All code in this server was written for this project.
The server is mostly compatible with livingston radiusd-2.01
- (no menus or s/key support though) but with more feautures, such as:
+ (no menus or s/key support though) but with more features, such as:
o Can limit the maximum number of simultaneous logins on a per-user basis!
o Multiple DEFAULT entries, that can optionally fall-through.
With the original RADIUS server, every user had to be defined in this
file. There could be one default entry, where you could for example
define that a user not in the radius file would be checked agains the
- UNIX password file and on succesfull login would get a PPP connection.
+ UNIX password file and on successful login would get a PPP connection.
In the new style file, you can define multiple DEFAULT entries. All
entries are processed in the order as they appear in the users file.
---- ---- ------
Simultaneous-Use integer Max. number of concurrent logins
Fall-Through integer Yes/No
- Exec-Program string program to execute after authentication
- Exec-Program-Wait string ditto, but wait for program to finish
- before sending back auth. reply
Login-Time string Defines when user may login.
Current-Time string Allows you to perform time-based
checks when a request is received.
- Exec-Program can take arguments. You can use variables in the
- arguments, which are automatically expanded by the server. See
- 'doc/variables.txt' for more information.
-
- For example, use the following entry for someone who has BSMTP (queued
- SMTP) service. "brunq" is the program that runs the SMTP queue.
-
- robert Service-Type = Framed-User
- Exec-Program = "/usr/local/sbin/brunq -h %f delta",
- Fall-Through = 1
-
- The output from Exec-Program-Wait is parsed by the radius server. If
- it looks like Attribute/Value pairs, they are decoded and added to the
- reply sent to the NAS. This way, you can for example set Session-Timeout.
-
- For backwards compatibility, if the output doesn't look like valid
- radius A/V pairs, the output is taken as a message and added to the
- reply sent to the NAS as Port-Message.
-
- If Exec-Program-Wait returns a non-zero exit status, access will be
- denied to the user. With a zero-exit status, access is granted.
-
Login-Time defines the time span a user may login to the system. The
format of a so-called time string is like the format used by UUCP.
A time string may be a list of simple time strings separated by "|" or ",".
There are two GNU Mailman mailing lists hosted by Cistron Internet Services:
a 'users' list, at:
- http://lists.cistron.nl/archives/freeradius-users/
+ http://lists.freeradius.org/pipermail/freeradius-users/
and a 'developers only' list, at
- http://lists.cistron.nl/archives/freeradius-devel/
+ http://lists.freeradius.org/pipermail/freeradius-devel/
6. OTHER INFORMATION
The files in other directories are:
- debian/ Files to build a radiusd-freeradius Debian Linux package
+ debian/ Files to build a "freeradius" Debian Linux package.
dialup_admin/ A PHP web front-end to manage an SQL database associated
with the server.
redhat/ Additional files for a RedHat Linux system.
- scripts/ Sample scripts for startup and maintenance
+ scripts/ Sample scripts for startup and maintenance.
src/ Source code
src/main source code for the daemon and associated utilities
src/lib source code for the RADIUS library
src/include header files
- src/modules dynamic plug-in modules
+ src/modules dynamic plug-in modules
+
+ src/billing Some scripts and configuration files to assist in billing,
+ Currently mostly VoIP related.
+
+ suse/ Aditional files for a SuSE (UnitedLinux) system.
todo/ TODO list and assorted files.