String, code 3842, section 6.3.63 - Requesting-RPAUID, UTF8String, code 3843, section 6.3.64 - Target-RPAUID, UTF8String, code 3844, section 6.3.65 - Target-PDUID, OctetString, code 3845, section 6.3.66 - ProSe-Restricted-Code, OctetString, code 3846, section 6.3.67 - ProSe-Restricted-Code-Suffix-Range, OctetString, code 3847, section 6.3.68 - Beginning-Suffix, OctetString, code 3848, section 6.3.69 - Ending-Suffix, OctetString, code 3849, section 6.3.70 - Discovery-Entry-ID, Unsigned32, code 3850, section 6.3.59 - Match-Timestamp, Time, code 3851, section 6.3.71 - PMR-Flags, Unsigned32, code 3852, section 6.3.57 - ProSe-Application-Metadata, UTF8String, code 3853, section 6.3.58 - Discovery-Auth-Request, Grouped, code 3854, section 6.3.53 - Discovery-Auth-Response, Grouped, code 3855, section 6.3.54 - Match-Request, Grouped, code 3856, section 6.3.55 - Match-Report-Info, Grouped, code 3857, section 6.3.56 - Banned-RPAUID, UTF8String, code 3858, section 6.3.73 - Banned-PDUID, OctetString, code 3859, section 6.3.74 - Code-Receiving-Security-Material, Grouped, code 3860, section 6.3.75 - Code-Sending-Security-Material, Grouped, code 3861, section 6.3.76 - DUSK, OctetString, code 3862, section 6.3.77 - DUIK, OctetString, code 3863, section 6.3.78 - DUCK, OctetString, code 3864, section 6.3.79 - MIC-Check-indicator, Unsigned32, code 3865, section 6.3.80 - Encrypted-Bitmask, OctetString, code 3866, section 6.3.81 - ProSe-App-Code-Suffix-Range, OctetString, code 3867, section 6.3.82 - PC5-tech, OctetString, code 3868, section 6.3.84 Note: Name conflict with 3GPP TS 29.154 Time-Window (4204). Time-Window (3818) in 3GPP TS 29.345 V12.1.0 (2014-12) predates Time-Window (4204) in 3GPP TS 29.154 V13.1.0 (2016-03).
author Luke Mewburn <luke@mewburn.net>
date Sun, 05 Apr 2020 08:27:37 +1000
parents 6fe3e5cf9fb2
children
line wrap: on
line source

# This file contains information for configuring the app_radgw extension.
# To find how to have freeDiameter load this extension, please refer to the freeDiameter documentation.
#
# The app_radgw extension allows a freeDiameter agent to serve as a
# RADIUS/Diameter gateway. Typically, a RADIUS client (e.g. a NAS) will connect to
# this agent, and the message will be converted to Diameter and sent to a Diameter server.
#
# Note that this extension does not provide a fully functionnal RADIUS/Diameter gateway.
# You need to load plugins to handle specific RADIUS messages and convert them to 
# Diameter apps such as NASREQ, EAP, ... See the next section for information.


###########
# PLUGINS #
###########

# Additional plugins must be loaded to support specific RADIUS messages and attributes.

# Plugins are registered either for every message, or by port (auth or acct), or by port and code.
# The general format is:
# RGWX = plugin [: conf_file] [: port] [: code(s)] ;
#  Where:
#    plugin is the quoted file name (relative or absolute) of the plugin to load (.rgwx files).
#    conf_file (optional) is the quoted name of the configuration file.
#    port (optional), either auth or acct. 
#       If not specified, extension is called for messages incoming on both ports
#    code(s): space-separated list of command codes for which this extension must be called.
#       If not specified, the extension is called for all incoming messages.
#       The values are interpreted as hexadecimal.
#
# The plugins are called in the order they appear in this file.
# Here are some explained examples:
#  RGWX = "3579.rgwx";   Load this extension and call it for all messages. No configuration file.
#  RGWX = "3579.rgwx" : "3579.conf";  Same as previous but with a configuration file specified.
#  RGWX = "3579.rgwx" : auth; No configuration file, but called only for RADIUS messages received on authentication port.
#  RGWX = "3579.rgwx" : 4 8 b;  Called for messages with command code 4, 8, or 11 only.
#  RGWX = "3579.rgwx" : "3579.conf" : auth : 4 8 b;  All parameters combined.

# Once the list of extensions for an incoming message has been called (or if the list is empty), 
# an error is logged if some RADIUS attributes of the message have not been handled.

RGWX = "extensions/echodrop.rgwx" : "echodrop.rgwx.conf"; # See echodrop.rgwx.conf.sample file
RGWX = "extensions/auth.rgwx" : auth; 
RGWX = "extensions/acct.rgwx" : acct;
# RGWX = "extensions/debug.rgwx"; # Uncomment to see the result of the translation plugins.

# For some extensions (auth, acct), a false configuration file name 
# can be passed to specify flags, such as "nonai" to ignore NAI-based routing.

##################
# RADIUS Clients #
##################

# Each RADIUS client must be declared in the form: 
#   nas = IP / shared-secret ;
# IP can be ipv4 or ipv6
# port can be additionaly restricted with brackets: IP[port] (ex: 192.168.0.1[1812])
# shared-secret can be a quoted string, or a list of hexadecimal values.
# examples:
# nas = 192.168.100.1 / "secret key" ; # the shared secret buffer is 0x736563726574206b6579 (length 10 bytes)
# nas = fe00::1 / 73 65 63 72 65 74 20 6b 65 79; # same shared secret as previously
# When a packet is received from an IP not declared here, it is discarded.

# If the RADIUS client is a Proxy that forwards messages from different peers, it must be
# declared instead as follow:
#   pxy = IP / shared-secret ;
# Note that it is not recommended to use this gateway implementation with a proxy currently,
# since the management of duplicate messages might be insufficient.

# The old notation cli = ... is equivalent to nas = ... and kept for backward compatibility.


####################
#  Authentication  #
#  Authorization   #
####################

# Enable the RADIUS/Diameter authentication/authorization gateway?
# auth_server_enable = 1;

# The port on which the accounting server listens
# auth_server_port = 1812;

# The IPv4 on which to bind the server, or "disable" if IPv4 must not be used.
# auth_server_ip4 = 0.0.0.0;

# The IPv6 address to which the server is bound, or "disable"
# auth_server_ip6 = :: ;


################
#  Accounting  #
################

# Enable the RADIUS/Diameter accounting gateway?
# acct_server_enable = 1;

# The port on which the accounting server listens
# acct_server_port = 1813;

# The IPv4 on which to bind the server, or "disable" if no IPv4 is wanted.
# acct_server_ip4 = 0.0.0.0;

# The IPv6 address to which the server is bound, or "disable"
# acct_server_ip6 = :: ;
"Welcome to our mercurial repository"