. All rights reserved. */ /* ========================================================================== */ /* Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ /* ========================================================================== */ ]]> Describe your package here Describe your package requirements here Currently there are no FAQ items provided. freeradiussettings none pkg_edit.php?xml=freeradiussettings.xml&id=0 /usr/local/pkg/freeradius.inc Users /pkg.php?xml=freeradius.xml NAS / Clients /pkg.php?xml=freeradiusclients.xml Interfaces /pkg.php?xml=freeradiusinterfaces.xml Settings /pkg_edit.php?xml=freeradiussettings.xml&id=0 GENERAL CONFIGURATION listtopic Maximum Requests Server varsettingsmaxrequests The maximum number of requests the server could handle at a time until "Cleanup Delay" deletes them. Useful range 256 * NAS. If it is set to low it will make the server busy. A higher value is better (but increased RAM usage) but it shouldn't be higher than 1000 * NAS. (Default: 1024) input 1024 Max Request Timeout varsettingsmaxrequesttime The maximum time to handle a request in seconds. (Default: 30) input 30 Cleanup Delay varsettingscleanupdelay The time to wait before cleaning up a reply which was sent to the NAS in seconds. (Default: 5) input 5 NAS Hostname Lookup varsettingshostnamelookups Log the names of NAS instead of IP addresses. Turning this on can result in lock ups of the RADIUS Server. (Default: no) select no Disableno Enableyes Allow Core Dumps varsettingsallowcoredumps Only turn this on if you need to debug the RADIUS server! (Default: no) select no Disableno Enableyes Regular Expressions varsettingsregularexpressions Allows regular expressions. (Default: yes) select yes Disableno Enableyes Extended Expressions varsettingsextendedexpressions Allows extended expressions. (Default: yes) select yes Disableno Enableyes LOGGING CONFIGURATION listtopic Logging Destination of RADIUS varsettingslogdir Choose the destination where freeRADIUS should log. Logging must be enabled.(Default: radius.log) select files /var/log/radius.logfiles System Logs -> Systemsyslog stdoutstdout stderrstderr RADIUS Logging varsettingsauth Choose if you want to enable logging. (Default: Disabled) select no Disableno Enableyes Log Bad Authentication Attempts varsettingsauthbadpass Choose if you want to log bad authentication attempts. Logging must be enabled. (Default: no) select no nono Logyes Log good authentication attempts? varsettingsauthgoodpass Choose if you want to log good authentication attempts. Logging must be enabled. (Default: no) select no nono Logyes Log Stripped Names varsettingsstrippednames Choose if you want to log the full User-Name attribute as it was found in the request. Logging must be enabled. (Default: no) select no nono Logyes SECURITY CONFIGURATION listtopic Maximum Number of Attributes varsettingsmaxattributes The maximum number of attributes permitted in a RADIUS packet. Packets which have more than this number of attributes in them will be dropped. (Default: 200) input 200 Access-Reject Delay varsettingsrejectdelay When sending an Access-Reject it can be delayed for a few seconds. This may help slow down a DoS attack. It also helps to slow down people trying to brute-force crack a users password. (Default: 1)(Immediately: 0) input 1 THREAD POOL CONFIGURATION listtopic Number of Threads After Start varsettingsstartservers The thread pool is a long-lived group of threads which take turns (round-robin) handling any incoming requests. (Default: 5) input 5 Maximum Number of Threads varsettingsmaxservers If this limit is ever reached, clients will be locked out so it should not be set to low. (Default: 32) input 32 Min Spare Servers varsettingsminspareservers This dynamically adjusts the "Number of Threads After Start". If the RADIUS server has to handle MANY requests and LESS than "Min Spare Servers" are left than the RADIUS server will INCREASE the number of running threads. (Default: 3) input 3 Max Spare Servers varsettingsmaxspareservers This dynamically adjusts the "Number of Threads After Start". If the RADIUS server has to handle FEW requests and MORE than "Max Spare Servers" are left than the RADIUS server will DECREASE the number of running threads. (Default: 10) input 10 Server Packet Queue Size varsettingsmaxqueuesize This is the queue size where the server stores packets before processing them. (Default: 65536) input 65536 Maximum Requests per Server varsettingsmaxrequestsperserver You should only change this if you encounter memory leaks while running RADIUS. (Default: 0) input 0 freeradius_settings_resync(); freeradius_settings_resync();