| Brian Waters | 13d9601 | 2017-12-08 16:53:31 -0600 | [diff] [blame^] | 1 | # This file contains the configuration for the app_redirect extension of freeDiameter. |
| 2 | # |
| 3 | # This extension provides configurable Redirect messages. |
| 4 | |
| 5 | # Lines starting with a # are comments and ignored. |
| 6 | # Spaces and newlines are not meaningful, except inside quoted areas. |
| 7 | |
| 8 | ######################################################################################### |
| 9 | # See Diameter RFC for a detailed explanation on Redirects semantics # |
| 10 | ######################################################################################### |
| 11 | |
| 12 | ## default_redirect_cache_time |
| 13 | # Specify the default value for Redirect-Max-Cache-Time. |
| 14 | # This value can be overwritten for each rule as specified below. |
| 15 | # If this value is not specified, the default is: |
| 16 | #default_redirect_cache_time = 86400; ## => 1 day |
| 17 | |
| 18 | # The remaining of this file contains a list of RULE elements. |
| 19 | # Each RULE consists in three parts: |
| 20 | # - a CRITERIA that specifies which messages the RULE applies to. |
| 21 | # - a REDIRECT_TYPE that specifies what type of redirect is to be sent, and its duration. |
| 22 | # - a TARGET_HOSTS list that specifies the host(s) to send the message to. |
| 23 | # |
| 24 | # The rules are matched in the order they appear in this file. Once a rule has matched, the |
| 25 | # remaining rules are not processed. |
| 26 | # |
| 27 | # The basic format of a rule is: |
| 28 | # REDIRECT_TYPE : CRITERIA to TARGET_HOSTS ; |
| 29 | |
| 30 | # These are a few examples. The definition of each term follows. |
| 31 | # |
| 32 | # 1) REALM_AND_APPLICATION : app=3 "Destination-Realm"="myrealm.net" to "aaas://acct1.myrealm.net" "aaas://acct2.myrealm.net"; |
| 33 | # will ask all peers sending a Base Accounting message for realm "myrealm.net" to send |
| 34 | # this message directly to either 'acct1.myrealm.net' or 'acct2.myrealm.net'. |
| 35 | # |
| 36 | # 2) ALL_SESSION 3600 : "Origin-AAA-Protocol"=1 "Destination-Realm"="myrealm.net" to "aaas://raddiam.myrealm.net"; |
| 37 | # Will ask any peer sending messages translated from RADIUS and targeted to this realm |
| 38 | # to address all the messages from the same session to 'raddiam.myrealm.net'. The |
| 39 | # redirect entry should be stored for 1 hour. |
| 40 | # |
| 41 | # 3) ALL_HOST : from.realm=[".*\.(fr|de|es)"] to "aaas://relay-EU.myrealm.net"; |
| 42 | # ALL_HOST : from.realm=[".*\.(cn|jp|vn)"] to "aaas://relay-ASIA.myrealm.net"; |
| 43 | # Redirect messages to different relays depending on where they come from. |
| 44 | # |
| 45 | # 4) ALL_HOST : to "aaas://newserv.myrealm.net"; |
| 46 | # This server was relocated, tell all peers to go directly to the new one. |
| 47 | # This rule should appear last because it matches all messages, so further rules will never be used. |
| 48 | |
| 49 | |
| 50 | # |
| 51 | # REDIRECT_TYPE |
| 52 | # |
| 53 | |
| 54 | # The redirect_type is one of the following (see Redirect-Host-Usage AVP definition in RFC for semantics): |
| 55 | # DONT_CACHE |
| 56 | # ALL_SESSION |
| 57 | # ALL_REALM |
| 58 | # REALM_AND_APPLICATION |
| 59 | # ALL_APPLICATION |
| 60 | # ALL_HOST |
| 61 | # ALL_USER |
| 62 | |
| 63 | # In addition, an integer can follow. If specified, it overwrites the default_redirect_cache_time |
| 64 | # value for this rule. The value is always specified in seconds. |
| 65 | |
| 66 | # |
| 67 | # CRITERIA |
| 68 | # |
| 69 | |
| 70 | # Each RULE can contain 0 or more criteria. |
| 71 | # If no criteria is specified, all messages are assumed to match (wildcard). |
| 72 | # If more than one criteria is specified, an "AND" relationship is assumed. |
| 73 | # If you need to specify "OR", just create separate rules. |
| 74 | # |
| 75 | # In the following definitions, "STR/REG" stands for: |
| 76 | # - a quoted string "some.peer" that will match exactly this string (case-insensitive), or |
| 77 | # - a bracket-quoted string ["some regex"] that will be interpreted as a POSIX extended regular expression (case-sensitive), and attempt to match the string. |
| 78 | # |
| 79 | # A criteria is one of the following: |
| 80 | # from.id="STR/REG" -> matches messages received from peer with this Diameter Identity. |
| 81 | # from.realm="STR/REG" -> matches messages received from peer with this Realm. |
| 82 | # app=U32_VALUE -> matches messages with this Diameter Application-Id value in its header. |
| 83 | # "AVP-name"=U32_VALUE -> matches messages that contain an avp "AVP-name" (replace with the realm name) with this value. |
| 84 | # "AVP-name"="STR/REG" -> matches messages that contain an avp "AVP-name" (replace with the realm name) with this . |
| 85 | |
| 86 | # |
| 87 | # TARGET_HOSTS |
| 88 | # |
| 89 | |
| 90 | # This is a simple list of DiameterURI that must be sent back. |
| 91 | # See the RFC for valid format of Diameter URI: |
| 92 | # "aaa://" FQDN [ port ] [ transport ] [ protocol ] |
| 93 | # "aaas://" FQDN [ port ] [ transport ] [ protocol ] |
| 94 | |
| 95 | ###################################################################################### |
| 96 | |
| 97 | |