radiusサーバ
radiusサーバの構築実験
FreeBSD-12.0
インストールしたサーバソフト
ほとんどpkgでインストール
apache24
MariaDB104
PHP7.2
pkg install -y php72 mod_php72 php72-mysqli php72-xml php72-hash php72-gd php72-curl php72-tokenizer php72-zlib php72-extensions php72-mbstring php72-fileinfo php72-fileinfo php72-pdo_mysql php72-pecl-APCu php72-pear php72-pear-DB
freeradius3
radiusd.conf
$INCLUDE mods-enabled/sqlを有効にする
ログ取りを可能にする
sed -i -e ‘s/^\tauth = no/\tauth = yes/g’ /usr/local//etc/raddb/radiusd.conf
sed -i -e ‘s/^\tauth_badpass = no/\tauth_badpass = yes/g’ /usr/local//etc/raddb/radiusd.conf
sed -i -e ‘s/^\tauth_goodpass = no/\tauth_goodpass = yes/g’ /usr/local//etc/raddb/radiusd.conf
/usr/local/etc/raddb/mods-enabled/sqlを追加
sql {
driver = "rlm_sql_mysql"
dialect = "mysql"
server = "localhost"
port = 3306
login = "radius"
password = "passsword"
radius_db = "radius"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "radcheck"
groupcheck_table = "radgroupcheck"
authreply_table = "radreply"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
delete_stale_sessions = yes
pool {
start = ${thread[pool].start_servers}
min = ${thread[pool].min_spare_servers}
max = ${thread[pool].max_servers}
spare = ${thread[pool].max_spare_servers}
uses = 0
retry_delay = 30
lifetime = 0
idle_timeout = 60
}
read_clients = yes
client_table = "nas"
group_attribute = "SQL-Group"
$INCLUDE ${modconfdir}/${.:name}/main/${dialect}/queries.conf
}
mysql -u radius -p radius < /usr/local/etc/raddb/mods-config/sql/main/mysql/schema.sql
daloradius
daloradius.conf.phpを編集
wwwユーザにて書き込み可能にする
$configValues[‘CONFIG_DB_HOST’] = ‘localhost’;
$configValues[‘CONFIG_DB_PORT’] = ‘3306’;
$configValues[‘CONFIG_DB_USER’] = ‘radius’;
$configValues[‘CONFIG_DB_PASS’] = ‘password’;
$configValues[‘CONFIG_DB_NAME’] = ‘radius’;
mysql -u radius -p radius < fr2-mysql-daloradius-and-freeradius.sql
mysql -u radius -p radius < mysql-daloradius.sql
こんな感じ