diff options
| author | Linus Nordberg <linus@nordberg.se> | 2015-09-17 13:15:30 +0200 |
|---|---|---|
| committer | Linus Nordberg <linus@nordberg.se> | 2015-09-17 13:15:30 +0200 |
| commit | 627003ae120a09b0e72940eb3683132a4a0cf93f (patch) | |
| tree | 92364dcd2d901fb4dee5e03072b945c393929102 /doc/1.6/radsecproxy.html | |
Initial revision.
Moving from https://software.uninett.no/radsecproxy/ to https://software.nordu.net/radsecproxy/.
Diffstat (limited to 'doc/1.6/radsecproxy.html')
| -rw-r--r-- | doc/1.6/radsecproxy.html | 251 |
1 files changed, 251 insertions, 0 deletions
diff --git a/doc/1.6/radsecproxy.html b/doc/1.6/radsecproxy.html new file mode 100644 index 0000000..ee3140f --- /dev/null +++ b/doc/1.6/radsecproxy.html @@ -0,0 +1,251 @@ +<!-- Creator : groff version 1.22.2 --> +<!-- CreationDate: Thu Sep 17 10:29:23 2015 --> +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" +"http://www.w3.org/TR/html4/loose.dtd"> +<html> +<head> +<meta name="generator" content="groff -Thtml, see www.gnu.org"> +<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII"> +<meta name="Content-Style" content="text/css"> +<style type="text/css"> + p { margin-top: 0; margin-bottom: 0; vertical-align: top } + pre { margin-top: 0; margin-bottom: 0; vertical-align: top } + table { margin-top: 0; margin-bottom: 0; vertical-align: top } + h1 { text-align: center } +</style> +<title>radsecproxy</title> + +</head> +<body> + +<h1 align="center">radsecproxy</h1> + +<a href="#NAME">NAME</a><br> +<a href="#SYNOPSIS">SYNOPSIS</a><br> +<a href="#DESCRIPTION">DESCRIPTION</a><br> +<a href="#OPTIONS">OPTIONS</a><br> +<a href="#SIGNALS">SIGNALS</a><br> +<a href="#FILES">FILES</a><br> +<a href="#SEE ALSO">SEE ALSO</a><br> + +<hr> + + +<h2>NAME +<a name="NAME"></a> +</h2> + + +<p style="margin-left:11%; margin-top: 1em">radsecproxy - a +generic RADIUS proxy that provides both RADIUS UDP and +TCP/TLS (RadSec) transport.</p> + +<h2>SYNOPSIS +<a name="SYNOPSIS"></a> +</h2> + + +<table width="100%" border="0" rules="none" frame="void" + cellspacing="0" cellpadding="0"> +<tr valign="top" align="left"> +<td width="11%"></td> +<td width="89%"> + + +<p style="margin-top: 1em">radsecproxy [−c +configfile] [−d debuglevel] [−f] [−i +pidfile] [−p] [−v]</p></td></tr> +</table> + +<h2>DESCRIPTION +<a name="DESCRIPTION"></a> +</h2> + + +<p style="margin-left:11%; margin-top: 1em">radsecproxy is +a <b>generic RADIUS proxy</b> that in addition to to usual +<b>RADIUS UDP</b> transport, also supports <b>TLS +(RadSec)</b>. The aim is for the proxy to have sufficient +features to be flexible, while at the same time to be small, +efficient and easy to configure. Currently the executable on +Linux is only about <i>48 KB</i>, and it uses about <i>64 +KB</i> (depending on the number of peers) while running.</p> + +<p style="margin-left:11%; margin-top: 1em">The proxy was +initially made to be able to deploy <b>RadSec</b> (RADIUS +over TLS) so that all RADIUS communication across network +links could be done using TLS, without modifying existing +RADIUS software. This can be done by running this proxy on +the same host as an existing RADIUS server or client, and +configure the existing client/server to talk to localhost +(the proxy) rather than other clients and servers +directly.</p> + +<p style="margin-left:11%; margin-top: 1em">There are +however other situations where a RADIUS proxy might be +useful. Some people deploy RADIUS topologies where they want +to route RADIUS messages to the right server. The nodes that +do purely routing could be using a proxy. Some people may +also wish to deploy a proxy on a site boundary. Since the +proxy <b>supports both IPv4 and IPv6</b>, it could also be +used to allow communication in cases where some RADIUS nodes +use only IPv4 and some only IPv6.</p> + +<h2>OPTIONS +<a name="OPTIONS"></a> +</h2> + + +<table width="100%" border="0" rules="none" frame="void" + cellspacing="0" cellpadding="0"> +<tr valign="top" align="left"> +<td width="11%"></td> +<td width="3%"> + + +<p style="margin-top: 1em"><b>−f</b></p></td> +<td width="8%"></td> +<td width="26%"> + + +<p style="margin-top: 1em"><i>Run in foreground</i></p></td> +<td width="52%"> +</td></tr> +</table> + +<p style="margin-left:22%; margin-top: 1em">By specifying +this option, the proxy will run in foreground mode. That is, +it won’t detach. Also all logging will be done to +stderr.</p> + +<p style="margin-left:11%;"><b>−d <debug +level></b></p> + +<p style="margin-left:22%; margin-top: 1em"><i>Debug +level</i></p> + +<p style="margin-left:22%; margin-top: 1em">This specifies +the debug level. It must be set to 1, 2, 3, 4 or 5, where 1 +logs only serious errors, and 5 logs everything. The default +is 2 which logs errors, warnings and a few informational +messages.</p> + +<table width="100%" border="0" rules="none" frame="void" + cellspacing="0" cellpadding="0"> +<tr valign="top" align="left"> +<td width="11%"></td> +<td width="3%"> + + +<p><b>−p</b></p></td> +<td width="8%"></td> +<td width="10%"> + + +<p><i>Pretend</i></p></td> +<td width="68%"> +</td></tr> +</table> + +<p style="margin-left:22%; margin-top: 1em">The proxy reads +configuration files and performs initialisation as usual, +but exits prior to creating any sockets. It will return +different exit codes depending on whether the configuration +files are okay. This may be used to verify configuration +files, and can be done while another instance is +running.</p> + +<table width="100%" border="0" rules="none" frame="void" + cellspacing="0" cellpadding="0"> +<tr valign="top" align="left"> +<td width="11%"></td> +<td width="3%"> + + +<p style="margin-top: 1em"><b>−v</b></p></td> +<td width="8%"></td> +<td width="20%"> + + +<p style="margin-top: 1em"><i>Print version</i></p></td> +<td width="58%"> +</td></tr> +</table> + +<p style="margin-left:22%; margin-top: 1em">When this +option is specified, the proxy will simply print version +information and exit.</p> + +<p style="margin-left:11%;"><b>−c <config file +path></b></p> + +<p style="margin-left:22%; margin-top: 1em"><i>Config file +path</i></p> + +<p style="margin-left:22%; margin-top: 1em">This option +allows you to specify which config file to use. This is +useful if you want to use a config file that is not in any +of the default locations.</p> + +<p style="margin-left:11%;"><b>−i <pid file +path></b></p> + +<p style="margin-left:22%; margin-top: 1em"><i>PID file +path</i></p> + +<p style="margin-left:22%; margin-top: 1em">This option +tells the proxy to create a PID file with the specified +path.</p> + +<h2>SIGNALS +<a name="SIGNALS"></a> +</h2> + + +<p style="margin-left:11%; margin-top: 1em">The proxy +generally exits on all signals. The exceptions are listed +below.</p> + +<table width="100%" border="0" rules="none" frame="void" + cellspacing="0" cellpadding="0"> +<tr valign="top" align="left"> +<td width="11%"></td> +<td width="9%"> + + +<p><b>SIGHUP</b></p></td> +<td width="2%"></td> +<td width="78%"> + + +<p>When logging to a file, this signal forces a reopen of +the log file.</p></td></tr> +</table> + +<p style="margin-left:11%;"><b>SIGPIPE</b></p> + +<p style="margin-left:22%; margin-top: 1em">This signal is +ignored.</p> + +<h2>FILES +<a name="FILES"></a> +</h2> + + + +<p style="margin-left:11%; margin-top: 1em"><b>/etc/radsecproxy.conf</b></p> + +<p style="margin-left:22%; margin-top: 1em">The default +configuration file.</p> + +<h2>SEE ALSO +<a name="SEE ALSO"></a> +</h2> + + + +<p style="margin-left:11%; margin-top: 1em">radsecproxy.conf(5), +radsecproxy-hash(1)</p> +<hr> +</body> +</html> |