4 # This file contains dictionary translations for parsing
5 # requests and generating responses. All transactions are
6 # composed of Attribute/Value Pairs. The value of each attribute
7 # is specified as one of 4 data types. Valid data types are:
9 # string - 0-253 octets
10 # ipaddr - 4 octets in network byte order
11 # integer - 32 bit value in big endian order (high byte first)
12 # date - 32 bit value in big endian order - seconds since
13 # 00:00:00 GMT, Jan. 1, 1970
15 # FreeRADIUS includes extended data types which are not defined
16 # in RFC 2865 or RFC 2866. These data types are:
18 # abinary - Ascend's binary filter format.
19 # octets - raw octets, printed and input as hex strings.
20 # e.g.: 0x123456789abcdef
23 # Enumerated values are stored in the user file with dictionary
24 # VALUE translations for easy administration.
29 # --------------- -----
30 # Framed-Protocol = PPP
31 # 7 = 1 (integer encoding)
35 # Include compatibility dictionary for older users file. Move this
36 # directive to the end of the file if you want to see the old names
37 # in the logfiles too.
39 $INCLUDE dictionary.compat # compability issues
40 $INCLUDE dictionary.acc
41 $INCLUDE dictionary.ascend
42 $INCLUDE dictionary.bay
43 $INCLUDE dictionary.cisco
44 $INCLUDE dictionary.cisco.vpn3000
45 $INCLUDE dictionary.livingston
46 $INCLUDE dictionary.microsoft
47 $INCLUDE dictionary.quintum
48 $INCLUDE dictionary.redback
49 $INCLUDE dictionary.shasta
50 $INCLUDE dictionary.shiva
51 $INCLUDE dictionary.tunnel
52 $INCLUDE dictionary.usr
53 $INCLUDE dictionary.versanet
54 $INCLUDE dictionary.erx
55 $INCLUDE dictionary.freeradius
56 $INCLUDE dictionary.alcatel
57 $INCLUDE dictionary.juniper
60 # Following are the proper new names. Use these.
62 ATTRIBUTE User-Name 1 string
63 ATTRIBUTE User-Password 2 string encrypt=1
64 ATTRIBUTE CHAP-Password 3 octets
65 ATTRIBUTE NAS-IP-Address 4 ipaddr
66 ATTRIBUTE NAS-Port 5 integer
67 ATTRIBUTE Service-Type 6 integer
68 ATTRIBUTE Framed-Protocol 7 integer
69 ATTRIBUTE Framed-IP-Address 8 ipaddr
70 ATTRIBUTE Framed-IP-Netmask 9 ipaddr
71 ATTRIBUTE Framed-Routing 10 integer
72 ATTRIBUTE Filter-Id 11 string
73 ATTRIBUTE Framed-MTU 12 integer
74 ATTRIBUTE Framed-Compression 13 integer
75 ATTRIBUTE Login-IP-Host 14 ipaddr
76 ATTRIBUTE Login-Service 15 integer
77 ATTRIBUTE Login-TCP-Port 16 integer
78 ATTRIBUTE Reply-Message 18 string
79 ATTRIBUTE Callback-Number 19 string
80 ATTRIBUTE Callback-Id 20 string
81 ATTRIBUTE Framed-Route 22 string
82 ATTRIBUTE Framed-IPX-Network 23 ipaddr
83 ATTRIBUTE State 24 octets
84 ATTRIBUTE Class 25 octets
85 ATTRIBUTE Vendor-Specific 26 octets
86 ATTRIBUTE Session-Timeout 27 integer
87 ATTRIBUTE Idle-Timeout 28 integer
88 ATTRIBUTE Termination-Action 29 integer
89 ATTRIBUTE Called-Station-Id 30 string
90 ATTRIBUTE Calling-Station-Id 31 string
91 ATTRIBUTE NAS-Identifier 32 string
92 ATTRIBUTE Proxy-State 33 octets
93 ATTRIBUTE Login-LAT-Service 34 string
94 ATTRIBUTE Login-LAT-Node 35 string
95 ATTRIBUTE Login-LAT-Group 36 octets
96 ATTRIBUTE Framed-AppleTalk-Link 37 integer
97 ATTRIBUTE Framed-AppleTalk-Network 38 integer
98 ATTRIBUTE Framed-AppleTalk-Zone 39 string
100 ATTRIBUTE Acct-Status-Type 40 integer
101 ATTRIBUTE Acct-Delay-Time 41 integer
102 ATTRIBUTE Acct-Input-Octets 42 integer
103 ATTRIBUTE Acct-Output-Octets 43 integer
104 ATTRIBUTE Acct-Session-Id 44 string
105 ATTRIBUTE Acct-Authentic 45 integer
106 ATTRIBUTE Acct-Session-Time 46 integer
107 ATTRIBUTE Acct-Input-Packets 47 integer
108 ATTRIBUTE Acct-Output-Packets 48 integer
109 ATTRIBUTE Acct-Terminate-Cause 49 integer
110 ATTRIBUTE Acct-Multi-Session-Id 50 string
111 ATTRIBUTE Acct-Link-Count 51 integer
112 ATTRIBUTE Acct-Input-Gigawords 52 integer
113 ATTRIBUTE Acct-Output-Gigawords 53 integer
114 ATTRIBUTE Event-Timestamp 55 date
116 ATTRIBUTE CHAP-Challenge 60 string
117 ATTRIBUTE NAS-Port-Type 61 integer
118 ATTRIBUTE Port-Limit 62 integer
119 ATTRIBUTE Login-LAT-Port 63 integer
121 ATTRIBUTE Acct-Tunnel-Connection 68 string
123 ATTRIBUTE ARAP-Password 70 string
124 ATTRIBUTE ARAP-Features 71 string
125 ATTRIBUTE ARAP-Zone-Access 72 integer
126 ATTRIBUTE ARAP-Security 73 integer
127 ATTRIBUTE ARAP-Security-Data 74 string
128 ATTRIBUTE Password-Retry 75 integer
129 ATTRIBUTE Prompt 76 integer
130 ATTRIBUTE Connect-Info 77 string
131 ATTRIBUTE Configuration-Token 78 string
132 ATTRIBUTE EAP-Message 79 string
133 ATTRIBUTE Message-Authenticator 80 octets
134 ATTRIBUTE ARAP-Challenge-Response 84 string # 10 octets
135 ATTRIBUTE Acct-Interim-Interval 85 integer
136 ATTRIBUTE NAS-Port-Id 87 string
137 ATTRIBUTE Framed-Pool 88 string
138 ATTRIBUTE NAS-IPv6-Address 95 octets # really IPv6
139 ATTRIBUTE Framed-Interface-Id 96 octets # 8 octets
140 ATTRIBUTE Framed-IPv6-Prefix 97 octets # stupid format
141 ATTRIBUTE Login-IPv6-Host 98 octets # really IPv6
142 ATTRIBUTE Framed-IPv6-Route 99 string
143 ATTRIBUTE Framed-IPv6-Pool 100 string
145 ATTRIBUTE Digest-Response 206 string
146 ATTRIBUTE Digest-Attributes 207 octets # stupid format
149 # Experimental Non Protocol Attributes used by Cistron-Radiusd
152 # These attributes CAN go in the reply item list.
153 ATTRIBUTE Fall-Through 500 integer
154 ATTRIBUTE Exec-Program 502 string
155 ATTRIBUTE Exec-Program-Wait 503 string
157 # These attributes CANNOT go in the reply item list.
158 ATTRIBUTE User-Category 1029 string
159 ATTRIBUTE Group-Name 1030 string
160 ATTRIBUTE Huntgroup-Name 1031 string
161 ATTRIBUTE Simultaneous-Use 1034 integer
162 ATTRIBUTE Strip-User-Name 1035 integer
163 ATTRIBUTE Hint 1040 string
164 ATTRIBUTE Pam-Auth 1041 string
165 ATTRIBUTE Login-Time 1042 string
166 ATTRIBUTE Stripped-User-Name 1043 string
167 ATTRIBUTE Current-Time 1044 string
168 ATTRIBUTE Realm 1045 string
169 ATTRIBUTE No-Such-Attribute 1046 string
170 ATTRIBUTE Packet-Type 1047 integer
171 ATTRIBUTE Proxy-To-Realm 1048 string
172 ATTRIBUTE Replicate-To-Realm 1049 string
173 ATTRIBUTE Acct-Session-Start-Time 1050 date
174 ATTRIBUTE Acct-Unique-Session-Id 1051 string
175 ATTRIBUTE Client-IP-Address 1052 ipaddr
176 ATTRIBUTE Ldap-UserDn 1053 string
177 ATTRIBUTE NS-MTA-MD5-Password 1054 string
178 ATTRIBUTE SQL-User-Name 1055 string
179 ATTRIBUTE LM-Password 1057 octets
180 ATTRIBUTE NT-Password 1058 octets
181 ATTRIBUTE SMB-Account-CTRL 1059 integer
182 ATTRIBUTE SMB-Account-CTRL-TEXT 1061 string
183 ATTRIBUTE User-Profile 1062 string
184 ATTRIBUTE Digest-Realm 1063 string
185 ATTRIBUTE Digest-Nonce 1064 string
186 ATTRIBUTE Digest-Method 1065 string
187 ATTRIBUTE Digest-URI 1066 string
188 ATTRIBUTE Digest-QOP 1067 string
189 ATTRIBUTE Digest-Algorithm 1068 string
190 ATTRIBUTE Digest-Body-Digest 1069 string
191 ATTRIBUTE Digest-CNonce 1070 string
192 ATTRIBUTE Digest-Nonce-Count 1071 string
193 ATTRIBUTE Digest-User-Name 1072 string
194 ATTRIBUTE Pool-Name 1073 string
195 ATTRIBUTE Ldap-Group 1074 string
196 ATTRIBUTE Module-Success-Message 1075 string
197 ATTRIBUTE Module-Failure-Message 1076 string
198 # X99-Fast 1077 integer
199 ATTRIBUTE Rewrite-Rule 1078 string
200 ATTRIBUTE Sql-Group 1079 string
203 # Non-Protocol Attributes
204 # These attributes are used internally by the server
206 ATTRIBUTE Auth-Type 1000 integer
207 ATTRIBUTE Menu 1001 string
208 ATTRIBUTE Termination-Menu 1002 string
209 ATTRIBUTE Prefix 1003 string
210 ATTRIBUTE Suffix 1004 string
211 ATTRIBUTE Group 1005 string
212 ATTRIBUTE Crypt-Password 1006 string
213 ATTRIBUTE Connect-Rate 1007 integer
214 ATTRIBUTE Add-Prefix 1008 string
215 ATTRIBUTE Add-Suffix 1009 string
216 ATTRIBUTE Expiration 1010 date
217 ATTRIBUTE Autz-Type 1011 integer
220 # Integer Translations
225 VALUE Service-Type Login-User 1
226 VALUE Service-Type Framed-User 2
227 VALUE Service-Type Callback-Login-User 3
228 VALUE Service-Type Callback-Framed-User 4
229 VALUE Service-Type Outbound-User 5
230 VALUE Service-Type Administrative-User 6
231 VALUE Service-Type NAS-Prompt-User 7
232 VALUE Service-Type Authenticate-Only 8
233 VALUE Service-Type Callback-NAS-Prompt 9
234 VALUE Service-Type Call-Check 10
235 VALUE Service-Type Callback-Administrative 11
239 VALUE Framed-Protocol PPP 1
240 VALUE Framed-Protocol SLIP 2
241 VALUE Framed-Protocol ARAP 3
242 VALUE Framed-Protocol Gandalf-SLML 4
243 VALUE Framed-Protocol Xylogics-IPX-SLIP 5
244 VALUE Framed-Protocol X.75-Synchronous 6
246 # Framed Routing Values
248 VALUE Framed-Routing None 0
249 VALUE Framed-Routing Broadcast 1
250 VALUE Framed-Routing Listen 2
251 VALUE Framed-Routing Broadcast-Listen 3
253 # Framed Compression Types
255 VALUE Framed-Compression None 0
256 VALUE Framed-Compression Van-Jacobson-TCP-IP 1
257 VALUE Framed-Compression IPX-Header-Compression 2
258 VALUE Framed-Compression Stac-LZS 3
262 VALUE Login-Service Telnet 0
263 VALUE Login-Service Rlogin 1
264 VALUE Login-Service TCP-Clear 2
265 VALUE Login-Service PortMaster 3
266 VALUE Login-Service LAT 4
267 VALUE Login-Service X25-PAD 5
268 VALUE Login-Service X25-T3POS 6
269 VALUE Login-Service TCP-Clear-Quiet 7
271 # Login-TCP-Port (see /etc/services for more examples)
273 VALUE Login-TCP-Port Telnet 23
274 VALUE Login-TCP-Port Rlogin 513
275 VALUE Login-TCP-Port Rsh 514
279 VALUE Acct-Status-Type Start 1
280 VALUE Acct-Status-Type Stop 2
281 VALUE Acct-Status-Type Interim-Update 3
282 VALUE Acct-Status-Type Alive 3
283 VALUE Acct-Status-Type Accounting-On 7
284 VALUE Acct-Status-Type Accounting-Off 8
285 # RFC 2867 Additional Status-Type Values
286 VALUE Acct-Status-Type Tunnel-Start 9
287 VALUE Acct-Status-Type Tunnel-Stop 10
288 VALUE Acct-Status-Type Tunnel-Reject 11
289 VALUE Acct-Status-Type Tunnel-Link-Start 12
290 VALUE Acct-Status-Type Tunnel-Link-Stop 13
291 VALUE Acct-Status-Type Tunnel-Link-Reject 14
293 # Authentication Types
295 VALUE Acct-Authentic RADIUS 1
296 VALUE Acct-Authentic Local 2
298 # Termination Options
300 VALUE Termination-Action Default 0
301 VALUE Termination-Action RADIUS-Request 1
305 VALUE NAS-Port-Type Async 0
306 VALUE NAS-Port-Type Sync 1
307 VALUE NAS-Port-Type ISDN 2
308 VALUE NAS-Port-Type ISDN-V120 3
309 VALUE NAS-Port-Type ISDN-V110 4
310 VALUE NAS-Port-Type Virtual 5
311 VALUE NAS-Port-Type PIAFS 6
312 VALUE NAS-Port-Type HDLC-Clear-Channel 7
313 VALUE NAS-Port-Type X.25 8
314 VALUE NAS-Port-Type X.75 9
315 VALUE NAS-Port-Type G.3-Fax 10
316 VALUE NAS-Port-Type SDSL 11
317 VALUE NAS-Port-Type ADSL-CAP 12
318 VALUE NAS-Port-Type ADSL-DMT 13
319 VALUE NAS-Port-Type IDSL 14
320 VALUE NAS-Port-Type Ethernet 15
321 VALUE NAS-Port-Type xDSL 16
322 VALUE NAS-Port-Type Cable 17
323 VALUE NAS-Port-Type Wireless-Other 18
324 VALUE NAS-Port-Type Wireless-802.11 19
326 # Acct Terminate Causes, available in 3.3.2 and later
328 VALUE Acct-Terminate-Cause User-Request 1
329 VALUE Acct-Terminate-Cause Lost-Carrier 2
330 VALUE Acct-Terminate-Cause Lost-Service 3
331 VALUE Acct-Terminate-Cause Idle-Timeout 4
332 VALUE Acct-Terminate-Cause Session-Timeout 5
333 VALUE Acct-Terminate-Cause Admin-Reset 6
334 VALUE Acct-Terminate-Cause Admin-Reboot 7
335 VALUE Acct-Terminate-Cause Port-Error 8
336 VALUE Acct-Terminate-Cause NAS-Error 9
337 VALUE Acct-Terminate-Cause NAS-Request 10
338 VALUE Acct-Terminate-Cause NAS-Reboot 11
339 VALUE Acct-Terminate-Cause Port-Unneeded 12
340 VALUE Acct-Terminate-Cause Port-Preempted 13
341 VALUE Acct-Terminate-Cause Port-Suspended 14
342 VALUE Acct-Terminate-Cause Service-Unavailable 15
343 VALUE Acct-Terminate-Cause Callback 16
344 VALUE Acct-Terminate-Cause User-Error 17
345 VALUE Acct-Terminate-Cause Host-Request 18
347 #VALUE Tunnel-Type L2TP 3
348 #VALUE Tunnel-Medium-Type IP 1
350 VALUE Prompt No-Echo 0
354 # Non-Protocol Integer Translations
357 VALUE Auth-Type Local 0
358 VALUE Auth-Type System 1
359 VALUE Auth-Type SecurID 2
360 VALUE Auth-Type Crypt-Local 3
361 VALUE Auth-Type Reject 4
362 VALUE Auth-Type ActivCard 5
363 VALUE Auth-Type EAP 6
364 VALUE Auth-Type ARAP 7
369 VALUE Auth-Type Ldap 252
370 VALUE Auth-Type Pam 253
371 VALUE Auth-Type Accept 254
373 VALUE Auth-Type PAP 1024
374 VALUE Auth-Type CHAP 1025
375 VALUE Auth-Type LDAP 1026
376 VALUE Auth-Type PAM 1027
377 VALUE Auth-Type MS-CHAP 1028
378 VALUE Auth-Type Kerberos 1029
379 VALUE Auth-Type CRAM 1030
380 VALUE Auth-Type NS-MTA-MD5 1031
381 VALUE Auth-Type CRAM 1032
382 VALUE Auth-Type SMB 1033
385 # Authorization type, too.
387 VALUE Autz-Type Local 0
390 # Experimental Non-Protocol Integer Translations for Cistron-Radiusd
392 VALUE Fall-Through No 0
393 VALUE Fall-Through Yes 1
395 VALUE Packet-Type Access-Request 1
396 VALUE Packet-Type Access-Accept 2
397 VALUE Packet-Type Access-Reject 3
398 VALUE Packet-Type Accounting-Request 4
399 VALUE Packet-Type Accounting-Response 5
400 VALUE Packet-Type Accounting-Status 6
401 VALUE Packet-Type Password-Request 7
402 VALUE Packet-Type Password-Accept 8
403 VALUE Packet-Type Password-Reject 9
404 VALUE Packet-Type Accounting-Message 10
405 VALUE Packet-Type Access-Challenge 11
406 VALUE Packet-Type Status-Server 12
407 VALUE Packet-Type Status-Client 13