summaryrefslogtreecommitdiff
path: root/doc/1.6/radsecproxy.conf.html
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2017-10-06 08:58:49 +0200
committerLinus Nordberg <linus@nordberg.se>2017-10-06 08:58:49 +0200
commitdb5e302519ef3f63cd90548526ae2f652f74fe7a (patch)
tree934a70466e7a6c3b7b1ef9b3bd9f318c7e7d349a /doc/1.6/radsecproxy.conf.html
parenta55c9ca37dee7e66467a8450bac75f6e4731f873 (diff)
Regenerate doc, for the double backslash fix in realm regexps.HEADmaster
Diffstat (limited to 'doc/1.6/radsecproxy.conf.html')
-rw-r--r--doc/1.6/radsecproxy.conf.html70
1 files changed, 33 insertions, 37 deletions
diff --git a/doc/1.6/radsecproxy.conf.html b/doc/1.6/radsecproxy.conf.html
index 519c54c..beec50b 100644
--- a/doc/1.6/radsecproxy.conf.html
+++ b/doc/1.6/radsecproxy.conf.html
@@ -1,5 +1,5 @@
-<!-- Creator : groff version 1.22.2 -->
-<!-- CreationDate: Wed Aug 2 22:16:29 2017 -->
+<!-- Creator : groff version 1.22.3 -->
+<!-- CreationDate: Fri Oct 6 06:35:23 2017 -->
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
@@ -42,7 +42,7 @@
<p style="margin-left:11%; margin-top: 1em">radsecproxy.conf
-&minus; Radsec proxy configuration file</p>
+- Radsec proxy configuration file</p>
<h2>DESCRIPTION
<a name="DESCRIPTION"></a>
@@ -54,8 +54,8 @@ server starts, it will first check the command line
arguments, and then read the configuration file. Normally
radsecproxy will read the configuration file
<i>/usr/local/etc/radsecproxy.conf</i>. The command line
-<b>&minus;c</b> option can be used to instead read an
-alternate file (see <b>radsecproxy</b>(1) for details).</p>
+<b>-c</b> option can be used to instead read an alternate
+file (see <b>radsecproxy</b>(1) for details).</p>
<p style="margin-left:11%; margin-top: 1em">If the
configuration file can not be found, the proxy will exit
@@ -157,8 +157,8 @@ PidFile</p>
<p style="margin-left:22%;">The PidFile option specifies
the name of a file to which the process id (PID) will be
-written. This is overridden by the <b>&minus;i</b> command
-line option. There is no default value for the PidFile
+written. This is overridden by the <b>-i</b> command line
+option. There is no default value for the PidFile
option.</p>
<p style="margin-left:11%;">LogLevel</p>
@@ -167,7 +167,7 @@ option.</p>
level. It must be set to 1, 2, 3, 4 or 5, where 1 logs only
serious errors, and 5 logs everything. The default is 2
which logs errors, warnings and a few informational
-messages. Note that the command line option <b>&minus;d</b>
+messages. Note that the command line option <b>-d</b>
overrides this.</p>
<p style="margin-left:11%;">LogDestination</p>
@@ -179,15 +179,14 @@ another syslog facility, or you may specify that logging
should be to a particular file, not using syslog. The value
must be either a file or syslog URL. The file URL is the
standard one, specifying a local file that should be used.
-For syslog, you must use the syntax:
-x&minus;syslog:///FACILITY where FACILITY must be one of
-LOG_DAEMON, LOG_MAIL, LOG_USER, LOG_LOCAL0, LOG_LOCAL1,
-LOG_LOCAL2, LOG_LOCAL3, LOG_LOCAL4, LOG_LOCAL5, LOG_LOCAL6
-or LOG_LOCAL7. You may omit the facility from the URL to
-specify logging to the default facility, but this is not
-very useful since this is the default log destination. Note
-that this option is ignored if <b>&minus;f</b> is specified
-on the command line.</p>
+For syslog, you must use the syntax: x-syslog:///FACILITY
+where FACILITY must be one of LOG_DAEMON, LOG_MAIL,
+LOG_USER, LOG_LOCAL0, LOG_LOCAL1, LOG_LOCAL2, LOG_LOCAL3,
+LOG_LOCAL4, LOG_LOCAL5, LOG_LOCAL6 or LOG_LOCAL7. You may
+omit the facility from the URL to specify logging to the
+default facility, but this is not very useful since this is
+the default log destination. Note that this option is
+ignored if <b>-f</b> is specified on the command line.</p>
<p style="margin-left:11%;">FTicksReporting</p>
@@ -199,10 +198,9 @@ for FTicksMAC is VendorKeyHashed which needs FTicksKey to be
set.</p>
<p style="margin-left:22%; margin-top: 1em">See
-radsecproxy.conf&minus;example for details. Note that
-radsecproxy has to be configured with F-Ticks support
-(&minus;&minus;enable&minus;fticks) for this option to have
-any effect.</p>
+radsecproxy.conf-example for details. Note that radsecproxy
+has to be configured with F-Ticks support (--enable-fticks)
+for this option to have any effect.</p>
<p style="margin-left:11%;">FTicksMAC</p>
@@ -223,10 +221,9 @@ collected. How will the logs be stored, transferred and
accessed?</p>
<p style="margin-left:22%; margin-top: 1em">See
-radsecproxy.conf&minus;example for details. Note that
-radsecproxy has to be configured with F-Ticks support
-(&minus;&minus;enable&minus;fticks) for this option to have
-any effect.</p>
+radsecproxy.conf-example for details. Note that radsecproxy
+has to be configured with F-Ticks support (--enable-fticks)
+for this option to have any effect.</p>
<p style="margin-left:11%;">FTicksKey</p>
@@ -237,8 +234,7 @@ the FTicksMAC option.</p>
<p style="margin-left:22%; margin-top: 1em">Note that
radsecproxy has to be configured with F-Ticks support
-(&minus;&minus;enable&minus;fticks) for this option to have
-any effect.</p>
+(--enable-fticks) for this option to have any effect.</p>
<p style="margin-left:11%;">FTicksSyslogFacility</p>
@@ -637,7 +633,7 @@ with a non-zero exit code. An example of a shell script
resolving the DNS NAPTR records for the realm and then the
SRV records for each NAPTR matching
&rsquo;x-eduroam:radius.tls&rsquo; is provided in
-tools/naptr&minus;eduroam.sh. This option was added in
+tools/naptr-eduroam.sh. This option was added in
radsecproxy-1.3 but tends to crash radsecproxy versions
earlier than 1.6.</p>
@@ -690,14 +686,14 @@ done using this regexp on the value of the entire Username
attribute. Optionally you may also have a trailing / after
the regexp. So as an example, if you want to use regexp
matching the domain example.com you could have a realm block
-named /@example\\.com$. Optionally this can also be written
-/@example\\.com$/. If you want to match all domains under
-the .com top domain, you could do /@.*\\.com$. Note that
-since the matching is done on the entire attribute value,
-you can also use rules like /^[a&minus;k].*@example\\.com$/
-to get some of the users in this domain to use one server,
-while other users could be matched by another realm block
-and use another server.</p>
+named /@example\.com$. Optionally this can also be written
+/@example\.com$/. If you want to match all domains under the
+.com top domain, you could do /@.*\.com$. Note that since
+the matching is done on the entire attribute value, you can
+also use rules like /^[a-k].*@example\.com$/ to get some of
+the users in this domain to use one server, while other
+users could be matched by another realm block and use
+another server.</p>
<p style="margin-left:11%; margin-top: 1em"><b>REALM BLOCK
OPTIONS</b> <br>
@@ -735,7 +731,7 @@ exists, while for other domains under .bv you want to send a
reject. At the same time you might want to send all other
requests to some default server. After the realms for the
subdomains, you would then have two realm definitions. One
-with the name /@.*\\.bv$ with no servers, followed by one
+with the name /@.*\.bv$ with no servers, followed by one
with the name * with the default server defined. This may
also be useful for blocking particular usernames.</p>