Mercurial > hg > fD-testbed

annotate conf/radpxy.eap.testbed.aaa/freeradius/sites-available/example @ 11:44f87917c579

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added a RADIUS proxy using freeradius in the eap testbed
author Sebastien Decugis <sdecugis@nict.go.jp>
date Thu, 16 Sep 2010 14:23:42 +0900
parents
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
11
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
1 ######################################################################
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
2 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
3 # An example virtual server configuration.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
4 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
5 # $Id: example,v 1.2 2007/10/09 14:25:36 aland Exp $
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
6 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
7 ######################################################################
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
8
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
9
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
10 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
11 # This client will be available to any "listen" section that
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
12 # are defined outside of a virtual server section. However,
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
13 # when the server receives a packet from this client, the
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
14 # request will be processed through the "example" virtual
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
15 # server, as the "client" section contains a configuration item
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
16 # to that effect.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
17 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
18 # Note that this client will be able to send requests to any
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
19 # port defined in a global "listen" section. It will NOT,
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
20 # however, be able to send requests to a port defined in a
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
21 # "listen" section that is contained in a "server" section.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
22 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
23 # With careful matching of configurations, you should be able
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
24 # to:
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
25 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
26 # - Define one authentication port, but process each client
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
27 # through a separate virtual server.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
28 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
29 # - define multiple authentication ports, each with a private
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
30 # list of clients.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
31 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
32 # - define multiple authentication ports, each of which may
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
33 # have the same client listed, but with different shared
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
34 # secrets
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
35 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
36 # FYI: We use an address in the 192.0.2.* space for this example,
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
37 # as RFC 3330 says that that /24 range is used for documenation
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
38 # and examples, and should not appear on the net. You shouldn't
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
39 # use it for anything, either.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
40 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
41 client 192.0.2.10 {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
42 shortname = example-client
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
43 secret = testing123
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
44 virtual_server = example
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
45 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
46
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
47 ######################################################################
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
48 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
49 # An example virtual server. It starts off with "server name {"
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
50 # The "name" is used to reference this server from a "listen"
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
51 # or "client" section.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
52 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
53 ######################################################################
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
54 server example {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
55 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
56 # Listen on 192.0.2.1:1812 for Access-Requests
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
57 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
58 # When the server receives a packet, it is processed
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
59 # through the "authorize", etc. sections listed here,
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
60 # NOT the global ones the "default" site.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
61 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
62 listen {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
63 ipaddr = 192.0.2.1
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
64 port = 1821
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
65 type = auth
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
66 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
67
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
68 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
69 # This client is listed within the "server" section,
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
70 # and is therefore known ONLY to the socket defined
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
71 # in the "listen" section above. If the client IP
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
72 # sends a request to a different socket, the server
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
73 # will treat it as an unknown client, and will not
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
74 # respond.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
75 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
76 # In contrast, the client listed at the top of this file
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
77 # is outside of any "server" section, and is therefore
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
78 # global in scope. It can send packets to any port
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
79 # defined in a global "listen" section. It CANNOT send
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
80 # packets to the listen section defined above, though.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
81 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
82 # Note that you don't have to have a "virtual_server = example"
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
83 # line here, as the client is encapsulated within
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
84 # the "server" section.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
85 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
86 client 192.0.2.9 {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
87 shortname = example-client
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
88 secret = testing123
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
89 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
90
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
91 authorize {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
92 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
93 # Some example policies. See "man unlang" for more.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
94 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
95 if ("%{User-Name}" == "bob") {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
96 update control {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
97 Cleartext-Password := "bob"
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
98 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
99 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
100
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
101 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
102 # And then reject the user. The next line requires
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
103 # that the "always reject {}" section is defined in
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
104 # the "modules" section of radiusd.conf.
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
105 #
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
106 reject
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
107 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
108
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
109 authenticate {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
110
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
111 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
112
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
113 post-auth {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
114
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
115 Post-Auth-Type Reject {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
116 update reply {
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
117 Reply-Message = "This is only an example."
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
118 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
119 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
120 }
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
121
44f87917c579 Added a RADIUS proxy using freeradius in the eap testbed
Sebastien Decugis <sdecugis@nict.go.jp>
parents:
diff changeset
122 }
"Welcome to our mercurial repository"