abills.net.ua

Добавлено: **Пт ноя 07, 2008 2:30 pm**

пипл, не догоняю, радиус отшивает:

Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 36185, id=123, length=135
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "vpnuser"
MS-CHAP-Challenge = 0x93484ed4cf6df9a35704d6f559d5fd75
MS-CHAP2-Response = 0xfb00a21c4f38786a9a74742423b8507e8e830000000000000000b01f1b79aef902996484e87ccc6508ad9cd4e2bfbd144365
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
+- entering group authorize {...}
++[preprocess] returns ok
Exec-Program output: Cleartext-Password == "vpnuser"
Exec-Program-Wait: value-pairs: Cleartext-Password == "vpnuser"
Exec-Program: returned: 0
++[abills_pre_auth] returns ok
[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
++[mschap] returns ok
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
Exec-Program output: Reply-Message = "Unknow server '127.0.0.1'"
Exec-Program-Wait: value-pairs: Reply-Message = "Unknow server '127.0.0.1'"
Exec-Program: returned: 1
++[abills_auth] returns reject
Using Post-Auth-Type Reject
+- entering group REJECT {...}
Exec-Program output:
Exec-Program: returned: 0
++[abills_post_auth] returns ok
Sending Access-Reject of id 123 to 127.0.0.1 port 36185
Reply-Message = "Unknow server '127.0.0.1'"
Finished request 0.
Going to the next request
Waking up in 4.6 seconds.
Cleaning up request 0 ID 123 with timestamp +14
Ready to process requests.

Добавлено: **Пт ноя 07, 2008 3:37 pm**

мдя... и это не помагает

Добавлено: **Пн ноя 10, 2008 7:15 am**

ran писал(а):мдя... и это не помагает

читал ... вот и в таком варианте не хочет

tr-tower:/etc # cat hosts
#
# hosts This file describes a number of hostname-to-address
# mappings for the TCP/IP subsystem. It is mostly
# used at boot time, when no name servers are running.
# On small systems, this file can be used instead of a
# "named" name server.
# Syntax:
#
# IP-Address Full-Qualified-Hostname Short-Hostname
#

127.0.0.1 localhost

# special IPv6 addresses
::1 localhost ipv6-localhost ipv6-loopback

fe00::0 ipv6-localnet

ff00::0 ipv6-mcastprefix
ff02::1 ipv6-allnodes
ff02::2 ipv6-allrouters
ff02::3 ipv6-allhosts
127.0.0.2 tr-tower.site tr-tower

tr-tower:/etc # hostname -i
127.0.0.2

Mon Nov 10 10:05:59 2008 : Debug: Listening on authentication address * port 1812
Mon Nov 10 10:05:59 2008 : Debug: Listening on accounting address * port 1813
Mon Nov 10 10:05:59 2008 : Debug: Listening on proxy address * port 1814
Mon Nov 10 10:05:59 2008 : Debug: Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 53484, id=22, length=135
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "vpnuser"
MS-CHAP-Challenge = 0x1084fdbefc80b5975bbca18782c82ff3
MS-CHAP2-Response = 0x9300f9480719764ddad2e57a225451caf8bd0000000000000000e7c960e1657951d85a370aadcaa2d6a555cc34b5686b646f
NAS-IP-Address = 127.0.0.2
NAS-Port = 0
Mon Nov 10 10:06:08 2008 : Info: +- entering group authorize {...}
Mon Nov 10 10:06:08 2008 : Info: ++[preprocess] returns ok
Mon Nov 10 10:06:09 2008 : Debug: Exec-Program output: Cleartext-Password == "vpnuser"
Mon Nov 10 10:06:09 2008 : Debug: Exec-Program-Wait: value-pairs: Cleartext-Password == "vpnuser"
Mon Nov 10 10:06:09 2008 : Debug: Exec-Program: returned: 0
Mon Nov 10 10:06:09 2008 : Info: ++[abills_pre_auth] returns ok
Mon Nov 10 10:06:09 2008 : Info: [mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
Mon Nov 10 10:06:09 2008 : Info: ++[mschap] returns ok
Mon Nov 10 10:06:09 2008 : Info: [files] users: Matched entry DEFAULT at line 1
Mon Nov 10 10:06:09 2008 : Info: ++[files] returns ok
Mon Nov 10 10:06:09 2008 : Debug: Exec-Program output: Reply-Message = "Unknow server '127.0.0.2'"
Mon Nov 10 10:06:09 2008 : Debug: Exec-Program-Wait: value-pairs: Reply-Message = "Unknow server '127.0.0.2'"
Mon Nov 10 10:06:09 2008 : Debug: Exec-Program: returned: 1
Mon Nov 10 10:06:09 2008 : Info: ++[abills_auth] returns reject
Mon Nov 10 10:06:09 2008 : Info: Using Post-Auth-Type Reject
Mon Nov 10 10:06:09 2008 : Info: +- entering group REJECT {...}
Mon Nov 10 10:06:09 2008 : Debug: Exec-Program output:
Mon Nov 10 10:06:09 2008 : Debug: Exec-Program: returned: 0
Mon Nov 10 10:06:09 2008 : Info: ++[abills_post_auth] returns ok
Mon Nov 10 10:06:09 2008 : Info: Delaying reject of request 0 for 1 seconds
Mon Nov 10 10:06:09 2008 : Debug: Going to the next request
Mon Nov 10 10:06:09 2008 : Info: Sending delayed reject for request 0
Sending Access-Reject of id 22 to 127.0.0.1 port 53484
Reply-Message = "Unknow server '127.0.0.2'"
Mon Nov 10 10:06:09 2008 : Debug: Waking up in 4.7 seconds.
Mon Nov 10 10:06:14 2008 : Info: Cleaning up request 0 ID 22 with timestamp +9
Mon Nov 10 10:06:14 2008 : Debug: Ready to process requests.

В базе прописан NAS:
ID 2
IP 127.0.0.2
Name: 127.0.0.2
Radius NAS-Identifier: 127.0.0.2
Describe: pppd
Type: pppd:pppd + RADIUS plugin (Linux)
Authorization: SQL
External Accounting:
Alive (sec.): 60
Disable:
:Manage:
IP:PORT:
User:
Password:

гдето туплю ...

Добавлено: **Пн ноя 10, 2008 7:17 am**

версия 0.41

Добавлено: **Пн ноя 10, 2008 7:51 am**

вот еще откопал, при регистрации клиента в мускул идет вот что:

081110 10:39:05 8 Connect abills@localhost on abills
8 Query set autocommit=1
8 Query SELECT DECODE(password, 'test12345678901234567890') FROM users WHERE id='vpnuser'
8 Quit
9 Connect abills@localhost on abills
9 Query set autocommit=1
9 Query SELECT id, name, nas_identifier, descr, ip, nas_type, auth_type, mng_host_port, mng_user,
DECODE(mng_password, 'test12345678901234567890'), rad_pairs, alive, disable, ext_acct
FROM nas
WHERE ip='127.0.0.2' and nas_identifier=''
ORDER BY nas_identifier DESC

в мониторе делаю запросы

tr-tower:~ # mysql -D abills
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.0.67-log Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> SELECT id, name, nas_identifier, descr, ip, nas_type, auth_type, mng_host_port, mng_user,
-> DECODE(mng_password, 'test12345678901234567890'), rad_pairs, alive, disable, ext_acct
-> FROM nas
-> WHERE ip='127.0.0.2' and nas_identifier=''
-> ORDER BY nas_identifier DESC
-> ;
Empty set (0.00 sec)

mysql> select * from nas;
+----+-----------+----------------+-------+-----------+----------+-----------+---------------+----------+--------------+-----------+-------+---------+----------+
| id | name | nas_identifier | descr | ip | nas_type | auth_type | mng_host_port | mng_user | mng_password | rad_pairs | alive | disable | ext_acct |
+----+-----------+----------------+-------+-----------+----------+-----------+---------------+----------+--------------+-----------+-------+---------+----------+
| 2 | 127.0.0.2 | 127.0.0.2 | pppd | 127.0.0.2 | pppd | 0 | | | |
| 60 | 0 | 0 |
+----+-----------+----------------+-------+-----------+----------+-----------+---------------+----------+--------------+-----------+-------+---------+----------+
1 row in set (0.00 sec)

mysql>

т.е. идентификатор пуст ...

Добавлено: **Пн ноя 10, 2008 8:21 am**

Radius NAS-Identifier: 127.0.0.2

если уж используешь это поле (а оно тебе нада?) значит и твой радиусклиент должен его формировать а он этого не делает

т.е. идентификатор пуст ...

поэтому сервер и посылает

Добавлено: **Пн ноя 10, 2008 1:09 pm**

ran писал(а):
Radius NAS-Identifier: 127.0.0.2
если уж используешь это поле (а оно тебе нада?) значит и твой радиусклиент должен его формировать а он этого не делает
т.е. идентификатор пуст ...
поэтому сервер и посылает

мда, описание убрал, вроде пошло ... но
радиус-сервер выдает:

Mon Nov 10 16:00:36 2008 : Debug: Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 42802, id=195, length=135
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "vpnuser"
MS-CHAP-Challenge = 0x5cdff39ebefe1efd35b57f414abb4838
MS-CHAP2-Response = 0x6f00a307f6fd0d1bc7c3bb5d3d7a0f56821f00000000000000006ce472db26e1535032e3c22243d89bb8b77bb5b28d41a359
NAS-IP-Address = 127.0.0.2
NAS-Port = 0
Mon Nov 10 16:00:46 2008 : Info: +- entering group authorize {...}
Mon Nov 10 16:00:46 2008 : Info: ++[preprocess] returns ok
Mon Nov 10 16:00:47 2008 : Debug: Exec-Program output: Cleartext-Password == "vpnuser"
Mon Nov 10 16:00:47 2008 : Debug: Exec-Program-Wait: value-pairs: Cleartext-Password == "vpnuser"
Mon Nov 10 16:00:47 2008 : Debug: Exec-Program: returned: 0
Mon Nov 10 16:00:47 2008 : Info: ++[abills_preauth] returns ok
Mon Nov 10 16:00:47 2008 : Info: [mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
Mon Nov 10 16:00:47 2008 : Info: ++[mschap] returns ok
Mon Nov 10 16:00:47 2008 : Info: [files] users: Matched entry DEFAULT at line 1
Mon Nov 10 16:00:47 2008 : Info: ++[files] returns ok
Mon Nov 10 16:00:47 2008 : Debug: Exec-Program output: Session-Timeout = 1756753, MS-MPPE-Encryption-Types = 0x00000006, Session-Octets-Limit = 10485760, MS-CHAP2-SUCCESS = 0x6f533d34383638433042423632304530453843464439373539343245363234413437463936383745443145, MS-MPPE-Encryption-Policy = 0x00000001, Octets-Direction = 0, Framed-IP-Address = 10.10.11.2, Framed-IP-Netmask = 255.255.255.255,
Mon Nov 10 16:00:47 2008 : Debug: Exec-Program-Wait: plaintext: Session-Timeout = 1756753, MS-MPPE-Encryption-Types = 0x00000006, Session-Octets-Limit = 10485760, MS-CHAP2-SUCCESS = 0x6f533d34383638433042423632304530453843464439373539343245363234413437463936383745443145, MS-MPPE-Encryption-Policy = 0x00000001, Octets-Direction = 0, Framed-IP-Address = 10.10.11.2, Framed-IP-Netmask
= 255.255.255.255,
Mon Nov 10 16:00:47 2008 : Debug: Exec-Program: returned: 0
Mon Nov 10 16:00:47 2008 : Info: ++[abills_auth] returns ok
Mon Nov 10 16:00:47 2008 : Info: Found Auth-Type = Accept
Mon Nov 10 16:00:47 2008 : Info: Auth-Type = Accept, accepting the user
Sending Access-Accept of id 195 to 127.0.0.1 port 42802
Mon Nov 10 16:00:47 2008 : Info: Finished request 0.
Mon Nov 10 16:00:47 2008 : Debug: Going to the next request
Mon Nov 10 16:00:47 2008 : Debug: Waking up in 4.9 seconds.
Mon Nov 10 16:00:52 2008 : Info: Cleaning up request 0 ID 195 with timestamp +10
Mon Nov 10 16:00:52 2008 : Debug: Ready to process requests.

pptp/ppp пишет

Nov 10 16:00:44 tr-tower pppd[5261]: Connect: ppp0 <--> /dev/pts/1
Nov 10 16:00:44 tr-tower pppd[5261]: sent [LCP ConfReq id=0x1 <mru 1000> <asyncmap 0x0> <auth chap MS-v2> <magic 0xe605550f> <pcomp> <accomp>]
Nov 10 16:00:44 tr-tower pptpd[5260]: GRE: Bad checksum from pppd.
Nov 10 16:00:44 tr-tower pptpd[5260]: GRE: accepting packet #1
Nov 10 16:00:44 tr-tower pppd[5261]: rcvd [LCP ConfAck id=0x1 <mru 1000> <asyncmap 0x0> <auth chap MS-v2> <magic 0xe605550f> <pcomp> <accomp>]
Nov 10 16:00:46 tr-tower pptpd[5260]: GRE: accepting packet #2
Nov 10 16:00:46 tr-tower pppd[5261]: rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x3c134ba0> <pcomp> <accomp> <callback CBCP>]
Nov 10 16:00:46 tr-tower pppd[5261]: sent [LCP ConfRej id=0x1 <callback CBCP>]
Nov 10 16:00:46 tr-tower pptpd[5260]: GRE: accepting packet #3
Nov 10 16:00:46 tr-tower pppd[5261]: rcvd [LCP ConfReq id=0x2 <mru 1400> <magic 0x3c134ba0> <pcomp> <accomp>]
Nov 10 16:00:46 tr-tower pppd[5261]: sent [LCP ConfAck id=0x2 <mru 1400> <magic 0x3c134ba0> <pcomp> <accomp>]
Nov 10 16:00:46 tr-tower pppd[5261]: sent [LCP EchoReq id=0x0 magic=0xe605550f]
Nov 10 16:00:46 tr-tower pppd[5261]: sent [CHAP Challenge id=0x6f <5cdff39ebefe1efd35b57f414abb4838>, name = "tr-tower"]
Nov 10 16:00:46 tr-tower pptpd[5260]: CTRL: Received PPTP Control Message (type: 15)
Nov 10 16:00:46 tr-tower pptpd[5260]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Nov 10 16:00:46 tr-tower pptpd[5260]: GRE: accepting packet #4
Nov 10 16:00:46 tr-tower pptpd[5260]: GRE: accepting packet #5
Nov 10 16:00:46 tr-tower pppd[5261]: rcvd [LCP Ident id=0x3 magic=0x3c134ba0 "MSRASV5.10"]
Nov 10 16:00:46 tr-tower pppd[5261]: rcvd [LCP Ident id=0x4 magic=0x3c134ba0 "MSRAS-0-CORP-10"]
Nov 10 16:00:46 tr-tower pptpd[5260]: GRE: accepting packet #6
Nov 10 16:00:46 tr-tower pptpd[5260]: GRE: accepting packet #7
Nov 10 16:00:46 tr-tower pppd[5261]: rcvd [LCP EchoRep id=0x0 magic=0x3c134ba0]
Nov 10 16:00:46 tr-tower pppd[5261]: rcvd [CHAP Response id=0x6f <a307f6fd0d1bc7c3bb5d3d7a0f56821f00000000000000006ce472db26e1535032e3c22243d89bb8b77bb5b28d41a35900>, name = "vpnuser"]
Nov 10 16:00:47 tr-tower pppd[5261]: RADATTR plugin wrote 0 line(s) to file /var/run/radattr.ppp0.
Nov 10 16:00:47 tr-tower pppd[5261]:
Nov 10 16:00:47 tr-tower pppd[5261]: Peer vpnuser failed CHAP authentication
Nov 10 16:00:47 tr-tower pppd[5261]: sent [CHAP Failure id=0x6f ""]
Nov 10 16:00:47 tr-tower pppd[5261]: sent [LCP TermReq id=0x2 "Authentication failed"]
Nov 10 16:00:47 tr-tower pptpd[5260]: CTRL: Received PPTP Control Message (type: 15)
Nov 10 16:00:47 tr-tower pptpd[5260]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Nov 10 16:00:47 tr-tower pptpd[5260]: GRE: accepting packet #8
Nov 10 16:00:47 tr-tower pptpd[5260]: CTRL: Received PPTP Control Message (type: 12)
Nov 10 16:00:47 tr-tower pptpd[5260]: CTRL: Made a CALL DISCONNECT RPLY packet
Nov 10 16:00:47 tr-tower pptpd[5260]: CTRL: Received CALL CLR request (closing call)
Nov 10 16:00:47 tr-tower pppd[5261]: rcvd [LCP TermAck id=0x2 "Authentication failed"]
Nov 10 16:00:47 tr-tower pppd[5261]: Connection terminated.
Nov 10 16:00:47 tr-tower pptpd[5260]: CTRL: Reaping child PPP[5261]
Nov 10 16:00:47 tr-tower pppd[5261]: tcflush failed: Input/output error
Nov 10 16:00:47 tr-tower pppd[5261]: RADATTR plugin removed file /var/run/radattr.ppp0.
Nov 10 16:00:47 tr-tower pppd[5261]: Exit.
Nov 10 16:00:47 tr-tower pptpd[5260]: CTRL: Client 192.168.100.152 control connection finished
Nov 10 16:00:47 tr-tower pptpd[5260]: CTRL: Exiting now
Nov 10 16:00:47 tr-tower pptpd[5227]: MGR: Reaped child 5260
Nov 10 16:05:01 tr-tower /usr/sbin/cron[5286]: (root) CMD (/usr/abills/libexec/billd -all)

Добавлено: **Пн ноя 10, 2008 4:10 pm**

Mon Nov 10 16:00:47 2008 : Debug: Exec-Program-Wait: plaintext:

а должно быть value-pairs: (при условии что твой радиусклиент понимает все атрибуты полученные от сервера). Отсюда вывод: непонимает

смотреть словари радиусклиента

Добавлено: **Вт ноя 11, 2008 7:08 am**

ran писал(а):
Mon Nov 10 16:00:47 2008 : Debug: Exec-Program-Wait: plaintext:
а должно быть value-pairs: (при условии что твой радиусклиент понимает все атрибуты полученные от сервера). Отсюда вывод: непонимает

смотреть словари радиусклиента

угу, сенкс, начинает доходить

Добавлено: **Вс дек 21, 2008 1:19 pm**

А не подскажешь настройки своего radiusd.conf?
А то структура конфигов фрирадиуса поменялась и с новой я пока разбираюсь (у меня FreeRADIUS Version 2.1.0)

вот такой венигрет у меня /etc/freeradius/radiusd.conf:

Код: Выделить всё

prefix = /usr
exec_prefix = /usr
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = /var/log/freeradius
raddbdir = /etc/freeradius
radacctdir = ${logdir}/radacct

#  Location of config and logfiles.
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd

# Should likely be ${localstatedir}/lib/radiusd
db_dir = ${raddbdir}


libdir = /usr/lib/freeradius

pidfile = ${run_dir}/radiusd.pid

max_request_time = 30

cleanup_delay = 5

max_requests = 1024


listen {

	type = auth

	ipaddr = localhost

#	port = 0
#	interface = eth0
#	clients = per_socket_clients
}

listen {
	ipaddr = localhost
	type = acct
#	port = 0
#	interface = eth0
#	clients = per_socket_clients
}

hostname_lookups = no

allow_core_dumps = no

regular_expressions	= yes
extended_expressions	= yes


log {

	destination = files

	file = ${logdir}/radius.log

	syslog_facility = daemon

	stripped_names = no

	auth = no

	auth_badpass = no
	auth_goodpass = no
}

#  The program to execute to do concurrency checks.
checkrad = ${sbindir}/checkrad

# SECURITY CONFIGURATION
security {

	max_attributes = 200

	reject_delay = 1

	status_server = yes
}

# PROXY CONFIGURATION
proxy_requests  = off
# $INCLUDE proxy.conf


# CLIENTS CONFIGURATION
#$INCLUDE clients.conf


# THREAD POOL CONFIGURATION
thread pool {
	start_servers = 5

	max_servers = 32

	min_spare_servers = 3
	max_spare_servers = 10

	max_requests_per_server = 0
}

# MODULE CONFIGURATION
modules {

	$INCLUDE ${confdir}/modules/

#	$INCLUDE eap.conf
#	$INCLUDE sql.conf
	$INCLUDE experimental.conf
#	$INCLUDE sql/mysql/counter.conf
#	$INCLUDE sql/postgresql/counter.conf
#	$INCLUDE sqlippool.conf
#	$INCLUDE otp.conf

}

# Instantiation
instantiate {

	exec

	expr

#	daily
	expiration
	logintime
}

#	$INCLUDE policy.conf
#	$INCLUDE sites-enabled/

Вот что пишет freeradius -X

Код: Выделить всё

Starting - reading configuration files ...
including configuration file /etc/freeradius/radiusd.conf
including files in directory /etc/freeradius/modules/
including configuration file /etc/freeradius/modules/digest
including configuration file /etc/freeradius/modules/echo
including configuration file /etc/freeradius/modules/wimax
including configuration file /etc/freeradius/modules/etc_group
including configuration file /etc/freeradius/modules/attr_rewrite
including configuration file /etc/freeradius/modules/linelog
including configuration file /etc/freeradius/modules/realm
including configuration file /etc/freeradius/modules/checkval
including configuration file /etc/freeradius/modules/smbpasswd
including configuration file /etc/freeradius/modules/ldap
including configuration file /etc/freeradius/modules/always
including configuration file /etc/freeradius/modules/preprocess
including configuration file /etc/freeradius/modules/detail.example.com
including configuration file /etc/freeradius/modules/chap
including configuration file /etc/freeradius/modules/files
including configuration file /etc/freeradius/modules/exec
including configuration file /etc/freeradius/modules/radutmp
including configuration file /etc/freeradius/modules/expr
including configuration file /etc/freeradius/modules/pap
including configuration file /etc/freeradius/modules/krb5
including configuration file /etc/freeradius/modules/mschap
including configuration file /etc/freeradius/modules/passwd
including configuration file /etc/freeradius/modules/inner-eap
including configuration file /etc/freeradius/modules/counter
including configuration file /etc/freeradius/modules/ippool
including configuration file /etc/freeradius/modules/pam
including configuration file /etc/freeradius/modules/policy
including configuration file /etc/freeradius/modules/unix
including configuration file /etc/freeradius/modules/detail.log
including configuration file /etc/freeradius/modules/expiration
including configuration file /etc/freeradius/modules/mac2ip
including configuration file /etc/freeradius/modules/mac2vlan
including configuration file /etc/freeradius/modules/logintime
including configuration file /etc/freeradius/modules/sradutmp
including configuration file /etc/freeradius/modules/acct_unique
including configuration file /etc/freeradius/modules/attr_filter
including configuration file /etc/freeradius/modules/sql_log
including configuration file /etc/freeradius/modules/detail
including configuration file /etc/freeradius/experimental.conf
including dictionary file /etc/freeradius/dictionary
main {
	prefix = "/usr"
	localstatedir = "/var"
	logdir = "/var/log/freeradius"
	libdir = "/usr/lib/freeradius"
	radacctdir = "/var/log/freeradius/radacct"
	hostname_lookups = no
	max_request_time = 30
	cleanup_delay = 5
	max_requests = 1024
	allow_core_dumps = no
	pidfile = "/var/run/radiusd/radiusd.pid"
	checkrad = "/usr/sbin/checkrad"
	debug_level = 0
	proxy_requests = off
 log {
	stripped_names = no
	auth = no
	auth_badpass = no
	auth_goodpass = no
 }
 security {
	max_attributes = 200
	reject_delay = 1
	status_server = yes
 }
}
radiusd: #### Loading Realms and Home Servers ####
radiusd: #### Instantiating modules ####
 instantiate {
 Module: Linked to module rlm_exec
 Module: Instantiating exec
  exec {
	wait = no
	input_pairs = "request"
	shell_escape = yes
  }
 Module: Linked to module rlm_expr
 Module: Instantiating expr
 Module: Linked to module rlm_expiration
 Module: Instantiating expiration
  expiration {
	reply-message = "Password Has Expired  "
  }
 Module: Linked to module rlm_logintime
 Module: Instantiating logintime
  logintime {
	reply-message = "You are calling outside your allowed timespan  "
	minimum-timeout = 60
  }
 }
radiusd: #### Loading Virtual Servers ####
 modules {
 }
radiusd: #### Opening IP addresses and Ports ####
listen {
	type = "auth"
	ipaddr = localhost IP address [127.0.0.1]
	port = 0
}
listen {
	type = "acct"
	ipaddr = localhost IP address [127.0.0.1]
	port = 0
}
Listening on authentication address 127.0.0.1 port 1812
Listening on accounting address 127.0.0.1 port 1813
Ready to process requests.
Ignoring request to authentication address 127.0.0.1 port 1812 from unknown client 127.0.0.1 port 53743
Ready to process requests.

abills.net.ua

abills openSUSE 11.0 freeradius 2.2.1

abills openSUSE 11.0 freeradius 2.2.1