# radiusd.conf -- FreeRADIUS server configuration file. prefix = /usr exec_prefix = ${prefix} sysconfdir = /etc localstatedir = /var sbindir = ${exec_prefix}/sbin logdir = ${localstatedir}/log/freeradius raddbdir = ${sysconfdir}/freeradius radacctdir = ${logdir}/radacct # name of the running server. See also the "-n" command-line option. name = freeradius # Location of config and logfiles. confdir = ${raddbdir} run_dir = ${localstatedir}/run # Should likely be ${localstatedir}/lib/radiusd db_dir = ${raddbdir} # libdir: Where to find the rlm_* modules. libdir = ${exec_prefix}/lib # pidfile: Where to place the PID of the RADIUS server. pidfile = ${run_dir}/${name}.pid # max_request_time: The maximum time (in seconds) to handle a request. max_request_time = 30 # cleanup_delay: The time to wait (in seconds) before cleaning up cleanup_delay = 5 # max_requests: The maximum number of requests which the server keeps max_requests = 1024 # listen: Make the server listen on a particular IP address, and send listen { type = auth ipaddr = 10.1.0.10 port = 0 } # This second "listen" section is for listening on the accounting # port, too. # listen { type = acct ipaddr = 10.1.0.10 port = 0 } # hostname_lookups: Log the names of clients or just their IP addresses hostname_lookups = no # Core dumps are a bad thing. This should only be set to 'yes' allow_core_dumps = no # Regular expressions regular_expressions = yes extended_expressions = yes # Logging section. The various "log_*" configuration items log { destination = files file = ${logdir}/radius.log syslog_facility = daemon stripped_names = no auth = yes auth_badpass = yes auth_goodpass = yes } # The program to execute to do concurrency checks. checkrad = ${sbindir}/checkrad # Security considerations security { max_attributes = 200 reject_delay = 1 status_server = yes } # PROXY CONFIGURATION proxy_requests = yes $INCLUDE proxy.conf # CLIENTS CONFIGURATION $INCLUDE clients.conf # THREAD POOL CONFIGURATION thread pool { start_servers = 5 max_servers = 32 min_spare_servers = 3 max_spare_servers = 10 max_requests_per_server = 0 } # MODULE CONFIGURATION modules { $INCLUDE ${confdir}/modules/ $INCLUDE eap.conf } # Instantiation instantiate { exec expr expiration logintime } # Policies $INCLUDE policy.conf # Include all enabled virtual hosts $INCLUDE sites-enabled/