doc/app_radgw.conf.sample - freeDiameter-old - Gitiles

 # This file contains information for configuring the app_radgw extension.
 # To find how to have freeDiameter load this extension, please refer to the freeDiameter documentation.
 #
 # The app_radgw extension allows a freeDiameter agent to serve as a
 # RADIUS/Diameter gateway. Typically, a RADIUS client (e.g. a NAS) will connect to
 # this agent, and the message will be converted to Diameter and sent to a Diameter server.
 #
 # Note that this extension does not provide a fully functionnal RADIUS/Diameter gateway.
 # You need to load plugins to handle specific RADIUS messages and convert them to
 # Diameter apps such as NASREQ, EAP, ... See the next section for information.


 ###########
 # PLUGINS #
 ###########

 # Additional plugins must be loaded to support specific RADIUS messages and attributes.

 # Plugins are registered either for every message, or by port (auth or acct), or by port and code.
 # The general format is:
 # RGWX = plugin [: conf_file] [: port] [: code(s)] ;
 #  Where:
 #    plugin is the quoted file name (relative or absolute) of the plugin to load (.rgwx files).
 #    conf_file (optional) is the quoted name of the configuration file.
 #    port (optional), either auth or acct.
 #       If not specified, extension is called for messages incoming on both ports
 #    code(s): space-separated list of command codes for which this extension must be called.
 #       If not specified, the extension is called for all incoming messages.
 #       The values are interpreted as hexadecimal.
 #
 # The plugins are called in the order they appear in this file.
 # Here are some explained examples:
 #  RGWX = "3579.rgwx";   Load this extension and call it for all messages. No configuration file.
 #  RGWX = "3579.rgwx" : "3579.conf";  Same as previous but with a configuration file specified.
 #  RGWX = "3579.rgwx" : auth; No configuration file, but called only for RADIUS messages received on authentication port.
 #  RGWX = "3579.rgwx" : 4 8 b;  Called for messages with command code 4, 8, or 11 only.
 #  RGWX = "3579.rgwx" : "3579.conf" : auth : 4 8 b;  All parameters combined.

 # Once the list of extensions for an incoming message has been called (or if the list is empty),
 # an error is logged if some RADIUS attributes of the message have not been handled.

 RGWX = "extensions/echodrop.rgwx" : "echodrop.rgwx.conf"; # See echodrop.rgwx.conf.sample file
 RGWX = "extensions/auth.rgwx" : auth;
 RGWX = "extensions/acct.rgwx" : acct;
 # RGWX = "extensions/debug.rgwx"; # Uncomment to see the result of the translation plugins.

 # For some extensions (auth, acct), a false configuration file name
 # can be passed to specify flags, such as "nonai" to ignore NAI-based routing.

 ##################
 # RADIUS Clients #
 ##################

 # Each RADIUS client must be declared in the form:
 #   nas = IP / shared-secret ;
 # IP can be ipv4 or ipv6
 # port can be additionaly restricted with brackets: IP[port] (ex: 192.168.0.1[1812])
 # shared-secret can be a quoted string, or a list of hexadecimal values.
 # examples:
 # nas = 192.168.100.1 / "secret key" ; # the shared secret buffer is 0x736563726574206b6579 (length 10 bytes)
 # nas = fe00::1 / 73 65 63 72 65 74 20 6b 65 79; # same shared secret as previously
 # When a packet is received from an IP not declared here, it is discarded.

 # If the RADIUS client is a Proxy that forwards messages from different peers, it must be
 # declared instead as follow:
 #   pxy = IP / shared-secret ;
 # Note that it is not recommended to use this gateway implementation with a proxy currently,
 # since the management of duplicate messages might be insufficient.

 # The old notation cli = ... is equivalent to nas = ... and kept for backward compatibility.


 ####################
 #  Authentication  #
 #  Authorization   #
 ####################

 # Enable the RADIUS/Diameter authentication/authorization gateway?
 # auth_server_enable = 1;

 # The port on which the accounting server listens
 # auth_server_port = 1812;

 # The IPv4 on which to bind the server, or "disable" if IPv4 must not be used.
 # auth_server_ip4 = 0.0.0.0;

 # The IPv6 address to which the server is bound, or "disable"
 # auth_server_ip6 = :: ;


 ################
 #  Accounting  #
 ################

 # Enable the RADIUS/Diameter accounting gateway?
 # acct_server_enable = 1;

 # The port on which the accounting server listens
 # acct_server_port = 1813;

 # The IPv4 on which to bind the server, or "disable" if no IPv4 is wanted.
 # acct_server_ip4 = 0.0.0.0;

 # The IPv6 address to which the server is bound, or "disable"
 # acct_server_ip6 = :: ;
	# This file contains information for configuring the app_radgw extension.
	# To find how to have freeDiameter load this extension, please refer to the freeDiameter documentation.
	#
	# The app_radgw extension allows a freeDiameter agent to serve as a
	# RADIUS/Diameter gateway. Typically, a RADIUS client (e.g. a NAS) will connect to
	# this agent, and the message will be converted to Diameter and sent to a Diameter server.
	#
	# Note that this extension does not provide a fully functionnal RADIUS/Diameter gateway.
	# You need to load plugins to handle specific RADIUS messages and convert them to
	# Diameter apps such as NASREQ, EAP, ... See the next section for information.


	###########
	# PLUGINS #
	###########

	# Additional plugins must be loaded to support specific RADIUS messages and attributes.

	# Plugins are registered either for every message, or by port (auth or acct), or by port and code.
	# The general format is:
	# RGWX = plugin [: conf_file] [: port] [: code(s)] ;
	# Where:
	# plugin is the quoted file name (relative or absolute) of the plugin to load (.rgwx files).
	# conf_file (optional) is the quoted name of the configuration file.
	# port (optional), either auth or acct.
	# If not specified, extension is called for messages incoming on both ports
	# code(s): space-separated list of command codes for which this extension must be called.
	# If not specified, the extension is called for all incoming messages.
	# The values are interpreted as hexadecimal.
	#
	# The plugins are called in the order they appear in this file.
	# Here are some explained examples:
	# RGWX = "3579.rgwx"; Load this extension and call it for all messages. No configuration file.
	# RGWX = "3579.rgwx" : "3579.conf"; Same as previous but with a configuration file specified.
	# RGWX = "3579.rgwx" : auth; No configuration file, but called only for RADIUS messages received on authentication port.
	# RGWX = "3579.rgwx" : 4 8 b; Called for messages with command code 4, 8, or 11 only.
	# RGWX = "3579.rgwx" : "3579.conf" : auth : 4 8 b; All parameters combined.

	# Once the list of extensions for an incoming message has been called (or if the list is empty),
	# an error is logged if some RADIUS attributes of the message have not been handled.

	RGWX = "extensions/echodrop.rgwx" : "echodrop.rgwx.conf"; # See echodrop.rgwx.conf.sample file
	RGWX = "extensions/auth.rgwx" : auth;
	RGWX = "extensions/acct.rgwx" : acct;
	# RGWX = "extensions/debug.rgwx"; # Uncomment to see the result of the translation plugins.

	# For some extensions (auth, acct), a false configuration file name
	# can be passed to specify flags, such as "nonai" to ignore NAI-based routing.

	##################
	# RADIUS Clients #
	##################

	# Each RADIUS client must be declared in the form:
	# nas = IP / shared-secret ;
	# IP can be ipv4 or ipv6
	# port can be additionaly restricted with brackets: IP[port] (ex: 192.168.0.1[1812])
	# shared-secret can be a quoted string, or a list of hexadecimal values.
	# examples:
	# nas = 192.168.100.1 / "secret key" ; # the shared secret buffer is 0x736563726574206b6579 (length 10 bytes)
	# nas = fe00::1 / 73 65 63 72 65 74 20 6b 65 79; # same shared secret as previously
	# When a packet is received from an IP not declared here, it is discarded.

	# If the RADIUS client is a Proxy that forwards messages from different peers, it must be
	# declared instead as follow:
	# pxy = IP / shared-secret ;
	# Note that it is not recommended to use this gateway implementation with a proxy currently,
	# since the management of duplicate messages might be insufficient.

	# The old notation cli = ... is equivalent to nas = ... and kept for backward compatibility.


	####################
	# Authentication #
	# Authorization #
	####################

	# Enable the RADIUS/Diameter authentication/authorization gateway?
	# auth_server_enable = 1;

	# The port on which the accounting server listens
	# auth_server_port = 1812;

	# The IPv4 on which to bind the server, or "disable" if IPv4 must not be used.
	# auth_server_ip4 = 0.0.0.0;

	# The IPv6 address to which the server is bound, or "disable"
	# auth_server_ip6 = :: ;


	################
	# Accounting #
	################

	# Enable the RADIUS/Diameter accounting gateway?
	# acct_server_enable = 1;

	# The port on which the accounting server listens
	# acct_server_port = 1813;

	# The IPv4 on which to bind the server, or "disable" if no IPv4 is wanted.
	# acct_server_ip4 = 0.0.0.0;

	# The IPv6 address to which the server is bound, or "disable"
	# acct_server_ip6 = :: ;