RADIUS Monitor
A basic implementation of the Remote Authentication Dial In User Service (RADIUS) server (RFC2865). The package can be used to monitor the RADIUS request that a client is sending to a server.
Install
npm install radius-monitor
Example
const radius = ; { if "error" in packet console; return {}; console; console; console; console; for const attributeName in packetattributes const attributeValue = packetattributesattributeName; console; // Here do the processing of packet.attributes return code: "Access-Accept" attributes: {} ;} { console;} { console;} { console;} const serverCallbacks = errorCallback: errorCallback messageCallback: messageCallback listenCallback: listenCallback sentCallback: sentCallback; radius;
Documentation
startServer
The radius-monitor package exposes only the function startServer
to read/write RADIUS messages from/to clients. The function accepts three arguments: a dictionary with callback functions, the password that a client uses to connect to the server and the port number to listen for client messages. The default value for the port is 1812
as per (RFC2865). The function startServer
opens a UDP server on the default port 1812
if not specified. The function returns the instance of the UDP server.
Below is an example of calling the startServer
function with password password
and port 1812
:
serverCallbacks <Object>
password <string>
port <number>
const serverCallbacks = errorCallback: errorCallback messageCallback: messageCallback listenCallback: listenCallback sentCallback: sentCallback; const serverUDP = radius;
errorCallback
The callback function errorCallback
is invoked when there's a binding or trasmission error from the server to the client.
address <Error>
{ // Process the error object}
listenCallback
The callback function listenCallback
is invoked when the RADIUS server binds to the port specified in startServer
function.
The function listenCallback
accept as input an object containing the address information for a socket. This object will contain address, family and port properties.
address <Object>
{ // Use address.port, address.address and address.family}
sentCallback
The callback function sentCallback
is invoked when the RADIUS server successfully sends a message to the client.
The function sentCallback
accept as input the address and the port of the client, and the RADIUS packet that was sent (described below).
address <string>
port <number>
packet <Object>
{ // Here process packet}
RADIUS packet
The RADIUS packet has the following properties as per (RFC2865):
code <string>
identifier <number>
length <number>
authenticator <string>
attributes <Object>
The code
property is one of the below values:
Access-Request
Access-Accept
Access-Reject
Accounting-Request
Accounting-Response
Access-Challenge
Status-Server (experimental)
Status-Client (experimental)
The authenticator
is the hex string of the authenticator 16 byte field of the RADIUS protocol. Use Buffer.from(packet.authenticator, "hex")
to get the correspopnding 16 byte buffer.
The attributes
property is a dictionary of key value pairs. The key is one of the values below:
User-Name
User-Password
CHAP-Password
NAS-IP-Address
NAS-Port
Service-Type
Framed-Protocol
Framed-IP-Address
Framed-IP-Netmask
Framed-Routing
Filter-Id
Framed-MTU
Framed-Compression
Login-IP-Host
Login-Service
Login-TCP-Port
(unassigned)
Reply-Message
Callback-Number
Callback-Id
(unassigned)
Framed-Route
Framed-IPX-Network
State
Class
Vendor-Specific
Session-Timeout
Idle-Timeout
Termination-Action
Called-Station-Id
Calling-Station-Id
NAS-Identifier
Proxy-State
Login-LAT-Service
Login-LAT-Node
Login-LAT-Group
Framed-AppleTalk-Link
Framed-AppleTalk-Network
Framed-AppleTalk-Zone
CHAP-Challenge
NAS-Port-Type
Port-Limit
Login-LAT-Port
Tunnel-Type
Tunnel-Medium-Type
Connect-Info
Message-Authenticator
Tunnel-Private-Group-Id
The value is a hex string denoting the value of the attribute. An example of attributes
property is below:
"Tunnel-Type": Buffer "Tunnel-Medium-Type": Buffer "Tunnel-Private-Group-Id": Buffer
messageCallback
The async callback function messageCallback
is invoked when the RADIUS server receives a message from the client.
The function messageCallback
accept as input the address and the port of the client, and the RADIUS packet that was received (described above).
address <string>
port <number>
packet <Object>
{ // Process packet return code: "Access-Accept" attributes: {} }
If the messageCallback
returns a non empty packet with a given code
field and a attributes
(can be empty) then the packet is sent to the client.