[BACK]Return to radiusd.conf CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / hosts / alice / etc / freeradius
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / hosts / alice / etc / freeradius / radiusd.conf
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Jun 3 09:46:49 2020 UTC (4 years, 3 months ago) by misho
Branches: strongswan, MAIN
CVS tags: v5_9_2p0, v5_8_4p7, HEAD
Strongswan

# radiusd.conf	-- FreeRADIUS server configuration file.

prefix = /usr
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/freeradius
raddbdir = ${sysconfdir}/freeradius
radacctdir = ${logdir}/radacct

#  name of the running server.  See also the "-n" command-line option.
name = freeradius

#  Location of config and logfiles.
confdir = ${raddbdir}
run_dir = ${localstatedir}/run

# Should likely be ${localstatedir}/lib/radiusd
db_dir = ${raddbdir}

# libdir: Where to find the rlm_* modules.
libdir = ${exec_prefix}/lib

#  pidfile: Where to place the PID of the RADIUS server.
pidfile = ${run_dir}/${name}.pid

#  max_request_time: The maximum time (in seconds) to handle a request.
max_request_time = 30

#  cleanup_delay: The time to wait (in seconds) before cleaning up
cleanup_delay = 5

#  max_requests: The maximum number of requests which the server keeps
max_requests = 1024

#  listen: Make the server listen on a particular IP address, and send
listen {
  type = auth
  ipaddr = 10.1.0.10
  port = 0
}

#  This second "listen" section is for listening on the accounting
#  port, too.
#
listen {
  type  = acct
  ipaddr = 10.1.0.10
  port = 0
}

#  hostname_lookups: Log the names of clients or just their IP addresses
hostname_lookups = no

#  Core dumps are a bad thing.  This should only be set to 'yes'
allow_core_dumps = no

#  Regular expressions
regular_expressions = yes
extended_expressions = yes

#  Logging section.  The various "log_*" configuration items
log {
  destination = files
  file = ${logdir}/radius.log
  syslog_facility = daemon
  stripped_names = no
  auth = yes
  auth_badpass = yes
  auth_goodpass = yes
}

#  The program to execute to do concurrency checks.
checkrad = ${sbindir}/checkrad

#  Security considerations
security {
  max_attributes = 200
  reject_delay = 1
  status_server = yes
}

# PROXY CONFIGURATION
proxy_requests = yes
$INCLUDE proxy.conf

# CLIENTS CONFIGURATION
$INCLUDE clients.conf

# THREAD POOL CONFIGURATION
thread pool {
  start_servers = 5
  max_servers = 32
  min_spare_servers = 3
  max_spare_servers = 10
  max_requests_per_server = 0
}

# MODULE CONFIGURATION
modules {
  $INCLUDE ${confdir}/modules/
  $INCLUDE eap.conf
}

# Instantiation
instantiate {
  exec
  expr
  expiration
  logintime
}

# Policies
$INCLUDE policy.conf

# Include all enabled virtual hosts
$INCLUDE sites-enabled/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>