Problem with attribute transfer to an external script

[Dmitry Lyubimkov]

Hello.
We use FreeRADIUS as an intermediate server (proxy) between commercial
billing system and radius clients (NAS, servers, etc). In this case it is a
question about SIPProxy.
The billing system sends some additional attributes. Here a example from
FreeRADIUS log:
rad_recv: Access-Reject packet from host 172.16.2.9 port 1812, id=99,
length=70
        Reply-Message = "Authorization failed."
        h323-return-code = "h323-return-code=-2"

We receive this from billing system.
And we should transmit to the RADIUS-client the same plus additional
attribute, calculated from h323-return-code. Approximately so:
Sending Access-Reject of id 164 to 172.16.2.6 port 42424
        SIP-AVP := "AUTHCODE:3"
        Reply-Message = "Authorization failed."
        h323-return-code = "h323-return-code=-2"

I have described the application in a radiusd.conf
exec siph323code {
	wait = yes
	input_pairs = reply
	output_pairs = reply
	packet_type = Access-Reject
	program = "/usr/bin/python -u /usr/sbin/radscripts/siph323code.py
%{h323-return-code}
}

Also add it in section
post-proxy {
....
       siph323code
....

The application is started, attribute SIP-AVP is added. But there is a
problem. Value of {h323-return-code} attribute is not transferred to this
application.
FreeRADIUS declares:
rlm_exec (siph323code): WARNING! Input pairs are empty.  No attributes will
be passed to the script
        expand: %{h323-return-code} ->

I.e.it cannot substitute value of h323-return-code attribute. But if I write
on this place any attribute from initial request, for example
%{Cisco-AVPair} that its value is substituted.
Questions:
1. How correctly to describe my application. What value of output_pairs and
input_pairs fields I should use?
2. In what section I should start this application (post-proxy, pre-proxy,
post-auth...)?
3. Why it is not substituted attribute % {h323-return-code}?  

Thanks.
Dmitry