diff options
author | Chris Buechler <cmb@pfsense.org> | 2012-01-02 11:42:21 -0800 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2012-01-02 11:42:21 -0800 |
commit | 311adf199d393466f3d8f0651118e7a770f08c59 (patch) | |
tree | 269d75dbf2056999fe00e502e48613dd49a1910f /config/freeradius2 | |
parent | efda45c843dcf50b54a9ec8bf1d30b6be9cc8fec (diff) | |
parent | 582c04866102a5c8fc30ea83d85261f5c291b3f9 (diff) | |
download | pfsense-packages-311adf199d393466f3d8f0651118e7a770f08c59.tar.gz pfsense-packages-311adf199d393466f3d8f0651118e7a770f08c59.tar.bz2 pfsense-packages-311adf199d393466f3d8f0651118e7a770f08c59.zip |
Merge pull request #168 from Nachtfalkeaw/master
freeradius2 updates pkg v1.4.2
Diffstat (limited to 'config/freeradius2')
-rwxr-xr-x | config/freeradius2/freeradius.inc | 42 | ||||
-rwxr-xr-x | config/freeradius2/freeradius.xml | 31 | ||||
-rwxr-xr-x | config/freeradius2/freeradiusclients.xml | 4 | ||||
-rwxr-xr-x | config/freeradius2/freeradiussettings.xml | 22 |
4 files changed, 64 insertions, 35 deletions
diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index 52456822..356f4229 100755 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -137,7 +137,7 @@ function freeradius_settings_resync() { } - $conf = <<<EOD + $conf .= <<<EOD prefix = /usr/local exec_prefix = \${prefix} sysconfdir = \${prefix}/etc @@ -330,7 +330,7 @@ if (is_array($arrusers) && !empty($arrusers)) { $varuserslogintime=$users['varuserslogintime']; $varusersvlanid=$users['varusersvlanid']; - // Clear variables for next user foreach additional options + // Clear variables for next user foreach additional options TOP $varuserstopadditionaloptions = ''; $varusersadditionaloptionstop = ''; @@ -341,15 +341,27 @@ if (is_array($arrusers) && !empty($arrusers)) { } } - // Clear variables for next user foreach additional options - $varusersbottomadditionaloptions = ''; - $varusersadditionaloptionsbottom = ''; + // Clear variables for next user foreach additional options: CHECK-ITEMS + $varuserscheckitemsadditionaloptions = ''; + $varusersadditionaloptionscheckitems = ''; - if(!empty($users['varusersbottomadditionaloptions'])) { - $varusersbottomadditionaloptions = explode("|", ($users['varusersbottomadditionaloptions'])); - $varusersadditionaloptionsbottom .= ''; - foreach ($varusersbottomadditionaloptions as $bottomtmp) { - $varusersadditionaloptionsbottom .= $bottomtmp . "\n\t"; + if(!empty($users['varuserscheckitemsadditionaloptions'])) { + $varuserscheckitemsadditionaloptions = explode("|", ($users['varuserscheckitemsadditionaloptions'])); + $varusersadditionaloptionscheckitems .= ''; + foreach ($varuserscheckitemsadditionaloptions as $checkitemtmp) { + $varusersadditionaloptionscheckitems .= $checkitemtmp; + } + } + + // Clear variables for next user foreach additional options: REPLY-ITEMS + $varusersreplyitemsadditionaloptions = ''; + $varusersadditionaloptionsreplyitems = ''; + + if(!empty($users['varusersreplyitemsadditionaloptions'])) { + $varusersreplyitemsadditionaloptions = explode("|", ($users['varusersreplyitemsadditionaloptions'])); + $varusersadditionaloptionsreplyitems .= ''; + foreach ($varusersreplyitemsadditionaloptions as $replyitemtmp) { + $varusersadditionaloptionsreplyitems .= $replyitemtmp . "\n\t"; } } @@ -370,6 +382,10 @@ if (is_array($arrusers) && !empty($arrusers)) { if ($varuserslogintime != '') { $varuserscheckitem .= ", Login-Time := " . '"' . $varuserslogintime . '"'; } + if ($varusersadditionaloptionscheckitems != '') { + $varuserscheckitem .= ", $varusersadditionaloptionscheckitems"; + } + // Add additional REPLY-ITEMS here. Different formatting in "users" file needed. if ($varusersframedipaddress != '') { @@ -392,12 +408,12 @@ if (is_array($arrusers) && !empty($arrusers)) { if ($varusersreplyitem != '') { $varusersreplyitem .=","; } $varusersreplyitem .= "\n\tTunnel-Type = VLAN,\n\tTunnel-Medium-Type = IEEE-802,\n\tTunnel-Private-Group-ID = " . '"' . $varusersvlanid . '"'; } - if ($varusersadditionaloptionsbottom != '') { + if ($varusersadditionaloptionsreplyitems != '') { if ($varusersreplyitem != '') { $varusersreplyitem .=","; } - $varusersreplyitem .= "\n\t$varusersadditionaloptionsbottom"; + $varusersreplyitem .= "\n\t$varusersadditionaloptionsreplyitems"; } - // Cosmetic fix - This is just to make a blank new line after each user entry + // Cosmetic fix - This is just to make a blank new line after each user entry $varusersreplyitem .= "\n\n"; diff --git a/config/freeradius2/freeradius.xml b/config/freeradius2/freeradius.xml index 627506a7..2f37b067 100755 --- a/config/freeradius2/freeradius.xml +++ b/config/freeradius2/freeradius.xml @@ -213,9 +213,9 @@ <field> <fielddescr>IP Address</fielddescr> <fieldname>varusersframedipaddress</fieldname> - <description><![CDATA[<b>Framed-IP-Address</b> must be supported by NAS.<br> + <description><![CDATA[<b>Framed-IP-Address</b> must be supported by NAS.<br><br> If you want this user to be assigned a specific IP address from radius, enter the IP address here.<br> - Continuous IP address is available with "+" suffix (e.g. 192.168.1.5+). Could be useful for simultaneous connections.<br> + Continuous IP address is available with "+" suffix (e.g. 192.168.1.5+). Could be useful for simultaneous connections.<br><br> <b>IMPORTANT:</b> You must enter an IP address here if you checked "RADIUS issued IP" on VPN PPTP or VPN PPPoE configuration.]]></description> <type>input</type> </field> @@ -279,27 +279,40 @@ <type>input</type> </field> <field> - <fielddescr>Additional RADIUS Options on the TOP of this entry</fielddescr> + <fielddescr>Additional RADIUS Attributes on the TOP of this entry</fielddescr> <fieldname>varuserstopadditionaloptions</fieldname> <description><![CDATA[This is for experts only and should be treat with care!<br> You may append custom RADIUS options to this user account. If the syntax needs it, you have to set quotes and commas.<br> - To put a command in a new line use ar vertical bar (|).<br><br> + To put a command in a new line use a vertical bar (|).<br><br> Example: DEFAULT Auth-Type = System<br><br> <b>IMPORTANT:</b> If you don't format this field correctly freeRADIUS will not start because of syntax errors.<br> - Verify your changes by checking users file (/usr/local/etc/raddb/users).]]></description> + Verify your changes by checking users file (View config -> users).]]></description> <type>textarea</type> <rows>4</rows> <cols>75</cols> </field> <field> - <fielddescr>Additional RADIUS Options at the END of this user entry</fielddescr> - <fieldname>varusersbottomadditionaloptions</fieldname> + <fielddescr>Additional RADIUS Attributes (CHECK-ITEM).</fielddescr> + <fieldname>varuserscheckitemsadditionaloptions</fieldname> <description><![CDATA[This is for experts only and should be treat with care!<br> You may append custom RADIUS options to this user account. If the syntax needs it, you have to set quotes and commas.<br> - To put a command in a new line use ar vertical bar (|).<br><br> + To put a command in a new line use a vertical bar (|).<br><br> + Example: Max-Daily-Session := 36000<br><br> + <b>IMPORTANT:</b> If you don't format this field correctly freeRADIUS will not start because of syntax errors.<br> + Verify your changes by checking users file (View config -> users).]]></description> + <type>textarea</type> + <rows>4</rows> + <cols>75</cols> + </field> + <field> + <fielddescr>Additional RADIUS Attributes (REPLY-ITEM).</fielddescr> + <fieldname>varusersreplyitemsadditionaloptions</fieldname> + <description><![CDATA[This is for experts only and should be treat with care!<br> + You may append custom RADIUS options to this user account. If the syntax needs it, you have to set quotes and commas.<br> + To put a command in a new line use a vertical bar (|).<br><br> Example: Service-Type == Login-User,|Login-Service == Telnet,|Login-IP-Host == 192.168.1.2<br><br> <b>IMPORTANT:</b> If you don't format this field correctly freeRADIUS will not start because of syntax errors.<br> - Verify your changes by checking users file (/usr/local/etc/raddb/users).]]></description> + Verify your changes by checking users file (View config -> users).]]></description> <type>textarea</type> <rows>4</rows> <cols>75</cols> diff --git a/config/freeradius2/freeradiusclients.xml b/config/freeradius2/freeradiusclients.xml index 61afd4f5..8e5e6b5b 100755 --- a/config/freeradius2/freeradiusclients.xml +++ b/config/freeradius2/freeradiusclients.xml @@ -147,7 +147,7 @@ <field> <fielddescr>Client Shortname</fielddescr> <fieldname>varclientshortname</fieldname> - <description><![CDATA[Enter shortname of the client. This is in general the IP of the NAS (switch,accesspoint).]]></description> + <description><![CDATA[Enter shortname of the client. This is in general the hostname of the NAS (switch,accesspoint).]]></description> <type>input</type> <required/> </field> @@ -165,7 +165,7 @@ <field> <fielddescr>Client Protocol</fielddescr> <fieldname>varclientproto</fieldname> - <description><![CDATA[Enter the protocol the client uses. (Default: udp)]]></description> + <description><![CDATA[Enter the protocol the client uses. (Default: UDP)]]></description> <type>select</type> <default_value>udp</default_value> <options> diff --git a/config/freeradius2/freeradiussettings.xml b/config/freeradius2/freeradiussettings.xml index 34999917..e49aee1a 100755 --- a/config/freeradius2/freeradiussettings.xml +++ b/config/freeradius2/freeradiussettings.xml @@ -115,17 +115,6 @@ <default_value>5</default_value> </field> <field> - <fielddescr>NAS Hostname Lookup</fielddescr> - <fieldname>varsettingshostnamelookups</fieldname> - <description><![CDATA[Log the names of NAS instead of IP addresses. Turning this on can result in lock ups of the RADIUS Server. (Default: no)]]></description> - <type>select</type> - <default_value>no</default_value> - <options> - <option><name>Disable</name><value>no</value></option> - <option><name>Enable</name><value>yes</value></option> - </options> - </field> - <field> <fielddescr>Allow Core Dumps</fielddescr> <fieldname>varsettingsallowcoredumps</fieldname> <description><![CDATA[Only turn this on if you need to debug the RADIUS server! (Default: no)]]></description> @@ -220,6 +209,17 @@ </options> </field> <field> + <fielddescr>NAS Hostname Lookup</fielddescr> + <fieldname>varsettingshostnamelookups</fieldname> + <description><![CDATA[Log the names of NAS instead of IP addresses. Turning this on can result in lock ups of the RADIUS Server. (Default: no)]]></description> + <type>select</type> + <default_value>no</default_value> + <options> + <option><name>Disable</name><value>no</value></option> + <option><name>Enable</name><value>yes</value></option> + </options> + </field> + <field> <name>SECURITY CONFIGURATION</name> <type>listtopic</type> </field> |