pulitux
/
seguridad


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830
							# -*- text -*-
# Copyright (C) 2011 The FreeRADIUS Server project and contributors
#
#	Non Protocol Attributes used by FreeRADIUS
#
#	$Id: b830d56623fc3aad78122fa6af04ce66416123b6 $
#

#	The attributes number ranges are allocates as follows:
#
#	Range:	500-999
#		server-side attributes which can go in a reply list

# 	These attributes CAN go in the reply item list.
ATTRIBUTE	Fall-Through				500	integer
ATTRIBUTE	Relax-Filter				501	integer
ATTRIBUTE	Exec-Program				502	string
ATTRIBUTE	Exec-Program-Wait			503	string

#	These attributes CANNOT go in the reply item list.

#
#	Range:	1000+
#		Attributes which cannot go in a reply list.
#
#
#	Range:	1000-1199
#		Miscellaneous server attributes.
#
#
#	Non-Protocol Attributes
#	These attributes are used internally by the server
#
ATTRIBUTE	Auth-Type				1000	integer
ATTRIBUTE	Menu					1001	string
ATTRIBUTE	Termination-Menu			1002	string
ATTRIBUTE	Prefix					1003	string
ATTRIBUTE	Suffix					1004	string
ATTRIBUTE	Group					1005	string
ATTRIBUTE	Crypt-Password				1006	string
ATTRIBUTE	Connect-Rate				1007	integer
ATTRIBUTE	Add-Prefix				1008	string
ATTRIBUTE	Add-Suffix				1009	string
ATTRIBUTE	Expiration				1010	date
ATTRIBUTE	Autz-Type				1011	integer
ATTRIBUTE	Acct-Type				1012	integer
ATTRIBUTE	Session-Type				1013	integer
ATTRIBUTE	Post-Auth-Type				1014	integer
ATTRIBUTE	Pre-Proxy-Type				1015	integer
ATTRIBUTE	Post-Proxy-Type				1016	integer
ATTRIBUTE	Pre-Acct-Type				1017	integer

#
#	This is the EAP type of authentication, which is set
#	by the EAP module, for informational purposes only.
#
ATTRIBUTE	EAP-Type				1018	integer
ATTRIBUTE	EAP-TLS-Require-Client-Cert		1019	integer
ATTRIBUTE	EAP-Id					1020	integer
ATTRIBUTE	EAP-Code				1021	integer
ATTRIBUTE	EAP-MD5-Password			1022	string
ATTRIBUTE	PEAP-Version				1023	integer
ATTRIBUTE	Client-Shortname			1024	string virtual
ATTRIBUTE	Load-Balance-Key			1025	string
ATTRIBUTE	Raw-Attribute				1026	octets
ATTRIBUTE	TNC-VLAN-Access				1027	string
ATTRIBUTE	TNC-VLAN-Isolate			1028	string
ATTRIBUTE	User-Category				1029	string
ATTRIBUTE	Group-Name				1030	string
ATTRIBUTE	Huntgroup-Name				1031	string
ATTRIBUTE	Simultaneous-Use			1034	integer
ATTRIBUTE	Strip-User-Name				1035	integer
ATTRIBUTE	Hint					1040	string
ATTRIBUTE	Pam-Auth				1041	string
ATTRIBUTE	Login-Time				1042	string
ATTRIBUTE	Stripped-User-Name			1043	string
ATTRIBUTE	Current-Time				1044	string
ATTRIBUTE	Realm					1045	string
ATTRIBUTE	No-Such-Attribute			1046	string
ATTRIBUTE	Packet-Type				1047	integer virtual
ATTRIBUTE	Proxy-To-Realm				1048	string
ATTRIBUTE	Replicate-To-Realm			1049	string
ATTRIBUTE	Acct-Session-Start-Time			1050	date
ATTRIBUTE	Acct-Unique-Session-Id			1051	string
ATTRIBUTE	Client-IP-Address			1052	ipaddr virtual
ATTRIBUTE	Ldap-UserDn				1053	string
ATTRIBUTE	NS-MTA-MD5-Password			1054	string
ATTRIBUTE	SQL-User-Name				1055	string
ATTRIBUTE	LM-Password				1057	octets
ATTRIBUTE	NT-Password				1058	octets
ATTRIBUTE	SMB-Account-CTRL			1059	integer
ATTRIBUTE	SMB-Account-CTRL-TEXT			1061	string
ATTRIBUTE	User-Profile				1062	string
ATTRIBUTE	Digest-Realm				1063	string
ATTRIBUTE	Digest-Nonce				1064	string
ATTRIBUTE	Digest-Method				1065	string
ATTRIBUTE	Digest-URI				1066	string
ATTRIBUTE	Digest-QOP				1067	string
ATTRIBUTE	Digest-Algorithm			1068	string
ATTRIBUTE	Digest-Body-Digest			1069	string
ATTRIBUTE	Digest-CNonce				1070	string
ATTRIBUTE	Digest-Nonce-Count			1071	string
ATTRIBUTE	Digest-User-Name			1072	string
ATTRIBUTE	Pool-Name				1073	string
ATTRIBUTE	Ldap-Group				1074	string
ATTRIBUTE	Module-Success-Message			1075	string
ATTRIBUTE	Module-Failure-Message			1076	string
#		X99-Fast		1077	integer
ATTRIBUTE	Rewrite-Rule				1078	string
ATTRIBUTE	Sql-Group				1079	string
ATTRIBUTE	Response-Packet-Type			1080	integer virtual
ATTRIBUTE	Digest-HA1				1081	string
ATTRIBUTE	MS-CHAP-Use-NTLM-Auth			1082	integer
ATTRIBUTE	NTLM-User-Name				1083	string
ATTRIBUTE	MS-CHAP-User-Name			1083	string
ATTRIBUTE	Packet-Src-IP-Address			1084	ipaddr virtual
ATTRIBUTE	Packet-Dst-IP-Address			1085	ipaddr virtual
ATTRIBUTE	Packet-Src-Port				1086	integer virtual
ATTRIBUTE	Packet-Dst-Port				1087	integer virtual
ATTRIBUTE	Packet-Authentication-Vector		1088	octets virtual
ATTRIBUTE	Time-Of-Day				1089	string
ATTRIBUTE	Request-Processing-Stage		1090	string virtual
ATTRIBUTE	SHA2-Password				1092	octets
ATTRIBUTE	SHA-Password				1093	octets
ATTRIBUTE	SSHA-Password				1094	octets
ATTRIBUTE	SHA1-Password				1093	octets
ATTRIBUTE	SSHA1-Password				1094	octets
ATTRIBUTE	MD5-Password				1095	octets
ATTRIBUTE	SMD5-Password				1096	octets
ATTRIBUTE	Packet-Src-IPv6-Address			1097	ipv6addr virtual
ATTRIBUTE	Packet-Dst-IPv6-Address			1098	ipv6addr virtual
ATTRIBUTE	Virtual-Server				1099	string virtual
ATTRIBUTE	Cleartext-Password			1100	string
ATTRIBUTE	Password-With-Header			1101	string
ATTRIBUTE	Inner-Tunnel-User-Name			1102	string
#
#	EAP-IKEv2 is experimental.
#
ATTRIBUTE	EAP-IKEv2-IDType			1103	integer

VALUE	EAP-IKEv2-IDType		IPV4_ADDR		1
VALUE	EAP-IKEv2-IDType		FQDN			2
VALUE	EAP-IKEv2-IDType		RFC822_ADDR		3
VALUE	EAP-IKEv2-IDType		IPV6_ADDR		5
VALUE	EAP-IKEv2-IDType		DER_ASN1_DN		9
VALUE	EAP-IKEv2-IDType		DER_ASN1_GN		10
VALUE	EAP-IKEv2-IDType		KEY_ID			11

ATTRIBUTE	EAP-IKEv2-ID				1104	string
ATTRIBUTE	EAP-IKEv2-Secret			1105	string
ATTRIBUTE	EAP-IKEv2-AuthType			1106	integer

VALUE	EAP-IKEv2-AuthType		none			0
VALUE	EAP-IKEv2-AuthType		secret			1
VALUE	EAP-IKEv2-AuthType		cert			2
VALUE	EAP-IKEv2-AuthType		both			3

ATTRIBUTE	Send-Disconnect-Request			1107	integer
ATTRIBUTE	Send-CoA-Request			1107	integer

VALUE	Send-CoA-Request		No			0
VALUE	Send-CoA-Request		Yes			1

ATTRIBUTE	Module-Return-Code			1108	integer virtual

VALUE	Module-Return-Code		reject			0
VALUE	Module-Return-Code		fail			1
VALUE	Module-Return-Code		ok			2
VALUE	Module-Return-Code		handled			3
VALUE	Module-Return-Code		invalid			4
VALUE	Module-Return-Code		userlock		5
VALUE	Module-Return-Code		notfound		6
VALUE	Module-Return-Code		noop			7
VALUE	Module-Return-Code		updated			8

ATTRIBUTE	Packet-Original-Timestamp		1109	date
ATTRIBUTE	SQL-Table-Name				1110	string
ATTRIBUTE	Home-Server-Pool			1111	string

ATTRIBUTE	FreeRADIUS-Client-IP-Address		1120	ipaddr
ATTRIBUTE	FreeRADIUS-Client-IPv6-Address		1121	ipv6addr
# The rest of the FreeRADIUS-Client-* attributes are at 1150...

ATTRIBUTE	FreeRADIUS-Client-Require-MA		1122	integer

VALUE	FreeRADIUS-Client-Require-MA	no			0
VALUE	FreeRADIUS-Client-Require-MA	yes			1

ATTRIBUTE	FreeRADIUS-Client-Secret		1123	string
ATTRIBUTE	FreeRADIUS-Client-Shortname		1124	string
ATTRIBUTE	FreeRADIUS-Client-NAS-Type		1125	string
ATTRIBUTE	FreeRADIUS-Client-Virtual-Server	1126	string

# For session resumption
ATTRIBUTE	Allow-Session-Resumption		1127	integer

VALUE	Allow-Session-Resumption	no			0
VALUE	Allow-Session-Resumption	yes			1

ATTRIBUTE	EAP-Session-Resumed			1128	integer

VALUE	EAP-Session-Resumed		no			0
VALUE	EAP-Session-Resumed		yes			1

#
#	Expose EAP keys in the reply.
#
ATTRIBUTE	EAP-MSK					1129	octets
ATTRIBUTE	EAP-EMSK				1130	octets

#
#	For send/recv CoA packets (like Auth-Type, Acct-Type, etc.)
#
ATTRIBUTE	Recv-CoA-Type				1131	integer
ATTRIBUTE	Send-CoA-Type				1132	integer

ATTRIBUTE	MS-CHAP-Password			1133	string
ATTRIBUTE	Packet-Transmit-Counter			1134	integer
ATTRIBUTE	Cached-Session-Policy			1135	string
ATTRIBUTE	MS-CHAP-New-Cleartext-Password		1136	string
ATTRIBUTE	MS-CHAP-New-NT-Password			1137	octets

#	For default policies

ATTRIBUTE	Stripped-User-Domain			1138	string
ATTRIBUTE	Called-Station-SSID			1139	string

VALUE	Cache-Status-Only		no			0
VALUE	Cache-Status-Only		yes			1

VALUE	Cache-Merge			no			0
VALUE	Cache-Merge			yes			1

VALUE	Cache-Read-Only			no			0
VALUE	Cache-Read-Only			yes			1

ATTRIBUTE	OTP-Challenge				1145	string
ATTRIBUTE	EAP-Session-Id				1146	octets
ATTRIBUTE	Chbind-Response-Code			1147	integer

ATTRIBUTE	Chbind-Response-Code			1147	integer

VALUE	Chbind-Response-Code		success			2
VALUE	Chbind-Response-Code		failure			3

#
#  Server-side "listen type = foo"
#
ATTRIBUTE	Listen-Socket-Type			1147	integer

VALUE	Listen-Socket-Type		none			0
VALUE	Listen-Socket-Type		status			0
VALUE	Listen-Socket-Type		proxy			1
VALUE	Listen-Socket-Type		auth			2
VALUE	Listen-Socket-Type		auth+acct		2
VALUE	Listen-Socket-Type		acct			3
VALUE	Listen-Socket-Type		detail			4
VALUE	Listen-Socket-Type		vmps			5
VALUE	Listen-Socket-Type		dhcp			6
VALUE	Listen-Socket-Type		control			7
VALUE	Listen-Socket-Type		coa			8

ATTRIBUTE	Acct-Input-Octets64			1148	integer64
ATTRIBUTE	Acct-Output-Octets64			1149	integer64

ATTRIBUTE	FreeRADIUS-Client-IP-Prefix		1150	ipv4prefix
ATTRIBUTE	FreeRADIUS-Client-IPv6-Prefix		1151	ipv6prefix
ATTRIBUTE	FreeRADIUS-Response-Delay		1152	integer
ATTRIBUTE	FreeRADIUS-Client-Src-IP-Address	1153	ipaddr
ATTRIBUTE	FreeRADIUS-Client-Src-IPv6-Address	1154	ipv6addr
ATTRIBUTE	FreeRADIUS-Response-Delay-USec		1155	integer

ATTRIBUTE	REST-HTTP-Header			1160	string
ATTRIBUTE	REST-HTTP-Body				1161	string

ATTRIBUTE	Cache-Expires				1170	date
ATTRIBUTE	Cache-Created				1171	date
ATTRIBUTE	Cache-TTL				1172	signed
ATTRIBUTE	Cache-Status-Only			1173	integer
ATTRIBUTE	Cache-Merge				1174	integer
ATTRIBUTE	Cache-Entry-Hits			1175	integer
ATTRIBUTE	Cache-Read-Only				1176	integer

#
#	Range:	1200-1279
#		EAP-SIM (and other EAP type) weirdness.
#
#	For EAP-SIM, some attribute definitions for database interface
#
ATTRIBUTE	EAP-Sim-Subtype				1200	integer

ATTRIBUTE	EAP-Sim-Rand1				1201	octets
ATTRIBUTE	EAP-Sim-Rand2				1202	octets
ATTRIBUTE	EAP-Sim-Rand3				1203	octets

ATTRIBUTE	EAP-Sim-SRES1				1204	octets
ATTRIBUTE	EAP-Sim-SRES2				1205	octets
ATTRIBUTE	EAP-Sim-SRES3				1206	octets

VALUE	EAP-Sim-Subtype			Start			10
VALUE	EAP-Sim-Subtype			Challenge		11
VALUE	EAP-Sim-Subtype			Notification		12
VALUE	EAP-Sim-Subtype			Re-authentication	13

# this attribute is used internally by the client code.
ATTRIBUTE	EAP-Sim-State				1207	integer

ATTRIBUTE	EAP-Sim-IMSI				1208	string
ATTRIBUTE	EAP-Sim-HMAC				1209	string
ATTRIBUTE	EAP-Sim-KEY				1210	octets
ATTRIBUTE	EAP-Sim-EXTRA				1211	octets

ATTRIBUTE	EAP-Sim-Kc1				1212	octets
ATTRIBUTE	EAP-Sim-Kc2				1213	octets
ATTRIBUTE	EAP-Sim-Kc3				1214	octets

ATTRIBUTE	EAP-Sim-Ki				1215	octets
ATTRIBUTE	EAP-Sim-Algo-Version			1216	integer

#
#	Range:	1280 - 1535
#		EAP-type specific attributes
#
#		These are used mostly for radeapclient, and aren't
#		that useful for anyone else.
#
#  egrep VALUE dictionary.freeradius.internal  | grep EAP-Type | awk '{print "ATTRIBUTE EAP-Type-" $3 " " 1280+$4 " octets"}' > foo;./format.pl foo
#
ATTRIBUTE	EAP-Type-Base				1280	octets
ATTRIBUTE	EAP-Type-VALUE				1280	octets
ATTRIBUTE	EAP-Type-None				1280	octets
ATTRIBUTE	EAP-Type-Identity			1281	octets
ATTRIBUTE	EAP-Type-Notification			1282	octets
ATTRIBUTE	EAP-Type-NAK				1283	octets
ATTRIBUTE	EAP-Type-MD5-Challenge			1284	octets
ATTRIBUTE	EAP-Type-One-Time-Password		1285	octets
ATTRIBUTE	EAP-Type-Generic-Token-Card		1286	octets
ATTRIBUTE	EAP-Type-RSA-Public-Key			1289	octets
ATTRIBUTE	EAP-Type-DSS-Unilateral			1290	octets
ATTRIBUTE	EAP-Type-KEA				1291	octets
ATTRIBUTE	EAP-Type-KEA-Validate			1292	octets
ATTRIBUTE	EAP-Type-EAP-TLS			1293	octets
ATTRIBUTE	EAP-Type-Defender-Token			1294	octets
ATTRIBUTE	EAP-Type-RSA-SecurID-EAP		1295	octets
ATTRIBUTE	EAP-Type-Arcot-Systems-EAP		1296	octets
ATTRIBUTE	EAP-Type-Cisco-LEAP			1297	octets
ATTRIBUTE	EAP-Type-Nokia-IP-Smart-Card		1298	octets
ATTRIBUTE	EAP-Type-SIM				1298	octets
ATTRIBUTE	EAP-Type-SRP-SHA1			1299	octets
ATTRIBUTE	EAP-Type-EAP-TTLS			1301	octets
ATTRIBUTE	EAP-Type-Remote-Access-Service		1302	octets
ATTRIBUTE	EAP-Type-AKA				1303	octets
ATTRIBUTE	EAP-Type-EAP-3Com-Wireless		1304	octets
ATTRIBUTE	EAP-Type-PEAP				1305	octets
ATTRIBUTE	EAP-Type-MS-EAP-Authentication		1306	octets
ATTRIBUTE	EAP-Type-MAKE				1307	octets
ATTRIBUTE	EAP-Type-CRYPTOCard			1308	octets
ATTRIBUTE	EAP-Type-EAP-MSCHAP-V2			1309	octets
ATTRIBUTE	EAP-Type-DynamID			1310	octets
ATTRIBUTE	EAP-Type-Rob-EAP			1311	octets
ATTRIBUTE	EAP-Type-SecurID-EAP			1312	octets
ATTRIBUTE	EAP-Type-MS-Authentication-TLV		1313	octets
ATTRIBUTE	EAP-Type-SentriNET			1314	octets
ATTRIBUTE	EAP-Type-EAP-Actiontec-Wireless		1315	octets
ATTRIBUTE	EAP-Type-Cogent-Biomentric-EAP		1316	octets
ATTRIBUTE	EAP-Type-AirFortress-EAP		1317	octets
ATTRIBUTE	EAP-Type-EAP-HTTP-Digest		1318	octets
ATTRIBUTE	EAP-Type-SecuriSuite-EAP		1319	octets
ATTRIBUTE	EAP-Type-DeviceConnect-EAP		1320	octets
ATTRIBUTE	EAP-Type-EAP-SPEKE			1321	octets
ATTRIBUTE	EAP-Type-EAP-MOBAC			1322	octets
ATTRIBUTE	EAP-Type-EAP-FAST			1323	octets
ATTRIBUTE	EAP-Type-Zonelabs			1324	octets
ATTRIBUTE	EAP-Type-EAP-Link			1325	octets
ATTRIBUTE	EAP-Type-EAP-PAX			1326	octets
ATTRIBUTE	EAP-Type-EAP-PSK			1327	octets
ATTRIBUTE	EAP-Type-EAP-SAKE			1328	octets
ATTRIBUTE	EAP-Type-EAP-IKEv2			1329	octets
ATTRIBUTE	EAP-Type-EAP-AKA2			1330	octets
ATTRIBUTE	EAP-Type-EAP-GPSK			1331	octets
ATTRIBUTE	EAP-Type-EAP-PWD			1332	octets
ATTRIBUTE	EAP-Type-EAP-EVEv1			1333	octets

ATTRIBUTE	EAP-Type-Microsoft-MS-CHAPv2		1306	octets
ATTRIBUTE	EAP-Type-Cisco-MS-CHAPv2		1309	octets
ATTRIBUTE	EAP-Type-MS-CHAP-V2			1306	octets

#
#	Range:	1536 - 1791
#		EAP Sim sub-types.
#

# these are PW_EAP_SIM_X + 1536
ATTRIBUTE	EAP_Sim-Base				1536	octets
ATTRIBUTE	EAP-Sim-RAND				1537	octets
ATTRIBUTE	EAP-Sim-PADDING				1542	octets
ATTRIBUTE	EAP-Sim-NONCE_MT			1543	octets
ATTRIBUTE	EAP-Sim-PERMANENT_ID_REQ		1546	octets
ATTRIBUTE	EAP-Sim-MAC				1547	octets
ATTRIBUTE	EAP-Sim-NOTIFICATION			1548	octets
ATTRIBUTE	EAP-Sim-ANY_ID_REQ			1549	octets
ATTRIBUTE	EAP-Sim-IDENTITY			1550	octets
ATTRIBUTE	EAP-Sim-VERSION_LIST			1551	octets
ATTRIBUTE	EAP-Sim-SELECTED_VERSION		1552	octets
ATTRIBUTE	EAP-Sim-FULLAUTH_ID_REQ			1553	octets
ATTRIBUTE	EAP-Sim-COUNTER				1555	octets
ATTRIBUTE	EAP-Sim-COUNTER_TOO_SMALL		1556	octets
ATTRIBUTE	EAP-Sim-NONCE_S				1557	octets
ATTRIBUTE	EAP-Sim-IV				1665	octets
ATTRIBUTE	EAP-Sim-ENCR_DATA			1666	octets
ATTRIBUTE	EAP-Sim-NEXT_PSEUDONUM			1668	octets
ATTRIBUTE	EAP-Sim-NEXT_REAUTH_ID			1669	octets
ATTRIBUTE	EAP-Sim-CHECKCODE			1670	octets

#
#	Range: 1800-1899
#	       Temporary attributes, for local storage.
#
ATTRIBUTE	Tmp-String-0				1800	string
ATTRIBUTE	Tmp-String-1				1801	string
ATTRIBUTE	Tmp-String-2				1802	string
ATTRIBUTE	Tmp-String-3				1803	string
ATTRIBUTE	Tmp-String-4				1804	string
ATTRIBUTE	Tmp-String-5				1805	string
ATTRIBUTE	Tmp-String-6				1806	string
ATTRIBUTE	Tmp-String-7				1807	string
ATTRIBUTE	Tmp-String-8				1808	string
ATTRIBUTE	Tmp-String-9				1809	string

ATTRIBUTE	Tmp-Integer-0				1810	integer
ATTRIBUTE	Tmp-Integer-1				1811	integer
ATTRIBUTE	Tmp-Integer-2				1812	integer
ATTRIBUTE	Tmp-Integer-3				1813	integer
ATTRIBUTE	Tmp-Integer-4				1814	integer
ATTRIBUTE	Tmp-Integer-5				1815	integer
ATTRIBUTE	Tmp-Integer-6				1816	integer
ATTRIBUTE	Tmp-Integer-7				1817	integer
ATTRIBUTE	Tmp-Integer-8				1818	integer
ATTRIBUTE	Tmp-Integer-9				1819	integer

ATTRIBUTE	Tmp-IP-Address-0			1820	ipaddr
ATTRIBUTE	Tmp-IP-Address-1			1821	ipaddr
ATTRIBUTE	Tmp-IP-Address-2			1822	ipaddr
ATTRIBUTE	Tmp-IP-Address-3			1823	ipaddr
ATTRIBUTE	Tmp-IP-Address-4			1824	ipaddr
ATTRIBUTE	Tmp-IP-Address-5			1825	ipaddr
ATTRIBUTE	Tmp-IP-Address-6			1826	ipaddr
ATTRIBUTE	Tmp-IP-Address-7			1827	ipaddr
ATTRIBUTE	Tmp-IP-Address-8			1828	ipaddr
ATTRIBUTE	Tmp-IP-Address-9			1829	ipaddr

ATTRIBUTE	Tmp-Octets-0				1830	octets
ATTRIBUTE	Tmp-Octets-1				1831	octets
ATTRIBUTE	Tmp-Octets-2				1832	octets
ATTRIBUTE	Tmp-Octets-3				1833	octets
ATTRIBUTE	Tmp-Octets-4				1834	octets
ATTRIBUTE	Tmp-Octets-5				1835	octets
ATTRIBUTE	Tmp-Octets-6				1836	octets
ATTRIBUTE	Tmp-Octets-7				1837	octets
ATTRIBUTE	Tmp-Octets-8				1838	octets
ATTRIBUTE	Tmp-Octets-9				1839	octets

ATTRIBUTE	Tmp-Date-0				1840	date
ATTRIBUTE	Tmp-Date-1				1841	date
ATTRIBUTE	Tmp-Date-2				1842	date
ATTRIBUTE	Tmp-Date-3				1843	date
ATTRIBUTE	Tmp-Date-4				1844	date
ATTRIBUTE	Tmp-Date-5				1845	date
ATTRIBUTE	Tmp-Date-6				1846	date
ATTRIBUTE	Tmp-Date-7				1847	date
ATTRIBUTE	Tmp-Date-8				1848	date
ATTRIBUTE	Tmp-Date-9				1849	date

ATTRIBUTE	Tmp-Integer64-0				1871	integer64
ATTRIBUTE	Tmp-Integer64-1				1872	integer64
ATTRIBUTE	Tmp-Integer64-2				1873	integer64
ATTRIBUTE	Tmp-Integer64-3				1874	integer64
ATTRIBUTE	Tmp-Integer64-4				1875	integer64
ATTRIBUTE	Tmp-Integer64-5				1876	integer64
ATTRIBUTE	Tmp-Integer64-6				1877	integer64
ATTRIBUTE	Tmp-Integer64-7				1878	integer64
ATTRIBUTE	Tmp-Integer64-8				1879	integer64
ATTRIBUTE	Tmp-Integer64-9				1880	integer64
#
#  These attributes shouldn't be used anywhere.  They are defined here
#  only for casting of values in conditional expressions.
#
#  The order and number need to be consistent with the typedefs used
#  in the server source.
#
ATTRIBUTE	Tmp-Cast-String				1851	string
ATTRIBUTE	Tmp-Cast-Integer			1852	integer
ATTRIBUTE	Tmp-Cast-Ipaddr				1853	ipaddr
ATTRIBUTE	Tmp-Cast-Date				1854	date
ATTRIBUTE	Tmp-Cast-Abinary			1855	abinary
ATTRIBUTE	Tmp-Cast-Octets				1856	octets
ATTRIBUTE	Tmp-Cast-Ifid				1857	ifid
ATTRIBUTE	Tmp-Cast-IPv6Addr			1858	ipv6addr
ATTRIBUTE	Tmp-Cast-IPv6Prefix			1859	ipv6prefix
ATTRIBUTE	Tmp-Cast-Byte				1860	byte
ATTRIBUTE	Tmp-Cast-Short				1861	short
ATTRIBUTE	Tmp-Cast-Ethernet			1862	ether
ATTRIBUTE	Tmp-Cast-Signed				1863	signed
# don't use or define these
ATTRIBUTE	Tmp-Cast-Integer64			1869	integer64
ATTRIBUTE	Tmp-Cast-IPv4Prefix			1870	ipv4prefix
# don't use or define VSA or MAX

#	Range:	1900-1909
#	WiMAX server-side attributes.
#
#	These are NOT sent in a packet, but are otherwise
#	available for testing and validation.  The various
#	things that *are* sent in a packet are derived from
#	these attributes.
#
ATTRIBUTE	WiMAX-MN-NAI				1900	string

ATTRIBUTE	TLS-Cert-Serial				1910	string
ATTRIBUTE	TLS-Cert-Expiration			1911	string
ATTRIBUTE	TLS-Cert-Issuer				1912	string
ATTRIBUTE	TLS-Cert-Subject			1913	string
ATTRIBUTE	TLS-Cert-Common-Name			1914	string
ATTRIBUTE	TLS-Cert-Subject-Alt-Name-Email		1915	string
ATTRIBUTE	TLS-Cert-Subject-Alt-Name-Dns		1916	string
ATTRIBUTE	TLS-Cert-Subject-Alt-Name-Upn		1917	string
# 1918 - 1919: reserved for future cert attributes
ATTRIBUTE	TLS-Client-Cert-Serial			1920	string
ATTRIBUTE	TLS-Client-Cert-Expiration		1921	string
ATTRIBUTE	TLS-Client-Cert-Issuer			1922	string
ATTRIBUTE	TLS-Client-Cert-Subject			1923	string
ATTRIBUTE	TLS-Client-Cert-Common-Name		1924	string
ATTRIBUTE	TLS-Client-Cert-Filename		1925	string
ATTRIBUTE	TLS-Client-Cert-Subject-Alt-Name-Email	1926	string
ATTRIBUTE	TLS-Client-Cert-X509v3-Extended-Key-Usage 1927	string
ATTRIBUTE	TLS-Client-Cert-X509v3-Subject-Key-Identifier 1928	string
ATTRIBUTE	TLS-Client-Cert-X509v3-Authority-Key-Identifier 1929	string
ATTRIBUTE	TLS-Client-Cert-X509v3-Basic-Constraints 1930	string
ATTRIBUTE	TLS-Client-Cert-Subject-Alt-Name-Dns	1931	string
ATTRIBUTE	TLS-Client-Cert-Subject-Alt-Name-Upn	1932	string
ATTRIBUTE	TLS-PSK-Identity			1933	string

# 1934 - 1939: reserved for future cert attributes

#
#	Range:	1940-2099
#		Free
#
#	Range:	2100-2199
#	SoH attributes; FIXME: these should really be protocol attributes
#	so that the SoH radius request can be proxied, but from which
#	vendor? Sigh...
#
ATTRIBUTE	SoH-MS-Machine-OS-vendor		2100	integer
VALUE	SoH-MS-Machine-OS-vendor	Microsoft		311

ATTRIBUTE	SoH-MS-Machine-OS-version		2101	integer
ATTRIBUTE	SoH-MS-Machine-OS-release		2102	integer
ATTRIBUTE	SoH-MS-Machine-OS-build			2103	integer
ATTRIBUTE	SoH-MS-Machine-SP-version		2104	integer
ATTRIBUTE	SoH-MS-Machine-SP-release		2105	integer

ATTRIBUTE	SoH-MS-Machine-Processor		2106	integer
VALUE	SoH-MS-Machine-Processor	x86			0
VALUE	SoH-MS-Machine-Processor	i64			6
VALUE	SoH-MS-Machine-Processor	x86_64			9

ATTRIBUTE	SoH-MS-Machine-Name			2107	string
ATTRIBUTE	SoH-MS-Correlation-Id			2108	octets
ATTRIBUTE	SoH-MS-Machine-Role			2109	integer
VALUE	SoH-MS-Machine-Role		client			1
VALUE	SoH-MS-Machine-Role		dc			2
VALUE	SoH-MS-Machine-Role		server			3

ATTRIBUTE	SoH-Supported				2119	integer
VALUE	SoH-Supported			no			0
VALUE	SoH-Supported			yes			1

ATTRIBUTE	SoH-MS-Windows-Health-Status		2120	string
ATTRIBUTE	SoH-MS-Health-Other			2129	string

#
#	Range:	2200-2219
#		Utilities bundled with the server
#
ATTRIBUTE	Radclient-Test-Name			2200	string

#
#	Range:	2220-2999
#		Free
#
#	Range:	3000-3999
#		Site-local attributes (see raddb/dictionary.in)
#		Do NOT define attributes in this range!
#
#	Range:	4000-65535
#		Unused
#
#	Range:	65536-
#		Invalid.  Don't use.
#

#
#	Non-Protocol Integer Translations
#

VALUE	Auth-Type			Local			0
VALUE	Auth-Type			System			1
VALUE	Auth-Type			SecurID			2
VALUE	Auth-Type			Crypt-Local		3
VALUE	Auth-Type			Reject			4
VALUE	Auth-Type			ActivCard		5
VALUE	Auth-Type			EAP			6
VALUE	Auth-Type			ARAP			7

#
#	FreeRADIUS extensions (most originally from Cistron)
#
VALUE	Auth-Type			Accept			254

VALUE	Auth-Type			PAP			1024
VALUE	Auth-Type			CHAP			1025
# 1026 was LDAP, but we deleted it.  Adding it back will break the
# ldap module.
VALUE	Auth-Type			PAM			1027
VALUE	Auth-Type			MS-CHAP			1028
VALUE	Auth-Type			MSCHAP			1028
VALUE	Auth-Type			Kerberos		1029
VALUE	Auth-Type			CRAM			1030
VALUE	Auth-Type			NS-MTA-MD5		1031
# 1032 is unused (was a duplicate of CRAM)
VALUE	Auth-Type			SMB			1033
VALUE	Auth-Type			MS-CHAP-V2		1034

#
#	Authorization type, too.
#
VALUE	Autz-Type			Local			0

#
#	And accounting
#
VALUE	Acct-Type			Local			0

#
#	And Session handling
#
VALUE	Session-Type			Local			0

#
#	And Post-Auth
VALUE	Post-Auth-Type			Local			0
VALUE	Post-Auth-Type			Reject			1

#
#	Experimental Non-Protocol Integer Translations for FreeRADIUS
#
VALUE	Fall-Through			No			0
VALUE	Fall-Through			Yes			1

VALUE	Relax-Filter			No			0
VALUE	Relax-Filter			Yes			1

VALUE	Strip-User-Name			No			0
VALUE	Strip-User-Name			Yes			1

VALUE	Packet-Type			Access-Request		1
VALUE	Packet-Type			Access-Accept		2
VALUE	Packet-Type			Access-Reject		3
VALUE	Packet-Type			Accounting-Request	4
VALUE	Packet-Type			Accounting-Response	5
VALUE	Packet-Type			Accounting-Status	6
VALUE	Packet-Type			Password-Request	7
VALUE	Packet-Type			Password-Accept		8
VALUE	Packet-Type			Password-Reject		9
VALUE	Packet-Type			Accounting-Message	10
VALUE	Packet-Type			Access-Challenge	11
VALUE	Packet-Type			Status-Server		12
VALUE	Packet-Type			Status-Client		13

#
#	The following packet types are described in RFC 2882,
#	but they are NOT part of the RADIUS standard.  Instead,
#	they are informational about vendor-specific extensions
#	to the RADIUS standard.
#
VALUE	Packet-Type			Resource-Free-Request	21
VALUE	Packet-Type			Resource-Free-Response	22
VALUE	Packet-Type			Resource-Query-Request	23
VALUE	Packet-Type			Resource-Query-Response	24
VALUE	Packet-Type			Alternate-Resource-Reclaim-Request 25
VALUE	Packet-Type			NAS-Reboot-Request	26
VALUE	Packet-Type			NAS-Reboot-Response	27
VALUE	Packet-Type			Next-Passcode		29
VALUE	Packet-Type			New-Pin			30
VALUE	Packet-Type			Terminate-Session	31
VALUE	Packet-Type			Password-Expired	32
VALUE	Packet-Type			Event-Request		33
VALUE	Packet-Type			Event-Response		34

#	RFC 3576 allocates packet types 40-45

VALUE	Packet-Type			Disconnect-Request	40
VALUE	Packet-Type			Disconnect-ACK		41
VALUE	Packet-Type			Disconnect-NAK		42
VALUE	Packet-Type			CoA-Request		43
VALUE	Packet-Type			CoA-ACK			44
VALUE	Packet-Type			CoA-NAK			45

VALUE	Packet-Type			IP-Address-Allocate	50
VALUE	Packet-Type			IP-Address-Release	51

VALUE	Response-Packet-Type		Access-Request		1
VALUE	Response-Packet-Type		Access-Accept		2
VALUE	Response-Packet-Type		Access-Reject		3
VALUE	Response-Packet-Type		Accounting-Request	4
VALUE	Response-Packet-Type		Accounting-Response	5
VALUE	Response-Packet-Type		Accounting-Status	6
VALUE	Response-Packet-Type		Password-Request	7
VALUE	Response-Packet-Type		Password-Accept		8
VALUE	Response-Packet-Type		Password-Reject		9
VALUE	Response-Packet-Type		Accounting-Message	10
VALUE	Response-Packet-Type		Access-Challenge	11
VALUE	Response-Packet-Type		Status-Server		12
VALUE	Response-Packet-Type		Status-Client		13

VALUE	Response-Packet-Type		Disconnect-Request	40
VALUE	Response-Packet-Type		Disconnect-ACK		41
VALUE	Response-Packet-Type		Disconnect-NAK		42
VALUE	Response-Packet-Type		CoA-Request		43
VALUE	Response-Packet-Type		CoA-ACK			44
VALUE	Response-Packet-Type		CoA-NAK			45
#
#  Special value
#
VALUE	Response-Packet-Type		Do-Not-Respond		256

#
#	EAP Sub-types, inside of Request and Response packets
#
#	http://www.iana.org/assignments/ppp-numbers
#		"PPP EAP REQUEST/RESPONSE TYPES"
#
#
#	See dictionary.microsoft, MS-Acct-EAP-Type for similar definitions
#
VALUE	EAP-Type			None			0
VALUE	EAP-Type			Identity		1
VALUE	EAP-Type			Notification		2
VALUE	EAP-Type			NAK			3
VALUE	EAP-Type			MD5-Challenge		4
VALUE	EAP-Type			MD5			4
VALUE	EAP-Type			One-Time-Password	5
VALUE	EAP-Type			OTP			5
VALUE	EAP-Type			Generic-Token-Card	6
VALUE	EAP-Type			GTC			6
VALUE	EAP-Type			RSA-Public-Key		9
VALUE	EAP-Type			DSS-Unilateral		10
VALUE	EAP-Type			KEA			11
VALUE	EAP-Type			KEA-Validate		12
VALUE	EAP-Type			TLS			13
VALUE	EAP-Type			Defender-Token		14
VALUE	EAP-Type			RSA-SecurID-EAP		15
VALUE	EAP-Type			Arcot-Systems-EAP	16
VALUE	EAP-Type			Cisco-LEAP		17
VALUE	EAP-Type			LEAP			17
VALUE	EAP-Type			Nokia-IP-Smart-Card	18
VALUE	EAP-Type			SIM			18
VALUE	EAP-Type			SRP-SHA1		19
# 20 is unassigned
VALUE	EAP-Type			TTLS			21
VALUE	EAP-Type			Remote-Access-Service	22
VALUE	EAP-Type			AKA			23
VALUE	EAP-Type			3Com-Wireless		24
VALUE	EAP-Type			PEAP			25
VALUE	EAP-Type			Microsoft-MS-CHAPv2	26
VALUE	EAP-Type			MAKE			27
VALUE	EAP-Type			CRYPTOCard		28
VALUE	EAP-Type			Cisco-MS-CHAPv2		29
VALUE	EAP-Type			DynamID			30
VALUE	EAP-Type			Rob-EAP			31
VALUE	EAP-Type			SecurID-EAP		32
VALUE	EAP-Type			MS-Authentication-TLV	33
VALUE	EAP-Type			SentriNET		34
VALUE	EAP-Type			Actiontec-Wireless	35
VALUE	EAP-Type			Cogent-Biomentric-EAP	36
VALUE	EAP-Type			AirFortress-EAP		37
VALUE	EAP-Type			HTTP-Digest		38
VALUE	EAP-Type			TNC			38
VALUE	EAP-Type			SecuriSuite-EAP		39
VALUE	EAP-Type			DeviceConnect-EAP	40
VALUE	EAP-Type			SPEKE			41
VALUE	EAP-Type			MOBAC			42
VALUE	EAP-Type			FAST			43
VALUE	EAP-Type			Zonelabs		44
VALUE	EAP-Type			Link			45
VALUE	EAP-Type			PAX			46
VALUE	EAP-Type			PSK			47
VALUE	EAP-Type			SAKE			48
VALUE	EAP-Type			IKEv2			49
VALUE	EAP-Type			AKA2			50
VALUE	EAP-Type			GPSK			51
VALUE	EAP-Type			PWD			52
VALUE	EAP-Type			EVEv1			53

#
#	And this is what most people mean by MS-CHAPv2
#
VALUE	EAP-Type			MSCHAPv2		26

#
#	This says TLS, but it's only valid for TTLS & PEAP.
#	EAP-TLS *always* requires a client certificate.
#
VALUE	EAP-TLS-Require-Client-Cert	No			0
VALUE	EAP-TLS-Require-Client-Cert	Yes			1

#
# 	These are the EAP-Code values.
#
VALUE	EAP-Code			Request			1
VALUE	EAP-Code			Response		2
VALUE	EAP-Code			Success			3
VALUE	EAP-Code			Failure			4

#
#  For MS-CHAP, do we run ntlm_auth, or not.
#
VALUE	MS-CHAP-Use-NTLM-Auth		No			0
VALUE	MS-CHAP-Use-NTLM-Auth		Yes			1