diff options
| author | Chris Buechler <cmb@pfsense.org> | 2011-12-28 14:04:47 -0800 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2011-12-28 14:04:47 -0800 |
| commit | 5516aa102df93816dff4bab5a9ddd67a72710c00 (patch) | |
| tree | 4477c3bdd851a718c645df7f7e32f4d54a15959e | |
| parent | 54cc1ac21a9e89a496800bb521ca7d485929cc95 (diff) | |
| parent | fda35a3ca21e8a41d88b3e04416d889555b1492a (diff) | |
| download | pfsense-packages-5516aa102df93816dff4bab5a9ddd67a72710c00.tar.gz pfsense-packages-5516aa102df93816dff4bab5a9ddd67a72710c00.tar.bz2 pfsense-packages-5516aa102df93816dff4bab5a9ddd67a72710c00.zip | |
Merge pull request #160 from Nachtfalkeaw/master
freeradius2 updates
| -rwxr-xr-x | config/freeradius2/freeradius.inc | 277 | ||||
| -rw-r--r-- | config/freeradius2/freeradius.xml | 95 | ||||
| -rw-r--r-- | config/freeradius2/freeradiuscerts.xml | 59 | ||||
| -rw-r--r-- | config/freeradius2/freeradiusclients.xml | 57 | ||||
| -rw-r--r-- | config/freeradius2/freeradiuseapconf.xml | 59 | ||||
| -rw-r--r-- | config/freeradius2/freeradiusinterfaces.xml | 57 | ||||
| -rw-r--r-- | config/freeradius2/freeradiussettings.xml | 63 | ||||
| -rw-r--r-- | config/freeradius2/freeradiussqlconf.xml | 123 | ||||
| -rw-r--r-- | pkg_config.8.xml | 2 | ||||
| -rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
10 files changed, 453 insertions, 341 deletions
diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index 9409553b..c4edf183 100755 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -49,20 +49,20 @@ function freeradius_settings_resync() { $varsettings = $config['installedpackages']['freeradiussettings']['config'][0]; // Variables: General configuration - $varsettingsmaxrequesttime = ($varsettings['varsettingsmaxrequesttime']?$varsettings['varsettingsmaxrequesttime']:'1024'); - $varsettingscleanupdelay = ($varsettings['varsettingscleanupdelay']?$varsettings['varsettingscleanupdelay']:'30'); - $varsettingsmaxrequests = ($varsettings['varsettingsmaxrequests']?$varsettings['varsettingsmaxrequests']:'5'); - $varsettingslogdir = ($varsettings['varsettingslogdir']?$varsettings['varsettingslogdir']:'no'); - $varsettingsstrippednames = ($varsettings['varsettingsstrippednames']?$varsettings['varsettingsstrippednames']:'no'); + $varsettingsmaxrequests = ($varsettings['varsettingsmaxrequests']?$varsettings['varsettingsmaxrequests']:'1024'); + $varsettingsmaxrequesttime = ($varsettings['varsettingsmaxrequesttime']?$varsettings['varsettingsmaxrequesttime']:'30'); + $varsettingscleanupdelay = ($varsettings['varsettingscleanupdelay']?$varsettings['varsettingscleanupdelay']:'5'); + $varsettingshostnamelookups = ($varsettings['varsettingshostnamelookups']?$varsettings['varsettingshostnamelookups']:'no'); + $varsettingsallowcoredumps = ($varsettings['varsettingsallowcoredumps']?$varsettings['varsettingsallowcoredumps']:'no'); + $varsettingsregularexpressions = ($varsettings['varsettingsregularexpressions']?$varsettings['varsettingsregularexpressions']:'yes'); + $varsettingsextendedexpressions = ($varsettings['varsettingsextendedexpressions']?$varsettings['varsettingsextendedexpressions']:'yes'); // Variables: Logging options + $varsettingslogdir = ($varsettings['varsettingslogdir']?$varsettings['varsettingslogdir']:'syslog'); $varsettingsauth = ($varsettings['varsettingsauth']?$varsettings['varsettingsauth']:'yes'); - $varsettingsauthbadpass = ($varsettings['varsettingsauthbadpass']?$varsettings['varsettingsauthbadpass']:'yes'); - $varsettingsauthgoodpass = ($varsettings['varsettingsauthgoodpass']?$varsettings['varsettingsauthgoodpass']:'files'); - $varsettingshostnamelookups = ($varsettings['varsettingshostnamelookups']?$varsettings['varsettingshostnamelookups']:'no'); - $varsettingsallowcoredumps = ($varsettings['varsettingsallowcoredumps']?$varsettings['varsettingsallowcoredumps']:'no'); - $varsettingsregularexpressions = ($varsettings['varsettingsregularexpressions']?$varsettings['varsettingsregularexpressions']:'no'); - $varsettingsextendedexpressions = ($varsettings['varsettingsextendedexpressions']?$varsettings['varsettingsextendedexpressions']:'no'); + $varsettingsauthbadpass = ($varsettings['varsettingsauthbadpass']?$varsettings['varsettingsauthbadpass']:'no'); + $varsettingsauthgoodpass = ($varsettings['varsettingsauthgoodpass']?$varsettings['varsettingsauthgoodpass']:'no'); + $varsettingsstrippednames = ($varsettings['varsettingsstrippednames']?$varsettings['varsettingsstrippednames']:'no'); // Variables: Security $varsettingsmaxattributes = ($varsettings['varsettingsmaxattributes']?$varsettings['varsettingsmaxattributes']:'200'); @@ -76,12 +76,24 @@ function freeradius_settings_resync() { $varsettingsmaxqueuesize = ($varsettings['varsettingsmaxqueuesize']?$varsettings['varsettingsmaxqueuesize']:'65536'); $varsettingsmaxrequestsperserver = ($varsettings['varsettingsmaxrequestsperserver']?$varsettings['varsettingsmaxrequestsperserver']:'0'); - // These lines are uncommented in fuction "freeradius_settings_resync" to INCLUDE / enable eap.conf + // For more details look at "freeradius_sqlconf_resync" $sqlconf = $config['installedpackages']['freeradiussqlconf']['config'][0]; - $varsqlconfenable = ($sqlconf['varsqlconfenable']?$sqlconf['varsqlconfenable']:'#\$INCLUDE sql.conf'); - $varsqlconfenablecounter = ($sqlconf['varsqlconfenablecounter']?$sqlconf['varsqlconfenablecounter']:'#\$INCLUDE sql/mysql/counter.conf'); - + $varsqlconfincludeenable = ($sqlconf['varsqlconfincludeenable']?$sqlconf['varsqlconfincludeenable']:'Disable'); + + // Dis-/Enable SQL in "instatiate" section in "freeradius_settings_resync" and radiusd.conf + if ($sqlconf['varsqlconfincludeenable'] == 'Enable') { + $varsqlconfinclude = '\$INCLUDE sql.conf'; + $varsqlconfincludecounter = '\$INCLUDE sql/mysql/counter.conf'; + $varsqlconfinstantiate = 'sql'; + } + + if ($sqlconf['varsqlconfincludeenable'] == 'Disable') { + $varsqlconfinclude = '#\$INCLUDE sql.conf'; + $varsqlconfincludecounter = '#\$INCLUDE sql/mysql/counter.conf'; + $varsqlconfinstantiate = '#sql'; + } + $conf = <<<EOD prefix = /usr/local @@ -214,19 +226,12 @@ thread pool { modules { \$INCLUDE \${confdir}/modules/ \$INCLUDE eap.conf + ### Dis-/Enable sql.conf INCLUDE + $varsqlconfinclude - ### Original line - ### Enable sql.conf INCLUDE - ###\$INCLUDE sql.conf - $varsqlconfenable - - - ### Original line - ### Enable sql/mysql/counter.conf INCLUDE - #\$INCLUDE sql/mysql/counter.conf - $varsqlconfenablecounter - - + ### Dis-/Enable sql/mysql/counter.conf INCLUDE + $varsqlconfincludecounter + #\$INCLUDE sqlippool.conf } @@ -237,10 +242,8 @@ instantiate { #daily expiration logintime - #redundant redundant_sql { - # sql1 - # sql2 - #} + ### Dis-/Enable sql instatiate + $varsqlconfinstantiate } \$INCLUDE policy.conf \$INCLUDE sites-enabled/ @@ -258,61 +261,96 @@ function freeradius_users_resync() { global $config; $conf = ''; -$users = $config['installedpackages']['freeradius']['config']; -if (is_array($users) && !empty($users)) { -foreach ($users as $user) { -$username = $user['username']; -$password = $user['password']; -$multiconnect = $user['multiconnect']; -$ip = $user['ip']; -$subnetmask = $user['subnetmask']; -$gateway = $user['gateway']; -$userexpiration=$user['expiration']; -$sessiontime=$user['sessiontime']; -$onlinetime=$user['onlinetime']; -$vlanid=$user['vlanid']; -$additionaloptions=$user['additionaloptions']; -$atrib=''; -$head="$username Cleartext-Password := ".'"'.$password.'"'; - if ($multiconnect <> '') { - $head .=", Simultaneous-Use := $multiconnect"; - } - if ($userexpiration <> '') { - $head .=", Expiration := ".'"'.$userexpiration.'"'; - } - if ($subnetmask<> '') { - $head .=", Framed-IP-Netmask = $subnetmask"; - } - if ($gateway<> '') { - $head .=", Framed-Route = $gateway"; - } - if ($onlinetime <> '') { - $head .=", Login-Time := ". '"' . $onlinetime .'"'; - } - if ($ip <> '') { - if ($atrib <> '') { $atrib .=","; } - $atrib .="\r\n\tFramed-IP-Address = $ip"; - } - if ($sessiontime <> '') { - if ($atrib <> '') { $atrib .=","; } - $atrib .="\r\n\tSession-Timeout := $sessiontime"; - } - if ($vlanid <> '') { - if ($atrib <> '') { $atrib .=","; } - $atrib .="\r\n\tTunnel-Type = VLAN,\r\n\tTunnel-Medium-Type = IEEE-802,\r\n\tTunnel-Private-Group-ID = \"$vlanid\""; - } - if ($additionaloptions <> '') { - if ($atrib <> '') { $atrib .=","; } - $atrib .="\r\n\t$additionaloptions"; - } - - $conf .= <<<EOD -$head -$atrib +// Empty variables + +$arrusers = $config['installedpackages']['freeradius']['config']; + +if (is_array($arrusers) && !empty($arrusers)) { + foreach ($arrusers as $users) { + + // Variables for users file defined parameters + $varusersusername = $users['varusersusername']; + $varuserspassword = $users['varuserspassword']; + $varuserssimultaneousconnect = ($users['varuserssimultaneousconnect']?$users['varuserssimultaneousconnect']:'1'); + $varusersframedipaddress = $users['varusersframedipaddress']; + $varusersframedipnetmask = $users['varusersframedipnetmask']; + $varusersframedroute = $users['varusersframedroute']; + $varusersexpiration=$users['varusersexpiration']; + $varuserssessiontimeout=$users['varuserssessiontimeout']; + $varuserslogintime=$users['varuserslogintime']; + $varusersvlanid=$users['varusersvlanid']; + + // Clear variables for next user foreach additional options + $varuserstopadditionaloptions = ''; + $varusersadditionaloptionstop = ''; + + + if(!empty($users['varuserstopadditionaloptions'])) { + $varuserstopadditionaloptions = explode("|", ($users['varuserstopadditionaloptions'])); + foreach ($varuserstopadditionaloptions as $toptmp) { + $varusersadditionaloptionstop .= $toptmp . "\n"; + } + } + + // Clear variables for next user foreach additional options + $varusersbottomadditionaloptions = ''; + $varusersadditionaloptionsbottom = ''; + + if(!empty($users['varusersbottomadditionaloptions'])) { + $varusersbottomadditionaloptions = explode("|", ($users['varusersbottomadditionaloptions'])); + $varusersadditionaloptionsbottom .= ''; + foreach ($varusersbottomadditionaloptions as $bottomtmp) { + $varusersadditionaloptionsbottom .= $bottomtmp . "\n\t"; + } + } + + + + // Empty variable + $varusersmainoptions = ''; + + // Add the user attributes to each user. + $varusersmainoptions = '"' . $varusersusername . '"' . " Cleartext-Password := " . '"' . $varuserspassword .'"'; + + if ($varuserssimultaneousconnect != '') { + $varusersmainoptions .= "\n\tSimultaneous-Use := $varuserssimultaneousconnect"; + } + if ($varusersexpiration != '') { + $varusersmainoptions .= ",\n\tExpiration := " . '"' . $varusersexpiration . '"'; + } + if ($varuserslogintime != '') { + $varusersmainoptions .= ",\n\tLogin-Time := " . '"' . $varuserslogintime . '"'; + } + if ($varuserssessiontimeout != '') { + $varusersmainoptions .= ",\n\tSession-Timeout := $varuserssessiontimeout"; + } + if ($varusersframedipaddress != '') { + $varusersmainoptions .= ",\n\tFramed-IP-Address = $varusersframedipaddress"; + } + if ($varusersframedipnetmask != '') { + $varusersmainoptions .= ",\n\tFramed-IP-Netmask = $varusersframedipnetmask"; + } + if ($varusersframedroute != '') { + $varusersmainoptions .= ",\n\tFramed-Route = " . '"' . $varusersframedroute . '"'; + } + if ($varusersvlanid != '') { + $varusersmainoptions .= ",\n\tTunnel-Type = VLAN,\n\tTunnel-Medium-Type = IEEE-802,\n\tTunnel-Private-Group-ID = " . '"' . $varusersvlanid . '"'; + } + if ($varusersadditionaloptionsbottom != '') { + $varusersmainoptions .= ",\n\t$varusersadditionaloptionsbottom"; + } + // Cosmetic fix - This is just to make a blank new line after each user entry + $varusersmainoptions .= "\n\n"; + + + $conf .= <<<EOD +$varusersadditionaloptionstop +$varusersmainoptions EOD; -} -} + } //end foreach +} // end if + $filename = RADDB . '/users'; conf_mount_rw(); file_put_contents($filename, $conf); @@ -463,6 +501,9 @@ if ($vareapconfchoosecertmanager == 'pfsensecertmgr') { $vareapconfprivatekeyfile = 'server_key.pem'; $vareapconfcertificatefile = 'server_cert.pem'; $vareapconfcafile = 'ca_cert.pem'; + // generate new DH and RANDOM file + exec("cd /usr/local/etc/raddb/certs && openssl dhparam -out dh 1024"); + exec("cd /usr/local/etc/raddb/certs && dd if=/dev/urandom of=./random count=10"); } // This is for freeradius cert manager @@ -624,11 +665,7 @@ function freeradius_sqlconf_resync() { $varsqlconfreadclients = ($sqlconf['varsqlconfreadclients']?$sqlconf['varsqlconfreadclients']:'yes'); $varsqlconfnastable = ($sqlconf['varsqlconfnastable']?$sqlconf['varsqlconfnastable']:'nas'); - // These lines are uncommented in fuction "freeradius_settings_resync" to INCLUDE / enable eap.conf - // $sqlconf = $config['installedpackages']['freeradiussqlconf']['config'][0]; - // $varsqlconfenable = ($sqlconf['varsqlconfenable']?$sqlconf['varsqlconfenable']:'#\$INCLUDE sql.conf'); - // $varsqlconfenablecounter = ($sqlconf['varsqlconfenablecounter']?$sqlconf['varsqlconfenablecounter']:'#\$INCLUDE sql/mysql/counter.conf'); - + // For more information look at "freeradius_settings_resync" $conf .= <<<EOD @@ -676,6 +713,55 @@ function freeradius_serverdefault_resync() { global $config; $conf = ''; + // Get Variables from freeradiussqlconf.xml + $sqlconf = $config['installedpackages']['freeradiussqlconf']['config'][0]; + $varsqlconfenableauthorize = ($sqlconf['varsqlconfenableauthorize']?$sqlconf['varsqlconfenableauthorize']:'Disable'); + $varsqlconfenableaccounting = ($sqlconf['varsqlconfenableaccounting']?$sqlconf['varsqlconfenableaccounting']:'Disable'); + $varsqlconfenablesession = ($sqlconf['varsqlconfenablesession']?$sqlconf['varsqlconfenablesession']:'Disable'); + $varsqlconfenablepostauth = ($sqlconf['varsqlconfenablepostauth']?$sqlconf['varsqlconfenablepostauth']:'Disable'); + + + // Disable all sql sections if sql is global disabled + // if ($sqlconf['varsqlconfincludeenable'] == 'Disable') { + // $varsqlconfauthorize = '#sql'; + // $varsqlconfaccounting = '#sql'; + // $varsqlconfsession = 'radutmp'; + // $varsqlconfpostauth = '#sql'; + // } + + // authorize section + if (($sqlconf['varsqlconfincludeenable'] == 'Enable') && ($sqlconf['varsqlconfenableauthorize'] == 'Enable')) { + $varsqlconfauthorize = 'sql'; + } + else { + $varsqlconfauthorize = '#sql'; + } + + // accounting section + if (($sqlconf['varsqlconfincludeenable'] == 'Enable') && ($sqlconf['varsqlconfenableaccounting'] == 'Enable')) { + $varsqlconfaccounting = 'sql'; + } + else { + $varsqlconfaccounting = '#sql'; + } + + // session section + if (($sqlconf['varsqlconfincludeenable'] == 'Enable') && ($sqlconf['varsqlconfenablesession'] == 'Enable')) { + $varsqlconfsession = 'sql'; + } + else { + $varsqlconfsession = 'radutmp'; + } + + // post-auth section + if (($sqlconf['varsqlconfincludeenable'] == 'Enable') && ($sqlconf['varsqlconfenablepostauth'] == 'Enable')) { + $varsqlconfpostauth = 'sql'; + } + else { + $varsqlconfpostauth = '#sql'; + } + + $conf .= <<<EOD ###################################################################### @@ -854,7 +940,7 @@ authorize { # is meant to mirror the "users" file. # # See "Authorization Queries" in sql.conf -# sql + $varsqlconfauthorize # # If you are using /etc/smbpasswd, and are also doing @@ -1083,7 +1169,7 @@ accounting { # Log traffic to an SQL database. # # See "Accounting queries" in sql.conf -# sql + $varsqlconfaccounting # # If you receive stop packets with zero session length, @@ -1127,11 +1213,8 @@ accounting { # or rlm_sql module can handle this. # The rlm_sql module is *much* faster session { - radutmp - - # - # See "Simultaneous Use Checking Queries" in sql.conf -# sql + ### choose radutmp or sql + $varsqlconfsession } @@ -1152,7 +1235,7 @@ post-auth { # After authenticating the user, do another SQL query. # # See "Authentication Logging Queries" in sql.conf -# sql + $varsqlconfpostauth # # Instead of sending the query to the SQL server, diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml index e55720ac..d6ecd41d 100644 --- a/config/freeradius2/freeradius.xml +++ b/config/freeradius2/freeradius.xml @@ -9,7 +9,7 @@ /* freeradius.xml part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong + Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> All rights reserved. Based on m0n0wall (http://m0n0.ch/wall) @@ -40,9 +40,7 @@ POSSIBILITY OF SUCH DAMAGE. */ /* ========================================================================== */ -]]> - - </copyright> +]]> </copyright> <description><![CDATA[Describe your package here]]></description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> @@ -141,7 +139,7 @@ <adddeleteeditpagefields> <columnitem> <fielddescr>Username</fielddescr> - <fieldname>username</fieldname> + <fieldname>varusersusername</fieldname> </columnitem> <columnitem> <fielddescr>Description</fielddescr> @@ -149,31 +147,27 @@ </columnitem> <columnitem> <fielddescr>IP Address</fielddescr> - <fieldname>ip</fieldname> - </columnitem> - <columnitem> - <fielddescr>Subnet Mask</fielddescr> - <fieldname>subnetmask</fieldname> + <fieldname>varusersframedipaddress</fieldname> </columnitem> <columnitem> <fielddescr>Simultaneous Connections</fielddescr> - <fieldname>multiconnect</fieldname> + <fieldname>varuserssimultaneousconnect</fieldname> </columnitem> <columnitem> - <fielddescr>Expiration Time</fielddescr> - <fieldname>expiration</fieldname> + <fielddescr>Expiration Date</fielddescr> + <fieldname>varusersexpiration</fieldname> </columnitem> <columnitem> - <fielddescr>Session Time</fielddescr> - <fieldname>sessiontime</fieldname> + <fielddescr>Session Timeout</fielddescr> + <fieldname>varuserssessiontimeout</fieldname> </columnitem> <columnitem> - <fielddescr>Online Time</fielddescr> - <fieldname>onlinetime</fieldname> + <fielddescr>Possible Login Times</fielddescr> + <fieldname>varuserslogintime</fieldname> </columnitem> <columnitem> <fielddescr>VLAN ID</fielddescr> - <fieldname>vlanid</fieldname> + <fieldname>varusersvlanid</fieldname> </columnitem> </adddeleteeditpagefields> <fields> @@ -183,22 +177,23 @@ </field> <field> <fielddescr>Username</fielddescr> - <fieldname>username</fieldname> - <description><![CDATA[Enter the username.]]></description> + <fieldname>varusersusername</fieldname> + <description><![CDATA[Enter the username. Whitespace is possible.]]></description> <type>input</type> <required/> </field> <field> <fielddescr>Password</fielddescr> - <fieldname>password</fieldname> + <fieldname>varuserspassword</fieldname> <description><![CDATA[Enter the password for this username.]]></description> <type>password</type> <required/> </field> <field> <fielddescr>Number of simultaneous connections</fielddescr> - <fieldname>multiconnect</fieldname> - <description><![CDATA[The maximum of simultaneous connections with this username.]]></description> + <fieldname>varuserssimultaneousconnect</fieldname> + <description><![CDATA[The maximum of simultaneous connections with this username. (Default: 1)]]></description> + <default_value>1</default_value> <required/> <type>input</type> </field> @@ -208,7 +203,7 @@ </field> <field> <fielddescr>IP Address</fielddescr> - <fieldname>ip</fieldname> + <fieldname>varusersframedipaddress</fieldname> <description><![CDATA[<b>Framed-IP-Address</b> must be supported by NAS.<br> If you want this user to be assigned a specific IP address from radius, enter the IP address here.<br> Continuous IP address is available with "+" suffix (e.g. 192.168.1.5+). Could be useful for simultaneous connections.<br> @@ -217,26 +212,26 @@ </field> <field> <fielddescr>Subnet Mask</fielddescr> - <fieldname>subnetmask</fieldname> + <fieldname>varusersframedipnetmask</fieldname> <description><![CDATA[<b>Framed-IP-Netmask</b> must be supported by NAS. (e.g. 255.255.255.0)]]></description> <type>input</type> </field> <field> <fielddescr>Gateway</fielddescr> - <fieldname>gateway</fieldname> + <fieldname>varusersframedroute</fieldname> <description><![CDATA[<b>Framed-Route</b> must be supported by NAS. Format is: Subnet Gateway Metric (e.g. 192.168.10.0 192.168.10.1 1).]]></description> <type>input</type> </field> <field> <fielddescr>VLAN ID</fielddescr> - <fieldname>vlanid</fieldname> - <description><![CDATA[ - Enter the VLAN ID (integer from 1-4095) or the VLAN name that this username should be assigned to.<br> - Must be supported by the NAS.<br> - This setting can be used for a NAS that supports the following RADIUS parameters:<br><br> - Tunnel-Type = VLAN<br> - Tunnel-Medium-Type = IEEE-802<br> - Tunnel-Private-Group-ID = "<b>THIS IS YOUR INPUT</b>"]]></description> + <fieldname>varusersvlanid</fieldname> + <description><![CDATA[Enter the VLAN ID (integer from 1-4095) or the VLAN name that this username should be assigned to.<br> + Must be supported by the NAS.<br> + This setting can be used for a NAS that supports the following RADIUS parameters:<br><br> + + Tunnel-Type = VLAN<br> + Tunnel-Medium-Type = IEEE-802<br> + Tunnel-Private-Group-ID = "<b>THIS IS YOUR INPUT</b>"]]></description> <type>input</type> </field> <field> @@ -244,20 +239,20 @@ <type>listtopic</type> </field> <field> - <fielddescr>Expiration Time</fielddescr> - <fieldname>expiration</fieldname> + <fielddescr>Expiration Date</fielddescr> + <fieldname>varusersexpiration</fieldname> <description><![CDATA[Enter the date when this account should expire. Format is: Mmm dd yyyy (e.g. Jan 01 2012).]]></description> <type>input</type> </field> <field> - <fielddescr>Session Time</fielddescr> - <fieldname>sessiontime</fieldname> + <fielddescr>Session Timeout</fielddescr> + <fieldname>varuserssessiontimeout</fieldname> <description><![CDATA[Enter the time this user has until relogin in seconds.]]></description> <type>input</type> </field> <field> - <fielddescr>Online time</fielddescr> - <fieldname>onlinetime</fieldname> + <fielddescr>Possible Login Times</fielddescr> + <fieldname>varuserslogintime</fieldname> <description><![CDATA[Enter the time when this user should have access. If no time is entered it means "always".<br> Every time string contains a day (Mo,Tu,We,Th,Fr,Sa,Su) or all weekdays which is from monday till friday (Wk).<br><br> <b>Wk0855-2305,Sa,Su2230-0230</b><br><br> @@ -275,25 +270,29 @@ <type>input</type> </field> <field> - <fielddescr>Additional RADIUS Options</fielddescr> - <fieldname>additionaloptions</fieldname> + <fielddescr>Additional RADIUS Options on the TOP of this entry</fielddescr> + <fieldname>varuserstopadditionaloptions</fieldname> <description><![CDATA[This is for experts only and should be treat with care!<br> - You may append (after all options from above) custom RADIUS options to this user account (separated by commas).<br> + You may append custom RADIUS options to this user account. If the syntax needs it, you have to set quotes and commas.<br> + To put a command in a new line use ar vertical bar (|).<br><br> + Example: DEFAULT Auth-Type = System<br><br> <b>IMPORTANT:</b> If you don't format this field correctly freeRADIUS will not start because of syntax errors.<br> Verify your changes by checking users file (/usr/local/etc/raddb/users).]]></description> <type>textarea</type> - <rows>10</rows> + <rows>4</rows> <cols>75</cols> </field> <field> - <fielddescr>Output</fielddescr> - <fieldname>usersoutput</fieldname> + <fielddescr>Additional RADIUS Options at the END of this user entry</fielddescr> + <fieldname>varusersbottomadditionaloptions</fieldname> <description><![CDATA[This is for experts only and should be treat with care!<br> - You may append (after all options from above) custom RADIUS options to this user account (separated by commas).<br> + You may append custom RADIUS options to this user account. If the syntax needs it, you have to set quotes and commas.<br> + To put a command in a new line use ar vertical bar (|).<br><br> + Example: Service-Type == Login-User,|Login-Service == Telnet,|Login-IP-Host == 192.168.1.2<br><br> <b>IMPORTANT:</b> If you don't format this field correctly freeRADIUS will not start because of syntax errors.<br> Verify your changes by checking users file (/usr/local/etc/raddb/users).]]></description> <type>textarea</type> - <rows>10</rows> + <rows>4</rows> <cols>75</cols> </field> </fields> diff --git a/config/freeradius2/freeradiuscerts.xml b/config/freeradius2/freeradiuscerts.xml index 9cdf656a..27ab3753 100644 --- a/config/freeradius2/freeradiuscerts.xml +++ b/config/freeradius2/freeradiuscerts.xml @@ -2,46 +2,45 @@ <!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ /* ========================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. + freeradiuscerts.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + All rights reserved. - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ /* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ /* ========================================================================== */ - ]]> - </copyright> +]]> </copyright> <description><![CDATA[Describe your package here]]></description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> diff --git a/config/freeradius2/freeradiusclients.xml b/config/freeradius2/freeradiusclients.xml index 1e72cf2b..c9562ab4 100644 --- a/config/freeradius2/freeradiusclients.xml +++ b/config/freeradius2/freeradiusclients.xml @@ -3,45 +3,44 @@ <?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> <packagegui> <copyright> - <![CDATA[ +<![CDATA[ /* $Id$ */ /* ========================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. + freeradiusclients.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + All rights reserved. - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ /* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ /* ========================================================================== */ - ]]> - </copyright> +]]> </copyright> <description><![CDATA[Describe your package here]]></description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> diff --git a/config/freeradius2/freeradiuseapconf.xml b/config/freeradius2/freeradiuseapconf.xml index 495a61ee..5722ba50 100644 --- a/config/freeradius2/freeradiuseapconf.xml +++ b/config/freeradius2/freeradiuseapconf.xml @@ -2,46 +2,45 @@ <!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ /* ========================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. + freeradiuseapconf.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + All rights reserved. - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ /* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ /* ========================================================================== */ - ]]> - </copyright> +]]> </copyright> <description><![CDATA[Describe your package here]]></description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> diff --git a/config/freeradius2/freeradiusinterfaces.xml b/config/freeradius2/freeradiusinterfaces.xml index 0bebf057..1697e5ca 100644 --- a/config/freeradius2/freeradiusinterfaces.xml +++ b/config/freeradius2/freeradiusinterfaces.xml @@ -3,45 +3,44 @@ <?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> <packagegui> <copyright> - <![CDATA[ +<![CDATA[ /* $Id$ */ /* ========================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. + freeradiusinterfaces.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + All rights reserved. - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ /* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ /* ========================================================================== */ - ]]> - </copyright> +]]> </copyright> <description><![CDATA[Describe your package here]]></description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> diff --git a/config/freeradius2/freeradiussettings.xml b/config/freeradius2/freeradiussettings.xml index 689e4b16..7becfed3 100644 --- a/config/freeradius2/freeradiussettings.xml +++ b/config/freeradius2/freeradiussettings.xml @@ -2,46 +2,45 @@ <!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ /* ========================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. + freeradiussettings.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + All rights reserved. - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ /* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ /* ========================================================================== */ - ]]> - </copyright> +]]> </copyright> <description><![CDATA[Describe your package here]]></description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> @@ -164,7 +163,7 @@ <fieldname>varsettingslogdir</fieldname> <description><![CDATA[Choose the destination where freeRADIUS should log. Logging must be enabled.(Default: radius.log)]]></description> <type>select</type> - <default_value>files</default_value> + <default_value>syslog</default_value> <options> <option><name>/var/log/radius.log</name><value>files</value></option> <option><name>System Logs -> System</name><value>syslog</value></option> @@ -177,7 +176,7 @@ <fieldname>varsettingsauth</fieldname> <description><![CDATA[Choose if you want to enable logging. (Default: Disabled)]]></description> <type>select</type> - <default_value>no</default_value> + <default_value>yes</default_value> <options> <option><name>Disable</name><value>no</value></option> <option><name>Enable</name><value>yes</value></option> diff --git a/config/freeradius2/freeradiussqlconf.xml b/config/freeradius2/freeradiussqlconf.xml index fa4f99e0..82d0b4e1 100644 --- a/config/freeradius2/freeradiussqlconf.xml +++ b/config/freeradius2/freeradiussqlconf.xml @@ -2,46 +2,45 @@ <!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> <?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ /* ========================================================================== */ /* - authng.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2007 to whom it may belong - All rights reserved. + freeradiussqlconf.xml + part of pfSense (http://www.pfSense.com) + Copyright (C) 2011 - 2012 to Alexander Wilke <nachtfalkeaw@web.de> + All rights reserved. - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ /* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ /* ========================================================================== */ - ]]> - </copyright> +]]> </copyright> <description><![CDATA[Describe your package here]]></description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> @@ -91,27 +90,63 @@ <type>listtopic</type> </field> <field> - <fielddescr>Enable SQL Configuration</fielddescr> - <fieldname>varsqlconfenable</fieldname> - <description><![CDATA[You need to enable this so that eap.conf will be included in radiusd.conf. (Default: Disable)<br> - $INCLUDE sql.conf]]></description> + <fielddescr>Enable SQL Support</fielddescr> + <fieldname>varsqlconfincludeenable</fieldname> + <description><![CDATA[Enable this if you like to connect freeRADIUS to a SQL database. (Default: Disable)<br> + You <b>must enable at least</b> one of the following options: Authorization, Accounting, Session, Post-Auth.]]></description> <type>select</type> - <default_value>#\$INCLUDE sql.conf</default_value> + <default_value>Disable</default_value> <options> - <option><name>Disbale</name><value>#\$INCLUDE sql.conf</value></option> - <option><name>Enable</name><value>$INCLUDE sql.conf</value></option> + <option><name>Disbale</name><value>Disable</value></option> + <option><name>Enable</name><value>Enable</value></option> </options> </field> <field> - <fielddescr>Enable MySQL Counter</fielddescr> - <fieldname>varsqlconfenablecounter</fieldname> - <description><![CDATA[You need to enable this so that eap.conf will be included in radiusd.conf. (Default: Disable)<br> - $INCLUDE sql/mysql/counter.conf]]></description> + <fielddescr>Enable SQL Authorization</fielddescr> + <fieldname>varsqlconfenableauthorize</fieldname> + <description><![CDATA[Enable this if usernames and passwords are stored on a SQL database.<br> + SQL support must be enabled for this to work. (Default: Disable)]]></description> <type>select</type> - <default_value>#\$INCLUDE sql/mysql/counter.conf</default_value> + <default_value>Disable</default_value> <options> - <option><name>Disbale</name><value>#\$INCLUDE sql/mysql/counter.conf</value></option> - <option><name>Enable</name><value>$INCLUDE sql/mysql/counter.conf</value></option> + <option><name>Disbale</name><value>Disable</value></option> + <option><name>Enable</name><value>Enable</value></option> + </options> + </field> + <field> + <fielddescr>Enable SQL Accounting</fielddescr> + <fieldname>varsqlconfenableaccounting</fieldname> + <description><![CDATA[Enable this if accounting packets should be logged to a SQL database.<br> + SQL support must be enabled for this to work. (Default: Disable)]]></description> + <type>select</type> + <default_value>Disable</default_value> + <options> + <option><name>Disbale</name><value>Disable</value></option> + <option><name>Enable</name><value>Enable</value></option> + </options> + </field> + <field> + <fielddescr>Enable SQL Session</fielddescr> + <fieldname>varsqlconfenablesession</fieldname> + <description><![CDATA[Enable this to use the "rlm_sql" module (fast) to check for simultaneous connections instead of "radutmp" (slow).<br> + SQL support must be enabled for this to work. (Default: Disable)]]></description> + <type>select</type> + <default_value>Disable</default_value> + <options> + <option><name>Disbale</name><value>Disable</value></option> + <option><name>Enable</name><value>Enable</value></option> + </options> + </field> + <field> + <fielddescr>Enable SQL Post-Auth</fielddescr> + <fieldname>varsqlconfenablepostauth</fieldname> + <description><![CDATA[Enable this if you like to store post-authentication data on a SQL database.<br> + SQL support must be enabled for this to work. (Default: Disable)]]></description> + <type>select</type> + <default_value>Disable</default_value> + <options> + <option><name>Disbale</name><value>Disable</value></option> + <option><name>Enable</name><value>Enable</value></option> </options> </field> <field> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 946362a8..1af8d673 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -792,7 +792,7 @@ Do not use together with freeradius package. Both are using the same XML files.]]></descr> <pkginfolink>http://forum.pfsense.org/index.php/topic,43675.0.html</pkginfolink> <category>System</category> - <version>2.1.12 pkg v1.3.666666</version> + <version>2.1.12 pkg v1.3.7</version> <status>BETA</status> <required_version>2.0</required_version> <maintainer>Nachtfalke</maintainer> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index c366d336..74a85de9 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -834,7 +834,7 @@ Do not use together with freeradius package. Both are using the same XML files.]]></descr> <pkginfolink>http://forum.pfsense.org/index.php/topic,43675.0.html</pkginfolink> <category>System</category> - <version>2.1.12 pkg v1.3.6</version> + <version>2.1.12 pkg v1.3.7</version> <status>BETA</status> <required_version>2.0</required_version> <maintainer>Nachtfalke</maintainer> |