【freeradius】使用radclient调试radius协议
2016-02-03 16:36
295 查看
freeradius 自带了非常好的客户端程序 radtest, radclient 用来模拟和调试设备和通信过程。radtest多用于认证,radclient更为强大一些,认证,计费,coa都可以模拟,还可以自定义协议包非常强大。
echo 的内容是请求内容,
测试以及结果
如果想看到详细的过程 命令结尾增加一个
acct_start.txt
acct_update.txt
acct_stop.txt
模拟请求没问题
命令帮助
这里大家自己看下就好了,非常容易理解。测试的时候用的都比较简单一些。radclient -h Usage: radclient [options] server[:port] <command> [<secret>] <command> One of auth, acct, status, coa, disconnect or auto. -4 Use IPv4 address of server -6 Use IPv6 address of server. -c <count> Send each packet 'count' times. -d <raddb> Set user dictionary directory (defaults to /usr/local/etc/raddb). -D <dictdir> Set main dictionary directory (defaults to /usr/local/share/freeradius). -f <file>[:<file>] Read packets from file, not stdin. If a second file is provided, it will be used to verify responses -F Print the file name, packet number and reply code. -h Print usage help information. -i <id> Set request id to 'id'. Values may be 0..255 -n <num> Send N requests/s -p <num> Send 'num' packets from a file in parallel. -q Do not print anything out. -r <retries> If timeout, retry sending the packet 'retries' times. -s Print out summary information of auth results. -S <file> read secret from file, not command line. -t <timeout> Wait 'timeout' seconds before retrying (may be a floating point number). -v Show program version information. -x Debugging mode. -P <proto> Use proto (tcp or udp) for transport.
模拟认证请求
$ echo "User-Name=ff:ff:ff:ff:ff,User-Password=benu123" |radclient 127.0.0.1:1812 auth testing123 -x Sent Access-Request Id 71 from 0.0.0.0:47403 to 127.0.0.1:1812 length 54 User-Name = "ff:ff:ff:ff:ff" User-Password = "benu123" Cleartext-Password = "benu123" Received Access-Accept Id 71 from 127.0.0.1:1812 to 0.0.0.0:0 length 158 User-Name = "ff:ff:ff:ff:ff" Benu-Redirection-URL = "http://10.10.4.9:8080/WebAuthLogin1?portal_ip=10.10.4.2&client_id=ff:ff:ff:ff:ff&wbaredirect=http://www.google.com"
echo 的内容是请求内容,
127.0.0.0:1812是radius认证端口,
auth是请求类型 ,
testing123是cleint和radius的密钥,
-x表明查看详细过程。
模拟coa请求
coa_auth.txt 请求包内容User-Name=C4-07-2F-85-15-9F NAS-IP-Address=172.16.15.188 Calling-Station-Id=C4-07-2F-85-15-9F Benu-ACL-Policy=auth_sla Benu-QoS-Policy=32M_Full
测试以及结果
# radclient 172.16.15.188:3799 coa test -f coa_auth.txt -x Sent CoA-Request Id 121 from 0.0.0.0:59699 to 172.16.15.188:3799 length 96 User-Name = "C4-07-2F-85-15-9F" NAS-IP-Address = 172.16.15.188 Calling-Station-Id = "C4-07-2F-85-15-9F" Benu-ACL-Policy = "auth_sla" Benu-QoS-Policy = "32M_Full" Received CoA-ACK Id 121 from 172.16.15.188:3799 to 0.0.0.0:0 length 26 Event-Timestamp = "Jan 8 2016 10:05:47 CST"
模拟计费请求
主要包含了计费开始,计费更新,计费停止几个报文。请求命令
radclient 127.0.0.1 auto testing123 -f acct_start.txt如果想看到详细的过程 命令结尾增加一个
-x参数即可。
acct_start.txt
Packet-Type=4 Packet-Dst-Port=1813 Acct-Session-Id = "4D2BB8AC-00000099" Acct-Status-Type = Start Acct-Authentic = RADIUS User-Name = "ff:ff:ff:ff:ff" NAS-Port = 0 Called-Station-Id = "00-02-6F-AA-AA-AA:My Wireless" Calling-Station-Id = "00-1C-B3-AA-AA-AA" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 48Mbps 802.11b" Benu-ACL-Policy = "AM" Benu-QoS-Policy = "DC" Benu-Acct-Reason-Code = "40" Benu-Private-Ip-Address = "127.0.0.1" Benu-Napt-Public-Port-Range = "50"
acct_update.txt
Packet-Type=4 Packet-Dst-Port=1813 Acct-Session-Id = "4D2BB8AC-00000099" Acct-Status-Type = Interim-Update Acct-Authentic = RADIUS User-Name = "ff:ff:ff:ff:ff" NAS-Port = 0 Called-Station-Id = "00-02-6F-AA-AA-AA:My Wireless" Calling-Station-Id = "00-1C-B3-AA-AA-AA" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 48Mbps 802.11b" Acct-Session-Time = 11 Acct-Input-Packets = 15 Acct-Output-Packets = 3 Acct-Input-Octets = 1407 Acct-Output-Octets = 467
acct_stop.txt
Packet-Type=4 Packet-Dst-Port=1813 Acct-Session-Id = "4D2BB8AC-00000099" Acct-Status-Type = Stop Acct-Authentic = RADIUS User-Name = "ff:ff:ff:ff:ff" NAS-Port = 0 Called-Station-Id = "00-02-6F-AA-AA-AA:My Wireless" Calling-Station-Id = "00-1C-B3-AA-AA-AA" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 48Mbps 802.11b" Acct-Session-Time = 30 Acct-Input-Packets = 25 Acct-Output-Packets = 7 Acct-Input-Octets = 3407 Acct-Output-Octets = 867 Acct-Terminate-Cause = User-Request
测试
[root@orangleliu raddb]# radclient 127.0.0.1 auto testing123 -f acct_start.txt Sent Accounting-Request Id 74 from 0.0.0.0:45094 to 127.0.0.1:1813 length 205 Received Accounting-Response Id 74 from 127.0.0.1:1813 to 0.0.0.0:0 length 20 [root@orangleliu raddb]# radclient 127.0.0.1 auto testing123 -f acct_update.txt Sent Accounting-Request Id 231 from 0.0.0.0:28329 to 127.0.0.1:1813 length 183 Received Accounting-Response Id 231 from 127.0.0.1:1813 to 0.0.0.0:0 length 20 [root@orangleliu raddb]# radclient 127.0.0.1 auto testing123 -f acct_stop.txt Sent Accounting-Request Id 209 from 0.0.0.0:62388 to 127.0.0.1:1813 length 189 Received Accounting-Response Id 209 from 127.0.0.1:1813 to 0.0.0.0:0 length 20
一些问题
使用mysql时候 radcheck表中 username 可以重复吗?INSERT INTO radcheck (id, username, attribute, op, value) VALUES (1,’myusername‘,’User-Password’,’:=’,’mypassword‘); 数据库 24748 1309500xxxx Cleartext-Password := 7170 284748 1309500xxxx Cleartext-Password := 7170 284749 1309500xxxx Cleartext-Password := 7170
模拟请求没问题
# echo "User-Name=1309500xxxx,User-Password=7170" |radclient 127.0.0.1:1812 auth testing123 -x Sent Access-Request Id 192 from 0.0.0.0:42540 to 127.0.0.1:1812 length 51 User-Name = '1309500xxxx' User-Password = '7170' Received Access-Accept Id 192 from 127.0.0.1:1812 to 0.0.0.0:0 length 20
相关文章推荐
- 详解C语言中free()函数与getpagesize()函数的使用
- C++中new与delete、malloc与free应用分析
- eWebEditor_v280_Free_Final最好用的网页编辑器下载
- JSP FusionCharts Free显示图表 具体实现
- ToughRADIUS在windows下的安装配置
- new、delelte和malloc、free的关系
- 问题解决了
- Linux上搭建RADIUS服务器
- free -m 详解
- removing the hard limit of 32 GB of RAM with ESXi 5.5 free version
- free -m 详解
- 联通重庆计费结算:我为什么采用SVC?
- RADIUS
- IAS的工作原理(一)作为 RADIUS 服务器的 IAS
- IAS的工作原理(二) 作为 RADIUS 代理的 IAS
- windows2008NPS(网络连接策略)设置radius 实现telent登陆交换机路由器权限分配
- 在 Linux 上构建一个 RADIUS 服务器
- TACACS +和RADIUS比较
- TACACS+和RADIUS比较
- 安装freeradius