CentOS 5.5 Freeradius MySQL
CentOS 5.5 Freeradius 2.x MySQL 5.x不解释,直接看配置
[*]# date
[*]Fri Jul1 17:02:24 EDT 2011
[*]#
[*]# cat freeradius.log
[*]yum update -y
[*]yum search freeradius
[*]yum -y install freeradius2 freeradius2-utils
[*]yum search mysql-
[*]yum -y install mysqlmysql-devel mysql-server
[*]/etc/init.d/mysqld start
[*]mysqladmin -u root password missuniverse110
[*]chkconfig --level 235 radiusd on
[*]####test it works or not ####
[*]vim /etc/raddb/users
[*]test Cleartext-Password := "test"
[*]####"test" =username and The second test is password ####
[*]radiusd -X #enable debug mode
[*]radtest test test localhost 1812 testing123 #1812 can be set to '0'
[*]####radtest [-d raddb_directory] [-t pap/chap/mschap] [-x ] user password radius-server nas-port-number secret ####
[*]vim /etc/raddb/clients.conf ####Add NAS client
[*]client 192.168.1.0/24 {
[*] secret= missuniverse110
[*] shorname = missuniverse110
[*]}
[*]####Add NAS toclient list
[*]vim /etc/raddb/users
[*]#test Cleartext-Password := "test"
[*]####commment out this line
[*]yum -y install freeradius2-mysql
[*]####Add mysql support
[*]cat /etc/raddb/sql/mysql/admin.sql
[*]###WARNING: You should change 'localhost' and 'radpass', Also update raddb/sql.confwith the new RADIUS password
[*]vim /etc/raddb/sql/mysql/admin.sql
[*]CREATE USER 'radius'@'192.168.1.10';
[*]SET PASSWORD FOR 'radius'@'192.168.1.10' = PASSWORD('missuniverse110');
[*]GRANT SELECT ON radius.* TO 'radius'@'192.168.1.10';
[*]GRANT ALL on radius.radacct TO 'radius'@'192.168.1.10';
[*]GRANT ALL on radius.radpostauth TO 'radius'@'192.168.1.10';
[*]vim /etc/raddb/sql.conf
[*]change the password 'radpass' to 'missunivese110'
[*]mysql -u root -p
[*]mysql>create database radius;
[*]mysql>exit
[*]mysql -u root -p radius < /etc/raddb/sql/mysql/admin.sql
[*]mysql -u root -p radius < /etc/raddb/sql/mysql/schema.sql
[*]mysql -u root -p radius < /etc/raddb/sql/mysql/nas.sql
[*]mysql -u root -p radius < /etc/raddb/sql/mysql/ippool.sql
[*]
[*]
[*]
[*]###import the tables nas.sql and schema.sql inside the/etc/raddb/sql/mysql/ Dir
[*]
[*]###radiusd.conf
[*]vim /etc/raddb/radiusd.conf
[*]uncomment $INCLUDE sql.conf
[*]###sql.conf
[*]vim /etc/raddb/sql.conf
[*]# Connection info:
[*] server = "192.168.1.10"
[*] #port = 3306
[*] login = "radius"
[*] password = "missuniverse110"
[*]
[*] # Database table configuration for everything except Oracle
[*] radius_db = "radius"
[*]###dialup.conf
[*] vim /etc/raddb/sql/mysql/dialup.conf
[*] # Uncomment simul_count_query to enable simultaneous use checking
[*] simul_count_query = "SELECT COUNT(*) \
[*] FROM ${acct_table1} \
[*] WHERE username = '%{SQL-User-Name}' \
[*] AND acctstoptime IS NULL"
[*]# vim /etc/raddb/sites-available/default
[*]In section authorize,
[*]Comment out line 152
[*]#files
[*]Uncomment line 159
[*]sql
[*]In section preacct,
[*]Comment out line 331
[*]#files
[*]In section accounting,
[*]Uncomment line 365
[*]sql
[*]In section session,
[*]Uncomment line 396
[*]sql
[*]#######
[*]Then comment the next lines: files inside authorize section, detail, unix and radutmp inside accounting section and radutmp inside session section.
[*]###################
[*]# vim /etc/raddb/sites-enabled/inner-tunnel
[*]In section authorize,
[*]Comment out line 111
[*]#files
[*]Uncomment line 118
[*]sql
[*]#######################
[*]Add a test user
[*]# mysql -u root -p
[*]mysql> use radius;
[*]mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('hacker','Password',hackerlslz);
[*]radiusd -X
[*]radtest hacker hackerlslz 192.168.1.10 1812 testing123
[*]####192.168.1.10服务器IP
[*]
[*]参考资料:
[*]
[*]http://freeradius.org/doc/
[*]
[*]http://freeradius.org/radiusd/man/
[*]
[*]http://wiki.freeradius.org/New-Wiki
[*]
[*]http://wiki.freeradius.org/
[*]
[*]http://www.untruth.org/~josh/security/radius/radius-auth.html
[*]
[*]http://hi.baidu.com/dd_taiyangxue/blog/item/a1a3807b003c2bfb2f73b338.html
[*]
[*]http://blog.sina.com.cn/s/blog_6151984a0100eyiv.html
[*]
[*]http://blog.sina.com.cn/s/blog_6151984a0100eyix.html
[*]
[*]Freeradius Web GUI:
[*]
[*]http://sourceforge.net/projects/dialup-admin/
[*]
[*]http://sourceforge.net/projects/daloradius/
页:
[1]