X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=README;h=0d434daf2316e0ad80bd9b11371bdeaa2224ea73;hb=refs%2Fheads%2Fmaint-1.6;hp=8b8ae78b09799eb050b55084f0f9a8a1a2c3c84d;hpb=ed40053fa21f5bf377faaf694af50be4b7f30891;p=libradsec.git diff --git a/README b/README index 8b8ae78..0d434da 100644 --- a/README +++ b/README @@ -1,40 +1,38 @@ -This is a revision from the radsecproxy 1.2 devel branch. +This is radsecproxy 1.6.5 from 2013-09-06. -radsecproxy is a generic RADIUS proxy that can support various -RADIUS clients over UDP or TLS (RadSec). +radsecproxy is a generic RADIUS proxy that supports both UDP and TLS +(RadSec) RADIUS transports. There is also experimental support for +TCP and DTLS. -It should build on most Linux and BSD platforms by simply typing -"make". You may also try to use autoconf, but this is currently -unsupported. +It should build on most Unix and OSX platforms by simply typing +"./configure && make". It is possible to specify which RADIUS +transport the build should support. Without any special options to +configure, all transports supported by the system will be enabled. +See the output from "configure --help" for how to change this. -To use it you need to create a config file which normally is -called "/etc/radsecproxy.conf". You can also specify the location -with the "-c" command line option (see below). For further +Known build issues: +- Older BSD's (like NetBSD 4.x) need newer OpenSSL in order to support + DTLS. Workaround: ./configure --disable-dtls. + +- FreeBSD 6.x need newer OpenSSL to build at all. OpenSSL 1.0.0c from + ports is fine f.ex., configure radsecproxy with `--with-ssl=/usr/local'. + +To use radsecproxy you need to create a config file which normally is +called "/etc/radsecproxy.conf". You can also specify the location +with the "-c" command line option (see below). For further instructions, please see the enclosed example file and the documentation at http://software.uninett.no/radsecproxy/?page=documentation -There are five options that may be specified on the command line. -"-c configfile" to specify a non-default config file path; -"-d loglevel" to set a loglevel of 1, 2, 3 or 4 where 4 is the most -detailed; and "-f" to run the proxy in the foreground with logging -to stderr. Without "-f" the default is to detach as a daemon and -log to syslog. "-v" just prints version information and exits, while +The following options may be specified on the command line: +"-c configfile" to specify a non-default config file path. +"-d loglevel" to set a loglevel of 1, 2, 3, 4 and 5 where 5 is the + most detailed. +"-f" to run the proxy in the foreground with logging to stderr. + Without "-f" the default is to detach as a daemon and log to + syslog. +"-i pidfile" to name a file to which the PID is written. +"-v" just prints version information and exits. "-p" (pretend) makes the proxy go through the configuration files as -normal, but stops before creating any sockets or doing any serious -work. This is useful for validating config files. - -Thanks to Stefan Winter and Andreas Solberg for talking me into -doing this, and the funding from GEANT2. Stefan as well as Kolbjørn -Barmen, Ralf Paffrath and Maja Wolniewicz have helped with early -testing of the code. - -All of the above plus Milan Sova have provided good feedback on -several implementation choices. Finally thanks to Hans Zandbelt -for providing the autoconf stuff. I may have forgotten someone, -let me know if you feel left out. - -For more information, feedback etc. please see the information -at http://software.uninett.no/radsecproxy/ - -Stig Venaas -- 2008.05.14 + normal, but stops before creating any sockets or doing any + serious work. This is useful for validating config files.