uppal/cgrates-radius
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
39a45a21516c34b4e60f2dd881b1c5e4db19ed12
cgrates-radius/cgrates.json
Junaid Saeed Uppal 39a45a2151 fixes
2025-12-24 22:18:05 +05:00

128 lines
4.5 KiB
JSON
Raw Blame History

{
// CGRateS Configuration for PPPoE RADIUS Authentication - PAP
// Single processor approach - fetches password from AttributeS, strips nulls, compares
// Bypasses *radauth null-padding bug by using filter-based comparison
"general": {
"log_level": 7,
"node_id": "pppoe_auth_server",
"default_tenant": "cgrates.org"
},
"listen": {
"rpc_json": "127.0.0.1:2012",
"rpc_gob": "127.0.0.1:2013",
"http": "127.0.0.1:2080"
},
"data_db": {
"db_type": "*internal"
},
"stor_db": {
"db_type": "*internal"
},
"caches":{
"partitions": {
"*attribute_profiles": {"limit": -1, "ttl": "1h"},
"*attribute_filter_indexes": {"limit": -1, "ttl": "1h"}
}
},
"filters": {
"apiers_conns": ["*localhost"]
},
"attributes": {
"enabled": true,
"apiers_conns": ["*localhost"],
"indexed_selects": true,
"prefix_indexed_fields": ["*req.Account"]
},
"chargers": {
"enabled": true
},
"sessions": {
"enabled": true,
"attributes_conns": ["*localhost"],
"chargers_conns": ["*internal"],
"debit_interval": "0"
},
"radius_agent": {
"enabled": true,
"sessions_conns": ["*localhost"],
"attributes_conns": ["*localhost"],
"listeners":[
{
"network": "udp",
"auth_address": "0.0.0.0:1812",
"acct_address": "0.0.0.0:1813"
}
],
"client_secrets": {
"*default": "testing123"
},
"client_dictionaries": {
"*default": ["/usr/share/cgrates/radius/dict/"]
},
"request_processors": [
// ============================================================
// Single processor for PAP authentication
// Fetches password from AttributeS, strips nulls, compares
// ============================================================
{
"id": "PPPoE_PAP_Auth",
"filters": [
"*string:~*vars.*radReqType:*radAuth"
],
"flags": [
"*authorize",
"*attributes",
"*log"
],
"request_fields": [
{"tag": "ToR", "path": "*cgreq.ToR", "type": "*constant", "value": "*data"},
{"tag": "Category", "path": "*cgreq.Category", "type": "*constant", "value": "pppoe"},
{"tag": "RequestType", "path": "*cgreq.RequestType", "type": "*constant", "value": "*none", "mandatory": true},
{"tag": "OriginID", "path": "*cgreq.OriginID", "type": "*composed", "value": "~*req.User-Name"},
{"tag": "Account", "path": "*cgreq.Account", "type": "*composed", "value": "~*req.User-Name", "mandatory": true},
{"tag": "Subject", "path": "*cgreq.Subject", "type": "*composed", "value": "~*req.User-Name"},
// Marker to fetch password from AttributeS
{"tag": "Password", "path": "*cgreq.Password", "type": "*constant", "value": "*attributes"},
// Strip null padding from received password
{"tag": "ReceivedPassword", "path": "*vars.ReceivedPassword", "type": "*variable",
"value": "~*req.User-Password{*strip:*suffix:*nil}"}
],
"reply_fields": [
// Get expected password from attributes reply
{"tag": "ExpectedPassword", "path": "*vars.ExpectedPassword", "type": "*variable",
"value": "~*cgrep.Attributes.Password"},
// SUCCESS: Passwords match - set standard PPP attributes
{"tag": "FramedProtocol", "path": "*rep.Framed-Protocol",
"filters": ["*string:~*vars.ReceivedPassword:~*vars.ExpectedPassword"],
"type": "*constant", "value": "1"},
{"tag": "ServiceType", "path": "*rep.Service-Type",
"filters": ["*string:~*vars.ReceivedPassword:~*vars.ExpectedPassword"],
"type": "*constant", "value": "2"},
// FAILURE: Passwords don't match or not found - reject
{"tag": "RejectCode", "path": "*rep.*radReplyCode",
"filters": ["*notstring:~*vars.ReceivedPassword:~*vars.ExpectedPassword"],
"type": "*constant", "value": "AccessReject"},
{"tag": "RejectMessage", "path": "*rep.Reply-Message",
"filters": ["*notstring:~*vars.ReceivedPassword:~*vars.ExpectedPassword"],
"type": "*constant", "value": "Invalid username or password"}
]
}
]
},
"apiers": {
"enabled": true
}
}
Reference in New Issue View Git Blame Copy Permalink