File and Variable Reference
Core Files
-
sites-available/ent_lte-
Purpose: A dual-purpose routing listener that divides packets between pure LTE traffic and Enterprise LTE traffic based solely on the
Called-Station-Id(the network APN).
-
-
policy.d/ent_auth_policy-
Purpose: Normalizes enterprise packets and groups them into either
ENT1(MSISDN identity) orENT2(Corporate identity) for structured database queries.
-
-
policy.d/barred_user_policy-
Purpose: Common post-auth blockage applied to suspended users.
-
Variable Reference Matrix
Group-ID
-
Purpose: Determines the downstream validation flow.
-
Dependency Tree:
-
Originates as
NULL. -
In
ent_auth_policy, ifUser-Namehas@→ Set toENT2. -
If
User-Namedoes not have@→ Set toENT1. -
Triggers
Framed-Addressconflict arbitration rules ONLY ifGroup-ID== "ENT1".
-
User-Name
-
Purpose: Primary lookup key for the database engines.
-
Dependency Tree:
-
Sent by Client (
request:User-Name). -
If the user is
ENT1,User-Namegets rewritten to%{Calling-Station-Id}-%{Called-Station-Id}. -
If the user is
ENT2,User-Namegets truncated to remove the domain suffix. -
Stripped out during
post-authblock to prevent internal identifier leak to network edge.
-
Framed-Address
-
Purpose: Assigns the IP address to the tunnel endpoint.
-
Dependency Tree:
-
Sent by the client equipment (Router/SMF) OR sourced from the DB.
-
Compared inside
ent_auth_policyforENT1users. -
Request > Database priority. If BOTH are present, the Request address overwrites the Database one. If both are absent, the auth flow halts completely (
reject).
-