9.1.1. ATTRIBUTE attrname attrnum type [flags] Previous topic Parent topic Child topic Next topic

This defines the name, RADIUS attribute number and type for an attribute.
ATTRIBUTE Service-Type 6 integer
ATTRIBUTE is the keyword that says this is an attribute definition. Service-Type is the name of the attribute: the string that will be used as the attribute name when printing the attribute and when setting attributes in the user database. 6 is the standard RADIUS attribute number for this attribute (see RFC 2865), and integer is the data type for this attribute. The supported data types are when you assign values to attributes in the user database are:
  • string
    An ASCII string of up to 253 bytes. Trailing NULs will be stripped.
  • integer
    A decimal integer
  • date
    A date as an integer number of seconds since 00:00:00 UTC Jan 1 1970
  • ipaddr
    An IP address in the form aaa.bbb.ccc.ddd, or a 4 byte binary string
  • binary
    Binary data
  • abinary
    Ascend filter, using the special Ascend filter definition syntax. Radiator is very strict about the syntax. You must follow the filter definition syntax exactly.
  • data
    Binary data, same as ‘binary’
  • boolean
    Required only by some Nortel/Aptis CVX vendor-specific attributes. A single byte attribute. Values of 0 or 1 are permitted.
  • integer8
    A 8 bit unsigned value
  • integer16
    A 16 bit unsigned value using network byte order
  • tagged-integer
  • tagged-string
  • ipaddrv6
    An IPv6 address in the form 2001:db8:148:100::31
  • ipv6prefix
    An IPv6 prefix in the form 2001:db8:148:100::/64
  • ifid
    An IPv6 interface identifier in the form aaaa:bbbb:cccc:dddd
  • ipv4prefix
    An IPv4 prefix in the form 192.168.1.0/24
If you redefine an ATTRIBUTE by defining a new name for an previously defined attribute number, the new definition will silently replace the old one. The first will be a synonym for the second when used in a reply.
Attrnum may be in decimal, hex (prefixed by ‘0x’) or octal (prefixed by 0).
ATTRIBUTE also supports optional flags to control whether the attribute is tagged or requires encryption like this:
ATTRIBUTE Tunnel-Password 69 string has_tag,encrypt=2
The permitted flags are:
  • has_tag
    Specifies that the encoded attribute is prefixed a tag octet. The value of the tag can be specified in an attribute value with a leading tag number and a colon.
  • encrypt=n (n = 1, 2 or 3)
    Specified that the attribute is to encrypted with the specified algorithm. The following algorithms are supported:
    1. RADIUS User-Password encryption
    2. The SALT algorithm as described by RFC 2548
    3. Symmetric encoding and decoding as required for Ascend-Send-Secret