RADIUS Attributes Reference
7750 SR RADIUS Attributes Reference Guide Page 87
Table 18: IP and IPv6 Filters (limits)
Attribute ID Attribute Name Type Limits SR OS Format
92 NAS-Filter-Rule string max. 10 attributes per
message or max. 10 filter
entries per message
The format of a NAS-Filter-Rule is
defined in RFC 3588, Diameter Base
Protocol, section-4.3, Derived AVP
Data Formats. A single filter rule is a
string of format <action> <direction>
<protocol> from <source> to
<destination> <options> Multiple
rules should be separated by a NUL
(0x00). A NAS-Filter-Rule attribute
may contain a partial rule, one rule, or
more than one rule. Filter rules may
be continued across attribute
boundaries.
A RADIUS message with NAS-Filter-
Rule attribute value equal to 0x00 or “
“ (a space) removes all host specific
filter entries for that host.
See also IP Filter Attribute Details on
page 90.
For example: Nas-Filter-Rule =
permit in ip from any to 10.1.1.1/32
242 Ascend-Data-Filter Octets multiple attributes per
RADIUS message allowed.
min. length 22 bytes (IPv4),
46 bytes (IPv6)
max. length: 110 bytes
(IPv4), 140 bytes (IPv6)
A string of octets with fixed field
lengths (type (ipv4/ipv6), direction
(ingress/egress), src-ip, dst-ip, etc.
Each attribute represents a single filter
entry. See IP Filter Attribute Details
on page 90 for a description of the
format.
For example:# permit in ip from any
to 10.1.1.1/32
Ascend-Data-Filter =
0x01010100000000000a0101010020
0000000000000000
To Next Page
Loading...
