Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revision Both sides next revision
smradiusd.conf [2013-05-14 23:19]
127.0.0.1 external edit
smradiusd.conf [2013-12-06 14:58]
rspencer Fix formatting
Line 1: Line 1:
-=====[server]=====+====== smradiusd.conf ======
  
-====user==== +===== [server] ​=====
-User to run this daemon as +
-<​code>​user=user</​code>​+
  
-====group==== +==== user ====
-<​code>​group=group</​code>​+
  
-====pid_file==== +User to run this daemon as:
-Filename ​to store pid of parent process +
-<​code>​pid_file=/​var/​run/​smradius/​smradiusd.pid</​code>​+
  
-====cache_file==== +<​code>​ 
-File name to store cache +user=user 
-<​code>​cache_file=/​var/​run/​smradius/​cache</​code>​+</​code>​
  
-====background==== +==== group ==== 
-Prevent smradiusd from going into the background + 
-<​code>​background=no</​code>​+<​code>​ 
 +group=group 
 +</​code>​ 
 + 
 +==== pid_file ==== 
 + 
 +Filename to store pid of parent process: 
 + 
 +<​code>​ 
 +pid_file=/​var/​run/​smradius/​smradiusd.pid 
 +</​code>​ 
 + 
 +==== cache_file ==== 
 + 
 +File name to store cache: 
 + 
 +<​code>​ 
 +cache_file=/​var/​run/​smradius/​cache 
 +</​code>​ 
 + 
 +==== background ==== 
 + 
 +Prevent smradiusd from going into the background
 + 
 +<​code>​ 
 +background=no 
 +</​code>​ 
 + 
 +==== Preforking configuration ====
  
-====Preforking configuration==== 
   * min_server - Minimum servers to keep around   * min_server - Minimum servers to keep around
   * min_spare_servers - Minimum spare servers to keep around ready to handle requests   * min_spare_servers - Minimum spare servers to keep around ready to handle requests
Line 30: Line 52:
   * Medium: 4, 4, 12, 25, 1000   * Medium: 4, 4, 12, 25, 1000
   * Large : 8, 8, 16, 64, 1000   * Large : 8, 8, 16, 64, 1000
-<​code>​min_servers=4+ 
 +<​code>​ 
 +min_servers=4
 min_spare_servers=4 min_spare_servers=4
 max_spare_servers=12 max_spare_servers=12
 max_servers=25 max_servers=25
-max_requests=1000</​code>​+max_requests=1000 
 +</​code>​ 
 + 
 +==== log_level ==== 
 + 
 +Specify the level of logging to use when smradius is running:
  
-====log_level==== 
-Specify the level of logging to use when smradius is running 
   * 0 - Errors only   * 0 - Errors only
   * 1 - Warnings and errors   * 1 - Warnings and errors
   * 2 - Notices, warnings, errors   * 2 - Notices, warnings, errors
   * 3 - Info, notices, warnings, errors   * 3 - Info, notices, warnings, errors
-  * 4 - Debugging ​ +  * 4 - Debugging
-<​code>​log_level=2</​code>​+
  
-====log_file==== +<​code>​ 
-File to log to instead of stdout +log_level=
-<​code>​log_file=/​var/​log/​smradiusd.log</​code>​+</​code>​
  
-====log_detail==== +==== log_file ​====
-Things to log in extreme detail +
-  * modules - Log detailed module running information +
-There is no default for this configuration option. Options can be separated by commas +
-<​code>​log_detail=modules</​code>​+
  
-====host==== +File to log to instead of stdout:
-IP to listen on, * for all +
-<​code>​host=*</​code>​+
  
-====timeout==== +<​code>​ 
-Timeout in communication with clients +log_file=/​var/​log/​smradiusd.log 
-<​code>​timeout=120</​code>​+</​code>​ 
 + 
 +==== log_detail ==== 
 + 
 +Things to log in extreme detail: 
 + 
 +  * modules - Log detailed module running information 
 + 
 +There is no default for this configuration option. Options can be separated by commas: 
 + 
 +<​code>​ 
 +log_detail=modules 
 +</​code>​ 
 + 
 +==== host ==== 
 + 
 +IP to listen on, * for all: 
 + 
 +<​code>​ 
 +host=* 
 +</​code>​ 
 + 
 +==== timeout ==== 
 + 
 +Timeout in communication with clients
 + 
 +<​code>​ 
 +timeout=120 
 +</​code>​ 
 + 
 +==== cidr_allow/​cidr_deny ====
  
-====cidr_allow/​cidr_deny==== 
 Comma, whitespace or semi-colon separated. Contains a CIDR block to compare the clients IP to. If cidr_allow or cidr_deny options are given, the incoming client must match a cidr_allow and not match a cidr_deny or the client connection will be closed. Comma, whitespace or semi-colon separated. Contains a CIDR block to compare the clients IP to. If cidr_allow or cidr_deny options are given, the incoming client must match a cidr_allow and not match a cidr_deny or the client connection will be closed.
-<​code>​cidr_allow=0.0.0.0/​0 
-#​cidr_deny=</​code>​ 
  
-====event_timezone==== +<​code>​ 
-Event timestamp timezone, in "​Continent/​City"​ format, defaults to "​GMT"​ +cidr_allow=0.0.0.0/​0 
-<​code>​event_timezone=GMT</​code>​+#​cidr_deny= 
 +</​code>​ 
 + 
 +==== event_timezone ==== 
 + 
 +Event timestamp timezone, in "​Continent/​City"​ format, defaults to "​GMT"​
 + 
 +<​code>​ 
 +event_timezone=GMT 
 +</​code>​ 
 + 
 +===== [radius] =====
  
-=====[radius]=====+==== use_packet_timestamp ​====
  
-====use_packet_timestamp==== 
 Use packet timestamp, if unset, the default is to use the server timestamp at the moment the packet is received, default is "​no"​. Use packet timestamp, if unset, the default is to use the server timestamp at the moment the packet is received, default is "​no"​.
  
-__WARNING!!!!__+=== WARNING!!!! === 
 Not all routers keep time, it may occur that some routers depend on getting date & time apon reboot from an ntp server. The problem will arise when the router cannot get the date and time before the first user logs in resulting in sessions with a period key in the current month but an event timestamp in 1970. Not all routers keep time, it may occur that some routers depend on getting date & time apon reboot from an ntp server. The problem will arise when the router cannot get the date and time before the first user logs in resulting in sessions with a period key in the current month but an event timestamp in 1970.
-<​code>​use_packet_timestamp=yes</​code>​ 
  
-====use_abuse_prevention==== +<​code>​ 
-Radius server abuse prevention+use_packet_timestamp=yes 
 +</​code>​ 
 + 
 +==== use_abuse_prevention ==== 
 + 
 +Radius server abuse prevention.
  
 Abuse prevention will drop packets which flood the radius server, or are duplicated in a short timeframe. You probably want this if you are not being fed by a radius proxy. Defaults to "​no"​. Abuse prevention will drop packets which flood the radius server, or are duplicated in a short timeframe. You probably want this if you are not being fed by a radius proxy. Defaults to "​no"​.
-<​code>​use_abuse_prevention=yes</​code>​ 
  
-====access_request_abuse_threshold==== +<​code>​ 
-How fast can a NAS spam the same type of request+use_abuse_prevention=yes 
 +</​code>​ 
 + 
 +==== access_request_abuse_threshold ==== 
 + 
 +How fast can a NAS spam the same type of request
   * Access-Request defaults to 10s   * Access-Request defaults to 10s
   * <​code>​access_request_abuse_threshold=10</​code>​   * <​code>​access_request_abuse_threshold=10</​code>​
Line 94: Line 161:
   * <​code>​accounting_request_abuse_threshold=5</​code>​   * <​code>​accounting_request_abuse_threshold=5</​code>​
  
-=====[database]=====+===== [database] =====
  
-====Database connection details==== +==== Database connection details ==== 
-<​code>#​DSN=DBI:​SQLite:​dbname=smradius.sqlite+ 
 +<​code>​ 
 +#​DSN=DBI:​SQLite:​dbname=smradius.sqlite
 DSN=DBI:​mysql:​database=smradius;​host=localhost DSN=DBI:​mysql:​database=smradius;​host=localhost
 Username=root Username=root
-Password=</​code>​+Password= 
 +</​code>​ 
 + 
 +==== bypass_mode ==== 
 + 
 +What do we do when we have a database connection problem:
  
-====bypass_mode==== 
-What do we do when we have a database connection problem 
   * tempfail - Return temporary failure   * tempfail - Return temporary failure
   * pass - Return success   * pass - Return success
-<​code>​bypass_mode=tempfail</​code>​ 
  
-====bypass_timeout==== +<​code>​ 
-How many seconds before retrying a DB connection +bypass_mode=tempfail 
-<​code>​bypass_timeout=5</​code>​+</​code>​ 
 + 
 +==== bypass_timeout ==== 
 + 
 +How many seconds before retrying a DB connection
 + 
 +<​code>​ 
 +bypass_timeout=5 
 +</​code>​ 
 + 
 +==== accounting_usage_cache_time ==== 
 + 
 +How long to cache the usage query for, default is "​300"​ (seconds). You can use  "​no",​ "​0",​ "​false" ​ to disable, specify a number > 1, or use "​yes",​ "​1",​ "​true"​ to enable with the default value. 
 + 
 +<​code>​ 
 +accounting_usage_cache_time=300 
 +</​code>​ 
 + 
 +==== userdb_data_cache_time ====
  
-====accounting_usage_cache_time==== +How long to cache the data query for default is "​300"​ (seconds). You can use  "​no",​ "​0",​ "​false" ​ to disable, specify a number > 1, or use "​yes",​ "​1",​ "​true"​ to enable with the default value.
-How long to cache the usage query fordefault is "​300"​ (seconds). +
-You can use  "​no",​ "​0",​ "​false" ​ to disable, specify a number > 1, or use "​yes",​ "​1",​ "​true"​ to enable with the default value. +
-<​code>​accounting_usage_cache_time=300</​code>​+
  
-====userdb_data_cache_time==== +<​code>​ 
-How long to cache the data query for default is "​300"​ (seconds). +userdb_data_cache_time=300 
-You can use  "​no",​ "​0",​ "​false" ​ to disable, specify a number > 1, or use "​yes",​ "​1",​ "​true"​ to enable with the default value. +</​code>​
-<​code>​userdb_data_cache_time=300</​code>​+