禁用防火墙
[root@radius ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. [root@radius ~]# systemctl stop firewalld [root@radius ~]#
安装AMP环境
[root@radius ~]# yum install php php-pdo php-mysql php-gd php-pear httpd mariadb-server mariadb
创建数据库
MariaDB [(none)]> create database radius; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> grant all on radius.* to radius@localhost; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> set password for radius@localhost=password('radiuspassword'); Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.00 sec)
设置系统及PHP时区
[root@radius ~]# cp /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime cp: overwrite ‘/etc/localtime’? y [root@radius ~]# [root@radius ~]# vi /etc/php.ini ;date.timezone = date.timezone = Asia/Hong_Kong
安装Free RADIUS及相关组件软件包
[root@radius html]# yum install freeradius freeradius-utils freeradius-mysql
查看FreeRADIUS安装包路径
[root@radius html]# rpm -lq freeradius /etc/logrotate.d/radiusd /etc/pam.d/radiusd /etc/raddb /etc/raddb/README.rst /etc/raddb/certs /etc/raddb/certs/Makefile /etc/raddb/certs/README /etc/raddb/certs/bootstrap /etc/raddb/certs/ca.cnf /etc/raddb/certs/client.cnf /etc/raddb/certs/passwords.mk /etc/raddb/certs/server.cnf /etc/raddb/certs/xpextensions /etc/raddb/clients.conf /etc/raddb/dictionary /etc/raddb/hints /etc/raddb/huntgroups /etc/raddb/mods-available /etc/raddb/mods-available/README.rst /etc/raddb/mods-available/always /etc/raddb/mods-available/attr_filter /etc/raddb/mods-available/cache /etc/raddb/mods-available/cache_eap /etc/raddb/mods-available/chap /etc/raddb/mods-available/counter /etc/raddb/mods-available/cui /etc/raddb/mods-available/date /etc/raddb/mods-available/detail /etc/raddb/mods-available/detail.example.com /etc/raddb/mods-available/detail.log /etc/raddb/mods-available/dhcp /etc/raddb/mods-available/dhcp_sqlippool /etc/raddb/mods-available/digest /etc/raddb/mods-available/dynamic_clients /etc/raddb/mods-available/eap /etc/raddb/mods-available/echo /etc/raddb/mods-available/etc_group /etc/raddb/mods-available/exec /etc/raddb/mods-available/expiration /etc/raddb/mods-available/expr /etc/raddb/mods-available/files /etc/raddb/mods-available/idn /etc/raddb/mods-available/inner-eap /etc/raddb/mods-available/ippool /etc/raddb/mods-available/linelog /etc/raddb/mods-available/logintime /etc/raddb/mods-available/mac2ip /etc/raddb/mods-available/mac2vlan /etc/raddb/mods-available/mschap /etc/raddb/mods-available/ntlm_auth /etc/raddb/mods-available/opendirectory /etc/raddb/mods-available/otp /etc/raddb/mods-available/pam /etc/raddb/mods-available/pap /etc/raddb/mods-available/passwd /etc/raddb/mods-available/preprocess /etc/raddb/mods-available/python /etc/raddb/mods-available/radutmp /etc/raddb/mods-available/realm /etc/raddb/mods-available/redis /etc/raddb/mods-available/rediswho /etc/raddb/mods-available/replicate /etc/raddb/mods-available/rest /etc/raddb/mods-available/smbpasswd /etc/raddb/mods-available/smsotp /etc/raddb/mods-available/soh /etc/raddb/mods-available/sometimes /etc/raddb/mods-available/sql /etc/raddb/mods-available/sqlcounter /etc/raddb/mods-available/sqlippool /etc/raddb/mods-available/sradutmp /etc/raddb/mods-available/unix /etc/raddb/mods-available/unpack /etc/raddb/mods-available/utf8 /etc/raddb/mods-available/wimax /etc/raddb/mods-available/yubikey /etc/raddb/mods-config /etc/raddb/mods-config/README.rst /etc/raddb/mods-config/attr_filter /etc/raddb/mods-config/attr_filter/access_challenge /etc/raddb/mods-config/attr_filter/access_reject /etc/raddb/mods-config/attr_filter/accounting_response /etc/raddb/mods-config/attr_filter/post-proxy /etc/raddb/mods-config/attr_filter/pre-proxy /etc/raddb/mods-config/files /etc/raddb/mods-config/files/accounting /etc/raddb/mods-config/files/authorize /etc/raddb/mods-config/files/pre-proxy /etc/raddb/mods-config/preprocess /etc/raddb/mods-config/preprocess/hints /etc/raddb/mods-config/preprocess/huntgroups /etc/raddb/mods-config/sql /etc/raddb/mods-config/sql/counter /etc/raddb/mods-config/sql/cui /etc/raddb/mods-config/sql/ippool /etc/raddb/mods-config/sql/ippool-dhcp /etc/raddb/mods-config/sql/main /etc/raddb/mods-enabled /etc/raddb/mods-enabled/always /etc/raddb/mods-enabled/attr_filter /etc/raddb/mods-enabled/cache_eap /etc/raddb/mods-enabled/chap /etc/raddb/mods-enabled/date /etc/raddb/mods-enabled/detail /etc/raddb/mods-enabled/detail.log /etc/raddb/mods-enabled/dhcp /etc/raddb/mods-enabled/digest /etc/raddb/mods-enabled/dynamic_clients /etc/raddb/mods-enabled/eap /etc/raddb/mods-enabled/echo /etc/raddb/mods-enabled/exec /etc/raddb/mods-enabled/expiration /etc/raddb/mods-enabled/expr /etc/raddb/mods-enabled/files /etc/raddb/mods-enabled/linelog /etc/raddb/mods-enabled/logintime /etc/raddb/mods-enabled/mschap /etc/raddb/mods-enabled/ntlm_auth /etc/raddb/mods-enabled/pap /etc/raddb/mods-enabled/passwd /etc/raddb/mods-enabled/preprocess /etc/raddb/mods-enabled/radutmp /etc/raddb/mods-enabled/realm /etc/raddb/mods-enabled/replicate /etc/raddb/mods-enabled/soh /etc/raddb/mods-enabled/sradutmp /etc/raddb/mods-enabled/unix /etc/raddb/mods-enabled/unpack /etc/raddb/mods-enabled/utf8 /etc/raddb/panic.gdb /etc/raddb/policy.d /etc/raddb/policy.d/accounting /etc/raddb/policy.d/canonicalization /etc/raddb/policy.d/control /etc/raddb/policy.d/cui /etc/raddb/policy.d/debug /etc/raddb/policy.d/dhcp /etc/raddb/policy.d/eap /etc/raddb/policy.d/filter /etc/raddb/policy.d/operator-name /etc/raddb/proxy.conf /etc/raddb/radiusd.conf /etc/raddb/sites-available /etc/raddb/sites-available/README /etc/raddb/sites-available/buffered-sql /etc/raddb/sites-available/challenge /etc/raddb/sites-available/channel_bindings /etc/raddb/sites-available/check-eap-tls /etc/raddb/sites-available/coa /etc/raddb/sites-available/control-socket /etc/raddb/sites-available/copy-acct-to-home-server /etc/raddb/sites-available/decoupled-accounting /etc/raddb/sites-available/default /etc/raddb/sites-available/dhcp /etc/raddb/sites-available/dhcp.relay /etc/raddb/sites-available/dynamic-clients /etc/raddb/sites-available/example /etc/raddb/sites-available/inner-tunnel /etc/raddb/sites-available/originate-coa /etc/raddb/sites-available/proxy-inner-tunnel /etc/raddb/sites-available/robust-proxy-accounting /etc/raddb/sites-available/soh /etc/raddb/sites-available/status /etc/raddb/sites-available/tls /etc/raddb/sites-available/virtual.example.com /etc/raddb/sites-available/vmps /etc/raddb/sites-enabled /etc/raddb/sites-enabled/default /etc/raddb/sites-enabled/inner-tunnel /etc/raddb/templates.conf /etc/raddb/trigger.conf /etc/raddb/users /usr/lib/systemd/system/radiusd.service /usr/lib/tmpfiles.d/radiusd.conf /usr/lib64/freeradius /usr/lib64/freeradius/libfreeradius-dhcp.so /usr/lib64/freeradius/libfreeradius-eap.so /usr/lib64/freeradius/libfreeradius-radius.so /usr/lib64/freeradius/libfreeradius-server.so /usr/lib64/freeradius/proto_dhcp.so /usr/lib64/freeradius/proto_vmps.so /usr/lib64/freeradius/rlm_always.so /usr/lib64/freeradius/rlm_attr_filter.so /usr/lib64/freeradius/rlm_cache.so /usr/lib64/freeradius/rlm_cache_rbtree.so /usr/lib64/freeradius/rlm_chap.so /usr/lib64/freeradius/rlm_counter.so /usr/lib64/freeradius/rlm_cram.so /usr/lib64/freeradius/rlm_date.so /usr/lib64/freeradius/rlm_detail.so /usr/lib64/freeradius/rlm_dhcp.so /usr/lib64/freeradius/rlm_digest.so /usr/lib64/freeradius/rlm_dynamic_clients.so /usr/lib64/freeradius/rlm_eap.so /usr/lib64/freeradius/rlm_eap_fast.so /usr/lib64/freeradius/rlm_eap_gtc.so /usr/lib64/freeradius/rlm_eap_leap.so /usr/lib64/freeradius/rlm_eap_md5.so /usr/lib64/freeradius/rlm_eap_mschapv2.so /usr/lib64/freeradius/rlm_eap_peap.so /usr/lib64/freeradius/rlm_eap_pwd.so /usr/lib64/freeradius/rlm_eap_sim.so /usr/lib64/freeradius/rlm_eap_tls.so /usr/lib64/freeradius/rlm_eap_tnc.so /usr/lib64/freeradius/rlm_eap_ttls.so /usr/lib64/freeradius/rlm_exec.so /usr/lib64/freeradius/rlm_expiration.so /usr/lib64/freeradius/rlm_expr.so /usr/lib64/freeradius/rlm_files.so /usr/lib64/freeradius/rlm_ippool.so /usr/lib64/freeradius/rlm_linelog.so /usr/lib64/freeradius/rlm_logintime.so /usr/lib64/freeradius/rlm_mschap.so /usr/lib64/freeradius/rlm_otp.so /usr/lib64/freeradius/rlm_pam.so /usr/lib64/freeradius/rlm_pap.so /usr/lib64/freeradius/rlm_passwd.so /usr/lib64/freeradius/rlm_preprocess.so /usr/lib64/freeradius/rlm_radutmp.so /usr/lib64/freeradius/rlm_realm.so /usr/lib64/freeradius/rlm_replicate.so /usr/lib64/freeradius/rlm_soh.so /usr/lib64/freeradius/rlm_sometimes.so /usr/lib64/freeradius/rlm_sql.so /usr/lib64/freeradius/rlm_sql_null.so /usr/lib64/freeradius/rlm_sqlcounter.so /usr/lib64/freeradius/rlm_sqlippool.so /usr/lib64/freeradius/rlm_unix.so /usr/lib64/freeradius/rlm_unpack.so /usr/lib64/freeradius/rlm_utf8.so /usr/lib64/freeradius/rlm_wimax.so /usr/lib64/freeradius/rlm_yubikey.so /usr/sbin/checkrad /usr/sbin/raddebug /usr/sbin/radiusd /usr/sbin/radmin /usr/share/doc/freeradius-3.0.13/LICENSE.gpl /usr/share/doc/freeradius-3.0.13/LICENSE.lgpl /usr/share/doc/freeradius-3.0.13/LICENSE.openssl /usr/share/doc/freeradius-3.0.13/REDHAT /usr/share/freeradius /usr/share/freeradius/dictionary /usr/share/freeradius/dictionary.3com /usr/share/freeradius/dictionary.3gpp /usr/share/freeradius/dictionary.3gpp2 /usr/share/freeradius/dictionary.acc /usr/share/freeradius/dictionary.acme /usr/share/freeradius/dictionary.actelis /usr/share/freeradius/dictionary.adtran /usr/share/freeradius/dictionary.aerohive /usr/share/freeradius/dictionary.airespace /usr/share/freeradius/dictionary.alcatel /usr/share/freeradius/dictionary.alcatel-lucent.aaa /usr/share/freeradius/dictionary.alcatel.esam /usr/share/freeradius/dictionary.alcatel.sr /usr/share/freeradius/dictionary.alteon /usr/share/freeradius/dictionary.altiga /usr/share/freeradius/dictionary.alvarion /usr/share/freeradius/dictionary.alvarion.wimax.v2_2 /usr/share/freeradius/dictionary.apc /usr/share/freeradius/dictionary.aptilo /usr/share/freeradius/dictionary.aptis /usr/share/freeradius/dictionary.arbor /usr/share/freeradius/dictionary.arista /usr/share/freeradius/dictionary.aruba /usr/share/freeradius/dictionary.ascend /usr/share/freeradius/dictionary.ascend.illegal /usr/share/freeradius/dictionary.asn /usr/share/freeradius/dictionary.audiocodes /usr/share/freeradius/dictionary.avaya /usr/share/freeradius/dictionary.azaire /usr/share/freeradius/dictionary.bay /usr/share/freeradius/dictionary.bintec /usr/share/freeradius/dictionary.bluecoat /usr/share/freeradius/dictionary.boingo /usr/share/freeradius/dictionary.bristol /usr/share/freeradius/dictionary.broadsoft /usr/share/freeradius/dictionary.brocade /usr/share/freeradius/dictionary.bskyb /usr/share/freeradius/dictionary.bt /usr/share/freeradius/dictionary.cablelabs /usr/share/freeradius/dictionary.cabletron /usr/share/freeradius/dictionary.camiant /usr/share/freeradius/dictionary.checkpoint /usr/share/freeradius/dictionary.chillispot /usr/share/freeradius/dictionary.cisco /usr/share/freeradius/dictionary.cisco.asa /usr/share/freeradius/dictionary.cisco.bbsm /usr/share/freeradius/dictionary.cisco.vpn3000 /usr/share/freeradius/dictionary.cisco.vpn5000 /usr/share/freeradius/dictionary.citrix /usr/share/freeradius/dictionary.clavister /usr/share/freeradius/dictionary.cnergee /usr/share/freeradius/dictionary.colubris /usr/share/freeradius/dictionary.columbia_university /usr/share/freeradius/dictionary.compat /usr/share/freeradius/dictionary.compatible /usr/share/freeradius/dictionary.cosine /usr/share/freeradius/dictionary.dante /usr/share/freeradius/dictionary.dhcp /usr/share/freeradius/dictionary.digium /usr/share/freeradius/dictionary.dlink /usr/share/freeradius/dictionary.dragonwave /usr/share/freeradius/dictionary.efficientip /usr/share/freeradius/dictionary.eltex /usr/share/freeradius/dictionary.epygi /usr/share/freeradius/dictionary.equallogic /usr/share/freeradius/dictionary.ericsson /usr/share/freeradius/dictionary.ericsson.ab /usr/share/freeradius/dictionary.ericsson.packet.core.networks /usr/share/freeradius/dictionary.erx /usr/share/freeradius/dictionary.extreme /usr/share/freeradius/dictionary.f5 /usr/share/freeradius/dictionary.fdxtended /usr/share/freeradius/dictionary.fortinet /usr/share/freeradius/dictionary.foundry /usr/share/freeradius/dictionary.freedhcp /usr/share/freeradius/dictionary.freeradius /usr/share/freeradius/dictionary.freeradius.internal /usr/share/freeradius/dictionary.freeswitch /usr/share/freeradius/dictionary.gandalf /usr/share/freeradius/dictionary.garderos /usr/share/freeradius/dictionary.gemtek /usr/share/freeradius/dictionary.h3c /usr/share/freeradius/dictionary.hillstone /usr/share/freeradius/dictionary.hp /usr/share/freeradius/dictionary.huawei /usr/share/freeradius/dictionary.iana /usr/share/freeradius/dictionary.iea /usr/share/freeradius/dictionary.infoblox /usr/share/freeradius/dictionary.infonet /usr/share/freeradius/dictionary.ipunplugged /usr/share/freeradius/dictionary.issanni /usr/share/freeradius/dictionary.itk /usr/share/freeradius/dictionary.juniper /usr/share/freeradius/dictionary.karlnet /usr/share/freeradius/dictionary.kineto /usr/share/freeradius/dictionary.lancom /usr/share/freeradius/dictionary.lantronix /usr/share/freeradius/dictionary.livingston /usr/share/freeradius/dictionary.localweb /usr/share/freeradius/dictionary.lucent /usr/share/freeradius/dictionary.manzara /usr/share/freeradius/dictionary.meinberg /usr/share/freeradius/dictionary.meraki /usr/share/freeradius/dictionary.merit /usr/share/freeradius/dictionary.meru /usr/share/freeradius/dictionary.microsemi /usr/share/freeradius/dictionary.microsoft /usr/share/freeradius/dictionary.mikrotik /usr/share/freeradius/dictionary.motorola /usr/share/freeradius/dictionary.motorola.illegal /usr/share/freeradius/dictionary.motorola.wimax /usr/share/freeradius/dictionary.navini /usr/share/freeradius/dictionary.netscreen /usr/share/freeradius/dictionary.networkphysics /usr/share/freeradius/dictionary.nexans /usr/share/freeradius/dictionary.nokia /usr/share/freeradius/dictionary.nokia.conflict /usr/share/freeradius/dictionary.nomadix /usr/share/freeradius/dictionary.nortel /usr/share/freeradius/dictionary.ntua /usr/share/freeradius/dictionary.openser /usr/share/freeradius/dictionary.packeteer /usr/share/freeradius/dictionary.paloalto /usr/share/freeradius/dictionary.patton /usr/share/freeradius/dictionary.perle /usr/share/freeradius/dictionary.propel /usr/share/freeradius/dictionary.prosoft /usr/share/freeradius/dictionary.proxim /usr/share/freeradius/dictionary.purewave /usr/share/freeradius/dictionary.quiconnect /usr/share/freeradius/dictionary.quintum /usr/share/freeradius/dictionary.redcreek /usr/share/freeradius/dictionary.rfc2865 /usr/share/freeradius/dictionary.rfc2866 /usr/share/freeradius/dictionary.rfc2867 /usr/share/freeradius/dictionary.rfc2868 /usr/share/freeradius/dictionary.rfc2869 /usr/share/freeradius/dictionary.rfc3162 /usr/share/freeradius/dictionary.rfc3576 /usr/share/freeradius/dictionary.rfc3580 /usr/share/freeradius/dictionary.rfc4072 /usr/share/freeradius/dictionary.rfc4372 /usr/share/freeradius/dictionary.rfc4603 /usr/share/freeradius/dictionary.rfc4675 /usr/share/freeradius/dictionary.rfc4679 /usr/share/freeradius/dictionary.rfc4818 /usr/share/freeradius/dictionary.rfc4849 /usr/share/freeradius/dictionary.rfc5090 /usr/share/freeradius/dictionary.rfc5176 /usr/share/freeradius/dictionary.rfc5447 /usr/share/freeradius/dictionary.rfc5580 /usr/share/freeradius/dictionary.rfc5607 /usr/share/freeradius/dictionary.rfc5904 /usr/share/freeradius/dictionary.rfc6519 /usr/share/freeradius/dictionary.rfc6572 /usr/share/freeradius/dictionary.rfc6677 /usr/share/freeradius/dictionary.rfc6911 /usr/share/freeradius/dictionary.rfc6929 /usr/share/freeradius/dictionary.rfc6930 /usr/share/freeradius/dictionary.rfc7055 /usr/share/freeradius/dictionary.rfc7155 /usr/share/freeradius/dictionary.rfc7268 /usr/share/freeradius/dictionary.rfc7499 /usr/share/freeradius/dictionary.rfc7930 /usr/share/freeradius/dictionary.riverbed /usr/share/freeradius/dictionary.riverstone /usr/share/freeradius/dictionary.roaringpenguin /usr/share/freeradius/dictionary.ruckus /usr/share/freeradius/dictionary.ruggedcom /usr/share/freeradius/dictionary.sangoma /usr/share/freeradius/dictionary.sg /usr/share/freeradius/dictionary.shasta /usr/share/freeradius/dictionary.shiva /usr/share/freeradius/dictionary.siemens /usr/share/freeradius/dictionary.slipstream /usr/share/freeradius/dictionary.sofaware /usr/share/freeradius/dictionary.sonicwall /usr/share/freeradius/dictionary.springtide /usr/share/freeradius/dictionary.starent /usr/share/freeradius/dictionary.starent.vsa1 /usr/share/freeradius/dictionary.surfnet /usr/share/freeradius/dictionary.symbol /usr/share/freeradius/dictionary.t_systems_nova /usr/share/freeradius/dictionary.telebit /usr/share/freeradius/dictionary.telkom /usr/share/freeradius/dictionary.terena /usr/share/freeradius/dictionary.trapeze /usr/share/freeradius/dictionary.travelping /usr/share/freeradius/dictionary.tropos /usr/share/freeradius/dictionary.ukerna /usr/share/freeradius/dictionary.unix /usr/share/freeradius/dictionary.usr /usr/share/freeradius/dictionary.usr.illegal /usr/share/freeradius/dictionary.utstarcom /usr/share/freeradius/dictionary.valemount /usr/share/freeradius/dictionary.versanet /usr/share/freeradius/dictionary.vqp /usr/share/freeradius/dictionary.walabi /usr/share/freeradius/dictionary.waverider /usr/share/freeradius/dictionary.wichorus /usr/share/freeradius/dictionary.wifialliance /usr/share/freeradius/dictionary.wimax /usr/share/freeradius/dictionary.wimax.alvarion /usr/share/freeradius/dictionary.wimax.wichorus /usr/share/freeradius/dictionary.wispr /usr/share/freeradius/dictionary.xedia /usr/share/freeradius/dictionary.xylan /usr/share/freeradius/dictionary.yubico /usr/share/freeradius/dictionary.zeus /usr/share/freeradius/dictionary.zte /usr/share/freeradius/dictionary.zyxel /usr/share/man/man5/clients.conf.5.gz /usr/share/man/man5/dictionary.5.gz /usr/share/man/man5/radiusd.conf.5.gz /usr/share/man/man5/radrelay.conf.5.gz /usr/share/man/man5/rlm_always.5.gz /usr/share/man/man5/rlm_attr_filter.5.gz /usr/share/man/man5/rlm_chap.5.gz /usr/share/man/man5/rlm_counter.5.gz /usr/share/man/man5/rlm_detail.5.gz /usr/share/man/man5/rlm_digest.5.gz /usr/share/man/man5/rlm_expr.5.gz /usr/share/man/man5/rlm_files.5.gz /usr/share/man/man5/rlm_idn.5.gz /usr/share/man/man5/rlm_mschap.5.gz /usr/share/man/man5/rlm_pap.5.gz /usr/share/man/man5/rlm_passwd.5.gz /usr/share/man/man5/rlm_realm.5.gz /usr/share/man/man5/rlm_sql.5.gz /usr/share/man/man5/rlm_unix.5.gz /usr/share/man/man5/unlang.5.gz /usr/share/man/man5/users.5.gz /usr/share/man/man8/raddebug.8.gz /usr/share/man/man8/radiusd.8.gz /usr/share/man/man8/radmin.8.gz /usr/share/man/man8/radrelay.8.gz /usr/share/snmp/mibs/FREERADIUS-MGMT-MIB.mib /usr/share/snmp/mibs/FREERADIUS-NOTIFICATION-MIB.mib /usr/share/snmp/mibs/FREERADIUS-PRODUCT-RADIUSD-MIB.mib /usr/share/snmp/mibs/FREERADIUS-SMI.mib /usr/share/snmp/mibs/RADIUS-ACC-CLIENT-MIB.mib /usr/share/snmp/mibs/RADIUS-ACC-SERVER-MIB.mib /usr/share/snmp/mibs/RADIUS-AUTH-CLIENT-MIB.mib /usr/share/snmp/mibs/RADIUS-AUTH-SERVER-MIB.mib /usr/share/snmp/mibs/RADIUS-STAT-MIB.mib /var/lib/radiusd /var/log/radius /var/log/radius/radacct /var/log/radius/radius.log /var/log/radius/radutmp /var/run/radiusd /var/run/radiusd/tmp [root@radius html]#
查看FreeRADIUS工具包安装路径
[root@radius html]# rpm -lq freeradius-utils /usr/bin/dhcpclient /usr/bin/map_unit /usr/bin/rad_counter /usr/bin/radattr /usr/bin/radclient /usr/bin/radcrypt /usr/bin/radeapclient /usr/bin/radlast /usr/bin/radsniff /usr/bin/radsqlrelay /usr/bin/radtest /usr/bin/radwho /usr/bin/radzap /usr/bin/rlm_ippool_tool /usr/bin/smbencrypt /usr/share/man/man1/dhcpclient.1.gz /usr/share/man/man1/rad_counter.1.gz /usr/share/man/man1/radclient.1.gz /usr/share/man/man1/radeapclient.1.gz /usr/share/man/man1/radlast.1.gz /usr/share/man/man1/radtest.1.gz /usr/share/man/man1/radwho.1.gz /usr/share/man/man1/radzap.1.gz /usr/share/man/man1/smbencrypt.1.gz /usr/share/man/man5/checkrad.5.gz /usr/share/man/man8/radcrypt.8.gz /usr/share/man/man8/radsniff.8.gz /usr/share/man/man8/radsqlrelay.8.gz /usr/share/man/man8/rlm_ippool_tool.8.gz [root@radius html]#
查看FreeRADIUS MySQL数据库扩展包安装路
[root@radius html]# rpm -lq freeradius-mysql /etc/raddb/mods-config/sql/counter/mysql /etc/raddb/mods-config/sql/counter/mysql/dailycounter.conf /etc/raddb/mods-config/sql/counter/mysql/expire_on_login.conf /etc/raddb/mods-config/sql/counter/mysql/monthlycounter.conf /etc/raddb/mods-config/sql/counter/mysql/noresetcounter.conf /etc/raddb/mods-config/sql/cui/mysql /etc/raddb/mods-config/sql/cui/mysql/queries.conf /etc/raddb/mods-config/sql/cui/mysql/schema.sql /etc/raddb/mods-config/sql/ippool-dhcp/mysql /etc/raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf /etc/raddb/mods-config/sql/ippool-dhcp/mysql/schema.sql /etc/raddb/mods-config/sql/ippool/mysql /etc/raddb/mods-config/sql/ippool/mysql/queries.conf /etc/raddb/mods-config/sql/ippool/mysql/schema.sql /etc/raddb/mods-config/sql/main/mysql /etc/raddb/mods-config/sql/main/mysql/extras /etc/raddb/mods-config/sql/main/mysql/extras/wimax /etc/raddb/mods-config/sql/main/mysql/extras/wimax/queries.conf /etc/raddb/mods-config/sql/main/mysql/extras/wimax/schema.sql /etc/raddb/mods-config/sql/main/mysql/queries.conf /etc/raddb/mods-config/sql/main/mysql/schema.sql /etc/raddb/mods-config/sql/main/mysql/setup.sql /etc/raddb/mods-config/sql/main/ndb /etc/raddb/mods-config/sql/main/ndb/README /etc/raddb/mods-config/sql/main/ndb/schema.sql /etc/raddb/mods-config/sql/main/ndb/setup.sql /usr/lib64/freeradius/rlm_sql_mysql.so [root@radius html]#
注册并启动服务
[root@radius ~]# systemctl enable radiusd Created symlink from /etc/systemd/system/multi-user.target.wants/radiusd.service to /usr/lib/systemd/system/radiusd.service. [root@radius ~]# systemctl start radiusd [root@radius ~]#
查看端口监听(UDP1812/UDP1813)
[root@radius ~]# netstat -ltun Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN udp 0 0 127.0.0.1:323 0.0.0.0:* udp 0 0 0.0.0.0:68 0.0.0.0:* udp 0 0 127.0.0.1:18120 0.0.0.0:* udp 0 0 0.0.0.0:56569 0.0.0.0:* udp 0 0 0.0.0.0:1812 0.0.0.0:* udp 0 0 0.0.0.0:1813 0.0.0.0:* udp6 0 0 ::1:323 :::* udp6 0 0 :::54657 :::* udp6 0 0 :::1812 :::* udp6 0 0 :::1813 :::* [root@radius ~]#
导入数据库
[root@radius ~]# mysql -uroot -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql Enter password: [root@radius ~]#
启用数据库模块
[root@radius ~]# cd /etc/raddb/mods-enabled/ [root@radius mods-enabled]# ln -s ../mods-available/sql sql [root@radius mods-enabled]#
修改数据库连接配置文件
[root@radius mods-enabled]# vi sql driver = "rlm_sql_null" driver = "rlm_sql_mysql" dialect = "sqlite" dialect = "mysql" # server = "localhost" # port = 3306 # login = "radius" # password = "radpass" server = "localhost" port = 3306 login = "radius" password = "radiuspassword" # read_clients = yes read_clients = yes
修改数据库连接配置文件属组
[root@radius mods-enabled]# ll sql lrwxrwxrwx 1 root root 21 Feb 20 05:58 sql -> ../mods-available/sql [root@radius mods-enabled]# chgrp -h radiusd sql [root@radius mods-enabled]# ll sql lrwxrwxrwx 1 root radiusd 21 Feb 20 05:58 sql -> ../mods-available/sql [root@radius mods-enabled]#
下载daloRADIUS安装包并解压缩
[root@radius ~]# wget https://github.com/lirantal/daloradius/archive/master.zip [root@radius ~]# cp -R daloradius-master/ /var/www/html/daloradius
导入数据库
[root@radius ~]# cd /var/www/html/ [root@radius html]# mysql -uroot -p radius < daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql Enter password: [root@radius html]# mysql -uroot -p radius < daloradius/contrib/db/mysql-daloradius.sql Enter password: [root@radius html]#
修改目录及配置文件属性
[root@radius html]# chown -R apache.apache daloradius/ [root@radius html]# chmod 664 daloradius/library/daloradius.conf.php [root@radius html]#
修改daloRADIUS配置文件
[root@radius html]# vi daloradius/library/daloradius.conf.php $configValues['CONFIG_DB_HOST'] = 'localhost'; $configValues['CONFIG_DB_PORT'] = '3306'; $configValues['CONFIG_DB_USER'] = 'radius'; $configValues['CONFIG_DB_PASS'] = 'radiuspassword'; $configValues['CONFIG_DB_NAME'] = 'radius';
安装PEAR扩展
更新频道
[root@radius ~]# pear channel-update pear.php.net Updating channel "pear.php.net" Update of Channel "pear.php.net" succeeded [root@radius ~]#
升级pear/PEAR版本
错误提示
[root@radius ~]# pear install DB WARNING: "pear/DB" is deprecated in favor of "pear/MDB2" pear/DB requires package "pear/PEAR" (version >= 1.10.0), installed version is 1.9.4 No valid packages found install failed [root@radius ~]#
升级操作
[root@radius ~]# pear install PEAR WARNING: "pear/Console_Getopt" is deprecated in favor of "pear/Console_GetoptPlus" downloading PEAR-1.10.10.tgz ... Starting to download PEAR-1.10.10.tgz (293,388 bytes) .............................................................done: 293,388 bytes downloading Archive_Tar-1.4.9.tgz ... Starting to download Archive_Tar-1.4.9.tgz (21,343 bytes) ...done: 21,343 bytes downloading Structures_Graph-1.1.1.tgz ... Starting to download Structures_Graph-1.1.1.tgz (12,579 bytes) ...done: 12,579 bytes downloading Console_Getopt-1.4.3.tgz ... Starting to download Console_Getopt-1.4.3.tgz (5,789 bytes) ...done: 5,789 bytes downloading XML_Util-1.4.3.tgz ... Starting to download XML_Util-1.4.3.tgz (18,842 bytes) ...done: 18,842 bytes install ok: channel://pear.php.net/Archive_Tar-1.4.9 install ok: channel://pear.php.net/Structures_Graph-1.1.1 install ok: channel://pear.php.net/Console_Getopt-1.4.3 install ok: channel://pear.php.net/XML_Util-1.4.3 install ok: channel://pear.php.net/PEAR-1.10.10 PEAR: Optional feature webinstaller available (PEAR's web-based installer) PEAR: Optional feature gtkinstaller available (PEAR's PHP-GTK-based installer) PEAR: Optional feature gtk2installer available (PEAR's PHP-GTK2-based installer) PEAR: To install optional features use "pear install pear/PEAR#featurename" [root@radius ~]#
安装pear/DB扩展
[root@radius ~]# pear install DB WARNING: "pear/DB" is deprecated in favor of "pear/MDB2" downloading DB-1.9.3.tgz ... Starting to download DB-1.9.3.tgz (132,290 bytes) .............................done: 132,290 bytes install ok: channel://pear.php.net/DB-1.9.3 [root@radius ~]#
安装pear/MDB2扩展
[root@radius ~]# pear install MDB2 downloading MDB2-2.4.1.tgz ... Starting to download MDB2-2.4.1.tgz (121,557 bytes) ..........................done: 121,557 bytes install ok: channel://pear.php.net/MDB2-2.4.1 MDB2: Optional feature fbsql available (Frontbase SQL driver for MDB2) MDB2: Optional feature ibase available (Interbase/Firebird driver for MDB2) MDB2: Optional feature mysql available (MySQL driver for MDB2) MDB2: Optional feature mysqli available (MySQLi driver for MDB2) MDB2: Optional feature mssql available (MS SQL Server driver for MDB2) MDB2: Optional feature oci8 available (Oracle driver for MDB2) MDB2: Optional feature pgsql available (PostgreSQL driver for MDB2) MDB2: Optional feature querysim available (Querysim driver for MDB2) MDB2: Optional feature sqlite available (SQLite2 driver for MDB2) MDB2: To install optional features use "pear install pear/MDB2#featurename" [root@radius ~]#
重启服务
[root@radius ~]# systemctl restart radiusd
使用浏览器访问daloRADIUS控制台