diff options
-rw-r--r-- | config/freeradius.inc | 20 | ||||
-rw-r--r-- | config/freeradiussettings.xml | 142 |
2 files changed, 101 insertions, 61 deletions
diff --git a/config/freeradius.inc b/config/freeradius.inc index 0a41ed43..86881a19 100644 --- a/config/freeradius.inc +++ b/config/freeradius.inc @@ -36,16 +36,18 @@ function freeradius_install_command() { function freeradius_settings_resync() { global $config; - $settings = $config['installedpackages']['freeradiussettings']['config'][0]; - $iface = ($settings['interface'] ? $settings['interface'] : 'LAN'); $iface = convert_friendly_interface_to_real_interface_name($iface); $iface_ip = find_interface_ip($iface); $port = ($settings['port'] != '' ? $settings['port'] : 0); - $radiuslogging = $settings['radiuslogging']; - $radiuslogbadpass = $settings['radiuslogbadpass']; - $radiusloggoodpass = $settings['radiusloggoodpass']; + $radiuslogging = $settings['radiuslogging']; + $radiuslogbadpass = $settings['radiuslogbadpass']; + $radiusloggoodpass = $settings['radiusloggoodpass']; + $max_requests_var = $settings['max_requests_var']; + $max_request_time_var = $settings['max_request_time_var']; + $cleanup_delay_var = $settings['cleanup_delay_var']; + $logdir_var = $settings['logdir_var']; // FreeRADIUS's configuration is huge // This is the standard default config file, trimmed down a bit. Somebody might want to implement more options. It should be as simple as editing this, then also providing the settings in each file that was included here (or maybe just put the config inlined here). @@ -55,7 +57,7 @@ exec_prefix = \${prefix} sysconfdir = \${prefix}/etc localstatedir = /var sbindir = \${exec_prefix}/sbin -logdir = /var/log +logdir = $logdir_var raddbdir = \${sysconfdir}/raddb radacctdir = \${logdir}/radacct confdir = \${raddbdir} @@ -65,10 +67,10 @@ libdir = \${exec_prefix}/lib pidfile = \${run_dir}/radiusd.pid #user = nobody #group = nobody -max_request_time = 30 +max_request_time = $max_request_time_var delete_blocked_requests = no -cleanup_delay = 5 -max_requests = 1024 +cleanup_delay = $cleanup_delay_var +max_requests = $max_requests_var bind_address = $iface_ip port = $port hostname_lookups = no diff --git a/config/freeradiussettings.xml b/config/freeradiussettings.xml index 9e3042b9..c842e542 100644 --- a/config/freeradiussettings.xml +++ b/config/freeradiussettings.xml @@ -80,58 +80,96 @@ <type>input</type> <default_value>1812</default_value> </field> - <field> - <fielddescr>Radius Logging</fielddescr> - <fieldname>radiuslogging</fieldname> - <description>Enable radius logging to /var/log/radius.log?</description> - <type>select</type> - <default_value>no</default_value> - <options> - <option> - <name>no</name> - <value>no</value> - </option> - <option> - <name>yes</name> - <value>yes</value> - </option> - </options> - </field> - <field> - <fielddescr>Log bad authentication attempts?</fielddescr> - <fieldname>radiuslogbadpass</fieldname> - <description>Specifies whether to log bad authentication attempts to the radius.log file. Radius Logging must be enabled for this to work.</description> - <type>select</type> - <default_value>no</default_value> - <options> - <option> - <name>no</name> - <value>no</value> - </option> - <option> - <name>yes</name> - <value>yes</value> - </option> - </options> - </field> - <field> - <fielddescr>Log good authentication attempts?</fielddescr> - <fieldname>radiusloggoodpass</fieldname> - <description>Specifies whether to log good authentication attempts to the radius.log file. Radius Logging must be enabled for this to work.</description> - <type>select</type> - <default_value>no</default_value> - <options> - <option> - <name>no</name> - <value>no</value> - </option> - <option> - <name>yes</name> - <value>yes</value> - </option> - </options> - </field> - </fields> + <field> + <fielddescr>Maximum requests server</fielddescr> + <fieldname>max_requests_var</fieldname> + <description>The maximum number of requests the RADIUS server can handle. Default is 1024. It should be 256 * number of clients e.g.: 4 Switches * 256 = 1024.</description> + <type>input</type> + <default_value>1024</default_value> + </field> + <field> + <fielddescr>Max request time</fielddescr> + <fieldname>max_request_time_var</fieldname> + <description>The maximum time (in seconds) to handle a request. Default is 30. Useful range of values: 5 to 120.</description> + <type>input</type> + <default_value>30</default_value> + </field> + <field> + <fielddescr>Cleanup delay</fielddescr> + <fieldname>cleanup_delay_var</fieldname> + <description>The time to wait (in seconds) before cleaning up a reply which was sent to the NAS. Default is 5. Useful range of values: 2 to 10.</description> + <type>input</type> + <default_value>5</default_value> + </field> + <field> + <fielddescr>Radius Logging Destination</fielddescr> + <fieldname>logdir_var</fieldname> + <description>Logging to "syslog" or "/var/log/radius.log" ?</description> + <type>select</type> + <default_value>/var/log</default_value> + <options> + <option> + <name>radius.log</name> + <value>/var/log</value> + </option> + <option> + <name>syslog</name> + <value>syslog</value> + </option> + </options> + </field> + <field> + <fielddescr>Radius Logging</fielddescr> + <fieldname>radiuslogging</fieldname> + <description>Enable logging?</description> + <type>select</type> + <default_value>no</default_value> + <options> + <option> + <name>no</name> + <value>no</value> + </option> + <option> + <name>yes</name> + <value>yes</value> + </option> + </options> + </field> + <field> + <fielddescr>Log bad authentication attempts?</fielddescr> + <fieldname>radiuslogbadpass</fieldname> + <description>Specifies whether to log bad authentication attempts to the radius.log file. Radius Logging must be enabled for this to work.</description> + <type>select</type> + <default_value>no</default_value> + <options> + <option> + <name>no</name> + <value>no</value> + </option> + <option> + <name>yes</name> + <value>yes</value> + </option> + </options> + </field> + <field> + <fielddescr>Log good authentication attempts?</fielddescr> + <fieldname>radiusloggoodpass</fieldname> + <description>Specifies whether to log good authentication attempts to the radius.log file. Radius Logging must be enabled for this to work.</description> + <type>select</type> + <default_value>no</default_value> + <options> + <option> + <name>no</name> + <value>no</value> + </option> + <option> + <name>yes</name> + <value>yes</value> + </option> + </options> + </field> + </fields> <custom_delete_php_command> freeradius_settings_resync(); </custom_delete_php_command> |