blob: 1143a0473fa9d9bcc0a49c97f18590ef0d87de6e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
# radiusd.conf -- FreeRADIUS server configuration file.
prefix = /usr
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
# name of the running server. See also the "-n" command-line option.
name = radiusd
# Location of config and logfiles.
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd
# Should likely be ${localstatedir}/lib/radiusd
db_dir = ${raddbdir}
# libdir: Where to find the rlm_* modules.
libdir = ${exec_prefix}/lib
# pidfile: Where to place the PID of the RADIUS server.
pidfile = ${run_dir}/${name}.pid
# max_request_time: The maximum time (in seconds) to handle a request.
max_request_time = 30
# cleanup_delay: The time to wait (in seconds) before cleaning up
cleanup_delay = 5
# max_requests: The maximum number of requests which the server keeps
max_requests = 1024
# listen: Make the server listen on a particular IP address, and send
listen {
type = auth
ipaddr = PH_IP_ALICE
port = 0
}
# This second "listen" section is for listening on the accounting
# port, too.
#
listen {
type = acct
ipaddr = PH_IP_ALICE
port = 0
}
# hostname_lookups: Log the names of clients or just their IP addresses
hostname_lookups = no
# Core dumps are a bad thing. This should only be set to 'yes'
allow_core_dumps = no
# Regular expressions
regular_expressions = yes
extended_expressions = yes
# Logging section. The various "log_*" configuration items
log {
destination = files
file = ${logdir}/radius.log
syslog_facility = daemon
stripped_names = no
auth = yes
auth_badpass = yes
auth_goodpass = yes
}
# The program to execute to do concurrency checks.
checkrad = ${sbindir}/checkrad
# Security considerations
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
# PROXY CONFIGURATION
proxy_requests = yes
$INCLUDE proxy.conf
# CLIENTS CONFIGURATION
$INCLUDE clients.conf
# THREAD POOL CONFIGURATION
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
# MODULE CONFIGURATION
modules {
$INCLUDE ${confdir}/modules/
$INCLUDE eap.conf
$INCLUDE sql.conf
$INCLUDE sql/mysql/counter.conf
}
# Instantiation
instantiate {
exec
expr
expiration
logintime
}
# Policies
$INCLUDE policy.conf
# Include all enabled virtual hosts
$INCLUDE sites-enabled/
|
