1.需要软件,什么都不需要。
你只要给各mysql的库就好了,库结构在
freeradius源码目录下的/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql
你建立一个数据库就好了,我在我自己的机器上建立了一个名字为radius的数据库
并且导入了这个数据库的结构。
2。配置sql.conf
先回到刚才的freeradius的配置文件目录
cd /usr/local/freeradius-1.1.0/etc/raddb
vi sql.conf
修改连接信息
# Connect info
server = “192.168.8.53″
login = “radius”
password = “radius”
# Database table configuration
radius_db = “radius”
# Connect info server = “192.168.8.53″ login = “radius” password = “radius”
# Database table configuration radius_db = “radius”
去掉下面的simul。。。。前面的#
打开sql的用户同时连接数测试的语句
# Uncomment simul_count_query to enable simultaneous use checking
simul_count_query = “SELECT COUNT(*) FROM ${acct_table1} WHERE UserName=’%{SQL-User-Name}’ AND AcctStopTime = 0″
3.配置radiusd.conf
注释掉 authorize {
的files
去掉sql前的注释
注释掉 preacct {
的files
注释掉 accounting {
的radutmp
去掉sql前面的#
注释掉 session{
的radutmp
去掉sql前面的#
去掉 post-auth {
sql前的#
总之就是去掉files模块,开启sql模块
4。在数据库中添加用户
在usergroup中添加一个test用户,组名为vpn
在radgroupcheck中添加一个vpn组,
attribute为Simultaneous-Use
op为:=
value为1
的纪录
在radcheck中添加
username为test
attribute为 User-Password
op为==
value为test
这样就添加了一个用户为test,组为vpn,密码为test
并且所有的组用户的都只能1个用户名登陆一次
5.测试
用debug模式启动radiusd
会看到
rad_recv: Access-Request packet from host 127.0.0.1:32768, id=222, length=146
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = “test”
MS-CHAP-Challenge = 0xb6a9e94b94c3c386875043efd5144e17
MS-CHAP2-Response = 0x38006d78036bb5e40ddeca0ce96b944619e000000000000000007b887b8762be38eb111a94a4b581925b85e07453a38a070f
Calling-Station-Id = “192.168.8.53″
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
rlm_sql (sql): Processing sql_postauth
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql (sql): Released sql socket id: 2
Sending Access-Accept of id 222 to 127.0.0.1 port 32768
MS-CHAP2-Success = 0x38533d33453434464142394232444230413143464539453832444536453534373331383833454238414536
MS-MPPE-Recv-Key = 0x53a3812a0fd5b6f7b1cf4f6f6796f26b
MS-MPPE-Send-Key = 0xb8be60559cbc46fd4da277516d6584f3
MS-MPPE-Encryption-Policy = 0×00000002
MS-MPPE-Encryption-Types = 0×00000004
rad_recv: Accounting-Request packet from host 127.0.0.1:32768, id=223, length=110
Acct-Session-Id = “43EC0822056A00″
User-Name = “test”
Acct-Status-Type = Start
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = “192.168.8.53″
Acct-Authentic = RADIUS
NAS-Port-Type = Async
Framed-IP-Address = 10.10.110.1
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Acct-Delay-Time = 0
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): Released sql socket id: 1
Sending Accounting-Response of id 223 to 127.0.0.1 port 32768
如果你把Simultaneous-Use改成0
会看到
rad_recv: Access-Request packet from host 127.0.0.1:32768, id=225, length=146
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = “test”
MS-CHAP-Challenge = 0x2295d4d65913cbc0a7836e986fe4a998
MS-CHAP2-Response = 0x34001739a3331c1a1a938eed99cda89b691f0000000000000000a8a9e9ae2eadaa6b1acb93e368113dc4ed47dac0a20b1ed8
Calling-Station-Id = “192.168.8.53″
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
rad_recv: Access-Request packet from host 127.0.0.1:32768, id=225, length=146
Sending Access-Reject of id 225 to 127.0.0.1 port 32768
Reply-Message := “\r\nYou are already logged in – access denied\r\n\n”
--转自
当前位置:
论坛首页 »
自由讨论区 »
MySQL, Oracle及数据库讨论区
»
发起投票
技术讨论
加好友
发消息
2015-1-6 9:59:41 |
赞(
操作
