Python scripts for RADIUS AAA packets support manipulation in subscriber management application. This feature is supported on the 7750 SR and 7450 ESS routers.
A Python script can be executed in following cases:
Before the system sends an access-request packet.
After the system receives an access-accept packet.
After the system receives an CoA-request packet.
Before the system sends an accounting-request packet.
The input of the script is the corresponding original packet; and the output of the packet is used as the new corresponding packet for further ESM AAA process.
The radius-script-policy contains URLs of a primary and an optional secondary Python script, which could be a local CF file path or a FTP URL. The configured radius-script-policy could be used in different ESM polices like authentication-policy or radius-accounting-policy.
The following operations are supported within the script:
Obtain the value of an existing attribute or VSA.
Modify the value of an existing attribute or VSA.
Add a new attribute or VSA.
Remove an existing attribute or VSA.
Message-Authenticator
Alc-LI-Action
Alc-LI-Direction
Alc-LI-Destination
Alc-LI-FC
Alc-LI-Intercept-Id
Alc-LI-Session-Id
After Release 12.0R1, users should use a Python policy (instead of a RADIUS script policy) for RADIUS packet manipulation.