Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revisionBoth sides next revision
smradiusd.conf [2013-05-14 23:19] – external edit 127.0.0.1smradiusd.conf [2013-12-06 14:58] – Fix formatting rspencer
Line 1: Line 1:
-=====[server]=====+====== smradiusd.conf ======
  
-====user==== +===== [server] =====
-User to run this daemon as +
-<code>user=user</code>+
  
-====group==== +==== user ====
-<code>group=group</code>+
  
-====pid_file==== +User to run this daemon as:
-Filename to store pid of parent process +
-<code>pid_file=/var/run/smradius/smradiusd.pid</code>+
  
-====cache_file==== +<code> 
-File name to store cache +user=user 
-<code>cache_file=/var/run/smradius/cache</code>+</code>
  
-====background==== +==== group ==== 
-Prevent smradiusd from going into the background + 
-<code>background=no</code>+<code> 
 +group=group 
 +</code> 
 + 
 +==== pid_file ==== 
 + 
 +Filename to store pid of parent process: 
 + 
 +<code> 
 +pid_file=/var/run/smradius/smradiusd.pid 
 +</code> 
 + 
 +==== cache_file ==== 
 + 
 +File name to store cache: 
 + 
 +<code> 
 +cache_file=/var/run/smradius/cache 
 +</code> 
 + 
 +==== background ==== 
 + 
 +Prevent smradiusd from going into the background
 + 
 +<code> 
 +background=no 
 +</code> 
 + 
 +==== Preforking configuration ====
  
-====Preforking configuration==== 
   * min_server - Minimum servers to keep around   * min_server - Minimum servers to keep around
   * min_spare_servers - Minimum spare servers to keep around ready to handle requests   * min_spare_servers - Minimum spare servers to keep around ready to handle requests
Line 30: Line 52:
   * Medium: 4, 4, 12, 25, 1000   * Medium: 4, 4, 12, 25, 1000
   * Large : 8, 8, 16, 64, 1000   * Large : 8, 8, 16, 64, 1000
-<code>min_servers=4+ 
 +<code> 
 +min_servers=4
 min_spare_servers=4 min_spare_servers=4
 max_spare_servers=12 max_spare_servers=12
 max_servers=25 max_servers=25
-max_requests=1000</code>+max_requests=1000 
 +</code> 
 + 
 +==== log_level ==== 
 + 
 +Specify the level of logging to use when smradius is running:
  
-====log_level==== 
-Specify the level of logging to use when smradius is running 
   * 0 - Errors only   * 0 - Errors only
   * 1 - Warnings and errors   * 1 - Warnings and errors
   * 2 - Notices, warnings, errors   * 2 - Notices, warnings, errors
   * 3 - Info, notices, warnings, errors   * 3 - Info, notices, warnings, errors
-  * 4 - Debugging  +  * 4 - Debugging
-<code>log_level=2</code>+
  
-====log_file==== +<code> 
-File to log to instead of stdout +log_level=
-<code>log_file=/var/log/smradiusd.log</code>+</code>
  
-====log_detail==== +==== log_file ====
-Things to log in extreme detail +
-  * modules - Log detailed module running information +
-There is no default for this configuration option. Options can be separated by commas +
-<code>log_detail=modules</code>+
  
-====host==== +File to log to instead of stdout:
-IP to listen on, * for all +
-<code>host=*</code>+
  
-====timeout==== +<code> 
-Timeout in communication with clients +log_file=/var/log/smradiusd.log 
-<code>timeout=120</code>+</code> 
 + 
 +==== log_detail ==== 
 + 
 +Things to log in extreme detail: 
 + 
 +  * modules - Log detailed module running information 
 + 
 +There is no default for this configuration option. Options can be separated by commas: 
 + 
 +<code> 
 +log_detail=modules 
 +</code> 
 + 
 +==== host ==== 
 + 
 +IP to listen on, * for all: 
 + 
 +<code> 
 +host=* 
 +</code> 
 + 
 +==== timeout ==== 
 + 
 +Timeout in communication with clients
 + 
 +<code> 
 +timeout=120 
 +</code> 
 + 
 +==== cidr_allow/cidr_deny ====
  
-====cidr_allow/cidr_deny==== 
 Comma, whitespace or semi-colon separated. Contains a CIDR block to compare the clients IP to. If cidr_allow or cidr_deny options are given, the incoming client must match a cidr_allow and not match a cidr_deny or the client connection will be closed. Comma, whitespace or semi-colon separated. Contains a CIDR block to compare the clients IP to. If cidr_allow or cidr_deny options are given, the incoming client must match a cidr_allow and not match a cidr_deny or the client connection will be closed.
-<code>cidr_allow=0.0.0.0/0 
-#cidr_deny=</code> 
  
-====event_timezone==== +<code> 
-Event timestamp timezone, in "Continent/City" format, defaults to "GMT" +cidr_allow=0.0.0.0/
-<code>event_timezone=GMT</code>+#cidr_deny= 
 +</code> 
 + 
 +==== event_timezone ==== 
 + 
 +Event timestamp timezone, in "Continent/City" format, defaults to "GMT"
 + 
 +<code> 
 +event_timezone=GMT 
 +</code> 
 + 
 +===== [radius] =====
  
-=====[radius]=====+==== use_packet_timestamp ====
  
-====use_packet_timestamp==== 
 Use packet timestamp, if unset, the default is to use the server timestamp at the moment the packet is received, default is "no". Use packet timestamp, if unset, the default is to use the server timestamp at the moment the packet is received, default is "no".
  
-__WARNING!!!!__+=== WARNING!!!! === 
 Not all routers keep time, it may occur that some routers depend on getting date & time apon reboot from an ntp server. The problem will arise when the router cannot get the date and time before the first user logs in resulting in sessions with a period key in the current month but an event timestamp in 1970. Not all routers keep time, it may occur that some routers depend on getting date & time apon reboot from an ntp server. The problem will arise when the router cannot get the date and time before the first user logs in resulting in sessions with a period key in the current month but an event timestamp in 1970.
-<code>use_packet_timestamp=yes</code> 
  
-====use_abuse_prevention==== +<code> 
-Radius server abuse prevention+use_packet_timestamp=yes 
 +</code> 
 + 
 +==== use_abuse_prevention ==== 
 + 
 +Radius server abuse prevention.
  
 Abuse prevention will drop packets which flood the radius server, or are duplicated in a short timeframe. You probably want this if you are not being fed by a radius proxy. Defaults to "no". Abuse prevention will drop packets which flood the radius server, or are duplicated in a short timeframe. You probably want this if you are not being fed by a radius proxy. Defaults to "no".
-<code>use_abuse_prevention=yes</code> 
  
-====access_request_abuse_threshold==== +<code> 
-How fast can a NAS spam the same type of request+use_abuse_prevention=yes 
 +</code> 
 + 
 +==== access_request_abuse_threshold ==== 
 + 
 +How fast can a NAS spam the same type of request
   * Access-Request defaults to 10s   * Access-Request defaults to 10s
   * <code>access_request_abuse_threshold=10</code>   * <code>access_request_abuse_threshold=10</code>
Line 94: Line 161:
   * <code>accounting_request_abuse_threshold=5</code>   * <code>accounting_request_abuse_threshold=5</code>
  
-=====[database]=====+===== [database] =====
  
-====Database connection details==== +==== Database connection details ==== 
-<code>#DSN=DBI:SQLite:dbname=smradius.sqlite+ 
 +<code> 
 +#DSN=DBI:SQLite:dbname=smradius.sqlite
 DSN=DBI:mysql:database=smradius;host=localhost DSN=DBI:mysql:database=smradius;host=localhost
 Username=root Username=root
-Password=</code>+Password= 
 +</code> 
 + 
 +==== bypass_mode ==== 
 + 
 +What do we do when we have a database connection problem:
  
-====bypass_mode==== 
-What do we do when we have a database connection problem 
   * tempfail - Return temporary failure   * tempfail - Return temporary failure
   * pass - Return success   * pass - Return success
-<code>bypass_mode=tempfail</code> 
  
-====bypass_timeout==== +<code> 
-How many seconds before retrying a DB connection +bypass_mode=tempfail 
-<code>bypass_timeout=5</code>+</code> 
 + 
 +==== bypass_timeout ==== 
 + 
 +How many seconds before retrying a DB connection
 + 
 +<code> 
 +bypass_timeout=5 
 +</code> 
 + 
 +==== accounting_usage_cache_time ==== 
 + 
 +How long to cache the usage query for, default is "300" (seconds). You can use  "no", "0", "false"  to disable, specify a number > 1, or use "yes", "1", "true" to enable with the default value. 
 + 
 +<code> 
 +accounting_usage_cache_time=300 
 +</code> 
 + 
 +==== userdb_data_cache_time ====
  
-====accounting_usage_cache_time==== +How long to cache the data query for default is "300" (seconds). You can use  "no", "0", "false"  to disable, specify a number > 1, or use "yes", "1", "true" to enable with the default value.
-How long to cache the usage query fordefault is "300" (seconds). +
-You can use  "no", "0", "false"  to disable, specify a number > 1, or use "yes", "1", "true" to enable with the default value. +
-<code>accounting_usage_cache_time=300</code>+
  
-====userdb_data_cache_time==== +<code> 
-How long to cache the data query for default is "300" (seconds). +userdb_data_cache_time=300 
-You can use  "no", "0", "false"  to disable, specify a number > 1, or use "yes", "1", "true" to enable with the default value. +</code>
-<code>userdb_data_cache_time=300</code>+