歡迎您光臨本站 註冊首頁
開源互助社區>文檔>Linux

Linux OpenVpn MYSQL FreeRadius 全面安裝手冊指導

←手機掃碼閱讀     火星人 @ 2014-03-09 , reply:0

OPENVPN FREERADIUS

wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-2.1.12.tar.gz


[root@mail2 rlm_sql_mysql]#yum -y install gcc

[root@mail2 rlm_sql_mysql]# yum -y install mysql-server mysql-devel curl php-mysql compat-libstdc -33 libtool net-snmp php-gd php-snmp perl-DateManip perl-MD5 net-snmp-utils freetype sudo mod_ssl

[root@mail2 rlm_sql_mysql]#

[root@mail2 rlm_sql_mysql]# pwd
/root/freeradius-server-2.1.12/src/modules/rlm_sql/drivers/rlm_sql_mysql

[root@mail2 rlm_sql_mysql]#
[root@mail2 rlm_sql_mysql]# ./configure --with-mysql-dir=/usr --with-mysql-lib-dir=/usr/lib
[root@mail2 rlm_sql_mysql]#make;make install

[root@mail2 rlm_sql_mysql]# find / | grep rlm_sql_mysql.so
/usr/local/lib/rlm_sql_mysql.so

[root@mail2 rlm_sql_mysql]# cat /etc/ld.so.conf
include ld.so.conf.d/*.conf
/usr/lib
/usr/local/lib
[root@mail2 rlm_sql_mysql]#ldconfig -v

[root@mail2 rlm_sql_mysql]#mysqu -u root -p123456
mysql> grant all privileges on radius.* to radius@localhost identified by '123456';
Query OK, 0 rows affected (0.00 sec)


[root@mail2 examples]# cat mysql.sql
###########################################################################
# db_mysql.sql rlm_sql - FreeRADIUS SQL Module #
# #
# Database schema for MySQL rlm_sql module #
# #
# To load: #
# mysql -uroot -prootpass radius < db_mysql.sql #
# #


# Mike Machado <mike@innercite.com> #
###########################################################################
#
# Table structure for table 'radacct'
#

CREATE TABLE radacct (
RadAcctId bigint(21) NOT NULL auto_increment,
AcctSessionId varchar(32) NOT NULL default '',
AcctUniqueId varchar(32) NOT NULL default '',
UserName varchar(64) NOT NULL default '',
Realm varchar(64) default '',
NASIPAddress varchar(15) NOT NULL default '',
NASPortId varchar(15) default NULL,
NASPortType varchar(32) default NULL,
AcctStartTime datetime NOT NULL default '0000-00-00 00:00:00',
AcctStopTime datetime NOT NULL default '0000-00-00 00:00:00',
AcctSessionTime int(12) default NULL,
AcctAuthentic varchar(32) default NULL,
ConnectInfo_start varchar(50) default NULL,
ConnectInfo_stop varchar(50) default NULL,
AcctInputOctets bigint(20) default NULL,
AcctOutputOctets bigint(20) default NULL,
CalledStationId varchar(50) NOT NULL default '',
CallingStationId varchar(50) NOT NULL default '',
AcctTerminateCause varchar(32) NOT NULL default '',
ServiceType varchar(32) default NULL,
FramedProtocol varchar(32) default NULL,
FramedIPAddress varchar(15) NOT NULL default '',
AcctStartDelay int(12) default NULL,
AcctStopDelay int(12) default NULL,
XAscendSessionSvrKey varchar(10) default NULL,
PRIMARY KEY (RadAcctId),
KEY UserName (UserName),
KEY FramedIPAddress (FramedIPAddress),
KEY AcctSessionId (AcctSessionId),
KEY AcctUniqueId (AcctUniqueId),
KEY AcctStartTime (AcctStartTime),
KEY AcctStopTime (AcctStopTime),
KEY NASIPAddress (NASIPAddress)
) ;

#
# Table structure for table 'radcheck'
#

CREATE TABLE radcheck (
id int(11) unsigned NOT NULL auto_increment,
UserName varchar(64) NOT NULL default '',
Attribute varchar(32) NOT NULL default '',
op char(2) NOT NULL DEFAULT '==',
Value varchar(253) NOT NULL default '',
PRIMARY KEY (id),
KEY UserName (UserName(32))
) ;

#
# Table structure for table 'radgroupcheck'
#

CREATE TABLE radgroupcheck (
id int(11) unsigned NOT NULL auto_increment,
GroupName varchar(64) NOT NULL default '',
Attribute varchar(32) NOT NULL default '',
op char(2) NOT NULL DEFAULT '==',
Value varchar(253) NOT NULL default '',
PRIMARY KEY (id),
KEY GroupName (GroupName(32))
) ;

#
# Table structure for table 'radgroupreply'
#

CREATE TABLE radgroupreply (
id int(11) unsigned NOT NULL auto_increment,
GroupName varchar(64) NOT NULL default '',
Attribute varchar(32) NOT NULL default '',
op char(2) NOT NULL DEFAULT '=',
Value varchar(253) NOT NULL default '',
PRIMARY KEY (id),
KEY GroupName (GroupName(32))
) ;

#
# Table structure for table 'radreply'
#

CREATE TABLE radreply (
id int(11) unsigned NOT NULL auto_increment,
UserName varchar(64) NOT NULL default '',
Attribute varchar(32) NOT NULL default '',
op char(2) NOT NULL DEFAULT '=',
Value varchar(253) NOT NULL default '',
PRIMARY KEY (id),
KEY UserName (UserName(32))
) ;


#
# Table structure for table 'usergroup'
#

CREATE TABLE usergroup (
UserName varchar(64) NOT NULL default '',
GroupName varchar(64) NOT NULL default '',


priority int(11) NOT NULL default '1',
KEY UserName (UserName(32))
) ;

#
# Table structure for table 'radpostauth'
#

CREATE TABLE radpostauth (
id int(11) NOT NULL auto_increment,
user varchar(64) NOT NULL default '',
pass varchar(64) NOT NULL default '',
reply varchar(32) NOT NULL default '',
date timestamp(14) NOT NULL,
PRIMARY KEY (id)
) ;

######################################################################
#
# The next table is commented out because it is not
# currently used in the server.
#

#
# Table structure for table 'dictionary'
#
#CREATE TABLE dictionary (
# id int(10) DEFAULT '0' NOT NULL auto_increment,
# Type varchar(30),
# Attribute varchar(64),
# Value varchar(64),
# Format varchar(20),
# Vendor varchar(32),
# PRIMARY KEY (id)
#);

#
# Table structure for table 'nas'
#
CREATE TABLE nas (
id int(10) NOT NULL auto_increment,
nasname varchar(128) NOT NULL,
shortname varchar(32),
type varchar(30) DEFAULT 'other',
ports int(5),
secret varchar(60) DEFAULT 'secret' NOT NULL,
community varchar(50),
description varchar(200) DEFAULT 'RADIUS Client',
PRIMARY KEY (id),
KEY nasname (nasname)
);

#
# Table structure for table 'radippool'
#
CREATE TABLE radippool (
id int(11) unsigned NOT NULL auto_increment,
pool_name varchar(30) NOT NULL,
FramedIPAddress varchar(15) NOT NULL default '',
NASIPAddress varchar(15) NOT NULL default '',
CalledStationId VARCHAR(30) NOT NULL,
CallingStationID VARCHAR(30) NOT NULL,


expiry_time DATETIME NOT NULL default '0000-00-00 00:00:00',
username varchar(64) NOT NULL default '',
pool_key varchar(30) NOT NULL,
PRIMARY KEY (id)
);
[root@mail2 examples]# mysql -u root -p123456
mysql> show tables;
------------------
| Tables_in_radius |
------------------
| nas |
| radacct |
| radcheck |
| radgroupcheck |
| radgroupreply |
| radippool |
| radpostauth |
| radreply |
| usergroup |
------------------
9 rows in set (0.01 sec)
mysql>\q
[root@mail2 examples]#

我將刪除以上做的資料庫與此資料庫管理員

mysql> drop user radius@localhost;
Query OK, 0 rows affected (0.00 sec)

# cd /usr/local/etc/raddb/sql/mysql/
# mysqladmin -u root -p create radius
# mysql -u root radius < /usr/local/etc/raddb/sql/mysql/schema.sql -p
# mysql -u root radius < /usr/local/etc/raddb/sql/mysql/nas.sql -p
# mysql -u root radius < /usr/local/etc/raddb/sql/mysql/ippool.sql -p
# mysql -u root radius < /usr/local/etc/raddb/sql/mysql/wimax.sql -p
# mysql -u root radius < /usr/local/etc/raddb/sql/mysql/admin.sql -p

mysql> show tables;
------------------
| Tables_in_radius |
------------------
| nas |
| radacct |
| radcheck |
| radgroupcheck |
| radgroupreply |
| radippool |
| radpostauth |
| radreply |
| radusergroup |
| wimax |

mysql> use radius;
Reading table information for completion of table and column names


You can turn off this feature to get a quicker startup with -A

Database changed
建立組信息
mysql> insert into radgroupreply (groupname,attribute,op,value) values('user','auth-type',':=','local');
Query OK, 1 row affected (0.00 sec)
mysql> insert into radgroupreply (groupname,attribute,op,value) values('user','Service-type',':=','Framed-User');
Query OK, 1 row affected (0.00 sec)

mysql> insert into radgroupreply (groupname,attribute,op,value) values('user','Framed-IP-Address',':=','255.255.255.255');
Query OK, 1 row affected (0.00 sec)

mysql> insert into radgroupreply (groupname,attribute,op,value) values('user','Framed-IP-Netmask',':=','255.255.255.0');
Query OK, 1 row affected (0.00 sec)

建立用戶信息
mysql> insert into radcheck (Username,attribute,op,value) values ('test','User-password',':=','test');

mysql> insert into radcheck (Username,attribute,op,value) values ('benson','User-password',':=','benson');
Query OK, 1 row affected (0.00 sec)

將用戶加入組中
mysql> insert into radusergroup(username,groupname) values ('test','user');
Query OK, 1 row affected (0.00 sec)

mysql> insert into radusergroup(username,groupname) values ('benson','user');
Query OK, 1 row affected (0.00 sec)

[root@mail2 ~]# cat /usr/local/etc/raddb/sql.conf
# -*- text -*-
##
## sql.conf -- SQL modules
##
## $Id$

######################################################################
#
# Configuration for the SQL module
#
# The database schemas and queries are located in subdirectories:
#
# sql/DB/schema.sql Schema
# sql/DB/dialup.conf Basic dialup (including policy) queries
# sql/DB/counter.conf counter


# sql/DB/ippool.conf IP Pools in SQL
# sql/DB/ippool.sql schema for IP pools.
#
# Where "DB" is mysql, mssql, oracle, or postgresql.
#

sql {
#
# Set the database to one of:
#
# mysql, mssql, oracle, postgresql
#
database = "mysql"

#
# Which FreeRADIUS driver to use.
#
driver = "rlm_sql_${database}"

# Connection info:
server = "localhost"
#port = 3306
login = "radius"
password = "radpass"

# Database table configuration for everything except Oracle
radius_db = "radius"
# If you are using Oracle then use this instead
# radius_db = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=your_sid)))"

# If you want both stop and start records logged to the
# same SQL table, leave this as is. If you want them in
# different tables, put the start table in acct_table1
# and stop table in acct_table2
acct_table1 = "radacct"
acct_table2 = "radacct"

# Allow for storing data after authentication
postauth_table = "radpostauth"

authcheck_table = "radcheck"
authreply_table = "radreply"

groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"

# Table to keep group info
usergroup_table = "radusergroup"

# If set to 'yes' (default) we read the group tables
# If set to 'no' the user MUST have Fall-Through = Yes in the radreply table


# read_groups = yes

# Remove stale session if checkrad does not see a double login
deletestalesessions = yes

# Print all SQL statements when in debug mode (-x)
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql

# number of sql connections to make to server
num_sql_socks = 5

# number of seconds to dely retrying on a failed database
# connection (per_socket)
connect_failure_retry_delay = 60

# lifetime of an SQL socket. If you are having network issues
# such as TCP sessions expiring, you may need to set the socket
# lifetime. If set to non-zero, any open connections will be
# closed "lifetime" seconds after they were first opened.
lifetime = 0

# Maximum number of queries used by an SQL socket. If you are
# having issues with SQL sockets lasting "too long", you can
# limit the number of queries performed over one socket. After
# "max_qeuries", the socket will be closed. Use 0 for "no limit".
max_queries = 0

# Set to 'yes' to read radius clients from the database ('nas' table)
# Clients will ONLY be read on server startup. For performance
# and security reasons, finding clients via SQL queries CANNOT
# be done "live" while the server is running.
#
#readclients = yes

# Table to keep radius client info
nas_table = "nas"

# Read driver-specific configuration
$INCLUDE sql/${database}/dialup.conf
}


vi /usr/local/etc/raddb/sites-enabled/default
170行 files 前加#
177與 406行去掉#註釋


[root@mail2 mysql]# vi /usr/local/etc/raddb/sites-enabled/inner-tunnel 131
124 行前加#file
131行去掉 sql前#註釋

編輯/usr/local/etc/raddb/radiusd.conf

# vim /usr/local/etc/raddb/radiusd.conf
去掉700行 $INCLUDE sql.conf 前的#註釋

[root@mail2 mysql]# cat /usr/local/var/log/radius/radius.log


[root@mail2 mysql]# ln -s /usr/local/bin/radtest /sbin/radtest
[root@mail2 mysql]# /sbin/radtest test test localhost 0 testing123
Sending Access-Request of id 199 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 192.168.20.204
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=199, length=20


[root@mail2 ~]# wget http://swupdate.openvpn.org/community/releases/openvpn-2.2.2.tar.gz


[root@mail2 openvpn-2.2.2]# vi openvpn.spec

# Include dependencies manually
#

AutoReq: 0

BuildRequires: openssl-devel >= 0.9.6
Requires: openssl >= 0.9.6

%if "%{_vendor}" == "Mandrakesoft"
%{!?without_lzo:BuildRequires: liblzo1-devel >= 1.07}
%{!?without_lzo:Requires: liblzo1 >= 1.07}
%else
%if "%{_vendor}" == "MandrakeSoft"
%{!?without_lzo:BuildRequires: liblzo1-devel >= 1.07}
%{!?without_lzo:Requires: liblzo1 >= 1.07}
%else
%{!?without_lzo:BuildRequires: lzo-devel >= 1.07}
%{!?without_lzo:Requires: lzo >= 1.07}
%endif
%endif

%{!?without_pam:BuildRequires: pam-devel}

%{!?without_pam:BuildRequires: pam-devel}
%{!?without_pam:Requires: pam}

%{!?with_pkcs11:BuildRequires: pkcs11-helper-devel}


%{!?with_pkcs11:Requires: pkcs11-helper}

#
# Description
#

[火星人 ] Linux OpenVpn MYSQL FreeRadius 全面安裝手冊指導已經有689次圍觀

http://coctec.com/docs/linux/show-post-47260.html

熱門文章

  1. VMware 虛擬機(linux)增加根目錄磁碟空間
  2. Linux系統調用函數fork()用法詳解
  3. Linux和Unix系統的關係和區別詳細介紹
  4. linux下使用mount掛著網路磁碟
  5. 用ghost備份和還原Linux系統
  6. Raspberry Pi:完美的家用伺服器
  7. 5款替代微軟Visio的開源免費軟體
  8. 5 款 Ubuntu 系統監控工具
  9. 如何查找 Linux 死機原因?
  10. Df命令:查看Linux磁碟剩餘空間方法介紹

最新文章

  1. CentOS使用expect批量遠程執行腳本和命令
  2. 3000字掃盲shell基礎知識(新手必備)
  3. Linux 系統雙網卡綁定配置實現
  4. 在Ubuntu中實現人臉識別登錄的完整步驟
  5. Linux下9種優秀的代碼比對工具推薦小結
  6. Linux中fuser命令用法詳解
  7. Linux系統使用Fuser命令的方法
  8. Linux如何在Vim中更改顏色和主題
  9. 如何使用​win10內置的linux系統啟動spring-boot項目
  10. Linux 常用命令操作大全