./configure (如果出现错误,需要安装相应的devel rpm)

make

make install

生成所需的证书

/usr/local/etc/raddb/certs/bootstrap

ln -s /usr/local/sbin/rc.radiusd /etc/rc.d/init.d/radiusd

ln -s /usr/local/etc/raddb /etc/raddb

chkconfig radiusd on

/etc/rc.d/init.d/radiusd start

[root@centos5]# /usr/local/sbin/radiusd -v

radiusd: FreeRADIUS Version 2.0.5, for host i686-pc-linux-gnu, built on May 17 2008 at 12:20:44

Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.

There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE.

You may redistribute copies of FreeRADIUS under the terms of the

GNU General Public License.

For more information about these matters, see the file named COPYRIGHT.2、 FreeRADIUS SQL Module通用的SQL前端(rlm_sql)+数据库后端驱动(rlm_sql_mysql)前端: rlm_sql

中间驱动:rlm_sql_mysql后端: mysql_databaseComment:rlm_sql_mysql不是一个完整的mysql client, 仅仅是rlm_sql、mysql database间的一个中间层。3、MySQL Schema3、1 7个table的说明stop and start records logging tableradaccta single user check and reply table

radcheck

radreplyGroupcheck and reply tableradgroupcheck

radgroupreplyusername to group relationships are stored in this table

radusergroupTo store post-authentication data tableradpostauth

3、2 create radius database

mysql> create database radius;mysql>\. /usr/local/etc/raddb/sql/mysql/schema.sql

mysql> show tables;

+------------------+

| Tables_in_radius |

+------------------+

| radacct |

| radcheck |

| radgroupcheck |

| radgroupreply |

| radpostauth |

| radreply |

| radusergroup |

+------------------+

7 rows in set (0.09 sec)

create NAS table

msyql> use radius;

mysql> \. /usr/local/etc/raddb/sql/mysql/nas.sql

mysql> show tables;

+------------------+

| Tables_in_radius |

+------------------+

| nas |

| radacct |

| radcheck |

| radgroupcheck |

| radgroupreply |

| radpostauth |

| radreply |

| radusergroup |

+------------------+

8 rows in set (0.03 sec)

3、3 建立FreeRadius用户和授权mysql>\. /usr/local/etc/raddb/sql/mysql/admin.sql

[root@centos5 mysql]# cat admin.sql

# -*- text -*-

##

## admin.sql -- MySQL commands for creating the RADIUS user.

##

## WARNING: You should change 'localhost' and 'radpass'

## to something else. Also update raddb/sql.conf

## with the new RADIUS password.

##

## $Id: admin.sql,v 1.1 2008/04/30 08:41:30 aland Exp $

#

# Create default administrator for RADIUS

#

CREATE USER 'radius'@'localhost';

SET PASSWORD FOR 'radius'@'localhost' = PASSWORD('radpass');

# The server can read any table in SQL

GRANT SELECT ON radius.* TO 'radius'@'localhost';

# The server can write to the accounting and post-auth logging table.

#

# i.e.

GRANT ALL on radius.radacct TO 'radius'@'localhost';

GRANT ALL on radius.radpostauth TO 'radius'@'localhost';

4、配置FreeRadius使用mysql schema

4、1 在 sql.conf 配置database的连接参数,指定所使用的table

database = "mysql"

driver = "rlm_sql_${database}"

server = "localhost"

login = "radius"

password = "radpass"

radius_db = "radius"

acct_table1 = "radacct"

acct_table2 = "radacct"

postauth_table = "radpostauth"

authcheck_table = "radcheck"

authreply_table = "radreply"

groupcheck_table = "radgroupcheck"

groupreply_table = "radgroupreply"

usergroup_table = "radusergroup"

[root@centos5 raddb]# mysql -u radius -pradpass radius

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 4 to server version: 5.0.22-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql>

4、2配置FreeRadius 查询 radius nas table

# Set to 'yes' to read radius clients from the database ('nas' table)

# Clients will ONLY be read on server startup. For performance

# and security reasons, finding clients via SQL queries CANNOT

# be done "live" while the server is running.

#

#

readclients = yes

# Table to keep radius client info

nas_table = "nas"注释client.conf 所有行,Client从nas表中查询。clients.conf:

RADIUS clients/NAS configurations. Note that NAS is the term used

in RADIUS terminology. To simpilify things, just think of it as

authenticator in our 3-party model.

5、配置freeradius使用MySQL Database

5、1 users

注释users所有内容, 用户信息驻留在数据库radcheck tableper user configurations. Think of users as supplicants in our 3-party

model. Note that user configurations could reside in other places like

a MySQL database instead of the users file.

vi /usr/local/etc/raddb/sites-available/inner-tunnel

去掉SQL前的注释

authorize {

chap

mschap

unix

suffix

update control {

Proxy-To-Realm := LOCAL

}

eap {

ok = return

}

sql

expiration

logintime

pap

}

authenticate {

Auth-Type PAP {

pap

}

Auth-Type CHAP {

chap

}

Auth-Type MS-CHAP {

mschap

}

unix

eap

}

5、2测试数据准备

nas table

INSERT INTO `nas` (`id`, `nasname`, `shortname`, `type`, `ports`, `secret`, `community`, `description`) VALUES

(1, '127.0.0.1', 'localhost', 'other', 1812, 'testing123', NULL, 'RADIUS Client');

radcheck table

INSERT INTO `radcheck` (`id`, `username`, `attribute`, `op`, `value`) VALUES

(2, 'root', 'User-Password', '==', '888888');

radusergroup table

INSERT INTO `radusergroup` (`username`, `groupname`, `priority`) VALUES

('root', 'user', 1)

5、3测试

[root@centos5 ~]# radtest root 888888 localhost 1812 testing123

Sending Access-Request of id 32 to 127.0.0.1 port 1812

User-Name = "root"

User-Password = "888888"

NAS-IP-Address = 10.180.22.10

NAS-Port = 1812

rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=32, length=20

[root@centos5 ~]#

commment: root 为linux的一个用户。

rlm sql mysql_FreeRADIUS with rlm_sql_mysql相关推荐

  1. rlm sql mysql_FreeRADIUS with rlm_sql_mysql

    ./configure (如果出现错误,需要安装相应的devel rpm) make make install 生成所需的证书 /usr/local/etc/raddb/certs/bootstrap ...

  2. rlm sql mysql.so_冰天雪地跪求高手解决--Could not link driver rlm_sql_mysql: file not found

    我在freenas这个上面安装了mysql+freeradius mysql是在用户上面自带命令 pkg_add -r mysql51-server 启动出错 [root@localhost ~]ra ...

  3. rlm sql mysql.so_找了好久,终于找到一篇关于FREERADIUS新版的安装说明。和以前的1.X.X还是有很大不同的。...

    一.安装openssl 二.安装mysql 直接用命令#yun groupinstall "MySQL Database"安装MySQL数据库. 安装好后,#service mys ...

  4. rlm sql mysql.so_UBUUTU7.10上安装配置freeradius+mysql+rp-pppoe手记

    5.安装freeradius1.1.2 将源码包解压缩: # tar –zxvf freeradius_version 进入生成的目录中进行编译安装: 编译之前,先处理一下MySQL的库,freera ...

  5. Freeradius+mysql+daloradius简单安装配置

    概述 之前说了Freeradius与AD结合进行802.1x认证方面的内容.本例则在之前实验配置的基础之上,将Freeradius与mysql.daloradius结合,实现可以通过web方式管理ra ...

  6. Less还是Sass,Stylus我们到底选择谁

    做前端 处理,那CSS是你的特长,随着工程的增大,CSS的预处理越来越重要,或者我们要维护我们的css,工作会越来越困难,造成这些困难的很大原因源于 CSS 是一门非程序式语言,没有变量.函数.SCO ...

  7. java 必备面试必备

    1.JDK 和 JRE 有什么区别? JDK(Java Development Kit),Java开发工具包 JRE(Java Runtime Environment),Java运行环境 JDK中包含 ...

  8. oracle exfsys 下 rlm$evtcleanup,RLM$SCHDNEGACTION 运行导致负载问题

    在监控系统上发现系统 schedule job 运行的如下两个package占用cpu较高 (95%左右), 而且持续一定时间, 简单查询,发现这两个package 应该是和Expression Fi ...

  9. oracle恢复exfsys,ORA-27468 EXFSYS.RLM$EVTCLEANUP任务引起的故障

    ORA-27468 EXFSYS.RLM$EVTCLEANUP任务引起的故障 Errors in file /oracle/admin/cdx/bdump/cdx2_j000_663594.trc: ...

最新文章

  1. Linux系统管理员修炼三层次
  2. 聊一聊Kafka分区的隐藏属性——二次归类
  3. 杨浦区阜盛农民工子弟小学见闻
  4. .mvn 需要放git上吗_汽车行李架上可以放东西吗?放了东西可以跑高速吗?
  5. 备份工具之Xtrabackup
  6. 计算机图形学(一)——数据压缩:道格拉斯普克法
  7. 经典神经网络 -- GoogLeNet / Inception : 设计原理与pytorch实现
  8. 借博客发泄一下对ExtJs的不满
  9. Linux常用工具包安装
  10. php如何防止恶意DDoS攻击,避免带宽占用问题方法
  11. 密码技术学习(8.1)-数字证书简介
  12. Python爬虫5-API和爬虫
  13. TwinCAT 3 基础——安装
  14. 神经系统及器官结构图片,神经系统的组织结构图
  15. Myeclipse项目内容没有报错但是项目上面却有红色叉叉
  16. 2022年国家法定节假日配置MySql
  17. .Net、C# 汉字转拼音,简体繁体转换方法
  18. WPS的word文档页面右边有一段空白原因
  19. python如何读取txt文件内容
  20. 纳米饮水思源,原子结构探秘

热门文章

  1. 【一年一个小知识】如何查询iPad电池寿命(使用快捷指令)?
  2. 【LAB1-Ruijie】验证分别在console口和vty接口下的login、login local、no login的区别
  3. BUUCTF:[GXYCTF2019]BabySQli
  4. Boboniu Chats with Du(贪心 + 前缀和)
  5. 金融/股市/基本术语/常识积累
  6. CPU、物理核、逻辑核概念与关系
  7. 网站各类备案方法指引
  8. 删除表格中拼音+取消表格中的筛选+将数字转换为文字
  9. java string转map_Java string类型转换成map代码实例
  10. redis删除指定key以及清空库