Nomadix-Bw-Down Help Page

From f62af13af49e152a5334ea125b40b6c6e4fb4024 Mon Sep 17 00:00:00 2001 From: kkalev Date: Sat, 1 Nov 2003 15:04:02 +0000 Subject: [PATCH] * Add a few help pages for the nomadix radius attributes by Ulrich Walcher * Update the HOWTO with instructions about the ldap configuration directives and the scripts in the bin folder * Update the AUTHORS file --- Changelog | 3 + doc/AUTHORS | 6 + doc/HOWTO | 114 +++++++++++++++++- htdocs/help/nomadix/nomadix_bw_down_help.html | 37 ++++++ htdocs/help/nomadix/nomadix_bw_up_help.html | 37 ++++++ .../help/nomadix/nomadix_config_url_help.html | 38 ++++++ .../nomadix/nomadix_endofsession_help.html | 38 ++++++ .../help/nomadix/nomadix_expiration_help.html | 37 ++++++ .../help/nomadix/nomadix_ip_upsell_help.html | 39 ++++++ .../help/nomadix/nomadix_logoff_url_help.html | 38 ++++++ .../nomadix/nomadix_maxbytesdown_help.html | 37 ++++++ .../help/nomadix/nomadix_maxbytesup_help.html | 37 ++++++ htdocs/help/nomadix/nomadix_subnet_help.html | 38 ++++++ .../nomadix/nomadix_url_redirection_help.html | 38 ++++++ 14 files changed, 533 insertions(+), 4 deletions(-) create mode 100644 htdocs/help/nomadix/nomadix_bw_down_help.html create mode 100644 htdocs/help/nomadix/nomadix_bw_up_help.html create mode 100644 htdocs/help/nomadix/nomadix_config_url_help.html create mode 100644 htdocs/help/nomadix/nomadix_endofsession_help.html create mode 100644 htdocs/help/nomadix/nomadix_expiration_help.html create mode 100644 htdocs/help/nomadix/nomadix_ip_upsell_help.html create mode 100644 htdocs/help/nomadix/nomadix_logoff_url_help.html create mode 100644 htdocs/help/nomadix/nomadix_maxbytesdown_help.html create mode 100644 htdocs/help/nomadix/nomadix_maxbytesup_help.html create mode 100644 htdocs/help/nomadix/nomadix_subnet_help.html create mode 100644 htdocs/help/nomadix/nomadix_url_redirection_help.html diff --git a/Changelog b/Changelog index eaedf21..8e6365b 100644 --- a/Changelog +++ b/Changelog @@ -19,6 +19,9 @@ Ver 1.65: * Add a HOWTO from Paris Stamatopoulos * create a doc directory and move the documentation files there * Add a note about the HOWTO in the README file +* Add a few help pages for the nomadix radius attributes by Ulrich Walcher +* Update the HOWTO with instructions about the ldap configuration directives and the scripts in the bin folder +* Update the AUTHORS file Ver 1.63: * Do an eval on the attribute description strings in the user_edit page. That will allow the login-time creation page to work properly. diff --git a/doc/AUTHORS b/doc/AUTHORS index fc3346e..3b7884b 100644 --- a/doc/AUTHORS +++ b/doc/AUTHORS @@ -19,3 +19,9 @@ Patches for auto generate password Nick Marino A number of bug reports + +Paris Stamatopoulos +The HOWTO document + +Ulrich Walcher +A few attribute help pages diff --git a/doc/HOWTO b/doc/HOWTO index 106d05d..1299548 100644 --- a/doc/HOWTO +++ b/doc/HOWTO @@ -353,8 +353,84 @@ general_finger_type from above. [2.1.8] LDAP Options -Due to insufficient experience no information on LDAP configuration -is provided. +>ldap_server: ldap.%{general_domain} + +The ldap server to connect to +Both ldap_server and ldap_write_server can be a space-separated +list of ldap hostnames. In that case the library will try to connect +to the servers in the order that they appear. If the first host is down +ldap_connect will ask for the second ldap host and so on. + +>ldap_write_server: master.%{general_domain} + +There are many cases where we have a small write master and +a lot of fast read only replicas. If that is the case uncomment +ldap_write_server and point it to the write master. It will be +used only when writing to the directory, not when reading + +>ldap_base: dc=company,dc=com + +The LDAP base for the ldap searches + +>ldap_binddn: cn=Directory Manager +>ldap_bindpw: XXXXXXX + +The DN and password which will be used to bind to the LDAP server. If we don't use +http credentials (see below) than these setting will be used for all ldap operations +(both searches and modifies/adds). + +>ldap_default_new_entry_suffix: ou=dialup,ou=guests,%{ldap_base} + +The LDAP suffix under which all new user entries created through the new user +page will be placed + +>ldap_default_dn: uid=default-dialup,%{ldap_base} + +The DN of an ldap entry containing radius user settings which will be +applied for all users. Though these settings are applied *before* the +regular profile and per user settings, so they can be easily overwritten. +That way we could for example set Session-Timeout to 4 hours for all our users +and set it to a lower/higher value for specific users or groups of users + +>ldap_regular_profile_attr: dialupregularprofile + +The ldap attribute which if present in a user entry will contain the DN +of another ldap entry specifying radius user settings (check and reply items). +That way we can keep these settings in only one entry and assign them to each +user that we want through the regular profile attribute. + +>ldap_use_http_credentials: yes + +If set to yes then the HTTP credentials (http authentication) +will be used to bind to the ldap server instead of ldap_binddn +and ldap_bindpw directives. That way multiple admins with different rights +on the ldap database can connect through one dialup_admin interface. +The ldap_binddn and ldap_bindpw are still needed to find the DN of the user +to bind with (http authentication will only provide us with a +username). As a result the ldap_binddn should be able to do a search +with a filter of (uid=). Normally, the anonymous (empty DN) +user can do that. + +>ldap_directory_manager: cn=Directory Manager +>ldap_map_to_directory_manager: admin + +If we are using http credentials we can map a specific username to the +directory manager entry (which usually does not correspond to a specific username) + +> ldap_debug: true + +Set to true to enable ldap debugging + +>ldap_filter: (uid=%u) + +Allow for defining the ldap filter used when searching for a user +Variables supported: +%u: username +%U: username provided though http authentication + +One use of this would be to restrict access to only the user's belonging to +a specific administrator like this: +ldap_filter: (&(uid=%u)(manager=uid=%U,ou=admins,o=company,c=com)) [2.1.9] SQL Options @@ -515,7 +591,7 @@ NAS is .1.3.6.1.4.1.529.10.4.1.12 and should also be replaced. However the snmpfinger is not actually required if your accounting is working properly -[2.2.2] The log_badlogins scripts +[2.2.2] The log_badlogins script The log_badlogins scripts actually does a tail -f to the radius.log and intercepts any authentification failure and passes it to the database. @@ -526,6 +602,36 @@ bin/log_badlogins /var/log/radius/radius.log /usr/local/dialup_admin/conf/admin. Of cource the proper file locations must be set +[2.2.3] The clean_radacct script + +The clean_radacct script can be used to clear the database of stale open sessions +(sessions for which an Accounting-Stop has not been received hence they remain open) +The $back_days variable can be changed to specify how many days we should leave the +sessions open before removing them. Make sure though that all your user sesions are +short lived (no DSL users for example) before using the script. + +[2.2.4] The truncate_radacct script + +The truncate_radacct script can be used to delete all sessions which are older than a +specified number of days. This number can be changed through the $back_days variable. +The script will do a lock tables so make sure you run it during the night when the traffic +is low. It will also only delete *closed* session, so the clean_radacct script should be +used together to clear the possible open sessions. + +[2.2.4] The tot_stats script + +This script will log aggregated per user information in the totacct table. It will log a row +per user, per day. It should be run *once* every day to create the corresponding entries in +the totacct table. The general_stats_use_totacct configuration directive could then be set to +yes in order for the statistics page to use the totacct table instead of the radacct table. + +[2.2.5] The monthly_tot_stats script + +This script can be used to aggregate the information from the totacct table into the mtotacct table +creating aggregated accounting information for each spaning in one month period. If the current +month has not ended it will log information up to the current month day. It should be run once +a day to create the corresponding entries in the mtotacct table. + [2.3] User Attributes @@ -542,7 +648,7 @@ If it is not then add it there also.Everything should work ok after that. The above sections should propably have brought you to a working dialup admin. Note however that if you are interested in logging the failed logins -(See section 2.3.2) you should execute the the log_badlogins each time +(See section 2.3.2) you should execute the log_badlogins each time the system starts. diff --git a/htdocs/help/nomadix/nomadix_bw_down_help.html b/htdocs/help/nomadix/nomadix_bw_down_help.html new file mode 100644 index 0000000..c215074 --- /dev/null +++ b/htdocs/help/nomadix/nomadix_bw_down_help.html @@ -0,0 +1,37 @@ + + +Nomadix-Bw-Down Help Page + + + + + + + + + +

+ + +

Nomadix-Bw-Down Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: Integer
+

+  This Nomadix specific attribute limits the download bandwidth per
+  user. The given value is interpreted as kbps.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_bw_up_help.html b/htdocs/help/nomadix/nomadix_bw_up_help.html new file mode 100644 index 0000000..997f58f --- /dev/null +++ b/htdocs/help/nomadix/nomadix_bw_up_help.html @@ -0,0 +1,37 @@ + + +Nomadix-Bw-Up Help Page + + + + + + + + + +

+ + +

Nomadix-Bw-Up Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: Integer
+

+  This Nomadix specific attribute limits the upload bandwidth per
+  user. The given value is interpreted as kbps.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_config_url_help.html b/htdocs/help/nomadix/nomadix_config_url_help.html new file mode 100644 index 0000000..1f6959e --- /dev/null +++ b/htdocs/help/nomadix/nomadix_config_url_help.html @@ -0,0 +1,38 @@ + + +Nomadix-Config-URL Help Page + + + + + + + + + +

+ + +

Nomadix-Config-URL Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: String
+

+  This Nomadix specific attribute specifies the ftp server where the Nomdix
+  can download its configuration, thus allowing the administrator to change
+  the configuration of many Nomadix' easily.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_endofsession_help.html b/htdocs/help/nomadix/nomadix_endofsession_help.html new file mode 100644 index 0000000..094a53e --- /dev/null +++ b/htdocs/help/nomadix/nomadix_endofsession_help.html @@ -0,0 +1,38 @@ + + +Nomadix-EndofSession Help Page + + + + + + + + + +

+ + +

Nomadix-EndofSession Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: Integer
+

+  This attribute makes the user being kicked off the line exactly
+  at the end of the day at 0 o'clock. The user won't be able to
+  reconnect after that date.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_expiration_help.html b/htdocs/help/nomadix/nomadix_expiration_help.html new file mode 100644 index 0000000..a9134df --- /dev/null +++ b/htdocs/help/nomadix/nomadix_expiration_help.html @@ -0,0 +1,37 @@ + + +Nomadix-Expiration Help Page + + + + + + + + + +

+ + +

Nomadix-Expiration Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: String
+

+  This attribute specifies a date after which the account of the
+  user will no longer be valid.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_ip_upsell_help.html b/htdocs/help/nomadix/nomadix_ip_upsell_help.html new file mode 100644 index 0000000..cc841cd --- /dev/null +++ b/htdocs/help/nomadix/nomadix_ip_upsell_help.html @@ -0,0 +1,39 @@ + + +Nomadix-IP-Upsell Help Page + + + + + + + + + +

+ + +

Nomadix-IP-Upsell Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: Integer
+

+  This Nomadix specific attribute assigns a special (normally public)
+  ip address to the connecting user. There are two valid values:

+  0 - which means PrivatePool
+  1 - which means PublicPool 
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_logoff_url_help.html b/htdocs/help/nomadix/nomadix_logoff_url_help.html new file mode 100644 index 0000000..9357c02 --- /dev/null +++ b/htdocs/help/nomadix/nomadix_logoff_url_help.html @@ -0,0 +1,38 @@ + + +Nomadix-Logoff-URL Help Page + + + + + + + + + +

+ + +

Nomadix-Logoff-URL Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: String
+

+  This Nomadix specific attribute defines the webpage that the user
+  shall see on session termination. There is no differnence whether
+  the Termination-Cause is a Session-Timeout or User-Request.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_maxbytesdown_help.html b/htdocs/help/nomadix/nomadix_maxbytesdown_help.html new file mode 100644 index 0000000..7389694 --- /dev/null +++ b/htdocs/help/nomadix/nomadix_maxbytesdown_help.html @@ -0,0 +1,37 @@ + + +Nomadix-MaxBytesDown Help Page + + + + + + + + + +

+ + +

Nomadix-MaxBytesDown Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: Integer
+

+  This attribute specifies the maximum number of single bytes a user
+  is allowed to download, means receive from the internet.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_maxbytesup_help.html b/htdocs/help/nomadix/nomadix_maxbytesup_help.html new file mode 100644 index 0000000..334d0d6 --- /dev/null +++ b/htdocs/help/nomadix/nomadix_maxbytesup_help.html @@ -0,0 +1,37 @@ + + +Nomadix-MaxBytesUp Help Page + + + + + + + + + +

+ + +

Nomadix-MaxBytesUp Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: Integer
+

+  This attribute specifies the maximum number of single bytes a user
+  is allowed to upload, means send from his machine to the internet.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_subnet_help.html b/htdocs/help/nomadix/nomadix_subnet_help.html new file mode 100644 index 0000000..84ed963 --- /dev/null +++ b/htdocs/help/nomadix/nomadix_subnet_help.html @@ -0,0 +1,38 @@ + + +Nomadix-Subnet Help Page + + + + + + + + + +

+ + +

Nomadix-Subnet Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: String
+

+  As Nomadix has the possibility to set up more than one subnet
+  for DHCP use this attribute specifies from which of the DHCP
+  subnets/pools the user shall get it's lease.
+

+Close Window +

+ + diff --git a/htdocs/help/nomadix/nomadix_url_redirection_help.html b/htdocs/help/nomadix/nomadix_url_redirection_help.html new file mode 100644 index 0000000..6974e3a --- /dev/null +++ b/htdocs/help/nomadix/nomadix_url_redirection_help.html @@ -0,0 +1,38 @@ + + +Nomadix-URL-Redirection Help Page + + + + + + + + + +

+ + +

Nomadix-URL-Redirection Help Page

+ + + + +

+
+ +

+Attribute Numer: 26
+Value: String
+

+  This Nomadix specific attribute specifies the URL where the user
+  should be directed to directly after login. Format:

+  http://www.the_domain.com/the_page_to_see.html
+

+Close Window +

+ + -- 2.39.5