aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/freeradius2/freeradius.inc17
-rw-r--r--pkg_config.8.xml2
-rw-r--r--pkg_config.8.xml.amd642
3 files changed, 12 insertions, 9 deletions
diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc
index 29ca98f8..76fb23d5 100755
--- a/config/freeradius2/freeradius.inc
+++ b/config/freeradius2/freeradius.inc
@@ -29,6 +29,8 @@ function freeradius_install_command() {
exec("chown -R root:wheel /usr/local/etc/raddb");
exec("chown -R root:wheel /usr/local/lib/freeradius-2.1.12");
+ // disable an experimental module of freeRADIUS which could be a security issue if not configured correctly!
+ exec("rm -f /usr/local/etc/raddb/sites-enabled/control-socket");
closedir($handle);
@@ -146,14 +148,15 @@ log {
}
checkrad = \${sbindir}/checkrad
-security {
+security {
max_attributes = $varsettingsmaxattributes
reject_delay = $varsettingsrejectdelay
status_server = no ### Needs additional config in raddb/sites-available/status
}
-proxy_requests = yes
-\$INCLUDE proxy.conf
+### disbale proxy module. In most environments we do not need to proxy requests to another RADIUS PROXY server
+#proxy_requests = yes
+#\$INCLUDE proxy.conf
\$INCLUDE clients.conf
thread pool {
start_servers = $varsettingsstartservers
@@ -259,7 +262,7 @@ EOD;
conf_mount_rw();
file_put_contents($filename, $conf);
chmod($filename, 0600);
- conf_mount_ro();
+ conf_mount_ro();
restart_service('freeradius');
}
@@ -296,11 +299,11 @@ client $varclientshortname {
shortname = $varclientshortname
### Optional: Used by checkrad.pl for simultaneous use checks. Default: other
- nastype = $varclientnastype
+ nastype = $varclientnastype
### Optional: will be used in future releases
- #login = !root
- #password = someadminpas
+ #login = !root
+ #password = someadminpas
### Additional configuration needed. See: raddb/sites-available/originate-coa
#virtual_server = home1
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index 495a4ef0..fefb92dd 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -760,7 +760,7 @@
Do not use together with freeradius package. Both are using the same XML files.]]></descr>
<pkginfolink>http://forum.pfsense.org/index.php/topic,43675.0.html</pkginfolink>
<category>System</category>
- <version>2.1.12 pkg v1.1.0</version>
+ <version>2.1.12 pkg v1.1.1</version>
<status>BETA</status>
<required_version>2.0</required_version>
<maintainer>Nachtfalke</maintainer>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 2730cf82..a7ff638b 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -803,7 +803,7 @@
Do not use together with freeradius package. Both are using the same XML files.]]></descr>
<pkginfolink>http://forum.pfsense.org/index.php/topic,43675.0.html</pkginfolink>
<category>System</category>
- <version>2.1.12 pkg v1.1.0</version>
+ <version>2.1.12 pkg v1.1.1</version>
<status>BETA</status>
<required_version>2.0</required_version>
<maintainer>Nachtfalke</maintainer>