+ Responder ao Tópico



  1. Citação Postado originalmente por vitorveloso Ver Post
    Coloca as configurações do freeradius para que eu possa revisar...
    /etc/freeradiusradius.conf
    prefix = /usr
    exec_prefix = /usr
    sysconfdir = /etc
    localstatedir = /var
    sbindir = ${exec_prefix}/sbin
    logdir = /var/log/freeradius
    raddbdir = /etc/freeradius
    radacctdir = ${logdir}/radacct
    # Location of config and logfiles.
    confdir = ${raddbdir}
    run_dir = ${localstatedir}/run/freeradius
    # Should likely be ${localstatedir}/lib/radiusd
    db_dir = ${raddbdir}
    libdir = /usr/lib/freeradius
    pidfile = ${run_dir}/radiusd.pid
    #chroot = /path/to/chroot/directory
    # for some finer-grained access controls.
    #user = radius
    #group = radius
    # max_request_time: The maximum time (in seconds) to handle a request.
    # Requests which take more time than this to process may be killed, and
    # a REJECT message is returned.
    # Useful range of values: 5 to 120
    max_request_time = 30
    # If this value is set too low, then duplicate requests from the NAS
    # MAY NOT be detected, and will instead be handled as seperate requests.
    # If this value is set too high, then the server will cache too many
    # requests, and some new requests may get blocked. (See 'max_requests'.)
    # Useful range of values: 2 to 10
    cleanup_delay = 5
    max_requests = 1024

    listen {

    type = auth
    # Note: "type = proxy" lets you control the source IP used for
    ipaddr = *
    # 0 means "use /etc/services for the proper port"
    port = 0
    interface = eth0
    }
    # This second "listen" section is for listening on the accounting
    # port, too.
    listen {
    ipaddr = *
    # ipv6addr = ::
    port = 0
    type = acct
    # interface = eth0
    # clients = per_socket_clients
    }

    hostname_lookups = no

    allow_core_dumps = no
    # Regular expressions
    regular_expressions = yes
    extended_expressions = yes
    # Logging section. The various "log_*" configuration items
    # will eventually be moved here.
    log {

    destination = files
    file = ${logdir}/radius.log

    syslog_facility = daemon

    # Log the full User-Name attribute, as it was found in the request.
    # allowed values: {no, yes}
    stripped_names = no
    # Log authentication requests to the log file.
    # allowed values: {no, yes}
    auth = no

    auth_badpass = no
    auth_goodpass = no
    }
    # The program to execute to do concurrency checks.
    checkrad = ${sbindir}/checkrad
    security {

    # Useful ranges: 1 to 5
    reject_delay = 1

    status_server = yes
    }

    proxy_requests = yes
    $INCLUDE proxy.conf

    $INCLUDE clients.conf

    thread pool {
    # Number of servers to start initially --- should be a reasonable
    # ballpark figure.
    start_servers = 5

    max_servers = 32
    min_spare_servers = 3
    max_spare_servers = 10

    max_requests_per_server = 0
    }

    modules {

    $INCLUDE ${confdir}/modules/

    $INCLUDE eap.conf

    # Include another file that has the SQL-related configuration.
    # This is another file only because it tends to be big.
    #
    $INCLUDE sql.conf

    #
    # This module is an SQL enabled version of the counter module.
    #
    $INCLUDE sql/mysql/counter.conf
    #$INCLUDE sql/postgresql/counter.conf

    # IP addresses managed in an SQL table.
    #$INCLUDE sqlippool.conf
    # OTP token support. Not included by default.
    # $INCLUDE otp.conf

    }
    instantiate {

    expr

    expiration
    logintime
    # accounting sections.

    authorize {

    preprocess
    chap
    mschap
    suffix
    eap
    sql
    }
    preacct {

    preprocess
    acct_unique
    suffix
    }

    accounting {

    detail
    unix
    sql
    radutmp
    }

    session {

    radutmp
    sql
    }

    post_auth {
    sql
    }


    }

    $INCLUDE policy.conf

    -x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-
    /etc/freeradius/sql.conf


    sql {

    database = "mysql"

    driver = "rlm_sql_${database}"

    # Connection info:
    server = "localhost"
    login = "root"
    password = "minha senha"

    # Database table configuration for everything except Oracle
    radius_db = "radius"
    # If you are using Oracle then use this instead
    # radius_db = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=your_sid)))"

    acct_table1 = "radacct"
    acct_table2 = "radacct"

    # Allow for storing data after authentication
    postauth_table = "radpostauth"

    authcheck_table = "radcheck"
    authreply_table = "radreply"

    groupcheck_table = "radgroupcheck"
    groupreply_table = "radgroupreply"

    # Table to keep group info
    usergroup_table = "radusergroup"

    # If set to 'yes' (default) we read the group tables
    # If set to 'no' the user MUST have Fall-Through = Yes in the radreply table
    # read_groups = yes

    # Remove stale session if checkrad does not see a double login
    deletestalesessions = yes

    # Print all SQL statements when in debug mode (-x)
    sqltrace = no
    sqltracefile = ${logdir}/sqltrace.sql

    # number of sql connections to make to server
    num_sql_socks = 5

    # number of seconds to dely retrying on a failed database
    # connection (per_socket)
    connect_failure_retry_delay = 60

    #readclients = yes

    # Table to keep radius client info
    nas_table = "nas"

    # Read driver-specific configuration
    $INCLUDE sql/${database}/dialup.conf
    }

    -x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x

    /etc/freeradius/clients.conf

    client localhost {
    # Allowed values are:
    # dotted quad (1.2.3.4)
    # hostname (radius.example.com)
    ipaddr = 127.0.0.1

    secret = testing123

    # allowed values: yes, no
    require_message_authenticator = yes
    nastype = other # localhost isn't usually a NAS...
    }
    client 192.168.10.5 {
    secret = senha do radius
    shortname = mikrotik
    nastype = other
    }

    client 192.168.10.2 {
    secret = senha do radius
    shortname = radius
    nastype = other
    }
    -x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-
    /etc/freeradius/proxy.conf

    realm integra {
    type = radius
    authhost = 192.168.10.2
    accthost = 192.168.10.2
    secret = fanina
    }

    radio RB433AH AP Brigde
    Set- wireless 2.4 Engenius 600W
    Rede 192.168.10.5/16 Brigde

    Server ubuntu 8.1
    com Lamp, Nat e Proxy(Squid)2.7
    ETH0 - ip 200.......
    ETH1 - ip 192.168.10.2/16


    Muito Obrigado pelo seu nteresse em ajudar!!
    Sou CCNP Cisco e Voip Trixbox a 7 anos..o que eu puder ajudar estou a disposição Veloso!!

    Valeu!

  2. comenta a parte do listen e coloca aqui o resultado...

    #listen {
    # IP address on which to listen.
    # Allowed values are:
    # dotted quad (1.2.3.4)
    # hostname (radius.example.com)
    # wildcard (*)
    # ipaddr = *

    # Port on which to listen.
    # Allowed values are:
    # integer port number (1812)
    # 0 means "use /etc/services for the proper port"
    # port = 0

    # Type of packets to listen for.
    # Allowed values are:
    # auth listen for authentication packets
    # acct listen for accounting packets
    #
    # type = auth
    #}



  3. /etc/init.d# freeradius -X
    FreeRADIUS Version 2.1.0, for host i486-pc-linux-gnu, built on Oct 9 2008 at 13:24:33
    Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
    There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
    PARTICULAR PURPOSE.
    You may redistribute copies of FreeRADIUS under the terms of the
    GNU General Public License v2.
    Starting - reading configuration files ...
    including configuration file /etc/freeradius/radiusd.conf
    including configuration file /etc/freeradius/proxy.conf
    including configuration file /etc/freeradius/clients.conf
    including files in directory /etc/freeradius/modules/
    including configuration file /etc/freeradius/modules/pam
    including configuration file /etc/freeradius/modules/pap
    including configuration file /etc/freeradius/modules/chap
    including configuration file /etc/freeradius/modules/echo
    including configuration file /etc/freeradius/modules/exec
    including configuration file /etc/freeradius/modules/expr
    including configuration file /etc/freeradius/modules/ldap
    including configuration file /etc/freeradius/modules/krb5
    including configuration file /etc/freeradius/modules/unix
    including configuration file /etc/freeradius/modules/inner-eap
    including configuration file /etc/freeradius/modules/radutmp
    including configuration file /etc/freeradius/modules/counter
    including configuration file /etc/freeradius/modules/acct_unique
    including configuration file /etc/freeradius/modules/files
    including configuration file /etc/freeradius/modules/realm
    including configuration file /etc/freeradius/modules/wimax
    including configuration file /etc/freeradius/modules/mac2vlan
    including configuration file /etc/freeradius/modules/linelog
    including configuration file /etc/freeradius/modules/detail.example.com
    including configuration file /etc/freeradius/modules/checkval
    including configuration file /etc/freeradius/modules/logintime
    including configuration file /etc/freeradius/modules/sql_log
    including configuration file /etc/freeradius/modules/sradutmp
    including configuration file /etc/freeradius/modules/always
    including configuration file /etc/freeradius/modules/attr_rewrite
    including configuration file /etc/freeradius/modules/detail
    including configuration file /etc/freeradius/modules/digest
    including configuration file /etc/freeradius/modules/ippool
    including configuration file /etc/freeradius/modules/mac2ip
    including configuration file /etc/freeradius/modules/mschap
    including configuration file /etc/freeradius/modules/smbpasswd
    including configuration file /etc/freeradius/modules/passwd
    including configuration file /etc/freeradius/modules/policy
    including configuration file /etc/freeradius/modules/etc_group
    including configuration file /etc/freeradius/modules/preprocess
    including configuration file /etc/freeradius/modules/attr_filter
    including configuration file /etc/freeradius/modules/detail.log
    including configuration file /etc/freeradius/modules/expiration
    including configuration file /etc/freeradius/eap.conf
    including configuration file /etc/freeradius/sql.conf
    including configuration file /etc/freeradius/sql/mysql/dialup.conf
    including configuration file /etc/freeradius/sql/mysql/counter.conf
    including configuration file /etc/freeradius/policy.conf
    including dictionary file /etc/freeradius/dictionary
    main {
    prefix = "/usr"
    localstatedir = "/var"
    logdir = "/var/log/freeradius"
    libdir = "/usr/lib/freeradius"
    radacctdir = "/var/log/freeradius/radacct"
    hostname_lookups = no
    max_request_time = 30
    cleanup_delay = 5
    max_requests = 1024
    allow_core_dumps = no
    pidfile = "/var/run/freeradius/radiusd.pid"
    checkrad = "/usr/sbin/checkrad"
    debug_level = 0
    proxy_requests = yes
    log {
    stripped_names = no
    auth = no
    auth_badpass = no
    auth_goodpass = no
    }
    security {
    max_attributes = 200
    reject_delay = 1
    status_server = yes
    }
    }
    client localhost {
    ipaddr = 127.0.0.1
    require_message_authenticator = yes
    secret = "testing123"
    nastype = "other"
    }
    client 192.168.10.5 {
    require_message_authenticator = no
    secret = "fanina"
    shortname = "mikrotik"
    nastype = "other"
    }
    client 192.168.10.2 {
    require_message_authenticator = no
    secret = "fanina"
    shortname = "radius"
    nastype = "other"
    }
    radiusd: #### Loading Realms and Home Servers ####
    proxy server {
    retry_delay = 5
    retry_count = 3
    default_fallback = no
    dead_time = 120
    wake_all_if_all_dead = no
    }
    home_server localhost {
    ipaddr = 127.0.0.1
    port = 1812
    type = "auth"
    secret = "testing123"
    response_window = 20
    max_outstanding = 65536
    zombie_period = 40
    status_check = "status-server"
    ping_interval = 30
    check_interval = 30
    num_answers_to_alive = 3
    num_pings_to_alive = 3
    revive_interval = 120
    status_check_timeout = 4
    }
    home_server_pool my_auth_failover {
    type = fail-over
    home_server = localhost
    }
    realm example.com {
    auth_pool = my_auth_failover
    }
    realm LOCAL {
    }
    realm integra {
    authhost = 192.168.10.2
    accthost = 192.168.10.2
    secret = fanina
    }
    radiusd: #### Instantiating modules ####
    instantiate {
    Module: Linked to module rlm_exec
    Module: Instantiating exec
    exec {
    wait = no
    input_pairs = "request"
    shell_escape = yes
    }
    Module: Linked to module rlm_expr
    Module: Instantiating expr
    Module: Linked to module rlm_expiration
    Module: Instantiating expiration
    expiration {
    reply-message = "Password Has Expired "
    }
    Module: Linked to module rlm_logintime
    Module: Instantiating logintime
    logintime {
    reply-message = "You are calling outside your allowed timespan "
    minimum-timeout = 60
    }
    }
    radiusd: #### Loading Virtual Servers ####
    modules {
    }
    radiusd: #### Opening IP addresses and Ports ####

  4. Não sei se é o cansaço mas não estou vendo nada errado nas conf.

    Segue abaixo as minhas:

    freeradius/radiusd.conf

    prefix = /usr
    exec_prefix = /usr
    sysconfdir = /etc
    localstatedir = /var
    sbindir = ${exec_prefix}/sbin
    logdir = /var/log/freeradius
    raddbdir = /etc/freeradius
    radacctdir = ${logdir}/radacct

    confdir = ${raddbdir}
    run_dir = ${localstatedir}/run/freeradius

    log_file = ${logdir}/radius.log

    libdir = /usr/lib/freeradius

    pidfile = ${run_dir}/freeradius.pid

    user = freerad
    group = freerad

    max_request_time = 30

    delete_blocked_requests = no

    cleanup_delay = 5

    max_requests = 1024

    bind_address = *

    port = 0

    hostname_lookups = no

    allow_core_dumps = no

    regular_expressions = yes
    extended_expressions = yes

    log_stripped_names = no

    log_auth = no

    log_auth_badpass = no
    log_auth_goodpass = no

    usercollide = no

    lower_user = no
    lower_pass = no

    nospace_user = no
    nospace_pass = no

    checkrad = ${sbindir}/checkrad

    security {

    max_attributes = 200

    reject_delay = 1

    status_server = no
    }

    proxy_requests = yes
    $INCLUDE ${confdir}/proxy.conf


    $INCLUDE ${confdir}/clients.conf

    snmp = no
    $INCLUDE ${confdir}/snmp.conf


    thread pool {

    start_servers = 5

    max_servers = 32

    min_spare_servers = 3
    max_spare_servers = 10

    max_requests_per_server = 0
    }

    modules {

    pap {
    auto_header = yes
    }

    chap {
    authtype = CHAP
    }

    pam {
    pam_auth = radiusd
    }

    unix {
    cache = no
    cache_reload = 600

    shadow = /etc/shadow

    radwtmp = ${logdir}/radwtmp
    }

    $INCLUDE ${confdir}/eap.conf

    mschap {

    ldap {
    server = "ldap.your.domain"
    basedn = "o=My Org,c=UA"
    filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
    start_tls = no
    access_attr = "dialupAccess"
    dictionary_mapping = ${raddbdir}/ldap.attrmap
    ldap_connections_number = 5
    edir_account_policy_check=no
    timeout = 4
    timelimit = 3
    net_timeout = 1

    }

    .
    realm IPASS {
    format = prefix
    delimiter = "/"
    ignore_default = no
    ignore_null = no
    }

    realm suffix {
    format = suffix
    delimiter = "@"
    ignore_default = no
    ignore_null = no
    }

    realm realmpercent {
    format = suffix
    delimiter = "%"
    ignore_default = no
    ignore_null = no
    }

    realm ntdomain {
    format = prefix
    delimiter = "\\"
    ignore_default = no
    ignore_null = no
    }

    checkval {

    item-name = Calling-Station-Id
    check-name = Calling-Station-Id
    data-type = string

    }

    preprocess {
    huntgroups = ${confdir}/huntgroups
    hints = ${confdir}/hints

    with_ascend_hack = no
    ascend_channels_per_line = 23

    with_ntdomain_hack = no

    with_specialix_jetstream_hack = no

    with_cisco_vsa_hack = no
    }

    files {
    usersfile = ${confdir}/users
    acctusersfile = ${confdir}/acct_users
    preproxy_usersfile = ${confdir}/preproxy_users
    compat = no
    }

    detail {
    detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d

    detailperm = 0600
    }

    acct_unique {
    key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
    }

    $INCLUDE ${confdir}/sql.conf

    radutmp {

    filename = ${logdir}/radutmp
    username = %{User-Name}
    case_sensitive = yes
    check_with_nas = yes
    perm = 0600
    callerid = "yes"
    }

    radutmp sradutmp {
    filename = ${logdir}/sradutmp
    perm = 0644
    callerid = "no"
    }

    attr_filter {
    attrsfile = ${confdir}/attrs
    }
    counter daily {
    filename = ${raddbdir}/db.daily
    key = User-Name
    count-attribute = Acct-Session-Time
    reset = daily
    counter-name = Daily-Session-Time
    check-name = Max-Daily-Session
    allowed-servicetype = Framed-User
    cache-size = 5000
    }

    sqlcounter dailycounter {
    counter-name = Daily-Session-Time
    check-name = Max-Daily-Session
    reply-name = Session-Timeout
    sqlmod-inst = sql
    key = User-Name
    reset = daily
    query = "SELECT SUM(AcctSessionTime - \
    GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
    FROM radacct WHERE UserName='%{%k}' AND \
    UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
    }

    sqlcounter monthlycounter {
    counter-name = Monthly-Session-Time
    check-name = Max-Monthly-Session
    reply-name = Session-Timeout
    sqlmod-inst = sql
    key = User-Name
    reset = monthly
    query = "SELECT SUM(AcctSessionTime - \
    GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
    FROM radacct WHERE UserName='%{%k}' AND \
    UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
    }

    always fail {
    rcode = fail
    }
    always reject {
    rcode = reject
    }
    always ok {
    rcode = ok
    simulcount = 0
    mpp = no
    }

    expr {
    }

    digest {
    }

    exec {
    wait = yes
    input_pairs = request
    }
    exec echo {
    wait = yes
    program = "/bin/echo %{User-Name}"
    input_pairs = request
    output_pairs = reply
    }

    ippool main_pool {
    range-start = 192.168.1.1
    range-stop = 192.168.3.254
    netmask = 255.255.255.0
    cache-size = 800
    session-db = ${raddbdir}/db.ippool
    ip-index = ${raddbdir}/db.ipindex
    override = no
    maximum-timeout = 0
    }
    }

    exec

    expr

    }

    authorize {
    preprocess
    chap
    mschap
    suffix
    eap
    sql
    }

    authenticate {

    Auth-Type PAP {
    pap
    }

    Auth-Type CHAP {
    chap
    }

    Auth-Type MS-CHAP {
    mschap
    }

    unix
    eap
    }

    preacct {
    preprocess
    acct_unique
    suffix
    }

    accounting {
    detail
    unix
    radutmp
    sql
    }

    session {
    radutmp
    sql
    }

    post-auth {
    sql
    }

    pre-proxy {
    }

    post-proxy {
    eap
    }



  5. Citação Postado originalmente por vitorveloso Ver Post
    Não sei se é o cansaço mas não estou vendo nada errado nas conf.

    Segue abaixo as minhas:

    freeradius/radiusd.conf

    prefix = /usr
    exec_prefix = /usr
    sysconfdir = /etc
    localstatedir = /var
    sbindir = ${exec_prefix}/sbin
    logdir = /var/log/freeradius
    raddbdir = /etc/freeradius
    radacctdir = ${logdir}/radacct

    confdir = ${raddbdir}
    run_dir = ${localstatedir}/run/freeradius

    log_file = ${logdir}/radius.log

    libdir = /usr/lib/freeradius

    pidfile = ${run_dir}/freeradius.pid

    user = freerad
    group = freerad

    max_request_time = 30

    delete_blocked_requests = no

    cleanup_delay = 5

    max_requests = 1024

    bind_address = *

    port = 0

    hostname_lookups = no

    allow_core_dumps = no

    regular_expressions = yes
    extended_expressions = yes

    log_stripped_names = no

    log_auth = no

    log_auth_badpass = no
    log_auth_goodpass = no

    usercollide = no

    lower_user = no
    lower_pass = no

    nospace_user = no
    nospace_pass = no

    checkrad = ${sbindir}/checkrad

    security {

    max_attributes = 200

    reject_delay = 1

    status_server = no
    }

    proxy_requests = yes
    $INCLUDE ${confdir}/proxy.conf


    $INCLUDE ${confdir}/clients.conf

    snmp = no
    $INCLUDE ${confdir}/snmp.conf


    thread pool {

    start_servers = 5

    max_servers = 32

    min_spare_servers = 3
    max_spare_servers = 10

    max_requests_per_server = 0
    }

    modules {

    pap {
    auto_header = yes
    }

    chap {
    authtype = CHAP
    }

    pam {
    pam_auth = radiusd
    }

    unix {
    cache = no
    cache_reload = 600

    shadow = /etc/shadow

    radwtmp = ${logdir}/radwtmp
    }

    $INCLUDE ${confdir}/eap.conf

    mschap {

    ldap {
    server = "ldap.your.domain"
    basedn = "o=My Org,c=UA"
    filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
    start_tls = no
    access_attr = "dialupAccess"
    dictionary_mapping = ${raddbdir}/ldap.attrmap
    ldap_connections_number = 5
    edir_account_policy_check=no
    timeout = 4
    timelimit = 3
    net_timeout = 1

    }

    .
    realm IPASS {
    format = prefix
    delimiter = "/"
    ignore_default = no
    ignore_null = no
    }

    realm suffix {
    format = suffix
    delimiter = "@"
    ignore_default = no
    ignore_null = no
    }

    realm realmpercent {
    format = suffix
    delimiter = "%"
    ignore_default = no
    ignore_null = no
    }

    realm ntdomain {
    format = prefix
    delimiter = "\\"
    ignore_default = no
    ignore_null = no
    }

    checkval {

    item-name = Calling-Station-Id
    check-name = Calling-Station-Id
    data-type = string

    }

    preprocess {
    huntgroups = ${confdir}/huntgroups
    hints = ${confdir}/hints

    with_ascend_hack = no
    ascend_channels_per_line = 23

    with_ntdomain_hack = no

    with_specialix_jetstream_hack = no

    with_cisco_vsa_hack = no
    }

    files {
    usersfile = ${confdir}/users
    acctusersfile = ${confdir}/acct_users
    preproxy_usersfile = ${confdir}/preproxy_users
    compat = no
    }

    detail {
    detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d

    detailperm = 0600
    }

    acct_unique {
    key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
    }

    $INCLUDE ${confdir}/sql.conf

    radutmp {

    filename = ${logdir}/radutmp
    username = %{User-Name}
    case_sensitive = yes
    check_with_nas = yes
    perm = 0600
    callerid = "yes"
    }

    radutmp sradutmp {
    filename = ${logdir}/sradutmp
    perm = 0644
    callerid = "no"
    }

    attr_filter {
    attrsfile = ${confdir}/attrs
    }
    counter daily {
    filename = ${raddbdir}/db.daily
    key = User-Name
    count-attribute = Acct-Session-Time
    reset = daily
    counter-name = Daily-Session-Time
    check-name = Max-Daily-Session
    allowed-servicetype = Framed-User
    cache-size = 5000
    }

    sqlcounter dailycounter {
    counter-name = Daily-Session-Time
    check-name = Max-Daily-Session
    reply-name = Session-Timeout
    sqlmod-inst = sql
    key = User-Name
    reset = daily
    query = "SELECT SUM(AcctSessionTime - \
    GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
    FROM radacct WHERE UserName='%{%k}' AND \
    UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
    }

    sqlcounter monthlycounter {
    counter-name = Monthly-Session-Time
    check-name = Max-Monthly-Session
    reply-name = Session-Timeout
    sqlmod-inst = sql
    key = User-Name
    reset = monthly
    query = "SELECT SUM(AcctSessionTime - \
    GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
    FROM radacct WHERE UserName='%{%k}' AND \
    UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
    }

    always fail {
    rcode = fail
    }
    always reject {
    rcode = reject
    }
    always ok {
    rcode = ok
    simulcount = 0
    mpp = no
    }

    expr {
    }

    digest {
    }

    exec {
    wait = yes
    input_pairs = request
    }
    exec echo {
    wait = yes
    program = "/bin/echo %{User-Name}"
    input_pairs = request
    output_pairs = reply
    }

    ippool main_pool {
    range-start = 192.168.1.1
    range-stop = 192.168.3.254
    netmask = 255.255.255.0
    cache-size = 800
    session-db = ${raddbdir}/db.ippool
    ip-index = ${raddbdir}/db.ipindex
    override = no
    maximum-timeout = 0
    }
    }

    exec

    expr

    }

    authorize {
    preprocess
    chap
    mschap
    suffix
    eap
    sql
    }

    authenticate {

    Auth-Type PAP {
    pap
    }

    Auth-Type CHAP {
    chap
    }

    Auth-Type MS-CHAP {
    mschap
    }

    unix
    eap
    }

    preacct {
    preprocess
    acct_unique
    suffix
    }

    accounting {
    detail
    unix
    radutmp
    sql
    }

    session {
    radutmp
    sql
    }

    post-auth {
    sql
    }

    pre-proxy {
    }

    post-proxy {
    eap
    }

    é bem diferente do meu

    voce usa ubuntu 8.10 e freradius 2.1?






Tópicos Similares

  1. Respostas: 67
    Último Post: 18-02-2017, 13:18
  2. Sistema para Gerenciamento de clientes
    Por superondasinternet no fórum Redes
    Respostas: 22
    Último Post: 18-08-2012, 09:47
  3. gerenciamento de clients
    Por ThiagoBezerra no fórum Redes
    Respostas: 2
    Último Post: 28-11-2011, 07:50
  4. Respostas: 2
    Último Post: 25-02-2011, 20:44
  5. Gerenciamento de clientes Hotspot
    Por vitorveloso no fórum Redes
    Respostas: 4
    Último Post: 23-12-2008, 23:24

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L