RE: Sending attribute with sub-attributes
This looks much better to me. Here is the radsniff I see. Let me know if
you see anything wrong.
Access-Accept Id 125172.16.4.14:1812 - 172.16.4.2:1812 +4692.752
Attr-26.12394.1 = 0x76707773
Attr-26.12394.1 = 0x31
WiMAX-Packet-Data-Flow-Id = 1
WiMAX-Direction = Bi-Directional
WiMAX-Transport-Type = Ethernet
WiMAX-Uplink-QOS-Id = 1
WiMAX-Downlink-QOS-Id = 1
WiMAX-ClassifierID = 2
WiMAX-Classifer-Priority = 1
WiMAX-Classifer-Direction = Bi-Directional
WiMAX-VLAN-ID = 100
WiMAX-QoS-Id = 1
WiMAX-Schedule-Type = Best-Effort
WiMAX-Traffic-Priority = 3
WiMAX-Maximum-Sustained-Traffic-Rate = 528999
EAP-Message = 0x03080004
Message-Authenticator = 0x44413c890084a6a99bccbccb706db53b
User-Name = {sm=1}1A55E1D4FE74456AA54F73E92B6D1CFA
Attr-26.24757.5 =
0x9338be5f458fe769b4c537a19863e421b558ef983a2d87ff0c7262a32a32f9b1187bd4cd2f
5f961fbb1f34d201a7ab6b4b1c4c91af86040d852d2919e9cfa53de70bb55910d38e0716f0ed
e9c8e120788469
The first two attributes come from this file created by Ben W.
# -*- text -*-
##
#
# Alvarion VSAs for use with Alvarion WiMAX ASN-GW
#
# This does conflict with the default Alvarion dictionary file
included
# with FreeRADIUS and may break existing functionality if the current
# dictionaries are used to support an existing Alvarion Breezecom or
# Breezenet installation.
#
# $Id$
#
##
VENDOR Alvarion12394
BEGIN-VENDORAlvarion
ATTRIBUTE Alvarion-R3-IF-Descriptor 1 tlv
ATTRIBUTE Alvarion-R3-IF-Name 1.1 string
ATTRIBUTE Alvarion-R3-IF-ID 1.2 integer
ATTRIBUTE Alvarion-PDFID 1.3 string
ATTRIBUTE Alvarion-IPv4-Address 1.4 ipaddr
# IPv4 subnet mask plus bit-width mask
ATTRIBUTE Alvarion-IPv4-Netmask 1.5 octets
ATTRIBUTE Alvarion-DGW-IPv4-Address 1.6 ipaddr
# Container for DHCP options delivery in DHCP Proxy mode.
ATTRIBUTE Alvarion-DHCP-Option2 tlv
ATTRIBUTE Alvarion-Ref-R3-IF-Name 2.1 string
ATTRIBUTE Alvarion-DHCP-Option-Container 2.2 string
END-VENDOR Alvarion
Is there anything that needs to be coded to support these?
David
-Original Message-
From: Alan DeKok [mailto:al...@deployingradius.com]
Sent: Wednesday, March 16, 2011 5:02 PM
To: David Peterson-WirelessConnections; FreeRadius users mailing list
Subject: Re: Sending attribute with sub-attributes
David Peterson wrote:
After some excellent tutelage from Mr. Wiechman, I am getting
different access-accept. However, it's showing Breezecom attributes
which seem out of place.
edit the dictionary file, and delete the dictionary.alvarion
reference.
Also, do git pull from the master branch. Some fixes went in today.
Is there another dictionary that is driving the Breezecom-Attr or does
Freeradius just figure out its Alvarion and assign that internally?
Alvarion has ~3 incompatible vendor-specific dictionaries. And each is
broken in weird and wonderful ways.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending attribute with sub-attributes
@lists.freeradiu s.org] On Behalf Of Alan DeKok Sent: Tuesday, March 15, 2011 10:30 AM To: David Peterson-WirelessConnections; FreeRadius users mailing list Subject: Re: Sending attribute with sub-attributes David Peterson wrote: ... 1a 12 .zi .M%.6... 0040 00 00 60 b5 1a 0c 00 01 06 76 70 77 73 03 03 01 ..`. .vpws... 0050 1a 29 00 00 60 b5 1c 23 00 04 03 03 06 03 03 07 .)..`..# Not sure if this helps or not VSA: l=12 t=WiMAX-PDFID(26) C=0x00: [unhandled integer length(9)] Well, wireshark isn't using the same dictionaries you're using. Wireshark is using the standard WiMAX dictionaries (it seems), and you're using the broken Alvarion version of the WiMAX dictionaries. If you want wireshark to print out the same things as sent by FreeRADIUS, make Wireshark use the FreeRADIUS dictionaries. Or, use radsniff, which *automatically* uses the FreeRADIUS dictionaries. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending attribute with sub-attributes
After some excellent tutelage from Mr. Wiechman, I am getting different
access-accept. However, it's showing Breezecom attributes which seem out of
place.
Access-Accept Id 86 172.16.4.14:1812 - 172.16.4.2:1812 +26.680
Breezecom-Attr1 = vpws
Breezecom-Attr1 = \000\000\000{
Breezecom-Attr1 = \000\001
WiMAX-Packet-Data-Flow-Id = 1
WiMAX-Direction = Bi-Directional
WiMAX-Transport-Type = Ethernet
WiMAX-Uplink-QOS-Id = 1
WiMAX-Downlink-QOS-Id = 1
Breezecom-Attr11 = \000\000\000\002
Breezecom-Attr11 = \000\000\000\001
Breezecom-Attr11 = \003
Breezecom-Attr8 = \000\000\000\310
WiMAX-QoS-Id = 1
WiMAX-Schedule-Type = Best-Effort
WiMAX-Traffic-Priority = 4
WiMAX-Maximum-Sustained-Traffic-Rate = 524288
EAP-Message = 0x03080004
Message-Authenticator = 0x8f55919c4b4c60477f2db19bb718991e
User-Name = {sm=1}002C4FF731202A48C2F17C5DB5C47019
WiMAX-MSK =
0x9981c3c5526316c7187b884c6877162d8158025a98d212500cfe1a9809fc011a7f12796947
7a38a93b493304783d6cbb4b581f3a50a011fd04b78cba8b3f20caed618b15c1a23af3d1bb03
4c6812d5ad822b
Is there another dictionary that is driving the Breezecom-Attr or does
Freeradius just figure out its Alvarion and assign that internally?
David
-Original Message-
From:
freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org
[mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu
s.org] On Behalf Of David Peterson
Sent: Wednesday, March 16, 2011 1:42 PM
To: FreeRadius users mailing list
Subject: RE: Sending attribute with sub-attributes
OK set up radsniff and am seeing the following access-accept:
Access-Request Id 34172.16.4.2:1812 - 172.16.4.14:1812 +28.495
User-Name = {sm=1}fa9855191e4832141998a03a7f827...@wimax.com
EAP-Message =
0x020600d0158000c61603010086108200804b0afe388db371ab697ea9a00c4f4e8b
57cf5def239b801972d3bb8131d327e0a4f84a78b4e1084e4b27439fb7b025013b1950689de6
c28997f09b34694141e0f81def057e61e6a4c069def68c0160419fc68d332f001ad29adcb7fa
462ee8b9ad2bb4b99edd890f51c8bea74d42d0b8b5a860e83aa02ee4397fdff5948166601403
01000101160301003033b07664e55c63d8c752131c02235aaf88bda8e166ba71080c17335e52
01d3aecccae5019bbde607b9dcb08d05733047
Message-Authenticator = 0xdf908effc4e4f5d3f7dfa19d28a9cca3
NAS-Identifier = 4motion
NAS-IP-Address = 172.16.4.2
Calling-Station-Id = 00-26-82-CA-6D-B0
WiMAX-BS-Id = 0xfff32901
NAS-Port-Type = 27
Framed-MTU = 2000
Service-Type = Framed-User
WiMAX-GMT-Timezone-offset = 0
WiMAX-Release = 1.0
WiMAX-Accounting-Capabilities = IP-Session-Based
WiMAX-Hotlining-Capabilities = Hotline-Profile-Id
WiMAX-Attr-1793 = 0x028a
State = 0x71bea04575b8b51c6b3e400a0b7eaac2
Access-Challenge Id 34 172.16.4.14:1812 - 172.16.4.2:1812 +28.500
EAP-Message =
0x010700451580003b1403010001011603010030e524056fa3a81b105c96239b9e88d105
06e63b5a0b71257d6c3ddef0a93e0b1234af032a18ef2f0eff217596a2ec63a9
Message-Authenticator = 0xdd2059b4ee01295ee23b010784ad8e82
State = 0x71bea04574b9b51c6b3e400a0b7eaac2
Access-Request Id 35172.16.4.2:1812 - 172.16.4.14:1812 +28.625
User-Name = {sm=1}fa9855191e4832141998a03a7f827...@wimax.com
EAP-Message =
0x020700c015001703010020af88796d54ff518c6fc9c4cbd7c870e75d4a301b57a650afc8f9
564a6472ed0f1703010090e532047e4b7e0af770e6aef6dba034560c7e3980c204d866559d96
aebe29311030c0e58ee6356857be034b68a6ca8ed2a80fc02273152f1cb692ba6b3da1335d4e
5dd60e726f8d522321d3af5afc7e0dece805e70aeb1d1f20ae5f05bd9a0df4280abc9769311b
b0d64f7653367fb4f9e75ac99b1faf8da602b174f4a4bc7d3eabe8692c6dc71301c44fdfad2c
854c48
Message-Authenticator = 0xb1ceae83822d784a23d3e8614aca1367
NAS-Identifier = 4motion
NAS-IP-Address = 172.16.4.2
Calling-Station-Id = 00-26-82-CA-6D-B0
WiMAX-BS-Id = 0xfff32901
NAS-Port-Type = 27
Framed-MTU = 2000
Service-Type = Framed-User
WiMAX-GMT-Timezone-offset = 0
WiMAX-Release = 1.0
WiMAX-Accounting-Capabilities = IP-Session-Based
WiMAX-Hotlining-Capabilities = Hotline-Profile-Id
WiMAX-Attr-1793 = 0x028a
State = 0x71bea04574b9b51c6b3e400a0b7eaac2
Access-Challenge Id 35 172.16.4.14:1812 - 172.16.4.2:1812 +28.626
EAP-Message =
0x0108005f15800055170301005062cea2e66a8eec902121e911deb72b6464b8ab4861b9
4730d4f9ccb21af518afe16c18f12f305041b2c6df60e6fdc02bad7849141eca3b6c3e27f9a1
2790af090615185f8270e3be4de91ec9343699c2
Message-Authenticator = 0xebe75e60f6789cde3b7dce50e64516ad
State = 0x71bea04577b6b51c6b3e400a0b7eaac2
Access-Request Id 36172.16.4.2:1812 - 172.16.4.14:1812 +28.689
User-Name = {sm=1}fa9855191e4832141998a03a7f827...@wimax.com
EAP-Message = 0x020800061500
Message
Re: Sending attribute with sub-attributes
David Peterson wrote: After some excellent tutelage from Mr. Wiechman, I am getting different access-accept. However, it's showing Breezecom attributes which seem out of place. edit the dictionary file, and delete the dictionary.alvarion reference. Also, do git pull from the master branch. Some fixes went in today. Is there another dictionary that is driving the Breezecom-Attr or does Freeradius just figure out its Alvarion and assign that internally? Alvarion has ~3 incompatible vendor-specific dictionaries. And each is broken in weird and wonderful ways. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending attribute with sub-attributes
On 03/14/2011 11:48 AM, Alan DeKok wrote: Kristoffer Milligan wrote: Attribute R3-IF-Descriptor Sub-TLV R3-IF-Name R3-IF-ID PDFID These are all exposed in the dictionary .. but running a MySQL based freeradius configuration, how do I return this type of packet when a user requests access? R3-IF-Name = foo R3-IF-ID = 1234 ... The server will take care of encapsulating them into the R3-IF-Descriptor when it sends a packet. Until then, don't worry about it. :) Will this also be taken care of for SUB-SUB TLVs? Example: Packet-Flow-Descriptor Packet-Data-Flow-ID Direction Transport-Type UplinkQoSID DownlinkQoSID Classifier ClassifierID Priority IP TOS/DSCP Range and Mask -whatever that is Direction As you can see, the classifier takes subattributes as well... - Kristoffer Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending attribute with sub-attributes
Kristoffer Milligan wrote: The server will take care of encapsulating them into the R3-IF-Descriptor when it sends a packet. Until then, don't worry about it. :) Will this also be taken care of for SUB-SUB TLVs? Yes. It will pack the attributes into the parent TLV, and then pack that into it's parent TLV, etc. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending attribute with sub-attributes
I am having issue with this portion of the dictionary. The packet shows as malformed and is for some reason sending two tlv's that seem to be mangled or merged somehow. Here is how I have this portion of my dictionary.wimax setup. ATTRIBUTE WiMAX-R3-IF-Descriptor 26 tlv ATTRIBUTE WiMAX-R3-IF-Name26.1 string ATTRIBUTE WiMAX-R3-IF-ID 26.2 octets ATTRIBUTE WiMAX-PDFID 26.3 short ATTRIBUTE WiMAX-IPv4-addr 26.4 ipaddr ATTRIBUTE WiMAX-IPv4-Netmask 26.5 ipaddr ATTRIBUTE WiMAX-DGW-IPv4-addr 26.6 ipaddr ATTRIBUTE WiMAX-DHCP-Option 26.7 tlv ATTRIBUTE WiMAX-Ref-R3-IF-Name26.7.1 string ATTRIBUTE WiMAX-DHCP-Option-Container 26.7.2 string I am sending WiMAX-R3-IF-Name = vpws WiMAX-PDFID = 1 However the length of the attribute seems wrong at least according to wireshark. Any thoughts would be very helpful. David From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org [mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu s.org] On Behalf Of David Peterson Sent: Monday, March 14, 2011 9:58 AM To: FreeRadius users mailing list Subject: RE: Sending attribute with sub-attributes I think I may be getting closer. What should I define this as in the dictionary: TLV ID 1 for Ref-R3-IF-Name TLV Description Reference name to bind the specified DHCP option with the particular R3-IF-Descriptor/ Service Group - specific for Multi-host scenario. Length 2 + Variable Value ASCII string I am currently using string and getting an unhandled integer length (which may just be a wireshark issue) David -Original Message- From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org [mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu s.org] On Behalf Of David Peterson Sent: Monday, March 14, 2011 9:08 AM To: FreeRadius users mailing list Subject: RE: Sending attribute with sub-attributes AHh ok great! It appears I am on v2.2. Should I be on 3.0 to support the sub-sub tlvs needed for this NAS? David -Original Message- From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.or freeradius-users-bounces+g [mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu s.org] On Behalf Of Alan DeKok Sent: Monday, March 14, 2011 9:05 AM To: David Peterson-WirelessConnections; FreeRadius users mailing list Subject: Re: Sending attribute with sub-attributes David Peterson wrote: I am working on the same issue, likely with the same NAS vendor. Is the order important? Yes. List them in order of attribute number, lowest to highest. Basically, the same order that they are in the dictionary. I am also seeing some uknown attributes in my pcap file. No... the pcap *viewer* you're using doesn't support the WiMAX attributes. This is not surprising. Wireshark grabbed the dictionaries from FreeRADIUS a few years ago, and haven't updated them since. Perhaps I am on the wrong build. How do I verify if I am compiling 3.0 version? $ radiusd -v Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html http://www.freeradius.org/list/users.html attachment: wimax.png- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending attribute with sub-attributes
David Peterson wrote: I am having issue with this portion of the dictionary. The packet shows as malformed and is for some reason sending two tlv’s that seem to be mangled or merged somehow. *please* show the actual data. i.e. a hex dump of the packet. Adding a PNG saying X is malformed doesn't help. Knowing *how* it is malformed will help. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending attribute with sub-attributes
Understood.
00 10 e7 aa 54 18 9a 8b 60 0a 36 8c 08 00 45 00 T... `.6...E.
0010 01 1e 98 d8 00 00 40 11 80 c6 ac 10 04 0e ac 10 ..@.
0020 04 02 07 14 07 14 01 0a 82 f4 02 19 01 02 7b 7e ..{~
0030 3e da 7a 69 9a 1a fc cb ef 4d 25 ae 36 15 1a 12 .zi .M%.6...
0040 00 00 60 b5 1a 0c 00 01 06 76 70 77 73 03 03 01 ..`. .vpws...
0050 1a 29 00 00 60 b5 1c 23 00 04 03 03 06 03 03 07 .)..`..#
0060 03 01 08 03 01 0b 14 01 03 02 02 06 00 00 00 01
0070 04 03 03 09 06 00 00 00 c8 1a 18 00 00 60 b5 1d .`..
0080 12 00 01 03 01 04 03 02 05 03 04 06 06 00 08 00
0090 00 4f 06 03 08 00 04 50 12 5e 2e fe 7f c4 af fc .O.P .^..
00a0 fb 0f 9c 85 e7 1d 15 3f 7e 01 28 7b 73 6d 3d 31 ...? ~.({sm=1
00b0 7d 35 36 34 37 37 31 35 31 41 37 42 34 30 46 38 }5647715 1A7B40F8
00c0 39 44 39 34 44 36 38 44 36 44 35 35 32 33 32 45 9D94D68D 6D55232E
00d0 46 1a 5b 00 00 60 b5 05 55 00 a9 58 00 56 18 13 F.[..`.. U..X.V..
00e0 97 27 dd 72 9e dd 71 a8 94 df 27 94 8c 63 3a 86 .'.r..q. ..'..c:.
00f0 48 04 bc e4 77 1b fa f5 d8 2a fb 64 81 b1 16 75 H...w... .*.d...u
0100 83 7a cc 42 7a 02 ea a7 a2 5d 25 a1 7f 95 a8 1b .z.Bz... .]%.
0110 6f 3b 84 4d 90 0b ea 3a 64 f1 f5 ec b5 86 34 e0 o;.M...: d.4.
0120 ee 01 3f 41 a7 62 d0 29 60 30 f6 fc ..?A.b.) `0..
Not sure if this helps or not
VSA: l=12 t=WiMAX-PDFID(26) C=0x00: [unhandled integer length(9)]
David
-Original Message-
From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org
[mailto:freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: Tuesday, March 15, 2011 9:18 AM
To: David Peterson-WirelessConnections; FreeRadius users mailing list
Subject: Re: Sending attribute with sub-attributes
David Peterson wrote:
I am having issue with this portion of the dictionary. The packet
shows as malformed and is for some reason sending two tlv’s that seem
to be mangled or merged somehow.
*please* show the actual data. i.e. a hex dump of the packet. Adding a PNG
saying X is malformed doesn't help. Knowing *how* it is malformed will help.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending attribute with sub-attributes
David Peterson wrote: ... 1a 12 .zi .M%.6... 0040 00 00 60 b5 1a 0c 00 01 06 76 70 77 73 03 03 01 ..`. .vpws... 0050 1a 29 00 00 60 b5 1c 23 00 04 03 03 06 03 03 07 .)..`..# Not sure if this helps or not VSA: l=12 t=WiMAX-PDFID(26) C=0x00: [unhandled integer length(9)] Well, wireshark isn't using the same dictionaries you're using. Wireshark is using the standard WiMAX dictionaries (it seems), and you're using the broken Alvarion version of the WiMAX dictionaries. If you want wireshark to print out the same things as sent by FreeRADIUS, make Wireshark use the FreeRADIUS dictionaries. Or, use radsniff, which *automatically* uses the FreeRADIUS dictionaries. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending attribute with sub-attributes
Kristoffer Milligan wrote: Attribute R3-IF-Descriptor Sub-TLV R3-IF-Name R3-IF-ID PDFID These are all exposed in the dictionary .. but running a MySQL based freeradius configuration, how do I return this type of packet when a user requests access? R3-IF-Name = foo R3-IF-ID = 1234 ... The server will take care of encapsulating them into the R3-IF-Descriptor when it sends a packet. Until then, don't worry about it. :) Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending attribute with sub-attributes
I am working on the same issue, likely with the same NAS vendor. Is the order important? I am also seeing some uknown attributes in my pcap file. Perhaps I am on the wrong build. How do I verify if I am compiling 3.0 version? David -Original Message- From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org [mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu s.org] On Behalf Of Alan DeKok Sent: Monday, March 14, 2011 6:48 AM To: FreeRadius users mailing list Subject: Re: Sending attribute with sub-attributes Kristoffer Milligan wrote: Attribute R3-IF-Descriptor Sub-TLV R3-IF-Name R3-IF-ID PDFID These are all exposed in the dictionary .. but running a MySQL based freeradius configuration, how do I return this type of packet when a user requests access? R3-IF-Name = foo R3-IF-ID = 1234 ... The server will take care of encapsulating them into the R3-IF-Descriptor when it sends a packet. Until then, don't worry about it. :) Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending attribute with sub-attributes
David Peterson wrote: I am working on the same issue, likely with the same NAS vendor. Is the order important? Yes. List them in order of attribute number, lowest to highest. Basically, the same order that they are in the dictionary. I am also seeing some uknown attributes in my pcap file. No... the pcap *viewer* you're using doesn't support the WiMAX attributes. This is not surprising. Wireshark grabbed the dictionaries from FreeRADIUS a few years ago, and haven't updated them since. Perhaps I am on the wrong build. How do I verify if I am compiling 3.0 version? $ radiusd -v Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending attribute with sub-attributes
AHh ok great! It appears I am on v2.2. Should I be on 3.0 to support the sub-sub tlvs needed for this NAS? David -Original Message- From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org [mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu s.org] On Behalf Of Alan DeKok Sent: Monday, March 14, 2011 9:05 AM To: David Peterson-WirelessConnections; FreeRadius users mailing list Subject: Re: Sending attribute with sub-attributes David Peterson wrote: I am working on the same issue, likely with the same NAS vendor. Is the order important? Yes. List them in order of attribute number, lowest to highest. Basically, the same order that they are in the dictionary. I am also seeing some uknown attributes in my pcap file. No... the pcap *viewer* you're using doesn't support the WiMAX attributes. This is not surprising. Wireshark grabbed the dictionaries from FreeRADIUS a few years ago, and haven't updated them since. Perhaps I am on the wrong build. How do I verify if I am compiling 3.0 version? $ radiusd -v Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending attribute with sub-attributes
You could run a radiusd -v to check the version that's installed. if we are using the same vendor, it's likely that the unknown attributes are unknown simply because the vendor have messed them up .. :) - Kristoffer On 03/14/2011 01:54 PM, David Peterson wrote: I am working on the same issue, likely with the same NAS vendor. Is the order important? I am also seeing some uknown attributes in my pcap file. Perhaps I am on the wrong build. How do I verify if I am compiling 3.0 version? David -Original Message- From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org [mailto:freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org] On Behalf Of Alan DeKok Sent: Monday, March 14, 2011 6:48 AM To: FreeRadius users mailing list Subject: Re: Sending attribute with sub-attributes Kristoffer Milligan wrote: Attribute R3-IF-Descriptor Sub-TLV R3-IF-Name R3-IF-ID PDFID These are all exposed in the dictionary .. but running a MySQL based freeradius configuration, how do I return this type of packet when a user requests access? R3-IF-Name = foo R3-IF-ID = 1234 ... The server will take care of encapsulating them into the R3-IF-Descriptor when it sends a packet. Until then, don't worry about it. :) Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending attribute with sub-attributes
Yep :) git clone git://git.freeradius.org/freeradius-server.git - Kristoffer On 03/14/2011 02:08 PM, David Peterson wrote: AHh ok great! It appears I am on v2.2. Should I be on 3.0 to support the sub-sub tlvs needed for this NAS? David -Original Message- From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org [mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu s.org] On Behalf Of Alan DeKok Sent: Monday, March 14, 2011 9:05 AM To: David Peterson-WirelessConnections; FreeRadius users mailing list Subject: Re: Sending attribute with sub-attributes David Peterson wrote: I am working on the same issue, likely with the same NAS vendor. Is the order important? Yes. List them in order of attribute number, lowest to highest. Basically, the same order that they are in the dictionary. I am also seeing some uknown attributes in my pcap file. No... the pcap *viewer* you're using doesn't support the WiMAX attributes. This is not surprising. Wireshark grabbed the dictionaries from FreeRADIUS a few years ago, and haven't updated them since. Perhaps I am on the wrong build. How do I verify if I am compiling 3.0 version? $ radiusd -v Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Sending attribute with sub-attributes
I think I may be getting closer. What should I define this as in the dictionary: TLV ID 1 for Ref-R3-IF-Name TLV Description Reference name to bind the specified DHCP option with the particular R3-IF-Descriptor/ Service Group - specific for Multi-host scenario. Length 2 + Variable Value ASCII string I am currently using string and getting an unhandled integer length (which may just be a wireshark issue) David -Original Message- From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org [mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu s.org] On Behalf Of David Peterson Sent: Monday, March 14, 2011 9:08 AM To: FreeRadius users mailing list Subject: RE: Sending attribute with sub-attributes AHh ok great! It appears I am on v2.2. Should I be on 3.0 to support the sub-sub tlvs needed for this NAS? David -Original Message- From: freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.or freeradius-users-bounces+g [mailto:freeradius-users-bounces+david.peterson=acc-corp.net@lists.freeradiu s.org] On Behalf Of Alan DeKok Sent: Monday, March 14, 2011 9:05 AM To: David Peterson-WirelessConnections; FreeRadius users mailing list Subject: Re: Sending attribute with sub-attributes David Peterson wrote: I am working on the same issue, likely with the same NAS vendor. Is the order important? Yes. List them in order of attribute number, lowest to highest. Basically, the same order that they are in the dictionary. I am also seeing some uknown attributes in my pcap file. No... the pcap *viewer* you're using doesn't support the WiMAX attributes. This is not surprising. Wireshark grabbed the dictionaries from FreeRADIUS a few years ago, and haven't updated them since. Perhaps I am on the wrong build. How do I verify if I am compiling 3.0 version? $ radiusd -v Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
