Seth Woolley's Man Viewer

dictionary(5) - dictionary - RADIUS dictionary file - man 5 dictionary

([section] manual, -k keyword, -K [section] search, -f whatis)
man plain no title

dictionary(5)                                                    dictionary(5)



NAME
       dictionary - RADIUS dictionary file(1,n)

DESCRIPTION
       The  dictionary  file(1,n)  resides  in(1,8)  the  radius  database directory, by
       default /etc/raddb. It contains a list of RADIUS attributes and values,
       which  the server uses to map between descriptive names and on-the-wire
       data.  The names have no meaning outside of the RADIUS  server  itself,
       and are never exchanged between server and clients.

       Every  line  starting  with a hash sign ('#') is treated as comment and
       ignored.

       Each line of the file(1,n) can contain one of the following strings

       ATTRIBUTE name number type [vendor|options]
            Define a RADIUS attribute name to number mapping.  The name  field
            can  be any non-space text, but is usually taken from RFC2865, and
            other related documents.  The number field is also taken from  the
            relevant  documents,  for that name.  The type field can be one of
            string(3,n), octets, ipaddr, integer, date, ifid, ipv6addr, ipv6prefix,
            or  abinary.   See  the  RFC's,  or the main dictionary file(1,n) for a
            description of the various types.

            The last (optional) field of  an  attribute  definition  can  have
            either  a vendor name, or options for that attribute.  When a ven-
            dor name is given, the attribute is defined to be  a  vendor  spe-
            cific attribute.  Alternately, the options may be the a comma-sep-
            arated list of the following options:


            encrypt=[1-3]
            Mark the attribute as being encrypted with one of  three  methods.
            "1"  means  that  the  attribute  is  encrypted with the method as
            defined in(1,8) RFC2865 for the  User-Password  attribute.   "2"  means
            that  the  password  is  encrypted  with  the method as defined in(1,8)
            RFC2868 for the Tunnel-Password attribute.   "3"  means  that  the
            attribute is encrypted as per Ascend's definitions for the Ascend-
            Send-Secret attribute.

            has_tag
            Mark the attribute as being permitted to have a tag, as defined in(1,8)
            RFC2868.   The  purpose  of  the  tag  is  to  allow  grouping  of
            attributes for tunnelled users.  See RFC2868 for more details.

       When the server receives an encoded attribute in(1,8) a  RADIUS  packet,  it
       looks  up that attribute by number in(1,8) the dictionary, and uses the name
       found there for printing diagnostic and log messages.


       VALUE attribute-name value-name number
            Define an attribute value name to number mapping, for an attribute
            of  type  integer.   The  attribute-name  field MUST be previously
            defined by an ATTRIBUTE entry.  The value-name field  can  be  any
            non-space  text, but is usually taken from RFC2865, or other docu-
            ments..  The number field is also taken from  the  relevant  docu-
            ments, for that name.

            When  the  server receives an encoded value in(1,8) a RADIUS packet, it
            looks up the value of that attribute by number in(1,8) the  dictionary,
            and uses the name found there for printing diagnostic and log mes-
            sages.


       VENDOR vendor-name number
            Define a Vendor Specific Attribute encapsulation  for  vendor-name
            to   number.   For  a  list  of  vendor  names  and  numbers,  see
            http://www.iana.org/enterprise-numbers.txt.


       $INCLUDE filename
            Include dictionary entries from the file(1,n) filename.   The  filename
            is  taken  as relative to the location of the file(1,n) which is asking
            for the inclusion.



FILES
       /etc/raddb/dictionary, /usr/share/freeradius/dictionary.*

SEE ALSO
       radiusd(5,8)(8), naslist(5), RFC2865, RFC2866, RFC2868



                                  04 Jan 2004                    dictionary(5)

References for this manual (incoming links)