@H_502_9@
一、gmake的安装[①]
1. 需要的文件
libiconv-1.11_1.tbz
gettext-0.17_1.tbz
gmake-3.81_3.tbz
2. 安装
Pkg_add gettext-0.17_1.tbz
Pkg_add libiconv-1.11_1.tbz
Pkg_add gmake-3.81_3.tbz
二、Postgresql的安装
1. 解压
tar zxvf postgresql-
2. 进入目录,执行配置程序
cd postgresql-
./configure --prefix=/usr/local/pgsql
3. 执行gmake来编译,然后进行安装
/usr/local/bin/gmake
/usr/local/bin/gmake install
4. 添加一个名为postgres的用户,新建一个用来存放数据库的文件夹 ,并设置权限
pw user add postgres
mkdir /usr/local/pgsql/data
chown postgres /usr/local/pgsql/data
5. 设置权限后,切换到 postgres用户,再初始话数据库:
su postgres
/usr/local/pgsql/bin/initdb -D /usr/local/pgsql/data
6. 启动Postgresql:
$ /usr/local/pgsql/bin/postmaster -D /usr/local/pgsql/data &
$ LOG: could not create socket for statistics collector: Protocol not supported
LOG: database system was shut down at 2004-09-17 14:20:52 CST
LOG: checkpoint record is at 0/9B6E1C
LOG: redo record is at 0/9B6E1C; undo record is at 0/0; shutdown TRUE
LOG: next transaction ID: 541; next OID: 17143
LOG: database system is ready
7. 确认已启动
$ top
PID USERNAME PRI NICE
891 postgres 96 0 13508K 2708K select 0:00 0.00% 0.00% postgres
8. 让Postgresql随系统启动
在/etc/rc.conf 添加
postgresql_enable="YES"
su postgres -c "/usr/local/pgsql/bin/postmaster -D /usr/local/pgsql/data & "
二、Freeradius 的安装
tar zxvf freeradius-
cd freeradius-
./configure
cp libltdl/ltdl.h src/include/
/usr/local/bin/gmake
/usr/local/bin/gmake install
ln /usr/local/pgsql/lib/libpq.so.4 /usr/lib/libpq.so.4
三、配置FreeRadius[②]
1. 建立一个数据库并登陆
$ /usr/local/pgsql/bin/createdb radius
$ /usr/local/pgsql/bin/psql radius
2. 导入表(没成功,我是在pgAdmin 中用sql语句创建)
/usr/local/pgsql/bin/psql radius
radius < freeradius-
1) radiusd.conf配置
vi /usr/local/etc/raddb/radiusd.conf
a) 把 "$INCLUDE ${confdir}/sql.conf" 改成 postgresql.conf
b) Edit /etc/raddb/radiusd.conf and add a line saying 'sql' to the authorize{} section
c) add a line saying 'sql' to the accounting{} section to tell FreeRADIUS to store accounting records in sql as well.
d) add 'sql' to the post-auth{} section if you want to log all Authentication attempts to sql.
e) add 'sql' to the post-auth{} section if you want to log all Authentication attempts to sql. Like this:
post-auth {
# Login successful: get an address from the IP pool.
ippool
Post-Auth-Type REJECT {
# Login Failed: log to sql database.
}
}
2) postgresql.conf配置
vi /usr/local/etc/raddb/sql.conf
server = "localhost"
login = "postgres"
password = ""
radius_db = "radius"
3) clients.conf配置( NAS信息)
vi /usr/local/etc/raddb/clients.conf
client 192.168.0.0/24 {
secret = testing123
shortname = localhost
nastype = other
}
4)user 文件(让Radius从radgroupcheck中读取属性)
将DEFAULT Auth-Type = System改为DEFAULT Auth-Type = Local
System 指从操作系统中读取信息
Local 从 Radius 数据库中读取信息
四、测试FreeRadius ( FreeRadius 192.168.0.125 / NAS 192.168.0.120 )
建立用户信息:
insert into radcheck (username,attribute,op,value) values ('stone','Password',':=','wood');
insert into radcheck (username,value) values ('123','123');
建立组信息:
insert into radgroupcheck (groupname,value) values ('user','Auth-Type','Local');
insert into radgroupcheck (groupname,value) values ('disable','Reject');
将用户加入组中:
insert into radusergroup (username,groupname) values ('stone','user');
insert into radusergroup (username,groupname) values ('123','disable');
2. 启动FreeRadius调试模式
/usr/local/sbin/radiusd –X
3. 测试
1)用NTRadPing 发认证包测试
应看到用户stone 的response 为 Access-Accept 并且在数据库中有信息,通过认证;
而用户 123 的response 为 Access-Reject ,因为他被加入 disable组,这个组的Auth-Type为Reject
2)用NTRadPing 发计费包测试
应看到response 为 Access-Accept 并且在数据库中有信息
[①] 采用FreeBSD的ports来安装
whereis gmake
gmake: /usr/ports/devel/gmake
cd /usr/ports/devel/gmake
make install
# Table to keep group info
usergroup_table = "usergroup" 改成radusergroup
有问题请与我联系:stonewoodren@163.com