From 627003ae120a09b0e72940eb3683132a4a0cf93f Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Thu, 17 Sep 2015 13:15:30 +0200 Subject: Initial revision. Moving from https://software.uninett.no/radsecproxy/ to https://software.nordu.net/radsecproxy/. --- doc/1.6/radsecproxy.html | 251 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 251 insertions(+) create mode 100644 doc/1.6/radsecproxy.html (limited to 'doc/1.6/radsecproxy.html') diff --git a/doc/1.6/radsecproxy.html b/doc/1.6/radsecproxy.html new file mode 100644 index 0000000..ee3140f --- /dev/null +++ b/doc/1.6/radsecproxy.html @@ -0,0 +1,251 @@ + + + + + + + + + +radsecproxy + + + + +

radsecproxy

+ +NAME
+SYNOPSIS
+DESCRIPTION
+OPTIONS
+SIGNALS
+FILES
+SEE ALSO
+ +
+ + +

NAME + +

+ + +

radsecproxy - a +generic RADIUS proxy that provides both RADIUS UDP and +TCP/TLS (RadSec) transport.

+ +

SYNOPSIS + +

+ + + + + + +
+ + +

radsecproxy [−c +configfile] [−d debuglevel] [−f] [−i +pidfile] [−p] [−v]

+ +

DESCRIPTION + +

+ + +

radsecproxy is +a generic RADIUS proxy that in addition to to usual +RADIUS UDP transport, also supports TLS +(RadSec). The aim is for the proxy to have sufficient +features to be flexible, while at the same time to be small, +efficient and easy to configure. Currently the executable on +Linux is only about 48 KB, and it uses about 64 +KB (depending on the number of peers) while running.

+ +

The proxy was +initially made to be able to deploy RadSec (RADIUS +over TLS) so that all RADIUS communication across network +links could be done using TLS, without modifying existing +RADIUS software. This can be done by running this proxy on +the same host as an existing RADIUS server or client, and +configure the existing client/server to talk to localhost +(the proxy) rather than other clients and servers +directly.

+ +

There are +however other situations where a RADIUS proxy might be +useful. Some people deploy RADIUS topologies where they want +to route RADIUS messages to the right server. The nodes that +do purely routing could be using a proxy. Some people may +also wish to deploy a proxy on a site boundary. Since the +proxy supports both IPv4 and IPv6, it could also be +used to allow communication in cases where some RADIUS nodes +use only IPv4 and some only IPv6.

+ +

OPTIONS + +

+ + + + + + + + + +
+ + +

−f

 + + +

Run in foreground

 +
+ +

By specifying +this option, the proxy will run in foreground mode. That is, +it won’t detach. Also all logging will be done to +stderr.

+ +

−d <debug +level>

+ +

Debug +level

+ +

This specifies +the debug level. It must be set to 1, 2, 3, 4 or 5, where 1 +logs only serious errors, and 5 logs everything. The default +is 2 which logs errors, warnings and a few informational +messages.

+ + + + + + + + +
+ + +

−p

 + + +

Pretend

 +
+ +

The proxy reads +configuration files and performs initialisation as usual, +but exits prior to creating any sockets. It will return +different exit codes depending on whether the configuration +files are okay. This may be used to verify configuration +files, and can be done while another instance is +running.

+ + + + + + + + +
+ + +

−v

 + + +

Print version

 +
+ +

When this +option is specified, the proxy will simply print version +information and exit.

+ +

−c <config file +path>

+ +

Config file +path

+ +

This option +allows you to specify which config file to use. This is +useful if you want to use a config file that is not in any +of the default locations.

+ +

−i <pid file +path>

+ +

PID file +path

+ +

This option +tells the proxy to create a PID file with the specified +path.

+ +

SIGNALS + +

+ + +

The proxy +generally exits on all signals. The exceptions are listed +below.

+ + + + + + + +
+ + +

SIGHUP

 + + +

When logging to a file, this signal forces a reopen of +the log file.

+ +

SIGPIPE

+ +

This signal is +ignored.

+ +

FILES + +

+ + + +

/etc/radsecproxy.conf

+ +

The default +configuration file.

+ +

SEE ALSO + +

+ + + +

radsecproxy.conf(5), +radsecproxy-hash(1)

+
+ + -- cgit v1.1