<ServerDIAMETER>
clause.<ServerDIAMETER>
listens for
connections from Diameter peers on TCP port 3868. By default it does not
require TLS encryption of the Diameter connection.
<ServerDIAMETER>
never contacts a Diameter peer
by itself: it always acts only as a Diameter server.<ServerDIAMETER>
uses a hardwired internal
dictionary to translate Diameter requests into readable parameters. You
can use the global configuration parameter DiameterDictionaryFile to alter
the hardwired internal
dictionary.<ServerDIAMETER>
supports
TLS. For more information about TLS parameters, see Section 3.11. TLS configuration.BindAddress
, which defaults to
0.0.0.0
. It listens to all networks connected to the
host. For more information, see Section 3.7. Global parameters.BindAddress
can include special formatting
characters, and multiple comma separated IPv4 and IPv6
addresses.BindAddress
must be either IPv4 or IPv6
addresses. Radiator binds all addresses to one listen socket instead of
creating multiple listen sockets.BindAddress
:# Only listen on one IPv4 address and the IPv6 loopback BindAddress 203.63.154.1, ::1
Protocol sctp
modprobe sctp
AddToRequest NAS-Identifier=DIAMETER
# Realmless logins to this NAS will be treated # as if they are for realm open.com.au <ServerDIAMETER> OriginHost .... DefaultRealm open.com.au </ServerDIAMETER> <Realm open.com.au> ..... </Realm>
PreHandlerHook
is called for
each request after per-Client user name rewriting and duplicate
rejection, and before the request is passed to a Realm or Handler
clause.PreHandlerHook
specifies a Perl hook to be called before the inner request is
re-dispatched to a matching Realm or Handler.EAP_LEAP_MSCHAP_Convert
flag is
set, PreHandlerHook
specifies a Perl hook to
be called before the converted request is re-dispatched to a
matching Realm or Handler.EAP_PEAP_MSCHAP_Convert
flag is set, PreHandlerHook
specifies a Perl
hook to be called before the converted request is re-dispatched to
a matching Realm or Handler.EAP_GTC_PAP_Convert
flag is
set, PreHandlerHook
specifies a Perl hook to
be called before the converted request is re-dispatched to a
matching Realm or Handler.PreHandlerHook
is
called for each request created by the clause before the request is
passed to a Realm or Handler clause.PreHandlerHook
is
called for each request after global and per-ServerRADSEC user name
rewriting and before the request is passed to a Realm or Handler
clause.PreHandlerHook
is
called for each request received by ServerDIAMETER before the request
is passed to a Realm or Handler clause.PreHandlerHook
is
called for each request before it is passed to a Realm or Handler
clause. If a Client is found for the request, Client's
PrehandlerHook
is run before ServerTACASPLUS's
PreHandlerHook
. Global and per-Client user name
rewriting and other processing is done before the hooks are
run.PreHandlerHook
can be an arbitrarily complicated Perl function, that might run external
processes, consult databases, change the contents of the current request
or many other things. Here is an example of using
PreHandlerHook
:# Fake a new attribute into the request PreHandlerHook sub { ${$_[0]}->add_attr('test-attr', \ 'test-value');}
# Tell the peer we support all the vendors in our # default and DiameterDictionaryFile dictionaries SupportedVendorIds DictVendors
# Specify one ConvertCommand for each conversion ConvertCommand STR,Accounting-Request
AuthApplicationIds 0, 1
AcctApplicationIds 3
0
. When connections are known to be short-lived, a
non-default value may be useful. This parameter is available for all
Stream based modules, such as <ServerDIAMETER>
and <AuthBy RADSEC>
.# Debug logging is enough for peer disconnects DisconnectTraceLevel 4
Radius::Stream
derived type.
Examples of derived types are Radius::RadsecHost
and Radius::DiameterConnection
.$Radius::Stream::STREAM_STATE::CONNECTED
$Radius::Stream::STREAM_STATE::DISCONNECTED
StreamStateChangeHook
can be an arbitrarily
complicated Perl function, that might run external processes, consult
databases, change the contents of the current request or many other
things. IP address and other specific information is not passed to the
hook. Their format and type depends on the derived type. For example, SCTP
streams may have multiple source and destination addresses. The following
example shows how to log information from the hook no matter what the type
of the stream object is.StreamStateChangeHook sub { \ my ($self, $new_state) = @_; \ my $state = ($new_state == $Radius::Stream::STREAM_STATE::CONNECTED) ? \ 'connected' : 'disconnected'; \ main::log($main::LOG_INFO, "StreamStateChangeHook: State change to $state"); \ return; }
<ServerDIAMETER>
and
<ServerRADSEC>
.# Allow one connection for each listen socket StreamMaxClients 1
PacketTrace
set off or
0
.PacketTrace
is available
for the following clauses:Client
Handler
Realm
AuthBy
ServerDIAMETER
ServerRADSEC
ServerTACACSPLUS
PacketTrace
:# Debug any packets that pass through here PacketTrace
# Only accept connections from some addresses Clients 127.0.0.1, 203.63.154.29 Clients 203.63.154.27