Public domain
cd /usr/src
wget "http://downloads.sourceforge.net/project/poptop/pptpd/pptpd-1.3.4/pptpd-1.3.4.tar.gz?use_mirror=garr"
tar zxf pptpd-1.3.4.tar.gz
cd pptpd-1.3.4
./configure && make && make install
ppp /usr/sbin/pppd
option /etc/ppp/options.pptpd
#debug
localip 10.1.1.1
remoteip 10.1.1.2-20
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
proxyarp
ms-dns 8.8.8.8
lock
nobsdcomp
novj
novjccomp
nologfd
pejman pptpd 123456 *
#!/bin/sh
#
# /etc/rc.d/rc.pptpd
#
case "$1" in
'start')
echo 'Starting pptpd ...'
PID=$(pgrep '^pptpd$')
if [ "$PID" == "" ] ; then
/usr/local/sbin/pptpd
else
echo "pptpd is already running (PID: $PID) !!!"
fi
;;
'stop')
echo 'Stoping pptpd ...'
killall pptpd
;;
'restart')
echo 'Restarting pptpd ...'
killall pptpd
sleep 2
/usr/local/sbin/pptpd
;;
*)
echo "Usage: $0 [start|stop|restart]"
;;
esac
ln -sfn /usr/local/lib/pptpd/ /usr/lib/pptpd
chmod +x /etc/rc.d/rc.pptpd
/etc/rc.d/rc.pptpd start
cd /usr/src
wget "http://pmoghadam.com/homepage/Pages/Deposit/Source-packages/pptp-1.7.2.tar.gz"
tar zxf pptp-1.7.2.tar.gz
cd /usr/src/pptp-1.7.2
make && make install
mv /etc/ppp/options.pptp{,.bak}
mkdir -p /etc/ppp/peers
lock
noauth
nobsdcomp
nodeflate
refuse-eap
proxyarp
#persist maxfail 0
#debug dump logfd 2 nodetach
pejman pptp 123456 *
pty "pptp 172.16.20.1 --nolaunchpppd"
name pejman
remotename pptp
file /etc/ppp/options.pptp
pppd call pptp-peer
kill -TERM $(cat /var/run/ppp0.pid)
cd /usr/src
wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-2.1.8.tar.gz
tar zxf freeradius-server-2.1.8.tar.gz
cd freeradius-server-2.1.8
./configure --prefix=/usr/local/freeradius && make && make install
if ! grep -q freeradius /etc/ld.so.conf ; then
echo "/usr/local/freeradius/lib" >> /etc/ld.so.conf
fi
ldconfig
cp /usr/local/freeradius/etc/raddb/users{,.bak-$(date +%F)}
pejman User-Password := "123456"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Compression = Van-Jacobsen-TCP-IP
/usr/local/freeradius/sbin/radiusd -X
#!/bin/sh
#
# /etc/rc.d/rc.radiusd
#
case "$1" in
'start')
echo 'Starting radiusd ...'
PID=$(pgrep '^radiusd$')
if [ "$PID" == "" ] ; then
/usr/local/freeradius/sbin/radiusd
else
echo "radiusd is already running (PID: $PID) !!!"
fi
;;
'stop')
echo 'Stoping radiusd ...'
killall radiusd
;;
'restart')
echo 'Restarting radiusd ...'
killall radiusd
sleep 2
/usr/local/freeradius/sbin/radiusd
;;
*)
echo "Usage: $0 [start|stop|restart]"
;;
esac
chmod +x /etc/rc.d/rc.radiusd
/etc/rc.d/rc.radiusd start
sed -e 's,\t, ,g' -e 's,#.*,,g' /usr/local/freeradius/etc/raddb/clients.conf | egrep -v '^#|^ *$'
echo User-Name = "pejman", User-Password = "123456" | /usr/local/freeradius/bin/radclient 127.0.0.1 auth testing123
/usr/local/freeradius/bin/radtest pejman 123456 127.0.0.1 10 testing123
.
.
plugin /usr/lib/pppd/2.4.4/radius.so
.
.
127.0.0.1 testing123
.
.
ATTRIBUTE CHAP-Challenge 60 string
INCLUDE /etc/radiusclient/dictionary.microsoft
#pejman pptpd 123456 *
/etc/rc.d/rc.pptpd restart
mysql_install_db --user=mysql
chmod +x /etc/rc.d/rc.mysqld
/etc/rc.d/rc.mysqld start
mysql
show databases;
drop database test;
use mysql;
show tables;
select * from user;
delete from mysql.user where user='';
set password for 'root'@'localhost' = password ('new-password');
set password for 'root'@'127.0.0.1' = password ('new-password');
set password for 'root'@'HOSTNAME' = password ('new-password');
exit
mysql -p
#SKIP="--skip-networking"
/etc/rc.d/rc.mysqld restart
nmap 127.0.0.1
netstat -tunapo | grep mysql
create database radius;
use radius;
source /usr/local/freeradius/etc/raddb/sql/mysql/schema.sql;
show tables;
use radius;
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES ('normalusers', 'Framed-Compression','Van-Jacobson-TCP-IP' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES ('normalusers', 'Framed-Protocol', 'PPP' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES ('normalusers', 'Service-Type', 'Framed-User' );
use radius;
INSERT INTO radusergroup (UserName, GroupName, priority) VALUES ('pejman', 'normalusers', 1);
INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('pejman', 'Password', '123456');
INSERT INTO radreply (UserName, Attribute, Value) VALUES ('pejman', 'Framed-IP-Address', '172.16.3.33');
# pejman Cleartext-Password := "123456"
# Service-Type = Framed-User,
# Framed-Protocol = PPP,
# Framed-Compression = Van-Jacobsen-TCP-IP
.
.
$INCLUDE sql.conf
.
.
.
.
sql {
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
#port = 3306
login = "root"
password = "123456"
radius_db = "radius"
.
.
cp /usr/local/freeradius/etc/raddb/sites-available/default{,.bak}
authorize {
preprocess
chap
mschap
suffix
sql
expiration
logintime
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
}
preacct {
preprocess
acct_unique
suffix
}
accounting {
detail
unix
radutmp
sql
attr_filter.accounting_response
}
session {
radutmp
sql
}
post-auth {
sql
exec
Post-Auth-Type REJECT {
attr_filter.access_reject
}
}
pre-proxy {
}
post-proxy {
eap
}
/etc/rc.d/rc.radiusd restart
mv /etc/ppp/options{,.bak}
mv /etc/ppp/pppoe-server-options{,.bak}
lock
require-chap
noipdefault
mru 1492
mtu 1492
lcp-max-configure 60
lcp-restart 2
lcp-echo-interval 30
lcp-echo-failure 4
idle 0
noipx
proxyarp
ms-dns 8.8.8.8
plugin radius.so
plugin radattr.so
#debug dump logfd 2 nodetach
LINUX_PLUGIN=/usr/lib/pppd/2.4.4/rp-pppoe.so
#!/bin/bash
#
# /etc/rc.d/rc.pppoe-server
#
# Configuration
SRVNAME="Linux-PPPOE-Server"
MAXCON=250
LOCALIP=10.0.0.1
STARTIP=10.0.0.10
USRIF=eth1
HOSTNAME=$(hostname)
start ()
{
modprobe pppoe
ifconfig $USRIF up
/usr/sbin/pppoe-server -k -I $USRIF -N $MAXCON -C $HOSTNAME -S $SRVNAME -L $LOCALIP -R $STARTIP
}
case "$1" in
'start')
echo 'Starting pppoe-server ...'
PID=$(pgrep '^pppoe-server$')
if [ "$PID" == "" ] ; then
start
else
echo 'pppoe-server is already running !!!'
fi
;;
'stop')
echo 'Stoping pppoe-server ...'
killall pppoe-server
;;
'restart')
echo 'Restarting pppoe-server ...'
killall pppoe-server
sleep 2
start
;;
*)
echo "Usage: $0 {start|stop|restart}"
;;
esac
# Start FreeRADIUS server:
if [ -x /etc/rc.d/rc.radiusd ]; then
/etc/rc.d/rc.radiusd start
fi
# Start VPN server:
if [ -x /etc/rc.d/rc.pptpd ]; then
/etc/rc.d/rc.pptpd start
fi
# Start PPPOE server:
if [ -x /etc/rc.d/rc.pppoe-server ]; then
/etc/rc.d/rc.pppoe-server start
fi
#!/bin/bash
# Stop PPPOE server:
if [ -x /etc/rc.d/rc.pppoe-server ]; then
/etc/rc.d/rc.pppoe-server stop
fi
# Stop VPN server:
if [ -x /etc/rc.d/rc.pptpd ]; then
/etc/rc.d/rc.pptpd stop
fi
# Stop FreeRADIUS server:
if [ -x /etc/rc.d/rc.radiusd ]; then
/etc/rc.d/rc.radiusd stop
fi
chmod +x /etc/rc.d/rc.local_shutdown
chmod +x /etc/rc.d/rc.pppoe-server
/etc/rc.d/rc.pppoe-server start
# uname -r
2.6.19
# modprobe ppp-compress-18 && echo ok
ok
# removepkg ppp
# cd /usr/src/
# wget http://samba.org/ftp/ppp/ppp-2.4.3.tar.gz
# tar -zxf ppp-2.4.3.tar.gz
# cd /usr/src/ppp-2.4.3
# wget http://mppe-mppc.alphacron.de/ppp-2.4.3-mppe-mppc-1.1.patch.gz
# zcat ppp-2.4.3-mppe-mppc-1.1.patch.gz | patch -p1
# ./configure
# make
# make install
# strings `which pppd` | grep -i mppe | wc --lines
# mkdir /usr/local/etc/radiusclient
# cp -r /usr/src/ppp-2.4.3/pppd/plugins/radius/etc/* /usr/local/etc/radiusclient/
# mv /etc/radiusclient /etc/radiusclient.bak
# ln -sfn /usr/local/etc/radiusclient /etc/
# vi /etc/profile
.
.
.
export MANPATH=/usr/local/man:/usr/man:/usr/X11R6/man:/usr/local/share/man
.
.
.
cd /usr/src/
wget http://heanet.dl.sourceforge.net/sourceforge/poptop/pptpd-1.3.0.tar.gz
tar -zxf pptpd-1.3.0.tar.gz
cd /usr/src/pptpd-1.3.0
./configure
make install
# vi /etc/pptpd.conf
ppp /usr/local/sbin/pppd
option /etc/ppp/options.pptpd
debug
logwtmp
localip 190.190.190.1
remoteip 190.190.190.10-20
# vi /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
#require-mppe-128
proxyarp
ms-dns 12.12.12.1
lock
nobsdcomp
novj
novjccomp
nologfd
# vi /etc/ppp/chap-secrets
pejman pptpd 123456 *
# echo "/usr/local/sbin/pptpd" >> /etc/rc.d/rc.local
# ln -sfn /usr/local/lib/pptpd/ /usr/lib/pptpd
# mysql -p123456 -e "create database radius"
# mysql -p123456 radius < /usr/local/freeradius/share/doc/freeradius/examples/mysql.sql
# cat /usr/local/freeradius/etc/raddb/sql.conf
sql {
driver = "rlm_sql_mysql"
server = "localhost"
login = "root"
password = "123456"
radius_db = "radius"
.
.
.
# mysql -p123456
use radius;
INSERT INTO radgroupcheck (GroupName, Attribute, Value) VALUES('normalusers', 'Auth-Type', 'SQL' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES('normalusers', 'Framed-Compression', 'Van-Jacobson-TCP-IP' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES('normalusers', 'Framed-MTU', '1500' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES('normalusers', 'Filter-Id', 'std.ppp' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES('normalusers', 'Framed-Routing', 'Broadcast-Listen' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES('normalusers', 'Framed-IP-Netmask', '255.255.255.0' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES('normalusers', 'Framed-Protocol', 'PPP' );
INSERT INTO radgroupreply (GroupName, Attribute, Value) VALUES('normalusers', 'Service-Type', 'Framed-User' );
INSERT INTO usergroup (UserName, GroupName, priority) VALUES('pejman', 'normalusers', 1 );
INSERT INTO radcheck (UserName, Attribute, Value) VALUES('pejman', 'Password', '123456');
INSERT INTO radreply (UserName, Attribute, Value) VALUES('pejman', 'Framed-IP-Address', '172.16.3.33' );
exit
# cat /usr/local/freeradius/etc/raddb/radiusd.conf
authorize {
preprocess
chap
mschap
suffix
#eap
#files
sql
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
#unix
#eap
}
preacct {
preprocess
acct_unique
suffix
#files
}
accounting {
detail
unix
radutmp
sql
}
session {
radutmp
sql
}
post-auth {
sql
}
pre-proxy {
}
post-proxy {
eap
}
# cat /usr/local/freeradius/etc/raddb/users
DEFAULT Auth-Type = System
Fall-Through = 1
DEFAULT Service-Type == Framed-User
Framed-IP-Address = 255.255.255.254,
Framed-MTU = 576,
Service-Type = Framed-User,
Fall-Through = Yes
DEFAULT Framed-Protocol == PPP
Framed-Protocol = PPP,
Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Hint == "CSLIP"
Framed-Protocol = SLIP,
Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Hint == "SLIP"
Framed-Protocol = SLIP
# /usr/local/freeradius/sbin/radiusd
# echo User-Name = "pejman", User-Password = "123456" | /usr/local/freeradius/bin/radclient 127.0.0.1 auth testing123
Received response ID 120, code 2, length = 71
Framed-IP-Address = 172.16.3.33
Framed-Compression = Van-Jacobson-TCP-IP
Framed-MTU = 1500
Filter-Id = "std.ppp"
Framed-Routing = Broadcast-Listen
Framed-IP-Netmask = 255.255.255.0
Framed-Protocol = PPP
Service-Type = Framed-User
# /usr/local/freeradius/bin/radtest pejman 123456 127.0.0.1 10 testing123
Sending Access-Request of id 118 to 127.0.0.1 port 1812
User-Name = "pejman"
User-Password = "123456"
NAS-IP-Address = 255.255.255.255
NAS-Port = 10
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=118, length=71
Framed-IP-Address = 172.16.3.33
Framed-Compression = Van-Jacobson-TCP-IP
Framed-MTU = 1500
Filter-Id = "std.ppp"
Framed-Routing = Broadcast-Listen
Framed-IP-Netmask = 255.255.255.0
Framed-Protocol = PPP
Service-Type = Framed-User
http://www.frontios.com/freeradius.html
BY: Pejman Moghadam
TAG: poptop, pptpclient, vpn-server, vpn-client, freeradius, mysql, pppoe-server, radiusclient, radius
DATE: 2010-07-21 14:19:29