version 1.1.1.2, 2013/07/22 08:44:30
|
version 1.1.1.4, 2021/03/17 00:39:23
|
Line 6
|
Line 6
|
</HEAD> |
</HEAD> |
<BODY text="#000000" bgcolor="#ffffff"> |
<BODY text="#000000" bgcolor="#ffffff"> |
|
|
<A HREF="mpd.html"><EM>Mpd 5.7 User Manual</EM></A> | <A HREF="mpd.html"><EM>Mpd 5.9 User Manual</EM></A> |
<b>:</b> <A HREF="mpd17.html"><EM>Configuring Mpd</EM></A> |
<b>:</b> <A HREF="mpd17.html"><EM>Configuring Mpd</EM></A> |
<b>:</b> <A HREF="mpd29.html"><EM>Authentication, Authorization and Accounting (AAA)</EM></A> |
<b>:</b> <A HREF="mpd29.html"><EM>Authentication, Authorization and Accounting (AAA)</EM></A> |
<b>:</b> <EM>RADIUS</EM><BR> |
<b>:</b> <EM>RADIUS</EM><BR> |
Line 34 of that type.</p>
|
Line 34 of that type.</p>
|
|
|
<dt><b><code>unset radius server <em>name</em> [ <em>auth-port</em> [ <em>acct-port</em> ]]</code></b><dd><p>Deletes cpecific RADIUS server from pool.</p> |
<dt><b><code>unset radius server <em>name</em> [ <em>auth-port</em> [ <em>acct-port</em> ]]</code></b><dd><p>Deletes cpecific RADIUS server from pool.</p> |
|
|
|
<dt><b><code>set radius src-addr <em>ipaddr</em></code></b><dd><p>Configure IP address on the multihomed host that is used as a source address |
|
for all requests.</p> |
|
|
<dt><b><code>set radius timeout <em>seconds</em></code></b><dd><p>Set the timeout for completion of RADIUS requests.</p> |
<dt><b><code>set radius timeout <em>seconds</em></code></b><dd><p>Set the timeout for completion of RADIUS requests.</p> |
<p>The default is 5 second.</p> |
<p>The default is 5 second.</p> |
|
|
Line 68 N Name Access Accounting
|
Line 71 N Name Access Accounting
|
7 Framed-Protocol + - + - |
7 Framed-Protocol + - + - |
8 Framed-IP-Address - + + - |
8 Framed-IP-Address - + + - |
9 Framed-IP-Netmask - + + - |
9 Framed-IP-Netmask - + + - |
|
11 Filter-Id - + - - |
12 Framed-MTU - + - - |
12 Framed-MTU - + - - |
13 Framed-Compression - + - - |
13 Framed-Compression - + - - |
18 Reply-Message - + - - |
18 Reply-Message - + - - |
Line 215 mpd-rule += "100=allow all from any to any",
|
Line 219 mpd-rule += "100=allow all from any to any",
|
</p> |
</p> |
<p>When mpd receives these parameters it will call ipfw(8) to create |
<p>When mpd receives these parameters it will call ipfw(8) to create |
firewall rules, pipes and queues with unique numbers starting from 10000 |
firewall rules, pipes and queues with unique numbers starting from 10000 |
(configurable via 'set global start...'). %rX, %pX, %qX, %tX | (configurable via 'set global start...'). %rX, %pX, %qX, %tX and %aX |
macroses will be expanded within mpd-rule and mpd-queue. |
macroses will be expanded within mpd-rule and mpd-queue. |
To the end of each rule will be added "via ngX" to make the rule apply |
To the end of each rule will be added "via ngX" to make the rule apply |
only to that client's networking interface.</p> |
only to that client's networking interface.</p> |
|
<p>Allowed macroses: |
|
<pre> |
|
%rX IPFW rule pool |
|
%pX IPFW pipe pool |
|
%qX IPFW queue pool |
|
%tX IPFW table pool |
|
%a1 peer negotiated IP address |
|
%a2 self negotiated IP address |
|
</pre> |
|
</p> |
<p>As a result of this example we would get these commands executed: |
<p>As a result of this example we would get these commands executed: |
<pre> |
<pre> |
ipfw table 32 add 10.0.0.1 |
ipfw table 32 add 10.0.0.1 |
Line 233 ipfw add 10002 allow all from any to any via ng0
|
Line 247 ipfw add 10002 allow all from any to any via ng0
|
When the link goes down, all created rules will be removed.</p> |
When the link goes down, all created rules will be removed.</p> |
<p>Note: As soon as mpd executes ipfw commands using shell, shell's |
<p>Note: As soon as mpd executes ipfw commands using shell, shell's |
special characters like "(" and ")" must be slashed.</p> |
special characters like "(" and ")" must be slashed.</p> |
|
<p>You can specify <em>mpd-table += "1=peer_addr"</em> to use mpd-table |
|
with the peer negotiated IP address.</p> |
|
|
<dt><b>internal (ng_bpf/ng_car)</b><dd> |
<dt><b>internal (ng_bpf/ng_car)</b><dd> |
<p>Mpd can create complex per-interface traffic filtering/limiting engines inside |
<p>Mpd can create complex per-interface traffic filtering/limiting engines inside |
Line 282 in AAA accounting requests.</p>
|
Line 298 in AAA accounting requests.</p>
|
</dl> |
</dl> |
</p> |
</p> |
<HR NOSHADE> |
<HR NOSHADE> |
<A HREF="mpd.html"><EM>Mpd 5.7 User Manual</EM></A> | <A HREF="mpd.html"><EM>Mpd 5.9 User Manual</EM></A> |
<b>:</b> <A HREF="mpd17.html"><EM>Configuring Mpd</EM></A> |
<b>:</b> <A HREF="mpd17.html"><EM>Configuring Mpd</EM></A> |
<b>:</b> <A HREF="mpd29.html"><EM>Authentication, Authorization and Accounting (AAA)</EM></A> |
<b>:</b> <A HREF="mpd29.html"><EM>Authentication, Authorization and Accounting (AAA)</EM></A> |
<b>:</b> <EM>RADIUS</EM><BR> |
<b>:</b> <EM>RADIUS</EM><BR> |