한국어

네트워킹

온누리070 플레이스토어 다운로드
    acrobits softphone
     온누리 070 카카오 프러스 친구추가온누리 070 카카오 프러스 친구추가친추
     카카오톡 채팅 상담 카카오톡 채팅 상담카톡
    
     라인상담
     라인으로 공유

     페북공유

   ◎위챗 : speedseoul


  
     PAYPAL
     
     PRICE
     

pixel.gif

    before pay call 0088 from app


http://freeradius.org/


https://github.com/FreeRADIUS/freeradius-server/tree/v3.0.x/doc/


1. INTRO

  All code in this server was written for this project.

  The server is mostly compatible with Livingston radiusd-2.01
  (no menus or s/key support though) but with more features, such as:

    o Can limit the maximum number of simultaneous logins on a per-user basis!
    o Multiple DEFAULT entries, that can optionally fall-through.
    o In fact, every entry can fall-through
    o Deny/permit access based on huntgroup users dials into
    o Set certain parameters (such as static IP address) based on huntgroup
    o Extra "hints" file that can select SLIP/PPP/rlogin based on
      username pattern (Puser or user.ppp is PPP, plain "user" is rlogin etc).
    o Can execute an external program when user has authenticated (for example
      to run a sendmail queue).
    o Can use `$INCLUDE filename' in radiusd.conf, users, and dictionary files
    o Can act as a proxy server, relaying requests to a remote server
    o Supports Vendor-Specific attributes
    o Supports many different plug-in modules for authentication,
      authorization, and accounting.


2. INSTALLATION

   See the INSTALL file, in the parent directory.


3. CONFIGURATION FILES

  For every file there is a fully commented example file included, that
  explains what is does, and how to use it. Read those sample files too!

  Again, many of the configuration files are ONLY documented in the
  comments included in the files.  Reading the configuration files is
  REQUIRED to fully understand how to create complex configurations of
  the server.

3a. CLIENTS

  Make sure the clients (portmasters, Linux with portslave etc) are set up to
  use the host radiusd is running on as authentication and accounting host.
  Configure these clients to use a "radius secret password". For every client,
  also enter this "secret password" into the file /etc/raddb/clients.
  See also the manual page for clients(5).

3b. NASLIST

  Every NAS (Network Access Server, also known as terminal server) should have
  an entry in this file with an abbreviated name and the type of NAS it
  is. Currently FreeRADIUS supports the following NAS types:

  Terminal Server                       Type in naslist

  3Com/USR Hiper Arc Total Control      usrhiper
  3Com/USR NetServer                    netserver
  3Com/USR TotalControl                 tc
  Ascend Max 4000 family                max40xx
  Cisco Access Server family            cisco
  Cistron PortSlave                     portslave
  Computone PowerRack                   computone
  Cyclades PathRAS                      pathras
  Livingston PortMaster                 livingston
  Multitech CommPlete Server            multitech
  Patton 2800 family                    patton

  Usually this is the same list as in the "clients" file, but not every
  NAS is a client and not every client is a NAS (this will start to make
  sense if you use radius proxy servers).

3c. NASPASSWD

  If ``checkrad'' needs to login on your terminal server to check who
  is online on a certain port (i.e. it's not possible to use SNMP or
  finger) you need to define a loginname and password here.

  This is normally ONLY needed for USR/3Com Total Control, NetServer and
  Cyclades PathRAS terminal servers!

3d. HINTS

  Customize the /etc/raddb/mods-config/preprocess/hints file. This file is 
  used to give users different login type based on a prefix/suffix of their 
  loginname. For example, logging in as "user" may result in a rlogin session 
  to a Unix system, and logging in as "Puser" could start a PPP session.

3e. HUNTGROUPS

  This is the /etc/raddb/mods-config/preprocess/huntgroups file. Here you can 
  define different huntgroups. These can be used to:

    - restrict access to certain huntgroups to certain users/groups of
      users (define this in the huntgroups file itself)
    - match a loginname with a huntgroup in /etc/raddb/users. One use
      for this is to give a user a static IP address based on the
      huntgroup / Point of Presence  (s)he dials in to.

3f. USERS

  With the original RADIUS server, every user had to be defined in this
  file. There could be one default entry, where you could for example
  define that a user not in the radius file would be checked agains the
  UNIX password file and on successful login would get a PPP connection.

  In the new style file, you can define multiple DEFAULT entries. All
  entries are processed in the order as they appear in the users file.
  If an entry matches the username, radiusd will stop scanning the users
  file unless the attribute "Fall-Through = Yes" is set.

  You can uses spaces in usernames by escaping them with \ or by using
  quotes. For example, "joe user" or joe\ user.

  The FreeRADIUS server does not trim any spaces from a username received
  from the portmaster (Livingston does, in perl notation, $user =~ s/\s+.*//;)

3g. NEW RADIUS ATTRIBUTES (to be used in the USERS file).

  Name			Type		Descr.
  ----			----		------
  Simultaneous-Use	integer		Max. number of concurrent logins
  Fall-Through		integer		Yes/No
  Login-Time		string		Defines when user may login.
  Current-Time		string		Allows you to perform time-based
					checks when a request is received.

  Login-Time defines the time span a user may login to the system. The
  format of a so-called time string is like the format used by UUCP.
  A time string may be a list of simple time strings separated by "|" or ",".

  Each simple time string must begin with a day definition. That can be just
  one day, multiple days, or a range of days separated by a hyphen. A
  day is Mo, Tu, We, Th, Fr, Sa or Su, or Wk for Mo-Fr. "Any" or "Al"
  means all days.

  After that a range of hours follows in hhmm-hhmm format.

  For example, "Wk2305-0855,Sa,Su2305-1655".

  radiusd calculates the number of seconds left in the time span, and
  sets the Session-Timeout to that number of seconds. So if someones
  Login-Time is "Al0800-1800" and she logs in at 17:30, Session-Timeout
  is set to 1800 seconds so that she is kicked off at 18:00.


4. LOG FILES

4a. /var/log/radius/radutmp

  In this file the currently logged in users are held. The program "radwho"
  reads this file and gives you a summary. Rogue sessions can be deleted
  from this file with the "radzap" program.

4b. /var/log/radius/radwtmp

  This file is "wtmp" compatible and keeps a history of all radius logins/
  logouts. This file can be read with the "last" program, and other Unix
  accounting programs (such as "ac" and "sac") can be used to produce a
  summary.

4c. /var/log/radius/radius.log

  All RADIUS informational, diagnostic and error messages are logged in
  this file, including all login attempts.

4d. /var/log/radius/radacct/<client_ip>/detail

  This is the original radius logfile, as written by all the Livingston
  radius servers. It's only created if the directory
  /var/log/radius/radacct exists.

  For more configuration options on the detail file please see
  raddb/mods-available/detail as it expands upon this greatly.


5.  MORE INFO, SUPPORT

  The latest version of FreeRADIUS is always available from
  the git repository hosted on GitHub at

    https://github.com/FreeRADIUS/freeradius-server

  or see

    http://freeradius.org/git/

  for more information.

  There are two mailing lists for users and developers. General
  user, administrator and configuration issues should be discussed
  on the users list at:

    http://lists.freeradius.org/mailman/listinfo/freeradius-users

  When asking for help on the users list, be sure the include a
  detailed and clear description of the problem, together with
  full debug output from FreeRADIUS, obtained by running

    radiusd -X

  Developers only discussion is to be had on the devel list:

    http://lists.freeradius.org/mailman/listinfo/freeradius-devel

  Please do not raise general configuration issues here.


6.  OTHER INFORMATION

  The files in other directories are:

  debian/	Files to build a "freeradius" Debian Linux package.

  doc/		Various snippets of documentation
  doc/rfc/	Copies of the RFC's.  If you have Perl, do a 'make' in
		that directory, and look at the HTML output.

  libltdl/	Libtool platform independent library system.

  man/		Unix Manual pages for the server, configuration files,
		and associated utilities.

  mibs/		SNMP Mibs for the server.

  raddb/	Sample configuration files for the server.

  redhat/	Additional files for a RedHat Linux system.

  scripts/	Sample scripts for startup and maintenance.

  src/		Source code
  src/main	source code for the daemon and associated utilities
  src/lib	source code for the RADIUS library
  src/include	header files
  src/modules	dynamic plug-in modules

  suse/		Aditional files for a SuSE (UnitedLinux) system.

  todo/		TODO list and assorted files.


  If you have ANY problems, concerns, or surprises when running
  the server, then run it in debugging mode, as root, from the
  command line:

  $ radiusd -X

  It will produce a large number of messages.  The answers to many
  questions, and the solution to many problems, can usually be found in
  these messages.

  For further details, see:

  http://www.freeradius.org/faq/

  and the 'bugs' file, in this directory.

$Date$
조회 수 :
130655
등록일 :
2017.08.29
14:16:16 (*.160.88.18)
엮인글 :
http://webs.co.kr/index.php?document_srl=3311363&act=trackback&key=6ce
게시글 주소 :
http://webs.co.kr/index.php?document_srl=3311363
List of Articles
번호 제목 글쓴이 조회 수 추천 수 날짜
93 윈도우 ssh 접속 프로그램 admin 37126   2017-09-29
 
92 openvpn Easy Windows Guide admin 133979   2017-09-20
 
91 OpenVPN - Getting started How-To admin 75349   2017-09-20
 
90 openssl 을 이용한 인증서 생성 절차를 정리한다. 개인키 CSR SSL 인증서 파일 생성 admin 28947   2017-09-14
 
89 How to Manually Unblock / Unban IP Address in fail2ban 차단풀기 admin 159881   2017-09-12
 
88 How To Protect SSH with fail2ban on Debian 7 데비안 ssh 방어 무작위 로그인 admin 133514   2017-09-12
 
87 SSH 무작위 로그인 시도 막기(With Fail2Ban on CentOS 6/7 + selinux) admin 30285   2017-09-12
 
86 리눅스 데비안 네트워크 설정 유선랜 무선랜 linux debian network setting 설정 admin 130267   2017-09-07
 
85 linux debian 계열 network 설정 테트워크 데비안 admin 28151   2017-09-07
 
84 PUTTY DOWNLOAD - FREE SSH & TELNET CLIENT admin 189269   2017-09-03
 
83 debian 8.8 download cd1 cd2 cd3 etc admin 35744   2017-09-03
 
82 Debian Download 데비안 리눅스 다운로드 admin 32761   2017-09-02
 
81 데비안 리눅스 부팅시에 방화벽 서버에 자동실행 되게 설정 해보자 admin 28160   2017-08-30
 
80 리눅스 시작시에 부팅시 프로세스 프로그램 자동 실행 설정 admin 131100   2017-08-30
 
79 리눅스 시작시 부팅 시, 프로그램 자동실행 등록하기 admin 41612   2017-08-30
 
78 리눅스 부팅시 시작시 프로그램 명령어 실행하기 (Linux Init script) admin 80955   2017-08-30
 
77 리눅스 부팅시 자동 실행 명령스크립트 실행하기 만들기 이해 linux booting admin 141052   2017-08-30
 
76 부팅시 자동실행 명령어 스크립트, rc.local admin 99457   2017-08-30
 
» the world’s most widely deployed RADIUS server document admin 130655   2017-08-29
http://freeradius.org/ https://github.com/FreeRADIUS/freeradius-server/tree/v3.0.x/doc/ 1. INTRO All code in this server was written for this project. The server is mostly compatible with Livingston radiusd-2....  
74 네트워크 디바이스명 변경 리눅스 eth0 eth1 admin 104470   2017-08-29
 
73 Cloned VMware CentOS6 Server "device eth0 does not seem to be present, admin 41423   2017-08-29
 
72 VMWARE VM Error boot loader install grub - install /dev/sda or /dev/hda MBR linux admin 35477   2016-01-27
 
71 Linux and Unix touch command admin 33814   2015-11-15
 
70 Configuration of Red Hat 5.4 Xen for SR-IOV Support admin 33891   2015-08-02
 
69 apt-get install linux-image-2.6.26-2-686-bigmem admin 55619   2015-06-27
 
68 intel i210 driver install and compile debian admin 278791   2015-06-27
 
67 Debian / Ubuntu Linux Install Kernel Headers Package admin 134280   2015-06-27
 
66 mount -t auto /dev/sdb1 /mnt && ls /mnt admin 32240   2015-06-27
 
65 kali linux 해킹 hacking attack DDOS etc tools admin 46994   2015-06-24
 
64 sources.list lenny admin 31883   2015-02-03