我已经在 Ubuntu 20.04 LTS 中部署了带有 MySQL 和 Daloradius 的 freeradius 服务器版本 3.0。
情况如下:我需要从手机连接到接入点,并使用 radius 数据库中指定的用户名和密码对该 WLAN 网络 (802.11i-WPA-802.1x) 进行身份验证。
我想将每个用户(本例中为用户 3)的并发登录数限制为 1,因为我只有一个唯一用户。我花了很多时间搜索论坛和文档,但找不到任何解决办法。
这些是我的表格:
mysql> select * from nas; select * from radpostauth; select * from radacct; select * from radgroupcheck; select * from radcheck; select * from radgroupreply;
+----+-------------+-----------+-------+-------+----------+--------+-----------+---------------+
| id | nasname | shortname | type | ports | secret | server | community | description |
+----+-------------+-----------+-------+-------+----------+--------+-----------+---------------+
| 1 | 172.20.1.20 | AP_1 | other | NULL | 12345678 | NULL | NULL | RADIUS Client |
+----+-------------+-----------+-------+-------+----------+--------+-----------+---------------+
1 row in set (0.00 sec)
+-----+----------+----------+---------------+---------------------+
| id | username | pass | reply | authdate |
+-----+----------+----------+---------------+---------------------+
| 231 | user3 | | Access-Accept | 2021-04-22 12:09:24 |
| 232 | user3 | | Access-Accept | 2021-04-22 12:09:24 |
+-----+----------+----------+---------------+---------------------+
169 rows in set (0.00 sec)
Empty set (0.00 sec)
+----+---------------------------+------------------+----+--------+
| id | groupname | attribute | op | value |
+----+---------------------------+------------------+----+--------+
| 1 | daloRADIUS-Disabled-Users | Auth-Type | := | Reject |
| 2 | daloRADIUS-Disabled-Users | Auth-Type | := | Reject |
| 3 | group_mi | Simultaneous-Use | := | 1 |
+----+---------------------------+------------------+----+--------+
3 rows in set (0.00 sec)
+----+----------+--------------------+----+----------+
| id | username | attribute | op | value |
+----+----------+--------------------+----+----------+
| 10 | user3 | Cleartext-Password | := | password |
+----+----------+--------------------+----+----------+
1 row in set (0.00 sec)
+----+-----------+--------------------+----+---------------------+
| id | groupname | attribute | op | value |
+----+-----------+--------------------+----+---------------------+
| 3 | group_mi | Service-Type | := | Framed-User |
| 4 | group_mi | Framed-Protocol | := | PPP |
| 5 | group_mi | Framed-Compression | := | Van-Jacobsen-TCP-IP |
+----+-----------+--------------------+----+---------------------+
3 rows in set (0.00 sec)
mysql>
请帮忙,谢谢
答案1
您想要配置同时使用。这是关于此内容的一个很好的描述。
答案2
我修改了你的尝试:
mysql> create database radius;
mysql> CREATE USER 'radius'@'localhost' IDENTIFIED BY '**********';
mysql> GRANT USAGE ON *.* TO 'radius'@'localhost'
WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0
MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 10 ;
mysql> GRANT ALL PRIVILEGES ON radius.* TO 'radius'@'localhost' ;
笔记:
IDENTIFIED BY
仅在 上进行CREATE USER
。语法可能已更改,具体取决于您使用的版本。- “0”表示无限制,所以我改变了它。
存在一个全局设置Max_user_connections
,这是对原始问题的另一种解决方法。它位于my.ini
(或类似的东西)中。