нигде не упоминается
Код: Выделить всё
mpd-limit+="in#1=all shape 710000 4000",
mpd-limit+="out#1=all shape 710000 4000"
как узнать где/на каком этапе не передаются парметры
Код: Выделить всё
mpd-limit+="in#1=all shape 710000 4000",
mpd-limit+="out#1=all shape 710000 4000"
Код: Выделить всё
radist04ka# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/var"
main: logdir = "/var/log"
main: libdir = "/usr/local/lib"
main: radacctdir = "/var/log/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/var/log/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
There appears to be another RADIUS server running on the authentication port 1812
Код: Выделить всё
....
Finished request 14
Going to the next request
--- Walking the entire request list ---
Cleaning up request 14 ID 39 with timestamp 4d0fd4ca
Nothing to do. Sleeping until we see a request.
rad_recv: Accounting-Request packet from host 127.0.0.1:46089, id=120, length=335
NAS-Identifier = "radist04ka.local"
Acct-Session-Id = "2859759-L-26"
NAS-Port = 26
NAS-Port-Type = Virtual
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "192.168.0.51"
mpd-link = "L-26"
Tunnel-Type:0 = PPTP
Tunnel-Medium-Type:0 = IPv4
Tunnel-Server-Endpoint:0 = "192.168.0.1"
Tunnel-Client-Endpoint:0 = "192.168.0.51"
Tunnel-Server-Auth-Id:0 = "radist04ka.local"
Framed-IP-Address = 198.168.100.51
Framed-IP-Netmask = 255.255.255.255
User-Name = "test"
Acct-Multi-Session-Id = "2859760-B-26"
mpd-bundle = "B-26"
mpd-iface = "ng25"
mpd-iface-index = 36
Acct-Link-Count = 1
Acct-Authentic = RADIUS
Acct-Status-Type = Interim-Update
Acct-Session-Time = 23403
Acct-Input-Octets = 3734154
Acct-Input-Packets = 24767
Acct-Input-Gigawords = 0
Acct-Output-Octets = 7638216
Acct-Output-Packets = 11329
Acct-Output-Gigawords = 0
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 15
modcall[preacct]: module "preprocess" returns noop for request 15
rlm_acct_unique: Hashing 'NAS-Port = 26,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 127.0.0.1,Acct-Session-Id = "2859759-L-26",User-Name = "test"'
rlm_acct_unique: Acct-Unique-Session-ID = "bb8a3df5a9ebec39".
modcall[preacct]: module "acct_unique" returns ok for request 15
acct_users: Matched entry DEFAULT at line 21
modcall[preacct]: module "files" returns ok for request 15
modcall: leaving group preacct (returns ok) for request 15
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 15
radius_xlat: '/var/log/radacct/127.0.0.1/detail-20101221'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radacct/127.0.0.1/detail-20101221
modcall[accounting]: module "detail" returns ok for request 15
modcall[accounting]: module "unix" returns noop for request 15
radius_xlat: '/var/log/radutmp'
radius_xlat: 'test'
modcall[accounting]: module "radutmp" returns ok for request 15
modcall: leaving group accounting (returns ok) for request 15
Sending Accounting-Response of id 120 to 127.0.0.1 port 46089
Finished request 15
Going to the next request
--- Walking the entire request list ---
....
Finished request 34
Going to the next request
--- Walking the entire request list ---
Cleaning up request 34 ID 167 with timestamp 4d0fd5f6
Nothing to do. Sleeping until we see a request.
rad_recv: Accounting-Request packet from host 127.0.0.1:39814, id=157, length=335
NAS-Identifier = "radist04ka.local"
Acct-Session-Id = "2859759-L-26"
NAS-Port = 26
NAS-Port-Type = Virtual
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "192.168.0.51"
mpd-link = "L-26"
Tunnel-Type:0 = PPTP
Tunnel-Medium-Type:0 = IPv4
Tunnel-Server-Endpoint:0 = "192.168.0.1"
Tunnel-Client-Endpoint:0 = "192.168.0.51"
Tunnel-Server-Auth-Id:0 = "radist04ka.local"
Framed-IP-Address = 198.168.100.51
Framed-IP-Netmask = 255.255.255.255
User-Name = "test"
Acct-Multi-Session-Id = "2859760-B-26"
mpd-bundle = "B-26"
mpd-iface = "ng25"
mpd-iface-index = 36
Acct-Link-Count = 1
Acct-Authentic = RADIUS
Acct-Status-Type = Interim-Update
Acct-Session-Time = 23703
Acct-Input-Octets = 4074469
Acct-Input-Packets = 28160
Acct-Input-Gigawords = 0
Acct-Output-Octets = 11562267
Acct-Output-Packets = 14664
Acct-Output-Gigawords = 0
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 35
modcall[preacct]: module "preprocess" returns noop for request 35
rlm_acct_unique: Hashing 'NAS-Port = 26,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 127.0.0.1,Acct-Session-Id = "2859759-L-26",User-Name = "test"'
rlm_acct_unique: Acct-Unique-Session-ID = "bb8a3df5a9ebec39".
modcall[preacct]: module "acct_unique" returns ok for request 35
acct_users: Matched entry DEFAULT at line 21
modcall[preacct]: module "files" returns ok for request 35
modcall: leaving group preacct (returns ok) for request 35
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 35
radius_xlat: '/var/log/radacct/127.0.0.1/detail-20101221'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radacct/127.0.0.1/detail-20101221
modcall[accounting]: module "detail" returns ok for request 35
modcall[accounting]: module "unix" returns noop for request 35
radius_xlat: '/var/log/radutmp'
radius_xlat: 'test'
modcall[accounting]: module "radutmp" returns ok for request 35
modcall: leaving group accounting (returns ok) for request 35
Sending Accounting-Response of id 157 to 127.0.0.1 port 39814
Finished request 35
Going to the next request
--- Walking the entire request list ---
.....
Finished request 76
Going to the next request
--- Walking the entire request list ---
Cleaning up request 76 ID 166 with timestamp 4d0fd84e
Nothing to do. Sleeping until we see a request.
rad_recv: Accounting-Request packet from host 127.0.0.1:28556, id=228, length=335
NAS-Identifier = "radist04ka.local"
Acct-Session-Id = "2859759-L-26"
NAS-Port = 26
NAS-Port-Type = Virtual
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "192.168.0.51"
mpd-link = "L-26"
Tunnel-Type:0 = PPTP
Tunnel-Medium-Type:0 = IPv4
Tunnel-Server-Endpoint:0 = "192.168.0.1"
Tunnel-Client-Endpoint:0 = "192.168.0.51"
Tunnel-Server-Auth-Id:0 = "radist04ka.local"
Framed-IP-Address = 198.168.100.51
Framed-IP-Netmask = 255.255.255.255
User-Name = "test"
Acct-Multi-Session-Id = "2859760-B-26"
mpd-bundle = "B-26"
mpd-iface = "ng25"
mpd-iface-index = 36
Acct-Link-Count = 1
Acct-Authentic = RADIUS
Acct-Status-Type = Interim-Update
Acct-Session-Time = 24303
Acct-Input-Octets = 4592230
Acct-Input-Packets = 31685
Acct-Input-Gigawords = 0
Acct-Output-Octets = 14165997
Acct-Output-Packets = 17610
Acct-Output-Gigawords = 0
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 77
modcall[preacct]: module "preprocess" returns noop for request 77
rlm_acct_unique: Hashing 'NAS-Port = 26,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 127.0.0.1,Acct-Session-Id = "2859759-L-26",User-Name = "test"'
rlm_acct_unique: Acct-Unique-Session-ID = "bb8a3df5a9ebec39".
modcall[preacct]: module "acct_unique" returns ok for request 77
acct_users: Matched entry DEFAULT at line 21
modcall[preacct]: module "files" returns ok for request 77
modcall: leaving group preacct (returns ok) for request 77
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 77
radius_xlat: '/var/log/radacct/127.0.0.1/detail-20101221'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radacct/127.0.0.1/detail-20101221
modcall[accounting]: module "detail" returns ok for request 77
modcall[accounting]: module "unix" returns noop for request 77
radius_xlat: '/var/log/radutmp'
radius_xlat: 'test'
modcall[accounting]: module "radutmp" returns ok for request 77
modcall: leaving group accounting (returns ok) for request 77
Sending Accounting-Response of id 228 to 127.0.0.1 port 28556
Finished request 77
Going to the next request
--- Walking the entire request list ---
Код: Выделить всё
mpd-limit+="in#1=all shape 64000 4000",
mpd-limit+="out#1=all shape 64000 4000"
Код: Выделить всё
mpd-limit+="in#1=all rate-limit 64000 28000 48000",
mpd-limit+="out#1=all rate-limit 64000 28000 48000"
Код: Выделить всё
radist04ka# cat /usr/local/etc/mpd5/mpd.conf
startup:
# enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients
set global enable tcp-wrapper
# configure the console
set console self 127.0.0.1 5005
set user admin secretpass admin
set console open
#WEB managment
#set web self 127.0.0.1 5006
#set web open
#Netflow options
#set netflow peer 127.0.0.1 9996
#set netflow self 127.0.0.1 9990
#set netflow timeouts 15 15
#set netflow hook 9000
#Calling-Station-Id = "10.0.4.16 / 00:18:f3:5a:9f:6a / em0"
#set link enable report-mac
#set netflow node netflow
log -echo -radius -rep
default:
load pptp_server_pptp
pptp_server_pptp:
create bundle template B
set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set iface up-script "/usr/abills/libexec/linkupdown mpd up"
set iface down-script "/usr/abills/libexec/linkupdown mpd down"
set ipcp yes vjcomp
set ipcp ranges 192.168.100.1 ippool pool1
set ipcp dns 10.10.241.241
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless
create link template L pptp
set link action bundle B
set link enable peer-as-calling
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60
set link mtu 1460
set link enable incoming
load server_common
server_common:
set link no pap eap
set link yes chap-md5
set link keep-alive 20 60
set link enable incoming
set link no acfcomp protocomp
load radius
radius:
set radius config /etc/radius.conf
set radius retries 3
set radius timeout 10
set auth acct-update 300
set auth enable radius-auth
set auth enable radius-acct
set auth disable internal
Код: Выделить всё
radist04ka# cat /etc/radius.conf
auth 127.0.0.1:1812 mpd 4 4
acct 127.0.0.1:1813 mpd 4 4
Код: Выделить всё
radist04ka# cat /usr/local/etc/raddb/users | grep -v "#"
DEFAULT Auth-Type = Accept
Exec-Program-Wait = "/usr/abills/libexec/rauth.pl"
Код: Выделить всё
radist04ka# cat /usr/local/etc/raddb/dictionary | grep -v "#"
$INCLUDE /usr/local/share/freeradius/dictionary
VENDOR mpd 12341
ATTRIBUTE mpd-rule 1 string mpd
ATTRIBUTE mpd-pipe 2 string mpd
ATTRIBUTE mpd-queue 3 string mpd
ATTRIBUTE mpd-table 4 string mpd
ATTRIBUTE mpd-table-static 5 string mpd
ATTRIBUTE mpd-filter 6 string mpd
ATTRIBUTE mpd-limit 7 string mpd
ATTRIBUTE mpd-input-octets 8 string mpd
ATTRIBUTE mpd-input-packets 9 string mpd
ATTRIBUTE mpd-output-octets 10 string mpd
ATTRIBUTE mpd-output-packets 11 string mpd
ATTRIBUTE mpd-link 12 string mpd
ATTRIBUTE mpd-bundle 13 string mpd
ATTRIBUTE mpd-iface 14 string mpd
ATTRIBUTE mpd-iface-index 15 integer mpd
ATTRIBUTE mpd-input-acct 16 string mpd
ATTRIBUTE mpd-output-acct 17 string mpd
ATTRIBUTE mpd-drop-user 154 integer mpd
Код: Выделить всё
radist04ka# cat /usr/local/etc/raddb/acct_users | grep -v "#"
DEFAULT Acct-Status-Type == Start
Exec-Program = "/usr/abills/libexec/racct.pl"
DEFAULT Acct-Status-Type == Alive
Exec-Program = "/usr/abills/libexec/racct.pl"
DEFAULT Acct-Status-Type == Stop
Exec-Program = "/usr/abills/libexec/racct.pl"
Код: Выделить всё
radist04ka@ kldstat -v | grep ng
288 ng_socket
293 ng_vjc
292 ng_tty
291 ng_tee
290 ng_tcpmss
289 ng_ng_split
278 ng_ipfw
271 ng_netflow
287 ng_rfc1490
286 ng_pptpgre
277 ng_iface
285 ng_pppoe
276 ng_ether
284 ng_ppp
275 ng_car
283 ng_one2many
282 ng_nat
281 ng_mppc
274 ng_bpf
280 ng_l2tp
272 ng_UI
279 ng_ksocket
radist04ka@
Код: Выделить всё
lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
x Options for mpd 5.5 x
x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x
x x [X] NG_CAR Use ng_car kernel module from port (< 7.0 only) x x
x x [X] NG_IPACCT Use ng_ipacct kernel module from port x x
x x x x
x x x x
x x x x
x x x x
x x x x
x x x x
x x x x
x x x x
x x x x
x x x x
x x x x
x x x x
x x x x
tqmqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqjqu
x [ OK ] Cancel x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj
Код: Выделить всё
authorize {
preprocess
pre_auth
mschap
files
}
Код: Выделить всё
mpd-limit+="in#1=all rate-limit 690000 52000 96000",
mpd-limit+="out#1=all rate-limit 690000 52000 96000"
то скорость около 350-500Кбайт/сек(~200kB)
(~800kB)
то 53-55Кбайт/сек(~1600kB)
(~3MB)
Код: Выделить всё
значение умноженое на 3 и деленное на 16
Код: Выделить всё
mpd-limit+="in#1=all rate-limit 690000 129375 258750",
mpd-limit+="out#1=all rate-limit 690000 129375 258750"
Код: Выделить всё
mpd-limit+=in#1=all shape 8000000 1500000,
mpd-limit+=out#1=all shape 8000000 1500000
Код: Выделить всё
mpd-limit+="in#1=all rate-limit 690000 129375 258750",
mpd-limit+="out#1=all rate-limit 690000 129375 258750"
Код: Выделить всё
mpd-limit+=in#1=all shape 8000000 1500000,
mpd-limit+=out#1=all shape 8000000 1500000
Код: Выделить всё
TRAFFIC_SUM>5000=SPEED:128;
Код: Выделить всё
# cat /usr/local/etc/mpd5/mpd.conf
startup:
# enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients
set global enable tcp-wrapper
# configure the console
set console self 127.0.0.1 5005
set user admin secretpass admin
set console open
#WEB managment
#set web self 127.0.0.1 5006
#set web open
#Netflow options
#set netflow peer 127.0.0.1 9996
#set netflow self 127.0.0.1 9990
#set netflow timeouts 15 15
#set netflow hook 9000
#Calling-Station-Id = "10.0.4.16 / 00:18:f3:5a:9f:6a / em0"
#set link enable report-mac
#set netflow node netflow
log -echo -radius -rep
default:
load pptp_server_pptp
pptp_server_pptp:
create bundle template B
set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set iface up-script "/usr/abills/libexec/linkupdown mpd up"
set iface down-script "/usr/abills/libexec/linkupdown mpd down"
set ipcp yes vjcomp
set ipcp ranges 192.168.172.1 ippool pool1
set ipcp dns 10.10.198.1
set bundle enable compression
set ccp yes mppc
set mppc yes compress
set mppc yes e40
set mppc yes e128
set mppc yes stateless
create link template B l2tp
set link action bundle B
set link enable peer-as-calling
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link mtu 1460
load server_common
server_common:
set link no pap eap
set link yes chap-md5
set link keep-alive 10 60
set link enable incoming
set link no acfcomp protocomp
load radius
radius:
set radius config /etc/radius.conf
set radius retries 3
set radius timeout 10
set auth acct-update 300
set auth enable radius-auth
set auth enable radius-acct
set auth disable internal
в течении скольких секунд?mpd-limit+="in#1=all rate-limit 690000 129375 258750",
mpd-limit+="out#1=all rate-limit 690000 129375 258750"
Код: Выделить всё
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.50.241 192.168.50.188 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.50.0 255.255.255.0 192.168.50.188 192.168.50.188 10
192.168.50.188 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.50.255 255.255.255.255 192.168.50.188 192.168.50.188 10
192.168.160.0 255.255.255.0 192.168.160.201 192.168.160.201 1
192.168.160.201 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.160.255 255.255.255.255 192.168.160.201 192.168.160.201 50
224.0.0.0 240.0.0.0 192.168.50.188 192.168.50.188 10
224.0.0.0 240.0.0.0 192.168.160.201 192.168.160.201 50
255.255.255.255 255.255.255.255 192.168.50.188 192.168.50.188 1
255.255.255.255 255.255.255.255 192.168.160.201 192.168.160.201 1
Код: Выделить всё
192.168.160.0 255.255.255.0 192.168.160.201 192.168.160.201 1
192.168.160.201 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.160.255 255.255.255.255 192.168.160.201 192.168.160.201 50
255.255.255.255 255.255.255.255 192.168.160.201 192.168.160.201 1