Add configuration options for F-Ticks logging.

[libradsec.git] / radsecproxy.conf-example

diff --git a/radsecproxy.conf-example b/radsecproxy.conf-example
index 6d24ba8..9ec003d 100644 (file)
--- a/radsecproxy.conf-example
+++ b/radsecproxy.conf-example
@@ -17,6 +17,7 @@
 #SourceTCP             *:33000
 #SourceTLS             *:33001
 #SourceDTLS            *:33001
+
 # Optional log level. 3 is default, 1 is less, 5 is more
 #LogLevel              3
 # Optional LogDestination, else stderr used for logging
@@ -28,6 +29,30 @@
 #LogDestination         x-syslog:///
 #LogDestination         x-syslog:///log_local2
 
+# For generating log entries conforming to the F-Ticks system, specify
+# F-Ticks-Reporting with one of
+#   None  -- Do not log in F-Ticks format.  This is the default.
+#   Basic -- Do log in F-Ticks format but do not log VISINST.
+#   Full  -- Do log in F-Ticks format and do log VISINST.
+
+# You can optionally specify F-Ticks-MAC in order to determine if and
+# how Calling-Station-Id is logged.
+#   Static          -- Use a static string as a placeholder for
+#                      Calling-Station-Id.  This is the default.
+#   Original        -- Log Calling-Station-Id as-is.
+#   VendorHashed    -- Keep first three segments as-is, hash the rest.
+#   VendorKeyHashed -- Like VendorHashed but salt with F-Ticks-Key.
+#   FullyHashed     -- Hash the entire string.
+#   FullyKeyHashed  -- Like FullyHashed but salt with F-Ticks-Key.
+
+# In order to use F-Ticks-MAC with one of VendorKeyHashed or
+# FullyKeyHashed, specify a key with F-Ticks-Key.
+# F-Ticks-Key <key>
+
+# Default F-Ticks configuration:
+#F-Ticks-Reporting None
+#F-Ticks-Mac FullyKeyHashed
+
 # There is an option for doing some simple loop prevention.  Note that
 # the LoopPrevention directive can be used in server blocks too,
 # overriding what's set here in the basic settings.