cgrates-radius/pppoe_auth.json

{
  "radius_agent": {
    "request_processors": [
      {
        "id": "MikrotikPPPoEAuthCGR",
        "filters": [
          "*string:~*vars.*radReqType:*radAuth"
        ],
        "flags": ["*log", "*attributes", "*continue"],
        "request_fields": [
          {"tag": "ToR", "path": "*cgreq.ToR", "type": "*constant", "value": "*data"},
          {"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "generic"},
          {"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant",
            "value": "*prepaid", "mandatory": true},
          {"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*composed",
            "value": "~*req.User-Name;~*req.NAS-IP-Address", "mandatory": true},
          {"tag": "OriginHost", "path": "*cgreq.OriginHost", "type": "*variable",
            "value": "~*req.NAS-IP-Address", "mandatory": true},
          {"tag": "Account", "path": "*cgreq.Account", "type": "*variable",
            "value": "~*req.User-Name", "mandatory": true},
          {"tag": "Subject", "path": "*cgreq.Subject", "type": "*variable",
            "value": "~*req.User-Name", "mandatory": true},
          {"tag": "Destination", "path": "*cgreq.Destination", "type": "*constant",
            "value": "data"},
          {"tag": "SetupTime", "path": "*cgreq.SetupTime", "type": "*variable",
            "value": "~*req.Event-Timestamp"},
          {"tag": "AnswerTime", "path": "*cgreq.AnswerTime", "type": "*variable",
            "value": "~*req.Event-Timestamp"},
          {"tag": "CallingStationId", "path": "*cgreq.CallingStationId", "type": "*variable",
            "value": "~*req.Calling-Station-Id"}
        ],
        "reply_fields": [
          {"tag": "RejectMessage", "path": "*rep.Reply-Message",
            "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*constant", "value": "Authentication failed: User not found or account disabled"},
          {"tag": "RejectCode", "path": "*rep.*radReplyCode",
            "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*constant", "value": "AccessReject", "blocker": true},
          {"tag": "SessionTimeout", "path": "*rep.Session-Timeout", "type": "*variable",
            "value": "~*cgrep.MaxUsage{*duration_seconds}",
            "filters": ["*notempty:~*cgrep.MaxUsage:"]},
          {"tag": "AcctInterimInterval", "path": "*rep.Acct-Interim-Interval",
            "type": "*constant", "value": "60"},
          {"tag": "FramedIPAddress", "path": "*rep.Framed-IP-Address", "type": "*variable",
            "value": "~*cgrep.Attributes.FramedIPAddress"},
          {"tag": "FramedIPNetmask", "path": "*rep.Framed-IP-Netmask", "type": "*variable",
            "value": "~*cgrep.Attributes.FramedIPNetmask"},
          {"tag": "MikrotikRateLimit", "path": "*rep.Mikrotik-Rate-Limit", "type": "*variable",
            "value": "~*cgrep.Attributes.MikrotikRateLimit"}
        ]
      },
      {
        "id": "MikrotikPPPoEAuthPAP",
        "filters": [
          "*string:~*vars.*radReqType:*radAuth",
          "*notempty:~*req.User-Password:"
        ],
        "flags": ["*radauth", "*pap", "*log"],
        "request_fields": [
          {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable",
            "value": "~*cgrep.Attributes.Password"}
        ],
        "reply_fields": [
          {"tag": "RemoveAddedFields", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*removeall", "path": "*rep"},
          {"tag": "Code", "path": "*rep.*radReplyCode", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*constant", "value": "AccessReject"},
          {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*constant", "value": "Authentication failed: Invalid username or password"}
        ]
      },
      {
        "id": "MikrotikPPPoEAuthCHAP",
        "filters": [
          "*string:~*vars.*radReqType:*radAuth",
          "*notempty:~*req.CHAP-Password:"
        ],
        "flags": ["*radauth", "*chap", "*log"],
        "request_fields": [
          {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable",
            "value": "~*cgrep.Attributes.Password"}
        ],
        "reply_fields": [
          {"tag": "RemoveAddedFields", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*removeall", "path": "*rep"},
          {"tag": "Code", "path": "*rep.*radReplyCode", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*constant", "value": "AccessReject"},
          {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*constant", "value": "Authentication failed: Invalid username or password"}
        ]
      },
      {
        "id": "MikrotikPPPoEAuthMSCHAPv2",
        "filters": [
          "*string:~*vars.*radReqType:*radAuth",
          "*notempty:~*req.Microsoft.MS-CHAP-Challenge:"
        ],
        "flags": ["*radauth", "*mschapv2", "*log"],
        "request_fields": [
          {"tag": "UserPassword", "path": "*vars.UserPassword", "type": "*variable",
            "value": "~*cgrep.Attributes.Password"}
        ],
        "reply_fields": [
          {"tag": "RemoveAddedFields", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*removeall", "path": "*rep"},
          {"tag": "Code", "path": "*rep.*radReplyCode", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*constant", "value": "AccessReject"},
          {"tag": "ReplyMessage", "path": "*rep.Reply-Message", "filters": ["*notempty:~*cgrep.Error:"],
            "type": "*constant", "value": "Authentication failed: Invalid username or password"}
        ]
      }
    ]
  }
}