Freeradius: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 1: Zeile 1:
 +
=clients.conf=
 +
cat /etc/freeradius/clients.conf
 +
client localhost {
 +
ipaddr = 127.0.0.1
 +
secret = secretkey
 +
nastype    = other
 +
}
 +
client 192.168.0.0/16 {
 +
secret = secretkey
 +
nastype = other
 +
}
 +
client 10.0.0.0/8 {
 +
secret = secretkey
 +
nastype = other
 +
}
 +
=radiusd.conf=
 +
<pre>
 +
cat  /etc/freeradius/radiusd.conf
 +
prefix = /usr
 +
exec_prefix = /usr
 +
sysconfdir = /etc
 +
localstatedir = /var
 +
sbindir = ${exec_prefix}/sbin
 +
logdir = /var/log/freeradius
 +
raddbdir = /etc/freeradius
 +
radacctdir = ${logdir}/radacct
 +
name = freeradius
 +
confdir = ${raddbdir}
 +
run_dir = ${localstatedir}/run/${name}
 +
db_dir = ${raddbdir}
 +
libdir = /usr/lib/freeradius
 +
pidfile = ${run_dir}/${name}.pid
 +
user = freerad
 +
group = freerad
 +
max_request_time = 30
 +
cleanup_delay = 5
 +
max_requests = 1024
 +
listen {
 +
type = auth
 +
ipaddr = *
 +
port = 0
 +
}
 +
listen {
 +
ipaddr = *
 +
port = 0
 +
type = acct
 +
}
 +
hostname_lookups = no
 +
allow_core_dumps = no
 +
regular_expressions    = yes
 +
extended_expressions    = yes
 +
log {
 +
destination = files
 +
file = ${logdir}/radius.log
 +
syslog_facility = daemon
 +
stripped_names = no
 +
auth = no
 +
auth_badpass = no
 +
auth_goodpass = no
 +
}
 +
checkrad = ${sbindir}/checkrad
 +
security {
 +
max_attributes = 200
 +
reject_delay = 1
 +
status_server = yes
 +
}
 +
proxy_requests  = yes
 +
$INCLUDE proxy.conf
 +
$INCLUDE clients.conf
 +
thread pool {
 +
start_servers = 5
 +
max_servers = 32
 +
min_spare_servers = 3
 +
max_spare_servers = 10
 +
max_requests_per_server = 0
 +
}
 +
modules {
 +
$INCLUDE ${confdir}/modules/
 +
}
 +
instantiate {
 +
exec
 +
expr
 +
expiration
 +
logintime
 +
}
 +
$INCLUDE policy.conf
 +
$INCLUDE sites-enabled/
 +
</pre>
 +
 +
 +
 +
 +
 
=links=
 
=links=
 
*http://www.tldp.org/HOWTO/archived/LDAP-Implementation-HOWTO/radius.html
 
*http://www.tldp.org/HOWTO/archived/LDAP-Implementation-HOWTO/radius.html
 
*http://paulgporter.net/2013/07/14/freeradius-ldaps/
 
*http://paulgporter.net/2013/07/14/freeradius-ldaps/
 
*http://ubuntuforums.org/showthread.php?t=1976883
 
*http://ubuntuforums.org/showthread.php?t=1976883

Version vom 18. Dezember 2014, 08:51 Uhr

clients.conf

cat /etc/freeradius/clients.conf client localhost { ipaddr = 127.0.0.1 secret = secretkey nastype = other } client 192.168.0.0/16 { 

secret = secretkey

nastype = other } client 10.0.0.0/8 { secret = secretkey nastype = other }

radiusd.conf

cat   /etc/freeradius/radiusd.conf 
prefix = /usr
exec_prefix = /usr
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = /var/log/freeradius
raddbdir = /etc/freeradius
radacctdir = ${logdir}/radacct
name = freeradius
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/${name}
db_dir = ${raddbdir}
libdir = /usr/lib/freeradius
pidfile = ${run_dir}/${name}.pid
user = freerad
group = freerad
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
listen {
type = auth
ipaddr = *
port = 0
}
listen {
ipaddr = *
port = 0
type = acct
}
hostname_lookups = no
allow_core_dumps = no
regular_expressions    = yes
extended_expressions    = yes
log {
destination = files
file = ${logdir}/radius.log
syslog_facility = daemon
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
}
checkrad = ${sbindir}/checkrad
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
proxy_requests  = yes
$INCLUDE proxy.conf
$INCLUDE clients.conf
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
modules {
$INCLUDE ${confdir}/modules/
}
instantiate {
exec
expr
expiration
logintime
}
$INCLUDE policy.conf
$INCLUDE sites-enabled/



links

Abgerufen von „http://wiki.ixheim.de/index.php?title=Freeradius&oldid=6255