diff options
Diffstat (limited to 'accel-pppd/accel-ppp.conf.5')
| -rw-r--r-- | accel-pppd/accel-ppp.conf.5 | 67 |
1 files changed, 65 insertions, 2 deletions
diff --git a/accel-pppd/accel-ppp.conf.5 b/accel-pppd/accel-ppp.conf.5 index 51612ca9..f951325c 100644 --- a/accel-pppd/accel-ppp.conf.5 +++ b/accel-pppd/accel-ppp.conf.5 @@ -131,6 +131,17 @@ Specifies maximum concurrent session attempts which server may processed (defaul .TP .BI "check-ip=" 0|1 Specifies whether accel-ppp should check if IP already assigned to other client interface (default 0). +.TP +.BI "nl-snd-buffer=" n +Specifies netlink maximum send buffer size (SO_SNDBUF option) (default 32768). +.TP +.BI "nl-rcv-buffer=" n +Specifies netlink maximum receive buffer size (SO_RCVBUF option) (default 1048576). +.TP +.BI "session-timeout=" n +Specifies max sessions time in seconds, after this time session will be terminated. +.br +This timeout can be redefined with radius attribute Session-Timeout. 0 value means infinite timeout. .SH [ppp] .br PPP module configuration. @@ -233,6 +244,27 @@ This should reduce kernel-level interface creation/deletion rate lack. .TP .BI "unit-preallocate=" 0|1 If set to 1 then allocate ppp unit (interface) before authorization, so Nas-Port and Nas-Port-Id would be defined in Access-Request phase. +.SH [auth] +.br +Contains authentication params +.TP +.BI "timeout=" n +If n is not zero specifies timeout in seconds to wait for PAP, CHAP, Microsoft CHAP v1/v2 authentication. +.TP +.BI "interval=" n +If n is not zero specifies timeout in seconds to restart CHAP and Microsoft CHAP v1/v2 authentication. +.TP +.BI "max-failure=" n +If n is not zero specifies maximum number of CHAP and Microsoft CHAP v1/v2 authentication failures. +.TP +.BI "any-login=" 0|1 +If set to 1 allows pass PAP, CHAP and Microsoft CHAP v1 authentication with any login. +.TP +.BI "noauth=" 0|1 +If set to 1 skips any PPP and IPOE authentication. +.TP +.BI "challenge-name=" name +Specifies challenge name for CHAP authentication. .SH [ipoe] .TP .BI "verbose=" n @@ -532,6 +564,11 @@ as a template, i.e pptp%d => pptp0. .BI "ppp-max-mtu=" n Set the maximum MTU value that can be negotiated for PPP over PPTP sessions. Default value is 1436. +.TP +.BI "session-timeout=" n +Specifies max sessions time in seconds, after this time session will be terminated. +.br +This timeout can be redefined with radius attribute Session-Timeout. 0 value means infinite timeout. .SH [pppoe] .br Configuration of PPPoE module. @@ -601,6 +638,11 @@ Specifies overall limit of PADI packets to reply in 1 second period (default 0 - If this option is given ppp interface will be renamed using .B ifname as a template, i.e pppoe%d => pppoe0. +.TP +.BI "session-timeout=" n +Specifies max sessions time in seconds, after this time session will be terminated. +.br +This timeout can be redefined with radius attribute Session-Timeout. 0 value means infinite timeout. .SH [l2tp] .br Configuration of L2TP module. @@ -692,6 +734,11 @@ sessions. Default value is 1420. If this option is given ppp interface will be renamed using .B ifname as a template, i.e l2tp%d => l2tp0. +.TP +.BI "session-timeout=" n +Specifies max sessions time in seconds, after this time session will be terminated. +.br +This timeout can be redefined with radius attribute Session-Timeout. 0 value means infinite timeout. .SH [sstp] .br Configuration of SSTP module. @@ -798,6 +845,11 @@ as a template, i.e sstp%d => sstp0. .BI "ppp-max-mtu=" n Set the maximum MTU value that can be negotiated for PPP over SSTP sessions. Default value is 1452, maximum is 4087. +.TP +.BI "session-timeout=" n +Specifies max sessions time in seconds, after this time session will be terminated. +.br +This timeout can be redefined with radius attribute Session-Timeout. 0 value means infinite timeout. .SH [radius] .br Configuration of RADIUS module. @@ -818,9 +870,12 @@ Specifies IP address, port and secret of authentication RADIUS server. (obsolete .BI "acct-server=" x.x.x.x:port,secret Specifies IP address, port and secret of accounting RADIUS server. (obsolete) .TP -.BI "server=" address,secret[,auth-port=1812][,acct-port=1813][,req-limit=0][,fail-timeout=0,max-fail=0,][,weight=1][,backup] +.BI "server=" address,secret[,auth-port=1812][,acct-port=1813][,bind-device=][,req-limit=0][,fail-timeout=0,max-fail=0,][,weight=1][,backup] Specifies IP address, secret, ports of RADIUS server. .br +.B bind-device +- device name or VRF to bind the connection. By default, the device name is undefined. +.br .B req-limit - number of simultaneous requests to server (0 - unlimited). .br @@ -839,8 +894,13 @@ Specifies IP address, secret, ports of RADIUS server. If you want to specify only authentication or accounting server then set auth-port/acct-port to zero. You may specify multiple radius servers. .TP -.BI "dae-server=" x.x.x.x:port,secret +.br +.BI "dae-server=" x.x.x.x:port,secret[,bind-device=] Specifies IP address, port to bind and secret for Dynamic Authorization Extension server (DM/CoA). +.br +.B bind-device +- device name or VRF to bind the connection. By default, the device name is undefined. +.br .TP .BI "dm_coa_secret=" secret (deprecated, use dae-server instead) Specifies secret to use in DM/CoA communication. @@ -890,6 +950,9 @@ option for realm substitution. .TP .BI "sid-in-auth=0|1" Specifies should accel-ppp generate and send Acct-Session-Id on Access-Request packet. +.TP +.BI "nas-port-id-in-req=" 0|1 +Specifies should accel-ppp send NAS-Port-Id on Access-Request and Accounting-Request packets (default 1). .SH [log] .br Configuration of log and log_file modules. |