README 1.76 KB
Newer Older
1
This is unreleased radsecproxy 1.6.9-dev.
venaas's avatar
venaas committed
2

3 4 5
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS
(RadSec) RADIUS transports.  There is also experimental support for
TCP and DTLS.
venaas's avatar
venaas committed
6

7
It should build on most Unix and OSX platforms by simply typing
8 9 10 11 12
"./configure && make".  It is possible to specify which RADIUS
transport the build should support.  Without any special options to
configure, all transports supported by the system will be enabled.
See the output from "configure --help" for how to change this.

13 14 15
Known build issues:
- Older BSD's (like NetBSD 4.x) need newer OpenSSL in order to support
  DTLS.  Workaround: ./configure --disable-dtls.
16 17 18

- FreeBSD 6.x need newer OpenSSL to build at all.  OpenSSL 1.0.0c from
  ports is fine f.ex., configure radsecproxy with `--with-ssl=/usr/local'.
19

20 21 22
To use radsecproxy you need to create a config file which normally is
called "/etc/radsecproxy.conf".  You can also specify the location
with the "-c" command line option (see below).  For further
23 24
instructions, please see the enclosed example file and the
documentation at
venaas's avatar
venaas committed
25
http://software.uninett.no/radsecproxy/?page=documentation
venaas's avatar
venaas committed
26

27
The following options may be specified on the command line:
28
"-c configfile" to specify a non-default config file path.
29
"-d loglevel" to set a loglevel of 1, 2, 3, 4 and 5 where 5 is the
30 31 32 33
              most detailed.
"-f" to run the proxy in the foreground with logging to stderr.
     Without "-f" the default is to detach as a daemon and log to
     syslog.
34
"-i pidfile" to name a file to which the PID is written.
35
"-v" just prints version information and exits.
venaas's avatar
venaas committed
36
"-p" (pretend) makes the proxy go through the configuration files as
37 38
     normal, but stops before creating any sockets or doing any
     serious work.  This is useful for validating config files.