116 lines
3.3 KiB
Plaintext
116 lines
3.3 KiB
Plaintext
# -*- text -*-
|
|
##
|
|
## sql.conf -- SQL modules
|
|
##
|
|
## $Id: 6f346ec9f1d12190f132da20537f99607df71760 $
|
|
|
|
######################################################################
|
|
#
|
|
# Configuration for the SQL module
|
|
#
|
|
# The database schemas and queries are located in subdirectories:
|
|
#
|
|
# sql/DB/schema.sql Schema
|
|
# sql/DB/dialup.conf Basic dialup (including policy) queries
|
|
# sql/DB/counter.conf counter
|
|
# sql/DB/ippool.conf IP Pools in SQL
|
|
# sql/DB/ippool.sql schema for IP pools.
|
|
#
|
|
# Where "DB" is mysql, mssql, oracle, or postgresql.
|
|
#
|
|
|
|
sql {
|
|
#
|
|
# Set the database to one of:
|
|
#
|
|
# mysql, mssql, oracle, postgresql
|
|
#
|
|
database = "mysql"
|
|
|
|
#
|
|
# Which FreeRADIUS driver to use.
|
|
#
|
|
driver = "rlm_sql_${database}"
|
|
|
|
# Connection info:
|
|
server = "localhost"
|
|
#port = 3306
|
|
login = "radius"
|
|
password = "radpass"
|
|
|
|
# Database table configuration for everything except Oracle
|
|
radius_db = "radius"
|
|
# If you are using Oracle then use this instead
|
|
# radius_db = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=your_sid)))"
|
|
|
|
# If you want both stop and start records logged to the
|
|
# same SQL table, leave this as is. If you want them in
|
|
# different tables, put the start table in acct_table1
|
|
# and stop table in acct_table2
|
|
acct_table1 = "radacct"
|
|
acct_table2 = "radacct"
|
|
|
|
# Allow for storing data after authentication
|
|
postauth_table = "radpostauth"
|
|
|
|
authcheck_table = "radcheck"
|
|
authreply_table = "radreply"
|
|
|
|
groupcheck_table = "radgroupcheck"
|
|
groupreply_table = "radgroupreply"
|
|
|
|
# Table to keep group info
|
|
usergroup_table = "radusergroup"
|
|
|
|
# If set to 'yes' (default) we read the group tables
|
|
# If set to 'no' the user MUST have Fall-Through = Yes in the radreply table
|
|
# read_groups = yes
|
|
|
|
# Remove stale session if checkrad does not see a double login
|
|
deletestalesessions = yes
|
|
|
|
# Print all SQL statements when in debug mode (-x)
|
|
sqltrace = no
|
|
sqltracefile = ${logdir}/sqltrace.sql
|
|
|
|
# number of sql connections to make to server
|
|
#
|
|
# Setting this to LESS than the number of threads means
|
|
# that some threads may starve, and you will see errors
|
|
# like "No connections available and at max connection limit"
|
|
#
|
|
# Setting this to MORE than the number of threads means
|
|
# that there are more connections than necessary.
|
|
#
|
|
num_sql_socks = ${thread[pool].max_servers}
|
|
|
|
# number of seconds to dely retrying on a failed database
|
|
# connection (per_socket)
|
|
connect_failure_retry_delay = 60
|
|
|
|
# lifetime of an SQL socket. If you are having network issues
|
|
# such as TCP sessions expiring, you may need to set the socket
|
|
# lifetime. If set to non-zero, any open connections will be
|
|
# closed "lifetime" seconds after they were first opened.
|
|
lifetime = 0
|
|
|
|
# Maximum number of queries used by an SQL socket. If you are
|
|
# having issues with SQL sockets lasting "too long", you can
|
|
# limit the number of queries performed over one socket. After
|
|
# "max_qeuries", the socket will be closed. Use 0 for "no limit".
|
|
max_queries = 0
|
|
|
|
# Set to 'yes' to read radius clients from the database ('nas' table)
|
|
# Clients will ONLY be read on server startup. For performance
|
|
# and security reasons, finding clients via SQL queries CANNOT
|
|
# be done "live" while the server is running.
|
|
#
|
|
#readclients = yes
|
|
|
|
# Table to keep radius client info
|
|
nas_table = "nas"
|
|
|
|
# Read driver-specific configuration
|
|
$INCLUDE sql/${database}/dialup.conf
|
|
}
|