summaryrefslogtreecommitdiff
path: root/radsecproxy.1
diff options
context:
space:
mode:
Diffstat (limited to 'radsecproxy.1')
-rw-r--r--radsecproxy.168
1 files changed, 68 insertions, 0 deletions
diff --git a/radsecproxy.1 b/radsecproxy.1
new file mode 100644
index 0000000..83bbc62
--- /dev/null
+++ b/radsecproxy.1
@@ -0,0 +1,68 @@
+.TH radsecproxy 1 "7 June 2007"
+
+.SH "NAME"
+radsecproxy - a generic RADIUS proxy that provides both RADIUS UDP and TCP/TLS (RadSec) transport.
+
+.SH "SYNOPSIS"
+radsecproxy [ -c configfile ] [ -d debuglevel ] [ -f ] [ -v ]
+.sp
+
+.SH "DESCRIPTION"
+radsecproxy is a \fBgeneric RADIUS proxy\fR that in addition to to
+usual \fBRADIUS UDP\fR transport, also supports \fBTLS (RadSec)\fR. The
+aim is for the proxy to have sufficient features to be flexible,
+while at the same time to be small, efficient and easy to configure.
+Currently the executable on Linux is only about \fI48 KB\fR, and it uses
+about \fI64 KB\fR (depending on the number of peers) while running.
+.sp
+The proxy was initially made to be able to deploy \fBRadSec\fR (RADIUS
+over TLS) so that all RADIUS communication across network links
+could be done using TLS, without modifying existing RADIUS software.
+This can be done by running this proxy on the same host as an existing
+RADIUS server or client, and configure the existing client/server to
+talk to localhost (the proxy) rather than other clients and servers
+directly.
+.sp
+There may however be other situations where a RADIUS proxy might be
+useful. Some people deploy RADIUS topologies where they want to
+route RADIUS messages to the right server. The nodes that do purely
+routing could be using a proxy. Some people may also wish to deploy
+a proxy on a firewall boundary. Since the proxy \fBsupports both IPv4
+and IPv6\fR, it could also be used to allow communication in cases
+where some RADIUS nodes use only IPv4 and some only IPv6.
+
+.TP
+.B -f
+.sp
+\fIRun in foreground\fR
+.sp
+By specifying this option, the proxy will run in foreground mode. That
+is, it won't detach. Also all logging will be done to stderr.
+
+.TP
+.B -d <debug level>
+.sp
+\fIDebug level\fR
+.sp
+This specifies the debug level. It must be set to 1, 2, 3 or 4, where 1
+logs only serious errors, and 4 logs everything. The default is 3 which
+logs errors, warnings and some informational messages.
+
+.TP
+.B -v
+.sp
+\fIPrint version\fR
+.sp
+When this option is specified, the proxy will simply print version
+information and exit.
+
+.TP
+.B -c <config file path>
+.sp
+\fIConfig file path\fR
+.sp
+This option allows you to specify which config file to use. This is useful
+if you want to use a config file that is not in any of the default locations.
+
+.SH "SEE ALSO"
+radsecproxy.conf(5), RadSec draft paper.