FreeRadius dan my SQL

| Thursday, August 23, 2007

INSTALL mySQL:
Pertama install dulu mysql, saya menggunakan mySql 5.
Jika sudah jalankan dan otomatisasi shg berjalan sewaktu reboot.

INSTALL FreeRadius:
cd /usr/ports/net/freeradius
% make && make install
Pilih mySQL support dan SNMP (optional).

CONFIGURE freeRADIUS:
% cd /usr/local/etc/raddb
Pastikan file² berikut ada

% clients.conf (basic config cukup & memakai localhost)

% users
Untuk pengetesan pertama tambahkan baris
ainoer Auth-Type := Local, User-Password == "testpass"

% cp snmp.conf.sample snmp.conf
% cp sql.conf.sample sql.conf
% cp huntgroups.sample huntgroups
% cp dictionary.sample dictionary
% cp hints.sample hints
% cp acct_users.sample acct_users
% cp preproxy_users.sample preproxy_users


% cp radiusd.conf.sample radiusd.conf
Edit radiusd.conf,
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = yes

% radiusd -X &
% radtest ainoer testpass localhost 1812 testing123

Jika berhasil ada indikasi sbb :
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=119, length=20


CREATE DATABASE & TABEL
Login ke mysql dan create database dengan nama radius.
Carilah file dengan nama db_mysql.sql kemudian import ke database.
/bin/mysql -u root radius < /usr/local/share/examples/freeradius/db_mysql.sql

Masukkan record² berikut :
INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('rahma', 'Password', 'passku');
INSERT INTO radgroupcheck (GroupName, Attribute, Value) VALUES ('dynamic', 'Auth-Type', 'Local');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Framed-Compression', ':=', 'Van-Jacobsen-TCP-IP');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Framed-Protocol', ':=', 'PPP');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Service-Type', ':=', 'Framed-User');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Framed-MTU', ':=', '1500');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'X-Ascend-Assign-IP-Pool', ':=', '0');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'X-Ascend-Maximum-Time', ':=', '7200');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'X-Ascend-Route-IP', ':=', 'Route-IP-Yes');
INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('dynamic', 'Idle-Timeout', ':=', '1800');
INSERT INTO usergroup (UserName, GroupName) VALUES ('rahma', 'dynamic');

select * from radcheck;
+----+----------+-----------+----+--------+
| id | UserName | Attribute | op | Value |
+----+----------+-----------+----+--------+
| 1 | rahma | Password | == | passku |
+----+----------+-----------+----+--------+

mysql> select * from radgroupcheck;
+----+-----------+-----------+----+-------+
| id | GroupName | Attribute | op | Value |
+----+-----------+-----------+----+-------+
| 1 | dynamic | Auth-Type | := | Local |
+----+-----------+-----------+----+-------+

select * from radgroupreply;
+----+-----------+-------------------------+----+---------------------+------+
| id | GroupName | Attribute | op | Value | prio |
+----+-----------+-------------------------+----+---------------------+------+
| 1 | dynamic | Framed-Compression | := | Van-Jacobsen-TCP-IP | 0 |
| 2 | dynamic | Framed-Protocol | := | PPP | 0 |
| 3 | dynamic | Service-Type | := | Framed-User | 0 |
| 4 | dynamic | Framed-MTU | := | 1500 | 0 |
| 5 | dynamic | X-Ascend-Assign-IP-Pool | := | 0 | 0 |
| 6 | dynamic | X-Ascend-Maximum-Time | := | 7200 | 0 |
| 7 | dynamic | X-Ascend-Route-IP | := | Route-IP-Yes | 0 |
| 8 | dynamic | Idle-Timeout | := | 1800 | 0 |
+----+-----------+-------------------------+----+---------------------+------+

select * from usergroup;
+----------+-----------+----------+
| UserName | GroupName | priority |
+----------+-----------+----------+
| rahma | dynamic | 1 |
+----------+-----------+----------+


% cd /usr/local/etc/raddb/
Edit sql.conf
Isikan password database( root dgn pass = "" jika masih belum diberi password)

Edit radiusd.conf.
Pada bagian authorize{}:
Hilangkan # pada 'sql'
Pada bagian accounting {}:
Hilangkan # pada 'sql' accounting{}.

Pada post-auth ():
Hilangkan # pada 'sql'
Hilangkan # 3 baris terkahir dari post-auth dan ganti ke sql modul.

Post-Auth-Type REJECT {
sql
}
kill & restart in debug.
% radiusd -X

Selamat mencoba ;)

Edited :

Ternyata ada yang kurang, settingan di atas kan database mysqlnya masih belum diberi password..
Setelah diberi password kmudain dijalankan la koq error...
rlm_sql_mysql: Mysql error 'Client does not support authentication please upgrade mysql client dst..

Coba cek librarynya :
# ldd /usr/local/lib/rlm_sql_mysql.so/usr/local/lib/rlm_sql_mysql.so:
libmysqlclient.so.12 => /usr/local/lib/mysql/libmysqlclient.so.12 (0x28157000)
libz.so.2 => /lib/libz.so.2 (0x28177000)
libcrypt.so.2 => /lib/libcrypt.so.2 (0x28187000)
libm.so.3 => /lib/libm.so.3 (0x2819f000)
libc.so.5 => /lib/libc.so.5 (0x28079000)
Udah sip tuw.. but why.. masak harus upgrade mysql clientnya kan versine udah 5.0 ach ngga harus dech kayaknya.. jgn percaya begitu saja sama warning :P .. googling dulu ach..
Setelah berpusing² eh jadi ingat instalasi pureftpd dgn mysql.. so aku coba dey..
# cd /usr/local/mysql/lib/mysql/
# cp * /usr/local/lib

Cihuy! Alhamdulillah..berhasil pemirsa..

This entry was posted on 11:19 AM and is filed under radius . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

 

0 komentar:

Post a Comment

Subscribe to: Post Comments (Atom)