FreeRadius 1.1.7 + Postgresql 8.1.5 (FreeBSD 6.1系统)

前端之家收集整理的这篇文章主要介绍了FreeRadius 1.1.7 + Postgresql 8.1.5 (FreeBSD 6.1系统)前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

@H_502_9@

一、gmake的安装[]

1. 需要的文件

libiconv-1.11_1.tbz

gettext-0.17_1.tbz

gmake-3.81_3.tbz

2. 安装

Pkg_add gettext-0.17_1.tbz

Pkg_add libiconv-1.11_1.tbz

Pkg_add gmake-3.81_3.tbz

二、Postgresql的安装

1. 解压

tar zxvf postgresql- 8.1.5 .tar.gz

2. 进入目录,执行配置程序

cd postgresql- 8.1.5

./configure --prefix=/usr/local/pgsql

3. 执行gmake来编译,然后进行安装

/usr/local/bin/gmake

/usr/local/bin/gmake install

4. 添加一个名为postgres用户,新建一个用来存放数据库的文件 ,并设置权限

pw user add postgres

mkdir /usr/local/pgsql/data

chown postgres /usr/local/pgsql/data

5. 设置权限后,切换到 postgres用户,再初始话数据库:

su postgres

/usr/local/pgsql/bin/initdb -D /usr/local/pgsql/data

6. 启动Postgresql:

$ /usr/local/pgsql/bin/postmaster -D /usr/local/pgsql/data &

$ LOG: could not create socket for statistics collector: Protocol not supported

LOG: database system was shut down at 2004-09-17 14:20:52 CST

LOG: checkpoint record is at 0/9B6E1C

LOG: redo record is at 0/9B6E1C; undo record is at 0/0; shutdown TRUE

LOG: next transaction ID: 541; next OID: 17143

LOG: database system is ready

7. 确认已启动

$ top

PID USERNAME PRI NICE SIZE RES STATE TIME Wcpu cpu COMMAND

891 postgres 96 0 13508K 2708K select 0:00 0.00% 0.00% postgres

8. Postgresql随系统启动

/etc/rc.conf 添加

postgresql_enable="YES"

su postgres -c "/usr/local/pgsql/bin/postmaster -D /usr/local/pgsql/data & "

二、Freeradius 的安装

tar zxvf freeradius- 1.1.7 .tar.gz

cd freeradius- 1.1.7

./configure

cp libltdl/ltdl.h src/include/

/usr/local/bin/gmake

/usr/local/bin/gmake install

ln /usr/local/pgsql/lib/libpq.so.4 /usr/lib/libpq.so.4

三、配置FreeRadius[]

1. 建立一个数据库并登陆

$ /usr/local/pgsql/bin/createdb radius

$ /usr/local/pgsql/bin/psql radius

2. 导入表(没成功,我是在pgAdmin 中用sql语句创建)

/usr/local/pgsql/bin/psql radius

radius < freeradius- 1.1.7 /doc/examples/postgresql.conf

3. 修改 FreeRadius 配置文件

1) radiusd.conf配置

vi /usr/local/etc/raddb/radiusd.conf

a) "$INCLUDE ${confdir}/sql.conf" 改成 postgresql.conf

b) Edit /etc/raddb/radiusd.conf and add a line saying 'sql' to the authorize{} section

c) add a line saying 'sql' to the accounting{} section to tell FreeRADIUS to store accounting records in sql as well.

d) add 'sql' to the post-auth{} section if you want to log all Authentication attempts to sql.

e) add 'sql' to the post-auth{} section if you want to log all Authentication attempts to sql. Like this:

post-auth {

# Login successful: get an address from the IP pool.

ippool

Post-Auth-Type REJECT {

# Login Failed: log to sql database.

sql

}

}

2) postgresql.conf配置

vi /usr/local/etc/raddb/sql.conf

driver="rlm_sql_postgresql"

server = "localhost"

login = "postgres"

password = ""

radius_db = "radius"

3) clients.conf配置( NAS信息)

vi /usr/local/etc/raddb/clients.conf

client 192.168.0.0/24 {

secret = testing123

shortname = localhost

nastype = other

}

4user 文件(让Radiusradgroupcheck中读取属性

DEFAULT Auth-Type = System改为DEFAULT Auth-Type = Local

System 指从操作系统中读取信息

Local Radius 数据库中读取信息

四、测试FreeRadius ( FreeRadius 192.168.0.125 / NAS 192.168.0.120 )

1. 数据库添加信息

建立用户信息:

insert into radcheck (username,attribute,op,value) values ('stone','Password',':=','wood');

insert into radcheck (username,value) values ('123','123');

建立组信息:

insert into radgroupcheck (groupname,value) values ('user','Auth-Type','Local');

insert into radgroupcheck (groupname,value) values ('disable','Reject');

用户加入组中:

insert into radusergroup (username,groupname) values ('stone','user');

insert into radusergroup (username,groupname) values ('123','disable');

2. 启动FreeRadius调试模式

/usr/local/sbin/radiusd –X

3. 测试

1)用NTRadPing 发认证包测试

应看到用户stone response Access-Accept 并且在数据库中有信息,通过认证;

用户 123 response Access-Reject ,因为他被加入 disable组,这个组的Auth-TypeReject

2)用NTRadPing 发计费包测试

应看到response Access-Accept 并且在数据库中有信息



[] 采用FreeBSDports来安装

whereis gmake

gmake: /usr/ports/devel/gmake

cd /usr/ports/devel/gmake

make install

[] 注意:将postgresql.conf 中的

# Table to keep group info

usergroup_table = "usergroup" 改成radusergroup

有问题请与我联系:stonewoodren@163.com

猜你在找的Postgre SQL相关文章