2

I am using FreeRADIUS 2.1.12 with PostgreSQL for user and client (nas) auth. I'm a bit new to this--I learned what RADIUS was when I was assigned to set this server up a couple of weeks ago--so pardon me if I'm misunderstanding.

In the database used by FreeRADIUS, there are several tables that have an "attribute" column. From examples on the web, I see the column can contain many things, like Auth-Type, Framed-IP-Address, Crypt-Password, and so on. However, I have been unable to find documentation anywhere dictating what attributes are valid.

The closest I have come is the RFC attribute list, but none of the examples mentioned above are in that list. This implies that there is a set of vendor-specific attributes. However, in days of searching I have found nothing.

Where can I find documentation for acceptable attributes in FreeRADIUS? Are there different sets of attributes depending on the sql table/config file?

vastlysuperiorman
  • 596
  • 6
  • 17
  • You're confusing what is stored in the database with what is transmitted over the network. – Michael Hampton Apr 09 '15 at 17:19
  • @MichaelHampton That is valid feedback, and I believe you. However, I'm afraid your brief comment has not enlightened me--can you explain? Do you mean that the RFC attributes are not the same as the database attributes? If so... that's fine... but I still need documentation on database attributes. :) – vastlysuperiorman Apr 09 '15 at 17:30

2 Answers2

3

Funny that I would find the answer minutes after posting a question, despite searching for days beforehand.

While explanations of each attribute are not present, I have found where FreeRADIUS stores/looks up attributes. With these lists I can at least figure out what I need.

On my debian install, /etc/freeradius/dictionary includes a file /usr/share/freeradius/dictionary. On many other systems, I believe that you may need to substitute raddb for freeradius in the file paths.

The dictionary file in /usr/share includes many other files, most notably the RFC definitions, dictionary.freeradius for FreeRADIUS vendor-specific definitions, and dictionary.freeradius.internal for things like the users file and SQL databases.

Hopefully this helps someone else with similar questions.

vastlysuperiorman
  • 596
  • 6
  • 17
  • https://github.com/FreeRADIUS/freeradius-server/blob/v3.1.x/share/dictionary.freeradius.internal https://github.com/FreeRADIUS/freeradius-server/blob/v3.1.x/share/dictionary.freeradius For the most up to date ones. If you really want to know where each one is used, download, configure, build the source. Then see ``src/include/attributes.h`` for the macro versions, and ``grep -r`` through the code. That'll at least tell you the modules, and if you're familiar with C you should be able to figure out how/when they're added or checked for. – Arran Cudbard-Bell Apr 12 '15 at 20:51
0

To specifically answer your question, the list of attributes in freeradius is here:

http://freeradius.org/rfc/attributes.html

The page states "It does contains [sic] no vendor-specific attributes."

On a freeradius wiki page, it states "..attributes [are] automatically generated from the relevant RFCs..." which would include RFC2868, an update of RFC2865, and possibly RFC2869.

Hugh Buntu
  • 109
  • 4
  • That doesn't answer the question. That's the compiled list of RFC attributes, not FreeRADIUS internal attributes. I'm not sure why this was marked as the answer. – Arran Cudbard-Bell Jul 11 '17 at 12:45