toughradius 配置mysql_ToughRADIUS

关于 TOUGHRADIUS

) ) ( ( ( (

* ) ( /( ( ( /( )\ ) ( )\ ) )\ ) )\ ) (

` ) /( )\()) ( )\ ) )\()) (()/( )\ (()/( (()/( ( (()/( ( ( )\ )

( )(_)) ((_)\ )\ (()/( ((_)\ /(_)) ((((_)( /(_)) /(_)) )\ /(_)) )\ )\ (()/(

(_(_()) ((_) _ ((_) /(_))_ _((_) (_)) )\ _ )\ (_))_ (_)) _ ((_) (_)) ((_)((_) /(_))

|_ _| / _ \ | | | | (_)) __| | || | | _ \ (_)_\(_) | \ |_ _| | | | | / __| \ \ / / (_) /

| | | (_) | | |_| | | (_ | | __ | | / / _ \ | |) | | | | |_| | \__ \ \ V / / _ \

|_| \___/ \___/ \___| |_||_| |_|_\ /_/ \_\ |___/ |___| \___/ |___/ \_/ \___/

/)

_ __ __ _ _/_ ___ _ (/ _ _/_ __ _ _/_ _ ______

(_(/ (_(/ (_(/ . (__ (_) (_(_ (_/_/ )_/_)_(__ / (_(_(_(__(__ . (__(_) // (_

.-/

(_/

TOUGHRADIUS 是一个开源的Radius服务软件，支持标准RADIUS协议(RFC 2865, RFC 2866)，提供完整的AAA实现。支持灵活的策略管理，支持各种主流接入设备并轻松扩展，具备丰富的计费策略支持。

至 6.x 版本开始，基于Java语言重新开发。提供了一个高性能的 RADIUS 处理引擎，同时提供了一个简洁易用的 WEB管理界面，可以轻松上手。

TOUGHRADIUS 的功能类似于 freeRADIUS，但它使用起来更简单，更易于扩展开发。

链接

快速开始

系统环境依赖

操作系统：支持跨平台部署 (Linux，Windows，MacOS等)

java 版本: 1.8或更高

数据库服务器：MySQL/MariaDB

数据库初始化

数据库的安装配置请自行完成,首先确保你的数据库服务器已经运行

运行创建数据库脚本以及创建专用用户

create database toughradius DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

GRANT ALL ON toughradius.* TO raduser@'127.0.0.1' IDENTIFIED BY 'radpwd' WITH GRANT OPTION;FLUSH PRIVILEGES;

创建数据库表

create table if not exists tr_bras

(

id bigint auto_increment primary key,

identifier varchar(128) null,

name varchar(64) not null,

ipaddr varchar(32) null,

vendor_id varchar(32) not null,

portal_vendor varchar(32) not null,

secret varchar(64) not null,

coa_port int not null,

ac_port int not null,

auth_limit int null,

acct_limit int null,

status enum('enabled', 'disabled') null,

remark varchar(512) null,

create_time datetime not null

);

create index ix_tr_bras_identifier on tr_bras (identifier);

create index ix_tr_bras_ipaddr on tr_bras (ipaddr);

create table if not exists tr_config

(

id bigint auto_increment primary key,

type varchar(32) not null,

name varchar(128) not null,

value varchar(255) null,

remark varchar(255) null

);

create table if not exists tr_subscribe

(

id bigint auto_increment primary key,

node_id bigint default 0 not null,

subscriber varchar(32) null,

realname varchar(32) null,

password varchar(128) not null,

domain varchar(128) null,

addr_pool varchar(128) null,

policy varchar(512) null,

is_online int null,

active_num int null,

bind_mac tinyint(1) null,

bind_vlan tinyint(1) null,

ip_addr varchar(32) null,

mac_addr varchar(32) null,

in_vlan int null,

out_vlan int null,

up_rate bigint null,

down_rate bigint null,

up_peak_rate bigint null,

down_peak_rate bigint null,

up_rate_code varchar(32) null,

down_rate_code varchar(32) null,

status enum('enabled', 'disabled') null,

remark varchar(512) null,

begin_time datetime not null,

expire_time datetime not null,

create_time datetime not null,

update_time datetime null

);

create index ix_tr_subscribe_create_time

on tr_subscribe (create_time);

create index ix_tr_subscribe_expire_time

on tr_subscribe (expire_time);

create index ix_tr_subscribe_status

on tr_subscribe (status);

create index ix_tr_subscribe_subscriber

on tr_subscribe (subscriber);

create index ix_tr_subscribe_update_time

on tr_subscribe (update_time);

插入测试数据

INSERT INTO toughradius.tr_bras

(identifier, name, ipaddr, vendor_id, portal_vendor,secret, coa_port,ac_port, auth_limit, acct_limit, STATUS, remark, create_time)

VALUES ('radius-tester', 'radius-tester', '127.0.0.1', '14988',"cmccv1", 'secret', 3799,2000, 1000, 1000, NULL, '0', '2019-03-01 14:07:46');

INSERT INTO toughradius.tr_subscribe

(node_id, subscriber, realname, password, domain, addr_pool, policy, is_online, active_num,

bind_mac, bind_vlan, ip_addr, mac_addr, in_vlan, out_vlan, up_rate, down_rate, up_peak_rate,

down_peak_rate, up_rate_code,down_rate_code, status, remark, begin_time, expire_time, create_time, update_time)

VALUES (0, 'test01', '', '888888', null, null, null, null, 10, 0, 0, '', '', 0, 0, 10.000, 10.000, 100.000, 100.000,

'10', '10', 'enabled', '', '2019-03-01 14:13:02', '2019-03-01 14:13:00', '2019-03-01 14:12:59', '2019-03-01 14:12:56');

运行主程序

java -jar -Xms256M -Xmx1024M /opt/toughradius-latest.jar --spring.profiles.active=prod

注意 jar 文件(toughradius-latest.jar)的路径

Linux systemd 服务配置

/opt/application-prod.properties

# web访问端口

server.port = 1816

# 如果启用 https， 取消以下注释即可

#server.security.require-ssl=true

#server.ssl.key-store-type=PKCS12

#server.ssl.key-store=classpath:toughradius.p12

#server.ssl.key-store-password=toughstruct

#server.ssl.key-alias=toughradius

# 日志配置，可选 logback-prod.xml 或 logback-dev.xml， 日志目录为 /var/toughradius/logs

logging.config=classpath:logback-prod.xml

# 数据库配置

spring.datasource.url=${RADIUS_DBURL:jdbc:mysql://127.0.0.1:3306/toughradius?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true}

spring.datasource.username=${RADIUS_DBUSER:raduser}

spring.datasource.password=${RADIUS_DBPWD:radpwd}

spring.datasource.max-active=${RADIUS_DBPOOL:120}

spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver

/usr/lib/systemd/system/toughradius.service

[Unit]

Description=toughradius

After=syslog.target

[Service]

WorkingDirectory=/opt

User=root

LimitNOFILE=65535

LimitNPROC=65535

Type=simple

ExecStart=/usr/bin/java -server -jar -Xms256M -Xmx1024M /opt/toughradius-latest.jar --spring.profiles.active=prod

SuccessExitStatus=143

[Install]

WantedBy=multi-user.target

如果了解 spring systemd和配置原理，可以根据自己的实际需要进行修改

通过以下指令启动服务

systemctl enable toughradius

systemctl start toughradius