Added RFC4675 attributes to RADIUS dissector

diff --git a/print-radius.c b/print-radius.c
index c2022c8daa03dd8fadce0c64b567c190247493a4..0dc3c102a4b17e03387d159e4de983b02940150f 100644 (file)
--- a/print-radius.c
+++ b/print-radius.c
@@ -37,6 +37,9 @@
  * RFC 2869:
  *      "RADIUS Extensions"
  *
+ * RFC 4675:
+ *      "RADIUS Attributes for Virtual LAN and Priority Support"
+ *
  * Alfredo Andres Omella ([email protected]) v0.1 2000/09/15
  *
  * TODO: Among other things to print ok MacIntosh and Vendor values
@@ -109,6 +112,9 @@ static const struct tok radius_command_values[] = {
 #define ACCT_DELAY        41
 #define ACCT_SESSION_TIME 46
 
+#define EGRESS_VLAN_ID   56
+#define EGRESS_VLAN_NAME 58
+
 #define TUNNEL_TYPE        64
 #define TUNNEL_MEDIUM      65
 #define TUNNEL_CLIENT_END  66
@@ -131,6 +137,15 @@ static const struct tok radius_command_values[] = {
 /* End Radius Attribute types */
 /********************************/
 
+#define RFC4675_TAGGED   0x31
+#define RFC4675_UNTAGGED 0x32
+
+static const struct tok rfc4675_tagged[] = {
+    { RFC4675_TAGGED,   "Tagged" },
+    { RFC4675_UNTAGGED, "Untagged" },
+    { 0, NULL}
+};
+
 
 static void print_attr_string(netdissect_options *, register u_char *, u_int, u_short );
 static void print_attr_num(netdissect_options *, register u_char *, u_int, u_short );
@@ -210,6 +225,12 @@ static const char *term_action[]={ "Default",
                                    "RADIUS-Request",
                                  };
 
+/* Ingress-Filters Attribute standard values */
+static const char *ingress_filters[]={ NULL,
+                                       "Enabled",
+                                       "Disabled",
+                                     };
+
 /* NAS-Port-Type Attribute standard values */
 static const char *nas_port_type[]={ "Async",
                                      "Sync",
@@ -392,10 +413,10 @@ struct attrtype { const char *name;      /* Attribute name                 */
      { "Accounting Output Giga",          NULL, 0, 0, print_attr_num },
      { "Unassigned",                      NULL, 0, 0, NULL }, /*54*/
      { "Event Timestamp",                 NULL, 0, 0, print_attr_time },
-     { "Unassigned",                      NULL, 0, 0, NULL }, /*56*/
-     { "Unassigned",                      NULL, 0, 0, NULL }, /*57*/
-     { "Unassigned",                      NULL, 0, 0, NULL }, /*58*/
-     { "Unassigned",                      NULL, 0, 0, NULL }, /*59*/
+     { "Egress VLAN ID",                  NULL, 0, 0, print_attr_num },
+     { "Ingress Filters",                 ingress_filters, TAM_SIZE(ingress_filters)-1, 1, print_attr_num },
+     { "Egress VLAN Name",                NULL, 0, 0, print_attr_string },
+     { "User Priority Table",             NULL, 0, 0, NULL },
      { "CHAP challenge",                  NULL, 0, 0, print_attr_string },
      { "NAS Port Type",                   nas_port_type, TAM_SIZE(nas_port_type), 0, print_attr_num },
      { "Port Limit",                      NULL, 0, 0, print_attr_num },
@@ -487,6 +508,13 @@ print_attr_string(netdissect_options *ndo,
               length--;
            }
         break;
+      case EGRESS_VLAN_NAME:
+           ND_PRINT((ndo, "%s (0x%02x) ",
+                  tok2str(rfc4675_tagged,"Unknown tag",*data),
+                  *data));
+           data++;
+           length--;
+        break;
    }
 
    for (i=0; *data && i < length ; i++, data++)
@@ -660,6 +688,14 @@ print_attr_num(netdissect_options *ndo,
             ND_PRINT((ndo, "%d", EXTRACT_24BITS(data)));
           break;
 
+        case EGRESS_VLAN_ID:
+            ND_PRINT((ndo, "%s (0x%02x) ",
+                   tok2str(rfc4675_tagged,"Unknown tag",*data),
+                   *data));
+            data++;
+            ND_PRINT((ndo, "%d", EXTRACT_24BITS(data)));
+          break;
+
         default:
              ND_PRINT((ndo, "%d", EXTRACT_32BITS(data)));
           break;

diff --git a/tests/RADIUS-RFC4675.pcap b/tests/RADIUS-RFC4675.pcap
new file mode 100644 (file)
index 0000000..a5d7505
Binary files /dev/null and b/tests/RADIUS-RFC4675.pcap differ

diff --git a/tests/TESTLIST b/tests/TESTLIST
index 3cdc7caa72635f33a1860f9a8c15d2f7f289b5c7..79a56ecdc25c1909680b66ede67a781627ce2dd8 100644 (file)
--- a/tests/TESTLIST
+++ b/tests/TESTLIST
@@ -231,6 +231,7 @@ decnet              DECnet_Phone.pcap       decnet.out      -t
 
 # RADIUS tests
 radius-v       RADIUS.pcap     radius-v.out    -t -v
+radius-rfc4675 RADIUS-RFC4675.pcap     radius-rfc4675-v.out    -t -v
 
 # link-level protocols
 dtp-v          DTP.pcap                dtp-v.out               -t -v

diff --git a/tests/radius-rfc4675-v.out b/tests/radius-rfc4675-v.out
new file mode 100644 (file)
index 0000000..d4c3d0f
--- /dev/null
+++ b/tests/radius-rfc4675-v.out
@@ -0,0 +1,43 @@
+IP (tos 0x0, ttl 64, id 20820, offset 0, flags [none], proto UDP (17), length 108)
+    127.0.0.1.53334 > 127.0.0.1.1812: RADIUS, length: 80
+       Access Request (1), id: 0x46, Authenticator: f44757bc498c3393763a27d0b2393702
+         Username Attribute (1), length: 12, Value: bob-tagged
+         Password Attribute (2), length: 18, Value: 
+         NAS IP Address Attribute (4), length: 6, Value: 127.0.0.1
+         NAS Port Attribute (5), length: 6, Value: 1
+         Message Authentication Attribute (80), length: 18, Value: .....b..7-\7f...b.
+IP (tos 0x0, ttl 64, id 20821, offset 0, flags [none], proto UDP (17), length 81)
+    127.0.0.1.1812 > 127.0.0.1.53334: RADIUS, length: 53
+       Access Accept (2), id: 0x46, Authenticator: 766a0314eaf4b95f1ec271ae19cb3bdc
+         Egress VLAN ID Attribute (56), length: 6, Value: Tagged (0x31) 123
+         Ingress Filters Attribute (57), length: 6, Value: Enabled
+         Egress VLAN Name Attribute (58), length: 11, Value: Tagged (0x31) vlanname
+         User Priority Table Attribute (59), length: 10, Value: 
+IP (tos 0x0, ttl 64, id 21127, offset 0, flags [none], proto UDP (17), length 110)
+    127.0.0.1.46281 > 127.0.0.1.1812: RADIUS, length: 82
+       Access Request (1), id: 0xb5, Authenticator: 11851d8b1b483f54a864b703ea21f4dc
+         Username Attribute (1), length: 14, Value: bob-untagged
+         Password Attribute (2), length: 18, Value: 
+         NAS IP Address Attribute (4), length: 6, Value: 127.0.0.1
+         NAS Port Attribute (5), length: 6, Value: 1
+         Message Authentication Attribute (80), length: 18, Value: ..o..}f..d.;..R[
+IP (tos 0x0, ttl 64, id 21128, offset 0, flags [none], proto UDP (17), length 71)
+    127.0.0.1.1812 > 127.0.0.1.46281: RADIUS, length: 43
+       Access Accept (2), id: 0xb5, Authenticator: e223a663823b20ccc18bcf90c3ecbe27
+         Egress VLAN ID Attribute (56), length: 6, Value: Untagged (0x32) 123
+         Ingress Filters Attribute (57), length: 6, Value: Disabled
+         Egress VLAN Name Attribute (58), length: 11, Value: Untagged (0x32) vlanname
+IP (tos 0x0, ttl 64, id 21190, offset 0, flags [none], proto UDP (17), length 109)
+    127.0.0.1.39300 > 127.0.0.1.1812: RADIUS, length: 81
+       Access Request (1), id: 0x5a, Authenticator: 8dd685f50f837e8ad29e9cc095261172
+         Username Attribute (1), length: 13, Value: bob-invalid
+         Password Attribute (2), length: 18, Value: 
+         NAS IP Address Attribute (4), length: 6, Value: 127.0.0.1
+         NAS Port Attribute (5), length: 6, Value: 1
+         Message Authentication Attribute (80), length: 18, Value: ....(..^A.f.....
+IP (tos 0x0, ttl 64, id 21191, offset 0, flags [none], proto UDP (17), length 71)
+    127.0.0.1.1812 > 127.0.0.1.39300: RADIUS, length: 43
+       Access Accept (2), id: 0x5a, Authenticator: fbaa7d05d009953514d00697da4d1dfc
+         Egress VLAN ID Attribute (56), length: 6, Value: Unknown tag (0x33) 123
+         Ingress Filters Attribute (57), length: 6, Value: #3
+         Egress VLAN Name Attribute (58), length: 11, Value: Unknown tag (0x33) vlanname