RADIUS Attributes Reference
90
RADIUS ATTRIBUTES REFERENCE GUIDE
RELEASE 14.0.R4
3HE 10793 AAAB TQZZA 01 Issue: 01
Table 18 IP and IPv6 Filters (Limits)
Attribute ID Attribute Name Type Limits SR OS Format
92 NAS-Filter-Rule string max. 10 attributes per
message or max. 10 filter
entries per message
The format of a NAS-Filter-Rule is
defined in RFC 3588, Diameter
Base Protocol, section-4.3,
Derived AVP Data Formats. A
single filter rule is a string of format
<action> <direction> <protocol>
from <source> to <destination>
<options> Multiple rules should be
separated by a NUL (0x00). A
NAS-Filter-Rule attribute may
contain a partial rule, one rule, or
more than one rule. Filter rules may
be continued across attribute
boundaries.
A RADIUS message with NAS-
Filter-Rule attribute value equal to
0x00 or “ “ (a space) removes all
host specific filter entries for that
host.
See also IP Filter Attribute Details.
Example: Nas-Filter-Rule = permit
in ip from any to 10.1.1.1/32
26-529-242 Ascend-Data-
Filter
Octets multiple attributes per
RADIUS message
allowed.
min. length 22 bytes
(IPv4), 46 bytes (IPv6)
max. length: 110 bytes
(IPv4), 140 bytes (IPv6)
A string of octets with fixed field
lengths (type (ipv4/ipv6), direction
(ingress/egress), src-ip, dst-ip, etc.
Each attribute represents a single
filter entry. See IP Filter Attribute
Details for a description of the
format.
Example: # permit in ip from any to
10.1.1.1/32
Ascend-Data-Filter =
0x01010100000000000a0101010
0200000000000000000
To Next Page
Loading...
