| 4 |
- |
1 |
# -*- text -*-
|
|
|
2 |
##
|
|
|
3 |
## sql.conf -- SQL modules
|
|
|
4 |
##
|
| 34 |
- |
5 |
## $Id: 6f346ec9f1d12190f132da20537f99607df71760 $
|
| 4 |
- |
6 |
|
|
|
7 |
######################################################################
|
|
|
8 |
#
|
|
|
9 |
# Configuration for the SQL module
|
|
|
10 |
#
|
|
|
11 |
# The database schemas and queries are located in subdirectories:
|
|
|
12 |
#
|
|
|
13 |
# sql/DB/schema.sql Schema
|
|
|
14 |
# sql/DB/dialup.conf Basic dialup (including policy) queries
|
|
|
15 |
# sql/DB/counter.conf counter
|
|
|
16 |
# sql/DB/ippool.conf IP Pools in SQL
|
|
|
17 |
# sql/DB/ippool.sql schema for IP pools.
|
|
|
18 |
#
|
|
|
19 |
# Where "DB" is mysql, mssql, oracle, or postgresql.
|
|
|
20 |
#
|
|
|
21 |
|
|
|
22 |
sql {
|
|
|
23 |
#
|
|
|
24 |
# Set the database to one of:
|
|
|
25 |
#
|
|
|
26 |
# mysql, mssql, oracle, postgresql
|
|
|
27 |
#
|
|
|
28 |
database = "mysql"
|
|
|
29 |
|
|
|
30 |
#
|
|
|
31 |
# Which FreeRADIUS driver to use.
|
|
|
32 |
#
|
|
|
33 |
driver = "rlm_sql_${database}"
|
|
|
34 |
|
|
|
35 |
# Connection info:
|
|
|
36 |
server = "localhost"
|
|
|
37 |
#port = 3306
|
|
|
38 |
login = "radius"
|
|
|
39 |
password = "radpass"
|
|
|
40 |
|
|
|
41 |
# Database table configuration for everything except Oracle
|
|
|
42 |
radius_db = "radius"
|
|
|
43 |
# If you are using Oracle then use this instead
|
|
|
44 |
# radius_db = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=your_sid)))"
|
|
|
45 |
|
|
|
46 |
# If you want both stop and start records logged to the
|
|
|
47 |
# same SQL table, leave this as is. If you want them in
|
|
|
48 |
# different tables, put the start table in acct_table1
|
|
|
49 |
# and stop table in acct_table2
|
|
|
50 |
acct_table1 = "radacct"
|
|
|
51 |
acct_table2 = "radacct"
|
|
|
52 |
|
|
|
53 |
# Allow for storing data after authentication
|
|
|
54 |
postauth_table = "radpostauth"
|
|
|
55 |
|
|
|
56 |
authcheck_table = "radcheck"
|
|
|
57 |
authreply_table = "radreply"
|
|
|
58 |
|
|
|
59 |
groupcheck_table = "radgroupcheck"
|
|
|
60 |
groupreply_table = "radgroupreply"
|
|
|
61 |
|
|
|
62 |
# Table to keep group info
|
|
|
63 |
usergroup_table = "radusergroup"
|
|
|
64 |
|
|
|
65 |
# If set to 'yes' (default) we read the group tables
|
|
|
66 |
# If set to 'no' the user MUST have Fall-Through = Yes in the radreply table
|
|
|
67 |
# read_groups = yes
|
|
|
68 |
|
|
|
69 |
# Remove stale session if checkrad does not see a double login
|
|
|
70 |
deletestalesessions = yes
|
|
|
71 |
|
|
|
72 |
# Print all SQL statements when in debug mode (-x)
|
|
|
73 |
sqltrace = no
|
|
|
74 |
sqltracefile = ${logdir}/sqltrace.sql
|
|
|
75 |
|
|
|
76 |
# number of sql connections to make to server
|
| 34 |
- |
77 |
#
|
|
|
78 |
# Setting this to LESS than the number of threads means
|
|
|
79 |
# that some threads may starve, and you will see errors
|
|
|
80 |
# like "No connections available and at max connection limit"
|
|
|
81 |
#
|
|
|
82 |
# Setting this to MORE than the number of threads means
|
|
|
83 |
# that there are more connections than necessary.
|
|
|
84 |
#
|
|
|
85 |
num_sql_socks = ${thread[pool].max_servers}
|
| 4 |
- |
86 |
|
|
|
87 |
# number of seconds to dely retrying on a failed database
|
|
|
88 |
# connection (per_socket)
|
|
|
89 |
connect_failure_retry_delay = 60
|
|
|
90 |
|
|
|
91 |
# lifetime of an SQL socket. If you are having network issues
|
|
|
92 |
# such as TCP sessions expiring, you may need to set the socket
|
|
|
93 |
# lifetime. If set to non-zero, any open connections will be
|
|
|
94 |
# closed "lifetime" seconds after they were first opened.
|
|
|
95 |
lifetime = 0
|
|
|
96 |
|
|
|
97 |
# Maximum number of queries used by an SQL socket. If you are
|
|
|
98 |
# having issues with SQL sockets lasting "too long", you can
|
|
|
99 |
# limit the number of queries performed over one socket. After
|
|
|
100 |
# "max_qeuries", the socket will be closed. Use 0 for "no limit".
|
|
|
101 |
max_queries = 0
|
|
|
102 |
|
|
|
103 |
# Set to 'yes' to read radius clients from the database ('nas' table)
|
|
|
104 |
# Clients will ONLY be read on server startup. For performance
|
|
|
105 |
# and security reasons, finding clients via SQL queries CANNOT
|
|
|
106 |
# be done "live" while the server is running.
|
|
|
107 |
#
|
|
|
108 |
#readclients = yes
|
|
|
109 |
|
|
|
110 |
# Table to keep radius client info
|
|
|
111 |
nas_table = "nas"
|
|
|
112 |
|
|
|
113 |
# Read driver-specific configuration
|
|
|
114 |
$INCLUDE sql/${database}/dialup.conf
|
|
|
115 |
}
|