I will give an example of updating or installing Freeradius 3.0.21 from the source codes.
ABillS and Freeradius will work for me in the same operating system Ubuntu Server 18.04.
First of all, switch to the root user and if Freeradius was previously installed, then let’s see which version is installed on the system:
sudo su /usr/local/freeradius/sbin/radiusd -v
Make sure the required components are installed:
apt install perl libmysqlclient-dev libgdbm5 libgdbm-dev make gcc build-essential snmp libpcap-dev libhiredis-dev libperl-dev libtalloc-dev
Let’s see where the perl libraries are installed and make sure there is a symbolic link:
find /usr/lib/ | grep libperl.so ln -s /usr/lib/x86_64-linux-gnu/libperl.so.5.26 /usr/lib/x86_64-linux-gnu/libperl.so
If Freeradius was previously installed, then you can make a copy of the configuration and dictionaries, and then delete the directory:
tar -cvjf /usr/local/backup_freeradius2.tar.bz2 /usr/local/freeradius/ rm -r /usr/local/freeradius
Download the archive with the new version of Freeradius (available versions can be viewed here ftp://ftp.freeradius.org/pub/freeradius/):
cd /opt wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.21.tar.gz
Unpack the downloaded archive and install it:
tar zxvf freeradius-server-3.0.21.tar.gz cd freeradius-server-3.0.21 ./configure --prefix=/usr/local/freeradius --with-rlm-perl-lib-dir=/usr/lib/x86_64-linux-gnu/ --with-dhcp=yes --with-openssl=no > /dev/null make make install ln -s /usr/local/freeradius/sbin/radiusd /usr/sbin/radiusd
Delete unnecessary configuration files and copy the ready-made ones from the ABillS directory:
rm /usr/local/freeradius/etc/raddb/sites-enabled/* cp /usr/abills/misc/freeradius/v3/mods-enabled/perl /usr/local/freeradius/etc/raddb/mods-enabled/perl cp /usr/abills/misc/freeradius/v3/mods-enabled/sql /usr/local/freeradius/etc/raddb/mods-enabled/ cp /usr/abills/misc/freeradius/v3/sites-enabled/abills_default /usr/local/freeradius/etc/raddb/sites-enabled/abills_default cp /usr/abills/misc/freeradius/v3/users /usr/local/freeradius/etc/raddb/users echo '' > /usr/local/freeradius/etc/raddb/clients.conf
It is assumed that a group and a user have been created, and also, after updating the installation, we will set the rights to the directories:
groupadd freerad useradd -g freerad -s /bash/bash freerad chown -R freerad:freerad /usr/local/freeradius/etc/raddb mkdir /var/run/radiusd/ chown -R freerad:freerad /var/run/radiusd/ mkdir /var/log/radacct chown freerad:freerad /var/log/radacct
Let’s edit the main Freeradius configuration file:
nano /usr/local/freeradius/etc/raddb/radiusd.conf prefix = /usr/local/freeradius user = freerad group = freerad
I also changed these parameters:
thread pool { start_servers = 8 max_servers = 32 min_spare_servers = 8 max_spare_servers = 32 max_requests_per_server = 0 }
Open the file in a text editor:
nano /usr/local/freeradius/etc/raddb/mods-enabled/sql
Let’s set up a connection to the database:
sql { database = "mysql" driver = "rlm_sql_${database}" server = "127.0.0.1" #port = 3306 login = "abills" password = "sqlpassword" radius_db = "abills" '%secretkey%' change to 'test12345678901234567890'
Let’s open the dictionary file in a text editor:
nano /usr/local/freeradius/etc/raddb/dictionary
We will also add the necessary pairs to the dictionary, for example, I added:
ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr ATTRIBUTE DHCP-Mask 242 integer ATTRIBUTE L4-Redirect 243 integer ATTRIBUTE L4-Redirect-ipset 244 string ATTRIBUTE DHCP-Option82 245 octets # Limit session traffic ATTRIBUTE Session-Octets-Limit 227 integer # What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out) ATTRIBUTE Octets-Direction 228 integer # Connection Speed Limit ATTRIBUTE PPPD-Upstream-Speed-Limit 230 integer ATTRIBUTE PPPD-Downstream-Speed-Limit 231 integer ATTRIBUTE PPPD-Upstream-Speed-Limit-1 232 integer ATTRIBUTE PPPD-Downstream-Speed-Limit-1 233 integer ATTRIBUTE PPPD-Upstream-Speed-Limit-2 234 integer ATTRIBUTE PPPD-Downstream-Speed-Limit-2 235 integer ATTRIBUTE PPPD-Upstream-Speed-Limit-3 236 integer ATTRIBUTE PPPD-Downstream-Speed-Limit-3 237 integer ATTRIBUTE Acct-Interim-Interval 85 integer ATTRIBUTE Acct-Input-Gigawords 52 integer ATTRIBUTE Acct-Output-Gigawords 53 integer
Let’s create a Freeradius startup script:
nano /etc/init.d/radiusd
Let’s add to it:
#!/bin/sh # # radiusd Start the radius daemon. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA # # Copyright (C) 2001-2008 The FreeRADIUS Project http://www.freeradius.org # chkconfig: - 58 74 # description: radiusd is service access provider Daemon. ### BEGIN INIT INFO # Provides: radiusd # Required-Start: $remote_fs $network $syslog # Should-Start: mysql radiusd # Required-Stop: $remote_fs $syslog # Should-Stop: radiusd # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: start and stop radiusd # Description: radiusd is access provider service Daemon. ### END INIT INFO prefix=/usr/local/freeradius exec_prefix=${prefix} sbindir=${exec_prefix}/sbin localstatedir=/var logdir=${localstatedir}/log/radius rundir=/usr/local/freeradius/var/run/radiusd/ sysconfdir=${prefix}/etc # # If you have issues with OpenSSL, uncomment these next lines. # # Something similar may work for MySQL, and you may also # have to LD_PRELOAD libz.so # #LD_LIBRARY_PATH= #LD_RUN_PATH=: #LD_PRELOAD=libcrypto.so export LD_LIBRARY_PATH LD_RUN_PATH LD_PRELOAD RADIUSD=$sbindir/radiusd RADDBDIR=${sysconfdir}/raddb RADIUS_USER='freerad' DESC="FreeRADIUS" # # See 'man radiusd' for details on command-line options. # ARGS="" test -f $RADIUSD || exit 0 test -f $RADDBDIR/radiusd.conf || exit 0 if [ ! -d $rundir ] ; then mkdir $rundir chown ${RADIUS_USER}:${RADIUS_USER} $rundir chmod 775 $rundir fi if [ ! -d $logdir ] ; then mkdir $logdir chown ${RADIUS_USER}:${RADIUS_USER} $logdir chmod 770 $logdir chmod g+s $logdir fi if [ ! -f $logdir/radius.log ]; then touch $logdir/radius.log fi chown ${RADIUS_USER}:${RADIUS_USER} $logdir/radius.log chown -R ${RADIUS_USER}:${RADIUS_USER} /usr/local/freeradius/etc/raddb chown -R ${RADIUS_USER}:${RADIUS_USER} ${rundir}/.. chmod 660 $logdir/radius.log case "$1" in start) echo -n "Starting $DESC:" $RADIUSD $ARGS echo "radiusd" ;; stop) [ -z "$2" ] && echo -n "Stopping $DESC: " [ -f $rundir/radiusd.pid ] && kill -TERM `cat $rundir/radiusd.pid` [ -z "$2" ] && echo "radiusd." ;; reload|force-reload) echo "Reloading $DESC configuration files." [ -f $rundir/radiusd.pid ] && kill -HUP `cat $rundir/radiusd.pid` ;; restart) sh $0 stop quiet sleep 3 sh $0 start ;; check) $RADIUSD -CX $ARGS exit $? ;; *) echo "Usage: /etc/init.d/$RADIUS {start|stop|reload|restart|check}" exit 1 stop ;; status) status \$prog ;; restart|force-reload) stop start ;; try-restart|condrestart) if status \$prog > /dev/null; then stop start fi ;; reload) exit 3 ;; *) echo \$"Usage: \$0 {start|stop|status|restart|try-restart|force-reload}" exit 2 esac
Let’s activate it:
chmod +x /etc/init.d/radiusd update-rc.d radiusd defaults update-rc.d radiusd enable
Let’s make a test run with any of the commands:
radiusd -X /usr/sbin/radiusd -X
If everything is ok, stop using the Ctrl+C keys and run in normal mode:
service radiusd start
Let’s check if Freeradius has started:
/etc/init.d/radiusd status service radiusd status systemctl status radiusd ps ax | grep rad netstat -anp | grep 1812 netstat -anp | grep 1813 nmap -sU -p 1813 localhost
For convenience, you can create a symbolic link to the log file in the standard log directory:
ln -s /usr/local/freeradius/var/log/radius/radius.log /var/log/radius.log
See also my articles:
How to install and configure ABillS billing system
Installing and configuring FreeRADIUS