UDP Profile?

actually, I want to extract the value of RADIUS attribute "Framed-IP-Address" in RADIUS UDP packet. would you mind advising me what should I do?

 

 

help below is helpful:

 

 

 

 

We can make reference to below irule about the usage of session table:

 

 

 

 

rule sipclient {

 

when CLIENT_DATA {

 

if {[scan [UDP::payload] "%s%s" method uri] == 2} {

 

puts $method

 

puts $uri

 

if {[regexp {Call-ID:\s*([^\r\n]+)[\r\n]+} [UDP::payload] -> callid] == 1} {

 

puts $callid

 

persist uie $callid

 

set lll [list $callid any]

 

set sss [session lookup uie $lll]

 

puts $sss

 

set ppp [persist lookup uie $lll]

 

puts $ppp

 

if {$sss != "" && $ppp == ""} {

 

XXX use your real pool name

 

use pool sippool member $sss

 

} else {

 

persist uie $callid

 

}

 

}

 

}

 

}

 

}

 

 

 

 

rule sipserver {

 

when CLIENT_DATA {

 

if {[scan [UDP::payload] "%s%s" method uri] == 2} {

 

puts "server"

 

puts $method

 

puts $uri

 

if {[regexp {Call-ID:\s*([^\r\n]+)[\r\n]+} [UDP::payload] -> callid] == 1} {

 

puts $callid

 

persist uie $callid

 

puts "[IP::remote_addr] [UDP::remote_port]"

 

set lll [list $callid any]

 

set sss [session lookup uie $lll]

 

puts "find $sss"

 

if {$sss == ""} {

 

set lll [list $callid pool sippool]

 

set lll [list $callid any]

 

XXX 7 is an example, set to your real port

 

session add uie $lll [format "%s:%s" [IP::remote_addr] 7]

 

}

 

}

 

}

 

}

 

}

 

 

 

 

profile udp myudp {

 

defaults from udp

 

datagram lb enable

 

}

 

 

 

 

virtual testsip_external {

 

destination 10.10.1.1:7000

 

ip protocol udp

 

pool sippool

 

profile myudp

 

rule sipclient

 

}

 

 

 

 

virtual testsip_internal {

 

destination 10.10.1.2:7

 

ip protocol udp

 

translate service disable

 

translate addr disable

 

profile myudp

 

rule sipserver

 

}

 

 

 

 

 

 

In order to make the first option work, we just need add red lines to Radius LB/persistence irule in SERVER_DATA event as below

 

 

 

 

 

 

8 -

 

 

{ 8 "Framed-IP-Address"

 

 

binary scan $rest_string c4a* IPtmp rest_string

 

 

set IP {}

 

 

foreach num $IPtmp {

 

 

lappend IP [expr ($num + 0x100) % 0x100]

 

 

}

 

 

set attr_value [join $IP .]

 

 

log "Frame-ip-address value $attr_value"

 

 

 

 

set lll [list $attr_value any]

 

set sss [session lookup uie $lll]

 

puts "find $sss"

 

if {$sss == ""} {

 

set lll [list $attr_value any]

 

XXX 7 is an example, set to your real port

 

session add uie $lll [format "%s:%s" [IP::remote_addr] 8080] 8080 is the port of WAP gateway

 

}

 

 

 

 

}

 

 

 

 

 

 

then use following irule for WAP virtual server in CLIENT_ACCEPTED event:

 

 

 

 

When CLIENT_ACCEPTED {

 

 

 

 

set lll [list [IP::remote_addr] any]

 

set sss [session lookup uie $lll]

 

puts $sss

 

set ppp [persist lookup uie $lll]

 

puts $ppp

 

if {$sss != "" && $ppp == ""} {

 

XXX use your real pool name

 

use pool wappool member $sss

 

} else {

 

persist uie [IP::remote_addr]

 

}

 

 

}

 

 

Because session table has ever been used in SIP irule to share the information across virtual server and I ever tried session table in other irule, so I think session table should work in this scenario.

 

 

 

 

But above irule still need been tuned in a test environment, I just write it for prove of concept.

 

 

 

 

If the Radius and WAP gateway was located in different host, but there is one to one corresponding relationship between radius and WAP, we need add an extra array to map this relation in irule, so that we can find the ip address of WAP server after we get the IP address of a Radius server.