CentOS 5.5 Freeradius 2.x MySQL 5.x
不解释,直接看配置
- [root@localhost ~]# date
- Fri Jul 1 17:02:24 EDT 2011
- [root@localhost ~]#
- [root@localhost ~]# cat freeradius.log
- yum update -y
- yum search freeradius
- yum -y install freeradius2 freeradius2-utils
- yum search mysql-
- yum -y install mysql mysql-devel mysql-server
- /etc/init.d/mysqld start
- mysqladmin -u root password missuniverse110
- chkconfig --level 235 radiusd on
- ####test it works or not ####
- vim /etc/raddb/users
- test Cleartext-Password := "test"
- ####"test" =username and The second test is password ####
- radiusd -X #enable debug mode
- radtest test test localhost 1812 testing123 #1812 can be set to '0'
- ####radtest [-d raddb_directory] [-t pap/chap/mschap] [-x ] user password radius-server nas-port-number secret [ppphint] [nasname] ####
- vim /etc/raddb/clients.conf ####Add NAS client
- client 192.168.1.0/24 {
- secret = missuniverse110
- shorname = missuniverse110
- }
- ####Add NAS to client list
- vim /etc/raddb/users
- #test Cleartext-Password := "test"
- ####commment out this line
- yum -y install freeradius2-mysql
- ####Add mysql support
- cat /etc/raddb/sql/mysql/admin.sql
- ###WARNING: You should change 'localhost' and 'radpass', Also update raddb/sql.conf with the new RADIUS password
- vim /etc/raddb/sql/mysql/admin.sql
- CREATE USER 'radius'@'192.168.1.10';
- SET PASSWORD FOR 'radius'@'192.168.1.10' = PASSWORD('missuniverse110');
- GRANT SELECT ON radius.* TO 'radius'@'192.168.1.10';
- GRANT ALL on radius.radacct TO 'radius'@'192.168.1.10';
- GRANT ALL on radius.radpostauth TO 'radius'@'192.168.1.10';
- vim /etc/raddb/sql.conf
- change the password 'radpass' to 'missunivese110'
- mysql -u root -p
- mysql>create database radius;
- mysql>exit
- mysql -u root -p radius < /etc/raddb/sql/mysql/admin.sql
- mysql -u root -p radius < /etc/raddb/sql/mysql/schema.sql
- mysql -u root -p radius < /etc/raddb/sql/mysql/nas.sql
- mysql -u root -p radius < /etc/raddb/sql/mysql/ippool.sql
- ###import the tables nas.sql and schema.sql inside the /etc/raddb/sql/mysql/ Dir
- ###radiusd.conf
- vim /etc/raddb/radiusd.conf
- uncomment $INCLUDE sql.conf
- ###sql.conf
- vim /etc/raddb/sql.conf
- # Connection info:
- server = "192.168.1.10"
- #port = 3306
- login = "radius"
- password = "missuniverse110"
- # Database table configuration for everything except Oracle
- radius_db = "radius"
- ###dialup.conf
- vim /etc/raddb/sql/mysql/dialup.conf
- # Uncomment simul_count_query to enable simultaneous use checking
- simul_count_query = "SELECT COUNT(*) \
- FROM ${acct_table1} \
- WHERE username = '%{SQL-User-Name}' \
- AND acctstoptime IS NULL"
- # vim /etc/raddb/sites-available/default
- In section authorize,
- Comment out line 152
- #files
- Uncomment line 159
- sql
- In section preacct,
- Comment out line 331
- #files
- In section accounting,
- Uncomment line 365
- sql
- In section session,
- Uncomment line 396
- sql
- #######
- Then comment the next lines: files inside authorize section, detail, unix and radutmp inside accounting section and radutmp inside session section.
- ###################
- # vim /etc/raddb/sites-enabled/inner-tunnel
- In section authorize,
- Comment out line 111
- #files
- Uncomment line 118
- sql
- #######################
- Add a test user
- # mysql -u root -p
- mysql> use radius;
- mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('hacker','Password',hackerlslz);
- radiusd -X
- radtest hacker hackerlslz 192.168.1.10 1812 testing123
- ####192.168.1.10服务器IP
- 参考资料:
- http://freeradius.org/doc/
- http://freeradius.org/radiusd/man/
- http://wiki.freeradius.org/New-Wiki
- http://wiki.freeradius.org/
- http://www.untruth.org/~josh/security/radius/radius-auth.html
- http://hi.baidu.com/dd_taiyangxue/blog/item/a1a3807b003c2bfb2f73b338.html
- http://blog.sina.com.cn/s/blog_6151984a0100eyiv.html
- http://blog.sina.com.cn/s/blog_6151984a0100eyix.html
- Freeradius Web GUI:
- http://sourceforge.net/projects/dialup-admin/
- http://sourceforge.net/projects/daloradius/
