 |
Index for
Section 5 |
|
 |
Alphabetical
listing for D |
|
 |
Bottom of
page |
|
dictionary(5)
NAME
dictionary - RADIUS dictionary file
DESCRIPTION
The dictionary file resides in the radius database directory, by default
/etc/raddb. It contains a list of RADIUS attributes and values, which the
server uses to map between descriptive names and on-the-wire data. The
names have no meaning outside of the RADIUS server itself, and are never
exchanged between server and clients.
Every line starting with a hash sign ('#') is treated as comment and
ignored.
Each line of the file can contain one of the following strings
ATTRIBUTE name number type [vendor|options]
Define a RADIUS attribute name to number mapping. The name field can
be any non-space text, but is usually taken from RFC2865, and other
related documents. The number field is also taken from the relevant
documents, for that name. The type field can be one of string,
octets, ipaddr, integer, date, ifid, ipv6addr, ipv6prefix, or abinary.
See the RFC's, or the main dictionary file for a description of the
various types.
The last (optional) field of an attribute definition can have either a
vendor name, or options for that attribute. When a vendor name is
given, the attribute is defined to be a vendor specific attribute.
Alternately, the options may be the a comma-separated list of the
following options:
encrypt=[1-3]
Mark the attribute as being encrypted with one of three methods. "1"
means that the attribute is encrypted with the method as defined in
RFC2865 for the User-Password attribute. "2" means that the password
is encrypted with the method as defined in RFC2868 for the Tunnel-
Password attribute. "3" means that the attribute is encrypted as per
Ascend's definitions for the Ascend-Send-Secret attribute.
has_tag
Mark the attribute as being permitted to have a tag, as defined in
RFC2868. The purpose of the tag is to allow grouping of attributes
for tunnelled users. See RFC2868 for more details.
When the server receives an encoded attribute in a RADIUS packet, it looks
up that attribute by number in the dictionary, and uses the name found
there for printing diagnostic and log messages.
VALUE attribute-name value-name number
Define an attribute value name to number mapping, for an attribute of
type integer. The attribute-name field MUST be previously defined by
an ATTRIBUTE entry. The value-name field can be any non-space text,
but is usually taken from RFC2865, or other documents.. The number
field is also taken from the relevant documents, for that name.
When the server receives an encoded value in a RADIUS packet, it looks
up the value of that attribute by number in the dictionary, and uses
the name found there for printing diagnostic and log messages.
VENDOR vendor-name number
Define a Vendor Specific Attribute encapsulation for vendor-name to
number. For a list of vendor names and numbers, see
http://www.iana.org/enterprise-numbers.txt.
$INCLUDE filename
Include dictionary entries from the file filename. The filename is
taken as relative to the location of the file which is asking for the
inclusion.
FILES
/etc/raddb/dictionary, /usr/share/freeradius/dictionary.*
SEE ALSO
radiusd(8), naslist(5), RFC2865, RFC2866, RFC2868
|
Index for
Section 5 |
|
|
Alphabetical
listing for D |
|
 |
Top of
page |
|