blowfish Posted February 10, 2010 Posted February 10, 2010 Имеется: freeradius 2.1.8 собранный из исходников на debian etch (с поддержкой openssl) dlink dwl 2100ap в качестве точки доступа и радиус клиента. клиенты nokia e70, nokia n810 (maemo diablo) радиус настроен по how-to http://www.ixbt.com/comm/prac-wpa-eap_2.shtml Клиенты пормально логинятся на точку и работают в интернете, причём оба, с одним и тем-же логином. В радиусе включена поддержка mysql. юзеры берутся из базы, аккаунтинг пишется в базу. Небходиомо настроить simultaneous-use, для того чтобы ограничить одновремееные подключения с одним и тем-же username. Вот тут начинаются проблемы: 00-17-b0-bd-93-c1 - это nokia e70 00-1d-6e-9b-f6-94 - это nokia n810 mysql> select acctsessionid, username, groupname, acctsessiontime, callingstationid, acctstarttime, acctstoptime from radacct order by radacctid; +-----------------------+----------------------------+-----------+-----------------+-------------------+---------------------+---------------------+ | acctsessionid | username | groupname | acctsessiontime | callingstationid | acctstarttime | acctstoptime | +-----------------------+----------------------------+-----------+-----------------+-------------------+---------------------+---------------------+ | 0000000006:0000000004 | testuser | | 2528 | 00-17-b0-bd-93-c1 | 2010-02-09 22:50:39 | 2010-02-09 23:32:47 | | 0000000006:0000000006 | testuser | | 423 | 00-17-b0-bd-93-c1 | 2010-02-09 23:33:14 | 2010-02-09 23:40:17 | | 0000000006:0000000008 | testuser | | 687 | 00-17-b0-bd-93-c1 | 2010-02-09 23:58:18 | 2010-02-10 00:09:46 | | 0000000006:0000000011 | XnDIGXtz6FxG1Lm=264qjFTm | | 399 | 00-1d-6e-9b-f6-94 | 2010-02-10 00:30:00 | 2010-02-10 00:36:39 | | 0000000006:0000000012 | testuser | | 1 | 00-17-b0-bd-93-c1 | 2010-02-10 00:36:04 | 2010-02-10 00:36:07 | | 0000000006:0000000013 | testuser | | 166 | 00-17-b0-bd-93-c1 | 2010-02-10 00:53:08 | 2010-02-10 00:55:54 | | 0000000006:0000000014 | fEeNaVcZFqw6eOQmT=24VDu0 | | 0 | 00-1d-6e-9b-f6-94 | 2010-02-10 00:53:49 | NULL | | 0000000006:0000000015 | testuser | | 0 | 00-17-b0-bd-93-c1 | 2010-02-10 00:55:56 | NULL | | 0000000006:0000000016 | SkX5Cd=24pug04zO0=244db6bG | | 1075 | 00-1d-6e-9b-f6-94 | 2010-02-10 01:03:20 | 2010-02-10 01:21:16 | | 0000000006:0000000017 | yTxQeJ9nTwhq6YzzxEeTSm | | 0 | 00-1d-6e-9b-f6-94 | 2010-02-10 01:21:21 | NULL | | 0000000006:0000000017 | | | 581 | 00-1d-6e-9b-f6-94 | 2010-02-10 01:21:22 | 2010-02-10 01:31:03 | | 0000000006:0000000018 | 9RkUQr9JaZr2UnRNAPiHOm | | 0 | 00-1d-6e-9b-f6-94 | 2010-02-10 01:32:44 | NULL | | 0000000006:0000000019 | y5xPgvjzUfwR=24NlSW4hOLG | | 465 | 00-1d-6e-9b-f6-94 | 2010-02-10 01:49:02 | 2010-02-10 01:56:47 | | 0000000006:0000000021 | C5iOh=260pJzBRazjk3voZUW | | 306 | 00-1d-6e-9b-f6-94 | 2010-02-10 01:56:55 | 2010-02-10 02:02:02 | | 0000000006:0000000022 | testuser | | 0 | 00-17-b0-bd-93-c1 | 2010-02-10 01:59:52 | NULL | | 0000000006:0000000023 | testuser | | 101 | 00-17-b0-bd-93-c1 | 2010-02-10 01:59:54 | 2010-02-10 02:01:33 | | 0000000006:0000000024 | kZ6ZqLNcQRpP2TT4S1x7w0 | | 1041 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:02:09 | 2010-02-10 02:19:29 | | 0000000006:0000000026 | TaN=2619bWZrEjPIq1qpl3Um | | 503 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:19:32 | 2010-02-10 02:27:56 | | 0000000006:0000000027 | SNnQgLPI4ZsKrcQt5NjWdm | | 128 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:27:59 | 2010-02-10 02:30:05 | | 0000000006:0000000028 | pgLbu3fQQsFnAGXA2dG0gm | | 377 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:30:09 | 2010-02-10 02:36:26 | | 0000000006:0000000029 | BcMGdNHkt91L6a5ZFYyIO0 | | 81 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:36:31 | 2010-02-10 02:37:51 | | 0000000006:0000000030 | 1QLux0VjUKds86GfFpMMV0 | | 190 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:37:54 | 2010-02-10 02:41:05 | | 0000000006:0000000031 | zSIcExbtS=26iPOERmNlmZzm | | 383 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:41:12 | 2010-02-10 02:47:35 | | 0000000006:0000000032 | x5bwXhKmLF8PCpzsg3aSG0 | | 318 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:47:38 | 2010-02-10 02:52:56 | | 0000000006:0000000033 | uxogNaSRcnoeya=26GOh8R90 | | 77 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:53:00 | 2010-02-10 02:54:18 | | 0000000006:0000000034 | ZR6fvDB=244TPMk1hcaD=26si0 | | 41090 | 00-1d-6e-9b-f6-94 | 2010-02-10 02:54:21 | 2010-02-10 14:19:11 | | 0000000006:0000000035 | testuser | | 121 | 00-17-b0-bd-93-c1 | 2010-02-10 14:15:47 | 2010-02-10 14:17:46 | | 0000000006:0000000036 | S9M2ZKPNs0fgMcNP9mZXWG | | 4362 | 00-1d-6e-9b-f6-94 | 2010-02-10 14:19:15 | 2010-02-10 15:31:56 | | 0000000006:0000000037 | testuser | | 0 | 00-17-b0-bd-93-c1 | 2010-02-10 14:19:43 | NULL | | 0000000006:0000000038 | testuser | | 4141 | 00-17-b0-bd-93-c1 | 2010-02-10 14:19:45 | 2010-02-10 15:28:47 | | 0000000006:0000000039 | FBAWYhSJofC6F7P8SvJXR0 | | 0 | 00-1d-6e-9b-f6-94 | 2010-02-10 15:31:58 | NULL | | 0000000006:0000000040 | testuser | | 0 | 00-17-b0-bd-93-c1 | 2010-02-10 15:35:26 | NULL | | 0000000006:0000000041 | testuser | | 0 | 00-17-b0-bd-93-c1 | 2010-02-10 15:35:27 | NULL | +-----------------------+----------------------------+-----------+-----------------+-------------------+---------------------+---------------------+ Во всех пакетах в сторону радиуса при подключении n810 фигурирует этот идентификатор, при подключении e70 - открытый username. mysql> select * from radcheck where username = 'testuser'; +----+----------+--------------------+----+----------+ | id | username | attribute | op | value | +----+----------+--------------------+----+----------+ | 1 | testuser | Cleartext-Password | := | testtest | +----+----------+--------------------+----+----------+ Аутентификация проходит без проблем. Вопрос в том, где радиус хранит cleartext username, и как сделать так чтобы в логи и radacct он писал именно его? конфиг радиуса: FreeRADIUS Version 2.1.8, for host i486-pc-linux-gnu, built on Feb 8 2010 at 17:58:40 Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /etc/freeradius/radiusd.conf including configuration file /etc/freeradius/proxy.conf including configuration file /etc/freeradius/clients.conf including configuration file /etc/freeradius/snmp.conf including configuration file /etc/freeradius/eap.conf including configuration file /etc/freeradius/sql.conf including configuration file /etc/freeradius/sql/mysql/dialup.conf including configuration file /etc/freeradius/policy.conf including files in directory /etc/freeradius/sites-enabled/ including configuration file /etc/freeradius/sites-enabled/default including configuration file /etc/freeradius/sites-enabled/inner-tunnel main { user = "freerad" group = "freerad" allow_core_dumps = no } including dictionary file /etc/freeradius/dictionary main { prefix = "/usr" localstatedir = "/var" logdir = "/var/log/freeradius" libdir = "/usr/lib/freeradius" radacctdir = "/var/log/freeradius/radacct" hostname_lookups = no max_request_time = 30 cleanup_delay = 5 max_requests = 1024 pidfile = "/var/run/freeradius/freeradius.pid" checkrad = "/usr/sbin/checkrad" debug_level = 0 proxy_requests = yes log { stripped_names = yes auth = yes auth_badpass = yes auth_goodpass = yes } security { max_attributes = 200 reject_delay = 1 status_server = yes } } radiusd: #### Loading Realms and Home Servers #### proxy server { retry_delay = 5 retry_count = 3 default_fallback = no dead_time = 120 wake_all_if_all_dead = no } home_server localhost { ipaddr = 127.0.0.1 port = 1812 type = "auth" secret = "testing123" response_window = 20 max_outstanding = 65536 require_message_authenticator = no zombie_period = 40 status_check = "status-server" ping_interval = 30 check_interval = 30 num_answers_to_alive = 3 num_pings_to_alive = 3 revive_interval = 120 status_check_timeout = 4 irt = 2 mrt = 16 mrc = 5 mrd = 30 } home_server_pool my_auth_failover { type = fail-over home_server = localhost } realm example.com { auth_pool = my_auth_failover } realm LOCAL { } radiusd: #### Loading Clients #### client localhost { ipaddr = 127.0.0.1 require_message_authenticator = no secret = "testing123" nastype = "other" } client 192.168.0.230 { require_message_authenticator = no secret = "test" nastype = "other" } client 192.168.0.137 { require_message_authenticator = no secret = "test" shortname = "dlink-2100ap-1" nastype = "other" } client 192.168.0.18 { require_message_authenticator = no secret = "test" shortname = "dlink-2100ap-2" nastype = "other" } radiusd: #### Instantiating modules #### instantiate { Module: Linked to module rlm_exec Module: Instantiating exec exec { wait = yes input_pairs = "request" shell_escape = yes } Module: Linked to module rlm_expr Module: Instantiating expr Module: Linked to module rlm_expiration Module: Instantiating expiration expiration { reply-message = "Password Has Expired " } Module: Linked to module rlm_logintime Module: Instantiating logintime logintime { reply-message = "You are calling outside your allowed timespan " minimum-timeout = 60 } } radiusd: #### Loading Virtual Servers #### server inner-tunnel { modules { Module: Checking authenticate {...} for more modules to load Module: Linked to module rlm_pap Module: Instantiating pap pap { encryption_scheme = "auto" auto_header = no } Module: Linked to module rlm_chap Module: Instantiating chap Module: Linked to module rlm_mschap Module: Instantiating mschap mschap { use_mppe = yes require_encryption = no require_strong = no with_ntdomain_hack = no } Module: Linked to module rlm_unix Module: Instantiating unix unix { radwtmp = "/var/log/freeradius/radwtmp" } Module: Linked to module rlm_eap Module: Instantiating eap eap { default_eap_type = "peap" timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = yes max_sessions = 4096 } Module: Linked to sub-module rlm_eap_tls Module: Instantiating eap-tls tls { rsa_key_exchange = no dh_key_exchange = yes rsa_key_length = 512 dh_key_length = 512 verify_depth = 0 pem_file_type = yes private_key_file = "/etc/freeradius/newcert/certificates/radius.somenet.key" certificate_file = "/etc/freeradius/newcert/certificates/radius.somenet.crt" CA_file = "/etc/freeradius/newcert/somenet-ca.crt" private_key_password = "testtest" dh_file = "/etc/freeradius/newcert/certificates/dh" random_file = "/etc/freeradius/newcert/certificates/random" fragment_size = 1024 include_length = yes check_crl = no cipher_list = "DEFAULT" make_cert_command = "/etc/freeradius/newcert/certificates/bootstrap" cache { enable = no lifetime = 24 max_entries = 255 } } Module: Linked to sub-module rlm_eap_ttls Module: Instantiating eap-ttls ttls { default_eap_type = "md5" copy_request_to_tunnel = yes use_tunneled_reply = yes virtual_server = "inner-tunnel" include_length = yes } Module: Linked to sub-module rlm_eap_peap Module: Instantiating eap-peap peap { default_eap_type = "mschapv2" copy_request_to_tunnel = no use_tunneled_reply = yes proxy_tunneled_request_as_eap = yes virtual_server = "inner-tunnel" } Module: Linked to sub-module rlm_eap_mschapv2 Module: Instantiating eap-mschapv2 mschapv2 { with_ntdomain_hack = no } Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_realm Module: Instantiating suffix realm suffix { format = "suffix" delimiter = "@" ignore_default = no ignore_null = no } Module: Instantiating ntdomain realm ntdomain { format = "prefix" delimiter = "\" ignore_default = no ignore_null = no } Module: Linked to module rlm_sql Module: Instantiating sql sql { driver = "rlm_sql_mysql" server = "localhost" port = "" login = "radius" password = "somepassword" radius_db = "radius" read_groups = yes sqltrace = no sqltracefile = "/var/log/freeradius/sqltrace.sql" readclients = no deletestalesessions = yes num_sql_socks = 5 lifetime = 0 max_queries = 0 sql_user_name = "%{User-Name}" default_user_profile = "" nas_query = "SELECT id, nasname, shortname, type, secret FROM nas" authorize_check_query = "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id" authorize_reply_query = "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id" authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id" authorize_group_reply_query = "SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id" accounting_onoff_query = " UPDATE radacct SET acctstoptime = '%S', acctsessiontime = unix_timestamp('%S') - unix_timestamp(acctstarttime), acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = %{%{Acct-Delay-Time}:-0} WHERE acctstoptime IS NULL AND nasipaddress = '%{NAS-IP-Address}' AND acctstarttime <= '%S'" accounting_update_query = " UPDATE radacct SET framedipaddress = '%{Framed-IP-Address}', acctsessiontime = '%{Acct-Session-Time}', acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'" accounting_update_query_alt = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctsessiontime, acctauthentic, connectinfo_start, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, servicetype, framedprotocol, framedipaddress, acctstartdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{%{Acct-Session-Time}:-0} + %{%{Acct-Delay-Time}:-0}) SECOND), '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{X-Ascend-Session-Svr-Key}')" accounting_start_query = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}')" accounting_start_query_alt = " UPDATE radacct SET acctstarttime = '%S', acctstartdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_start = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'" accounting_stop_query = " UPDATE radacct SET acctstoptime = '%S', acctsessiontime = '%{Acct-Session-Time}', acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_stop = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'" accounting_stop_query_alt = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{%{Acct-Session-Time}:-0} + %{%{Acct-Delay-Time}:-0}) SECOND), '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{%{Acct-Delay-Time}:-0}')" group_membership_query = "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority" connect_failure_retry_delay = 60 simul_count_query = "" simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL" postauth_query = "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')" safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /" } rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to radius@localhost:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load Module: Linked to module rlm_sql_log Module: Instantiating sql_log sql_log { path = "/var/log/freeradius/radacct/sql-relay" Post-Auth = "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ('%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', '%S');" sql_user_name = "%{%{User-Name}:-DEFAULT}" utf8 = no safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /" } Module: Linked to module rlm_attr_filter Module: Instantiating attr_filter.access_reject attr_filter attr_filter.access_reject { attrsfile = "/etc/freeradius/attrs.access_reject" key = "%{User-Name}" } } # modules } # server server { modules { Module: Checking authenticate {...} for more modules to load Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_preprocess Module: Instantiating preprocess preprocess { huntgroups = "/etc/freeradius/huntgroups" hints = "/etc/freeradius/hints" with_ascend_hack = no ascend_channels_per_line = 23 with_ntdomain_hack = no with_specialix_jetstream_hack = no with_cisco_vsa_hack = no with_alvarion_vsa_hack = no } Module: Linked to module rlm_detail Module: Instantiating auth_log detail auth_log { detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d" header = "%t" detailperm = 384 dirperm = 493 locking = no log_packet_header = no } Module: Checking preacct {...} for more modules to load Module: Linked to module rlm_acct_unique Module: Instantiating acct_unique acct_unique { key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" } Module: Linked to module rlm_files Module: Instantiating files files { usersfile = "/etc/freeradius/users" acctusersfile = "/etc/freeradius/acct_users" preproxy_usersfile = "/etc/freeradius/preproxy_users" compat = "no" } Module: Checking accounting {...} for more modules to load Module: Instantiating attr_filter.accounting_response attr_filter attr_filter.accounting_response { attrsfile = "/etc/freeradius/attrs.accounting_response" key = "%{User-Name}" } Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load } # modules } # server radiusd: #### Opening IP addresses and Ports #### listen { type = "auth" ipaddr = * port = 0 } listen { type = "acct" ipaddr = * port = 0 } Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on proxy address * port 1814 Ready to process requests. Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.