(RADIATOR) Radius Proxy how to ignore unknown attributes
Hugh Irvine
hugh at open.com.au
Tue Oct 2 18:31:56 CDT 2007
Hello Iiker -
This vendor is listed as (http://www.iana.org/assignments/enterprise-
numbers):
5826
MIND CTI Ltd.
Raanan Grinwald
graanan&mindcti.com
In general you should prefix the attribute names with a vendor tag to
avoid potetial conflicts elsewhere in the dictionary and so you know
what vendor the attributes refer to.
Ie:
VENDORATTR 5826 MINDCTI-Caller-ID-type 1 integer
......
You should have a look at a trace 5 debug from Radiator to see the
hex dumps of the requests to see exactly what is contained in the
attribute values.
The message you are seeing below indicates that the values contained
in the RADIUS request are not listed in the VALUES that you have
defined.
hope that helps
regards
Hugh
On 2 Oct 2007, at 21:21, İlker Aktuna (Koç.net) wrote:
> Hi Hugh,
>
> Thanks for your answer. I defined the attributes in the dictionary
> as seen below.
> But I get the following errors in the logfile.
>
> Fri Sep 28 09:34:14 2007: ERR: There is no value named for
> attribute Status. Using 0.
> Fri Sep 28 09:36:52 2007: ERR: There is no value named for
> attribute Billing-Model. Using 0.
> Fri Sep 28 09:36:52 2007: ERR: There is no value named for
> attribute Status. Using 0.
> Fri Sep 28 09:39:14 2007: ERR: There is no value named for
> attribute Caller-ID-type. Using 0.
>
> Added lines to dictionary:
>
> VENDORATTR 5826 Caller-ID-type 1 integer
> VENDORATTR 5826 Originate-Address 2 integer
> VENDORATTR 5826 Balance 3 string
> VENDORATTR 5826 Currency 4 string
> VENDORATTR 5826 Billing-Model 5 integer
> VENDORATTR 5826 Language 6 string
> VENDORATTR 5826 Status 7 integer
> VENDORATTR 5826 Call-Direction 8 string
> VENDORATTR 5826 Call-Info 9 string
> VENDORATTR 5826 Call-Parties 10 integer
> VENDORATTR 5826 Line 11 integer
> VENDORATTR 5826 Outbound-type 12 integer
> VENDORATTR 5826 Query-Request 13 integer
> VENDORATTR 5826 Start-Time 14 integer
> VENDORATTR 5826 Protocol-Number 15 integer
> VENDORATTR 5826 Max-Call-Duration 16 integer
> VENDORATTR 5826 CDR 17 string
> VENDORATTR 5826 TRUNKID 18 string
> VENDORATTR 5826 DNIS 19 string
> VENDORATTR 5826 ANI-info-digits 20 string
> VENDORATTR 5826 Accounting-start-type 21 integer
> VENDORATTR 5826 Remote-address 22 integer
> VENDORATTR 5826 Total-duration 23 integer
> VENDORATTR 5826 Action-type 24 integer
> VENDORATTR 5826 New-Password 25 string
> VENDORATTR 5826 Destination-User-Code 26 string
> VENDORATTR 5826 Destination-Password 27 string
> VENDORATTR 5826 Voucher-number 28 string
> VENDORATTR 5826 Voucher-password 29 string
> VENDORATTR 5826 Amount 30 string
> VENDORATTR 5826 ISO-Currency 31 string
> VENDORATTR 5826 Source-Balance 32 string
> VENDORATTR 5826 Extra-Info 33 string
> VENDORATTR 5826 DB-Query 34 string
> VENDORATTR 5826 Reservation-Expires 38 integer
> VALUE Caller-ID-type User-ID 0
> VALUE Caller-ID-type PIN-Code 1
> VALUE Caller-ID-type ANI-Code 2
> VALUE Caller-ID-type Domain 4
> VALUE Billing-Model CREDIT 0
> VALUE Billing-Model DEBIT 1
> VALUE Status OK 0
> VALUE Status FAIL 1
> VALUE Status INVAILD-ARGUMENT 2
> VALUE Status USER-NOT-FOUND 3
> VALUE Status ACCOUNT-IN-USE 4
> VALUE Status CARD-EXPIRED 5
> VALUE Status CREDIT-LIMIT 6
> VALUE Status USER-BLOCKED 7
> VALUE Status BAD-LINe-NUMBER 8
> VALUE Status INVALID-NUMBER 11
> VALUE Status RATE-FOR-CALL 12
> VALUE Status NOT-AUTHORIZED 13
> VALUE Status NOT-ENOUGH-MONEY 14
> VALUE Status ACCOUNT-NOT-ACTIVE 15
> VALUE Status WRONG-OLD-PASSWORD 16
> VALUE Status USER-DENIED 17
> VALUE Status INVALID-NEW-PASSWORD 18
> VALUE Status INVALID-DESTINATION-ACCOUNT 19
> VALUE Status TARIFF-NOT-FOUND 20
> VALUE Status IP-ALLOCATION-FAILED 21
> VALUE Status INVALID-PASSWORD 23
> VALUE Status ZERO-BALANCE 24
> VALUE Status NO-DATA-FOUND 25
> VALUE Status TOO-MANY-ROW-DATA 26
> VALUE Call-Parties Phone-To-Phone 1
> VALUE Call-Parties Desktop-To-Phone 2
> VALUE Call-Parties Phone-To-Desktop 3
> VALUE Call-Parties Phone-To-PBX 10
> VALUE Call-Parties Desktop-To-PBX 11
> VALUE Call-Parties Web-To-PBX 20
> VALUE Outbound-type PSTN 0
> VALUE Outbound-type PBX 1
> VALUE Query-Request Query 2
> VALUE Query-Request Query-Lock 1
> VALUE Protocol-Number DTMF 0
> VALUE Protocol-Number E164 1
> VALUE Accounting-start-type First-Auth 0
> VALUE Accounting-start-type Re-Auth 1
> VALUE Accounting-start-type Call-Start 2
> VALUE Action-type Regular 1
> VALUE Action-type Change-Pswd 2
> VALUE Action-type Transfer 3
> VALUE Action-type Recharge 4
> VALUE Action-type DBQuery 5
> VALUE Action-type Resolve 6
>
> What do you think about this ?
>
> Thanks,
> ilker
>
> -----Original Message-----
> From: owner-radiator at open.com.au [mailto:owner-
> radiator at open.com.au] On Behalf Of Hugh Irvine
> Sent: Tuesday, October 02, 2007 1:48 AM
> To: Hadi Unal AKYOL
> Cc: radiator at open.com.au
> Subject: Re: (RADIATOR) Radius Proxy how to ignore unknown attributes
>
>
> Hello iiker -
>
> The only way you can do what you describe is to add the attributes to
> the dictionary.
>
> The RADIUS requests are decoded off the wire using the dictionary,
> processed internally by Radiator, then re-encoded using the
> dictionary to be re-sent.
>
> Therefore all attributes that you want forwarded must be defined in
> the dictionary.
>
> regards
>
> Hugh
>
>
> On 1 Oct 2007, at 16:43, Hadi Unal AKYOL wrote:
>
>> Hi,
>>
>>
>>
>> I am using Radiator as a radius proxy. So I just want it to forward
>> the radius packet without making any checks.
>>
>> Unfortunately I noticed that if an attribute is not known (not in
>> the dictionary) it removes the attribute from the request and then
>> forwards the request to the radius server.
>>
>> I know that this problem can be solved by adding the unknown
>> attributes to the dictionary. But if there is a simpler way of
>> ignoring unknown attributes and forwarding them, I would like to
>> use it.
>>
>> Is there any way of doing this ?
>>
>>
>>
>> Thanks,
>>
>> ilker
>>
>>
>> Connect to the next generation of MSN Messenger Get it now!
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/
> radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
> Have you checked the RadiusExpert wiki:
> http://www.open.com.au/wiki/index.php/Main_Page
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> ______________________________________________________________________
> ______________________________________________________________________
> _
> Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor
> olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa,
> icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari
> acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen
> geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-
> posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz,
> yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji
> viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak
> yollayici, bu e-posta mesajinin - virus koruma sistemleri ile
> kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve
> meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul
> etmez.
> This message is intended solely for the use of the individual or
> entity to whom it is addressed , and may contain confidential
> information. If you are not the intended recipient of this message
> or you receive this mail in error, you should refrain from making
> any use of the contents and from opening any attachment. In that
> case, please notify the sender immediately and return the message
> to the sender, then, delete and destroy all copies. This e-mail
> message, can not be copied, published or sold for any reason. This
> e-mail message has been swept by anti-virus systems for the
> presence of computer viruses. In doing so, however, sender cannot
> warrant that virus or other forms of data corruption may not be
> present and do not take any responsibility in any occurrence.
> ______________________________________________________________________
> ______________________________________________________________________
> _
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list