From 7a8b4a93a470fb8bee5b123752b5be6f1842eca1 Mon Sep 17 00:00:00 2001 From: kev Date: Thu, 28 Jul 2016 15:37:07 +0800 Subject: [PATCH] freeradius load nas table --- freeradius/Dockerfile | 4 +++- freeradius/README.md | 42 +++++++++++++++++++++++++++++++++++++----- 2 files changed, 40 insertions(+), 6 deletions(-) diff --git a/freeradius/Dockerfile b/freeradius/Dockerfile index eed513b..eda738d 100644 --- a/freeradius/Dockerfile +++ b/freeradius/Dockerfile @@ -10,9 +10,11 @@ RUN set -xe \ freeradius-mysql \ freeradius-radclient \ && rm -f /etc/raddb/mods-enabled/eap \ - && ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/sql \ + && ln -s /etc/raddb/mods-available/sql \ + /etc/raddb/mods-available/sqlcounter /etc/raddb/mods-enabled \ && sed -i -e 's@driver =.*@driver = "rlm_sql_mysql"@' \ -e 's@dialect =.*@dialect = "mysql"@' \ + -e '/read_clients = yes/s@^#@@' \ -e '/Connection info:/,/^$/{s@^#@@;s@localhost@mysql@}' \ /etc/raddb/mods-available/sql diff --git a/freeradius/README.md b/freeradius/README.md index c4e0b64..1f4ec95 100644 --- a/freeradius/README.md +++ b/freeradius/README.md @@ -57,15 +57,44 @@ $ docker-compose exec mysql mysql -uroot -proot radius +----------------------------------------------------------------+ 5 rows in set (0.00 sec) ->>> INSERT INTO radcheck(id, username, attribute, op, value) VALUES(0, 'user', 'Cleartext-Password', ':=', 'pass'); +>>> INSERT INTO radcheck VALUES(NULL, 'user', 'Cleartext-Password', ':=', 'pass'); Query OK, 1 row affected (0.00 sec) +>>> SELECT * FROM radcheck; ++----+----------+--------------------+----+-------+ +| id | username | attribute | op | value | ++----+----------+--------------------+----+-------+ +| 1 | user | Cleartext-Password | := | pass | ++----+----------+--------------------+----+-------+ +1 row in set (0.00 sec) + +>>> INSERT INTO nas VALUES(NULL, '0.0.0.0/0', 'testing', NULL, NULL, 'testing321', NULL, NULL, NULL); +Query OK, 1 row affected (0.02 sec) + +>>> SELECT * FROM nas; ++----+-----------+-----------+------+-------+------------+--------+-----------+-------------+ +| id | nasname | shortname | type | ports | secret | server | community | description | ++----+-----------+-----------+------+-------+------------+--------+-----------+-------------+ +| 1 | 0.0.0.0/0 | testing | NULL | NULL | testing321 | NULL | NULL | NULL | ++----+-----------+-----------+------+-------+------------+--------+-----------+-------------+ +1 row in set (0.00 sec) + +>>> SELECT * FROM radpostauth; ++----+----------+--------------------------------------------------------------+---------------+---------------------+ +| id | username | pass | reply | authdate | ++----+----------+--------------------------------------------------------------+---------------+---------------------+ +| 1 | user | pass | Access-Accept | 2016-07-28 06:28:28 | +| 2 | user | pass | Access-Accept | 2016-07-28 06:30:04 | +| 3 | user | xxxx | Access-Reject | 2016-07-28 06:30:22 | ++----+----------+--------------------------------------------------------------+---------------+---------------------+ + >>> EXIT Bye $ docker-compose up -d freeradius $ docker-compose exec freeradius sh >>> vi /etc/raddb/clients.conf +>>> radtest user pass localhost 0 testing123 >>> exit $ docker-compose restart freeradius ``` @@ -73,18 +102,21 @@ $ docker-compose restart freeradius ``` # /etc/raddb/clients.conf -client testing { - ipaddr = 0.0.0.0/0 - secret = testing321 -} +#client testing { +# ipaddr = 0.0.0.0/0 +# secret = testing321 +#} ``` +> Manage NAS (Network Access Server) via MySQL. + ## Client Setup ```bash # ssh root@192.168.31.231 $ pacman -S freeradius freeradius-client $ radtest user pass 192.168.31.234 0 testing321 +$ radtest user xxxx 192.168.31.234 0 testing321 ``` [1]: http://freeradius.org/