Код: Выделить всё
#radiusd -x
Starting - reading configuration files ...
Using deprecated naslist file. Support for this will go away soon.
Module: Loaded exec
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded System
Module: Instantiated unix (unix)
Module: Loaded eap
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
rlm_eap: Loaded and initialized type gtc
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
Module: Instantiated preprocess (preprocess)
Module: Instantiated exec (pre_auth)
Module: Loaded realm
Module: Instantiated realm (suffix)
Module: Loaded files
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
Module: Instantiated detail (detail)
Module: Loaded radutmp
Module: Instantiated radutmp (radutmp)
Module: Instantiated exec (post_auth)
Initializing the thread pool...
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:65505, id=29, length=182
NAS-Identifier = "su.uss.ru"
NAS-IP-Address = 127.0.0.1
Message-Authenticator = 0xcb29b150c34c4130d9a8303e219c0af5
NAS-Port = 0
NAS-Port-Type = Virtual
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "192.168.1.101"
User-Name = "test"
MS-CHAP-Challenge = 0xbb1e684f10625e573d1e775052b79da8
MS-CHAP2-Response = 0x0100710fe6ccee260ea839ca19ac5fc27e40000000000000000002bafcd39625ec4017045599ea79e8f2ae59588f84c5577f
Exec-Program-Wait: value-pairs: User-Password == "testpass"
Exec-Program: returned: 0
Exec-Program-Wait: plaintext: Session-Timeout = 604800, MS-MPPE-Encryption-Types = 0x00000006, Session-Octets-Limit = 0, MS-CHAP2-SUCCESS = 0x01533d31413844414630393935413134453232323242453533424236344339364445343441443942363643, MS-MPPE-Encryption-Policy = 0x00000001, Acct-Interim-Interval = 60, Framed-IP-Address = 192.168.252.13, Framed-IP-Netmask = 255.255.255.255,
Exec-Program: returned: 0
Sending Access-Accept of id 29 to 127.0.0.1 port 65505
MS-CHAP2-Success = 0x01533d31413844414630393935413134453232323242453533424236344339364445343441443942363643
MS-MPPE-Recv-Key = 0xd5d40d08ef0d3e24b7c053f694beb8c4
MS-MPPE-Send-Key = 0xa42291a963e513d4f3266b5165e16c59
MS-MPPE-Encryption-Policy = 0x00000001
MS-MPPE-Encryption-Types = 0x00000006
rad_recv: Accounting-Request packet from host 127.0.0.1:55205, id=152, length=136
NAS-Identifier = "su.uss.ru"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
NAS-Port-Type = Virtual
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "192.168.1.101"
Acct-Status-Type = Start
Framed-IP-Address = 192.168.252.0
User-Name = "test"
Acct-Session-Id = "2946182-pptp0"
Acct-Multi-Session-Id = "2946182-pptp0"
Acct-Link-Count = 1
Acct-Authentic = RADIUS
Sending Accounting-Response of id 152 to 127.0.0.1 port 55205Код: Выделить всё
$conf{IPN_DETAIL}=1;
$conf{IPN_STATIC_IP}=1;
$conf{UNKNOWN_IP_LOG}=1;
$conf{IPN_DETAIL_CLEAN_PERIOD}=90;
$conf{IPN_DEPOSIT_OPERATION}=1;Код: Выделить всё
#cat /usr/local/etc/mpd4/mpd.conf
startup:
# enable TCP-Wrapper (hosts_access(5)) to block unfriendly clients
set global enable tcp-wrapper
# configure the console
set console port 5005
set console ip 127.0.0.1
set console user admin secretpass
set console open
#Netflow options
set netflow export 127.0.0.1 9996
set netflow source 127.0.0.1 9990
#set netflow timeouts inactive active
#set netflow node nodename
#Radius Config
radius:
set radius config /etc/radius.conf
set radius retries 3
set radius timeout 3
set radius me 127.0.0.1
set auth acct-update 300
set auth enable radius-auth
set auth enable radius-acct
set bundle enable compression
set ccp yes mppc
set ccp enable mppe-policy
set radius enable message-authentic
default:
load pptp0
load pptp1
pptp0:
new -n -i ng0 pptp0 pptp0
load pptp
pptp1:
new -i ng1 pptp1 pptp1
load pptp
#Incoming PPTP link config
pptp:
# new -i ng0 pptp pptp
set iface disable on-demand
#set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set bundle enable multilink
# use RADIUS servers
load radius
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60
set link mtu 1460
set ipcp yes vjcomp
set ipcp ranges 192.168.255.254/32 192.168.252.0/22
set ipcp dns 192.168.1.2
#set ipcp nbns 192.168.1.4
#
# The five lines below enable Microsoft Point-to-Point encryption (MPPE) using
# the ng_mppc(8) netgraph node type.
#
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp self 192.168.1.3
set pptp enable incoming
set pptp disable originate
set pptp disable windowingКод: Выделить всё
#cat /usr/local/etc/raddb/dictionary | grep mpd
$INCLUDE /usr/local/etc/mpd4/dictionary.mpdКод: Выделить всё
/usr/local/etc/raddb/>cat /usr/local/etc/mpd4/dictionary.mpd
#----------------------------------------------------------
# dictionary.mpd
VENDOR mpd 12341
ATTRIBUTE mpd-rule 1 string mpd
ATTRIBUTE mpd-pipe 2 string mpd
ATTRIBUTE mpd-queue 3 string mpd
ATTRIBUTE mpd-table 4 string mpd
ATTRIBUTE mpd-table-static 5 string mpd
ATTRIBUTE mpd-filter 6 string mpd
ATTRIBUTE mpd-limit 7 string mpd
ATTRIBUTE mpd-drop-user 154 integer mpd
#----------------------------------------------------------
p.s. Не знаю, связано ли это, но также пользователи не реагируют на hangup из веба.
) Program-Wait: plaintext: сменит гнев на милость и станет Program-Wait: value-pairs:
или там где ему хочется их видеть должны быть симлинки на туда где они на самом деле 