4 # This file contains dictionary translations for parsing
5 # requests and generating responses. All transactions are
6 # composed of Attribute/Value Pairs. The value of each attribute
7 # is specified as one of 4 data types. Valid data types are:
9 # string - 0-253 octets
10 # ipaddr - 4 octets in network byte order
11 # integer - 32 bit value in big endian order (high byte first)
12 # date - 32 bit value in big endian order - seconds since
13 # 00:00:00 GMT, Jan. 1, 1970
15 # FreeRADIUS includes extended data types which are not defined
16 # in RFC 2865 or RFC 2866. These data types are:
18 # abinary - Ascend's binary filter format.
19 # octets - raw octets, printed and input as hex strings.
20 # e.g.: 0x123456789abcdef
23 # Enumerated values are stored in the user file with dictionary
24 # VALUE translations for easy administration.
29 # --------------- -----
30 # Framed-Protocol = PPP
31 # 7 = 1 (integer encoding)
35 # Include compatibility dictionary for older users file. Move this
36 # directive to the end of the file if you want to see the old names
37 # in the logfiles too.
39 $INCLUDE dictionary.compat # compability issues
40 $INCLUDE dictionary.acc
41 $INCLUDE dictionary.ascend
42 $INCLUDE dictionary.bay
43 $INCLUDE dictionary.cisco
44 $INCLUDE dictionary.cisco.vpn3000
45 $INCLUDE dictionary.cisco.vpn5000
46 $INCLUDE dictionary.cisco.bbsm
47 $INCLUDE dictionary.colubris
48 $INCLUDE dictionary.livingston
49 $INCLUDE dictionary.microsoft
50 $INCLUDE dictionary.nomadix
51 $INCLUDE dictionary.quintum
52 $INCLUDE dictionary.redback
53 $INCLUDE dictionary.shasta
54 $INCLUDE dictionary.shiva
55 $INCLUDE dictionary.tunnel
56 $INCLUDE dictionary.usr
57 $INCLUDE dictionary.versanet
58 $INCLUDE dictionary.erx
59 $INCLUDE dictionary.freeradius
60 $INCLUDE dictionary.alcatel
61 $INCLUDE dictionary.juniper
62 $INCLUDE dictionary.alteon
65 # Following are the proper new names. Use these.
67 ATTRIBUTE User-Name 1 string
68 ATTRIBUTE User-Password 2 string encrypt=1
69 ATTRIBUTE CHAP-Password 3 octets
70 ATTRIBUTE NAS-IP-Address 4 ipaddr
71 ATTRIBUTE NAS-Port 5 integer
72 ATTRIBUTE Service-Type 6 integer
73 ATTRIBUTE Framed-Protocol 7 integer
74 ATTRIBUTE Framed-IP-Address 8 ipaddr
75 ATTRIBUTE Framed-IP-Netmask 9 ipaddr
76 ATTRIBUTE Framed-Routing 10 integer
77 ATTRIBUTE Filter-Id 11 string
78 ATTRIBUTE Framed-MTU 12 integer
79 ATTRIBUTE Framed-Compression 13 integer
80 ATTRIBUTE Login-IP-Host 14 ipaddr
81 ATTRIBUTE Login-Service 15 integer
82 ATTRIBUTE Login-TCP-Port 16 integer
83 ATTRIBUTE Reply-Message 18 string
84 ATTRIBUTE Callback-Number 19 string
85 ATTRIBUTE Callback-Id 20 string
86 ATTRIBUTE Framed-Route 22 string
87 ATTRIBUTE Framed-IPX-Network 23 ipaddr
88 ATTRIBUTE State 24 octets
89 ATTRIBUTE Class 25 octets
90 ATTRIBUTE Vendor-Specific 26 octets
91 ATTRIBUTE Session-Timeout 27 integer
92 ATTRIBUTE Idle-Timeout 28 integer
93 ATTRIBUTE Termination-Action 29 integer
94 ATTRIBUTE Called-Station-Id 30 string
95 ATTRIBUTE Calling-Station-Id 31 string
96 ATTRIBUTE NAS-Identifier 32 string
97 ATTRIBUTE Proxy-State 33 octets
98 ATTRIBUTE Login-LAT-Service 34 string
99 ATTRIBUTE Login-LAT-Node 35 string
100 ATTRIBUTE Login-LAT-Group 36 octets
101 ATTRIBUTE Framed-AppleTalk-Link 37 integer
102 ATTRIBUTE Framed-AppleTalk-Network 38 integer
103 ATTRIBUTE Framed-AppleTalk-Zone 39 string
105 ATTRIBUTE Acct-Status-Type 40 integer
106 ATTRIBUTE Acct-Delay-Time 41 integer
107 ATTRIBUTE Acct-Input-Octets 42 integer
108 ATTRIBUTE Acct-Output-Octets 43 integer
109 ATTRIBUTE Acct-Session-Id 44 string
110 ATTRIBUTE Acct-Authentic 45 integer
111 ATTRIBUTE Acct-Session-Time 46 integer
112 ATTRIBUTE Acct-Input-Packets 47 integer
113 ATTRIBUTE Acct-Output-Packets 48 integer
114 ATTRIBUTE Acct-Terminate-Cause 49 integer
115 ATTRIBUTE Acct-Multi-Session-Id 50 string
116 ATTRIBUTE Acct-Link-Count 51 integer
117 ATTRIBUTE Acct-Input-Gigawords 52 integer
118 ATTRIBUTE Acct-Output-Gigawords 53 integer
119 ATTRIBUTE Event-Timestamp 55 date
121 ATTRIBUTE CHAP-Challenge 60 string
122 ATTRIBUTE NAS-Port-Type 61 integer
123 ATTRIBUTE Port-Limit 62 integer
124 ATTRIBUTE Login-LAT-Port 63 integer
126 ATTRIBUTE Acct-Tunnel-Connection 68 string
128 ATTRIBUTE ARAP-Password 70 string
129 ATTRIBUTE ARAP-Features 71 string
130 ATTRIBUTE ARAP-Zone-Access 72 integer
131 ATTRIBUTE ARAP-Security 73 integer
132 ATTRIBUTE ARAP-Security-Data 74 string
133 ATTRIBUTE Password-Retry 75 integer
134 ATTRIBUTE Prompt 76 integer
135 ATTRIBUTE Connect-Info 77 string
136 ATTRIBUTE Configuration-Token 78 string
137 ATTRIBUTE EAP-Message 79 string
138 ATTRIBUTE Message-Authenticator 80 octets
139 ATTRIBUTE ARAP-Challenge-Response 84 string # 10 octets
140 ATTRIBUTE Acct-Interim-Interval 85 integer
141 ATTRIBUTE NAS-Port-Id 87 string
142 ATTRIBUTE Framed-Pool 88 string
143 ATTRIBUTE NAS-IPv6-Address 95 octets # really IPv6
144 ATTRIBUTE Framed-Interface-Id 96 octets # 8 octets
145 ATTRIBUTE Framed-IPv6-Prefix 97 octets # stupid format
146 ATTRIBUTE Login-IPv6-Host 98 octets # really IPv6
147 ATTRIBUTE Framed-IPv6-Route 99 string
148 ATTRIBUTE Framed-IPv6-Pool 100 string
150 ATTRIBUTE Digest-Response 206 string
151 ATTRIBUTE Digest-Attributes 207 octets # stupid format
154 # Experimental Non Protocol Attributes used by Cistron-Radiusd
157 # These attributes CAN go in the reply item list.
158 ATTRIBUTE Fall-Through 500 integer
159 ATTRIBUTE Exec-Program 502 string
160 ATTRIBUTE Exec-Program-Wait 503 string
162 # These attributes CANNOT go in the reply item list.
163 ATTRIBUTE User-Category 1029 string
164 ATTRIBUTE Group-Name 1030 string
165 ATTRIBUTE Huntgroup-Name 1031 string
166 ATTRIBUTE Simultaneous-Use 1034 integer
167 ATTRIBUTE Strip-User-Name 1035 integer
168 ATTRIBUTE Hint 1040 string
169 ATTRIBUTE Pam-Auth 1041 string
170 ATTRIBUTE Login-Time 1042 string
171 ATTRIBUTE Stripped-User-Name 1043 string
172 ATTRIBUTE Current-Time 1044 string
173 ATTRIBUTE Realm 1045 string
174 ATTRIBUTE No-Such-Attribute 1046 string
175 ATTRIBUTE Packet-Type 1047 integer
176 ATTRIBUTE Proxy-To-Realm 1048 string
177 ATTRIBUTE Replicate-To-Realm 1049 string
178 ATTRIBUTE Acct-Session-Start-Time 1050 date
179 ATTRIBUTE Acct-Unique-Session-Id 1051 string
180 ATTRIBUTE Client-IP-Address 1052 ipaddr
181 ATTRIBUTE Ldap-UserDn 1053 string
182 ATTRIBUTE NS-MTA-MD5-Password 1054 string
183 ATTRIBUTE SQL-User-Name 1055 string
184 ATTRIBUTE LM-Password 1057 octets
185 ATTRIBUTE NT-Password 1058 octets
186 ATTRIBUTE SMB-Account-CTRL 1059 integer
187 ATTRIBUTE SMB-Account-CTRL-TEXT 1061 string
188 ATTRIBUTE User-Profile 1062 string
189 ATTRIBUTE Digest-Realm 1063 string
190 ATTRIBUTE Digest-Nonce 1064 string
191 ATTRIBUTE Digest-Method 1065 string
192 ATTRIBUTE Digest-URI 1066 string
193 ATTRIBUTE Digest-QOP 1067 string
194 ATTRIBUTE Digest-Algorithm 1068 string
195 ATTRIBUTE Digest-Body-Digest 1069 string
196 ATTRIBUTE Digest-CNonce 1070 string
197 ATTRIBUTE Digest-Nonce-Count 1071 string
198 ATTRIBUTE Digest-User-Name 1072 string
199 ATTRIBUTE Pool-Name 1073 string
200 ATTRIBUTE Ldap-Group 1074 string
201 ATTRIBUTE Module-Success-Message 1075 string
202 ATTRIBUTE Module-Failure-Message 1076 string
203 # X99-Fast 1077 integer
204 ATTRIBUTE Rewrite-Rule 1078 string
205 ATTRIBUTE Sql-Group 1079 string
208 # Non-Protocol Attributes
209 # These attributes are used internally by the server
211 ATTRIBUTE Auth-Type 1000 integer
212 ATTRIBUTE Menu 1001 string
213 ATTRIBUTE Termination-Menu 1002 string
214 ATTRIBUTE Prefix 1003 string
215 ATTRIBUTE Suffix 1004 string
216 ATTRIBUTE Group 1005 string
217 ATTRIBUTE Crypt-Password 1006 string
218 ATTRIBUTE Connect-Rate 1007 integer
219 ATTRIBUTE Add-Prefix 1008 string
220 ATTRIBUTE Add-Suffix 1009 string
221 ATTRIBUTE Expiration 1010 date
222 ATTRIBUTE Autz-Type 1011 integer
223 ATTRIBUTE Acct-Type 1011 integer
224 ATTRIBUTE Session-Type 1012 integer
225 ATTRIBUTE PostAuth-Type 1013 integer
228 # Integer Translations
233 VALUE Service-Type Login-User 1
234 VALUE Service-Type Framed-User 2
235 VALUE Service-Type Callback-Login-User 3
236 VALUE Service-Type Callback-Framed-User 4
237 VALUE Service-Type Outbound-User 5
238 VALUE Service-Type Administrative-User 6
239 VALUE Service-Type NAS-Prompt-User 7
240 VALUE Service-Type Authenticate-Only 8
241 VALUE Service-Type Callback-NAS-Prompt 9
242 VALUE Service-Type Call-Check 10
243 VALUE Service-Type Callback-Administrative 11
247 VALUE Framed-Protocol PPP 1
248 VALUE Framed-Protocol SLIP 2
249 VALUE Framed-Protocol ARAP 3
250 VALUE Framed-Protocol Gandalf-SLML 4
251 VALUE Framed-Protocol Xylogics-IPX-SLIP 5
252 VALUE Framed-Protocol X.75-Synchronous 6
254 # Framed Routing Values
256 VALUE Framed-Routing None 0
257 VALUE Framed-Routing Broadcast 1
258 VALUE Framed-Routing Listen 2
259 VALUE Framed-Routing Broadcast-Listen 3
261 # Framed Compression Types
263 VALUE Framed-Compression None 0
264 VALUE Framed-Compression Van-Jacobson-TCP-IP 1
265 VALUE Framed-Compression IPX-Header-Compression 2
266 VALUE Framed-Compression Stac-LZS 3
270 VALUE Login-Service Telnet 0
271 VALUE Login-Service Rlogin 1
272 VALUE Login-Service TCP-Clear 2
273 VALUE Login-Service PortMaster 3
274 VALUE Login-Service LAT 4
275 VALUE Login-Service X25-PAD 5
276 VALUE Login-Service X25-T3POS 6
277 VALUE Login-Service TCP-Clear-Quiet 7
279 # Login-TCP-Port (see /etc/services for more examples)
281 VALUE Login-TCP-Port Telnet 23
282 VALUE Login-TCP-Port Rlogin 513
283 VALUE Login-TCP-Port Rsh 514
287 VALUE Acct-Status-Type Start 1
288 VALUE Acct-Status-Type Stop 2
289 VALUE Acct-Status-Type Interim-Update 3
290 VALUE Acct-Status-Type Alive 3
291 VALUE Acct-Status-Type Accounting-On 7
292 VALUE Acct-Status-Type Accounting-Off 8
293 # RFC 2867 Additional Status-Type Values
294 VALUE Acct-Status-Type Tunnel-Start 9
295 VALUE Acct-Status-Type Tunnel-Stop 10
296 VALUE Acct-Status-Type Tunnel-Reject 11
297 VALUE Acct-Status-Type Tunnel-Link-Start 12
298 VALUE Acct-Status-Type Tunnel-Link-Stop 13
299 VALUE Acct-Status-Type Tunnel-Link-Reject 14
301 # Authentication Types
303 VALUE Acct-Authentic RADIUS 1
304 VALUE Acct-Authentic Local 2
306 # Termination Options
308 VALUE Termination-Action Default 0
309 VALUE Termination-Action RADIUS-Request 1
313 VALUE NAS-Port-Type Async 0
314 VALUE NAS-Port-Type Sync 1
315 VALUE NAS-Port-Type ISDN 2
316 VALUE NAS-Port-Type ISDN-V120 3
317 VALUE NAS-Port-Type ISDN-V110 4
318 VALUE NAS-Port-Type Virtual 5
319 VALUE NAS-Port-Type PIAFS 6
320 VALUE NAS-Port-Type HDLC-Clear-Channel 7
321 VALUE NAS-Port-Type X.25 8
322 VALUE NAS-Port-Type X.75 9
323 VALUE NAS-Port-Type G.3-Fax 10
324 VALUE NAS-Port-Type SDSL 11
325 VALUE NAS-Port-Type ADSL-CAP 12
326 VALUE NAS-Port-Type ADSL-DMT 13
327 VALUE NAS-Port-Type IDSL 14
328 VALUE NAS-Port-Type Ethernet 15
329 VALUE NAS-Port-Type xDSL 16
330 VALUE NAS-Port-Type Cable 17
331 VALUE NAS-Port-Type Wireless-Other 18
332 VALUE NAS-Port-Type Wireless-802.11 19
334 # Acct Terminate Causes, available in 3.3.2 and later
336 VALUE Acct-Terminate-Cause User-Request 1
337 VALUE Acct-Terminate-Cause Lost-Carrier 2
338 VALUE Acct-Terminate-Cause Lost-Service 3
339 VALUE Acct-Terminate-Cause Idle-Timeout 4
340 VALUE Acct-Terminate-Cause Session-Timeout 5
341 VALUE Acct-Terminate-Cause Admin-Reset 6
342 VALUE Acct-Terminate-Cause Admin-Reboot 7
343 VALUE Acct-Terminate-Cause Port-Error 8
344 VALUE Acct-Terminate-Cause NAS-Error 9
345 VALUE Acct-Terminate-Cause NAS-Request 10
346 VALUE Acct-Terminate-Cause NAS-Reboot 11
347 VALUE Acct-Terminate-Cause Port-Unneeded 12
348 VALUE Acct-Terminate-Cause Port-Preempted 13
349 VALUE Acct-Terminate-Cause Port-Suspended 14
350 VALUE Acct-Terminate-Cause Service-Unavailable 15
351 VALUE Acct-Terminate-Cause Callback 16
352 VALUE Acct-Terminate-Cause User-Error 17
353 VALUE Acct-Terminate-Cause Host-Request 18
355 #VALUE Tunnel-Type L2TP 3
356 #VALUE Tunnel-Medium-Type IP 1
358 VALUE Prompt No-Echo 0
362 # Non-Protocol Integer Translations
365 VALUE Auth-Type Local 0
366 VALUE Auth-Type System 1
367 VALUE Auth-Type SecurID 2
368 VALUE Auth-Type Crypt-Local 3
369 VALUE Auth-Type Reject 4
370 VALUE Auth-Type ActivCard 5
371 VALUE Auth-Type EAP 6
372 VALUE Auth-Type ARAP 7
377 VALUE Auth-Type Ldap 252
378 VALUE Auth-Type Pam 253
379 VALUE Auth-Type Accept 254
381 VALUE Auth-Type PAP 1024
382 VALUE Auth-Type CHAP 1025
383 VALUE Auth-Type LDAP 1026
384 VALUE Auth-Type PAM 1027
385 VALUE Auth-Type MS-CHAP 1028
386 VALUE Auth-Type Kerberos 1029
387 VALUE Auth-Type CRAM 1030
388 VALUE Auth-Type NS-MTA-MD5 1031
389 VALUE Auth-Type CRAM 1032
390 VALUE Auth-Type SMB 1033
393 # Authorization type, too.
395 VALUE Autz-Type Local 0
400 VALUE Acct-Type Local 0
403 # And Session handling
405 VALUE Session-Type Local 0
409 VALUE PostAuth-Type Local 0
412 # Experimental Non-Protocol Integer Translations for Cistron-Radiusd
414 VALUE Fall-Through No 0
415 VALUE Fall-Through Yes 1
417 VALUE Packet-Type Access-Request 1
418 VALUE Packet-Type Access-Accept 2
419 VALUE Packet-Type Access-Reject 3
420 VALUE Packet-Type Accounting-Request 4
421 VALUE Packet-Type Accounting-Response 5
422 VALUE Packet-Type Accounting-Status 6
423 VALUE Packet-Type Password-Request 7
424 VALUE Packet-Type Password-Accept 8
425 VALUE Packet-Type Password-Reject 9
426 VALUE Packet-Type Accounting-Message 10
427 VALUE Packet-Type Access-Challenge 11
428 VALUE Packet-Type Status-Server 12
429 VALUE Packet-Type Status-Client 13