summaryrefslogtreecommitdiff
path: root/README
blob: bf24bfaa8d00d3fb924b0ca2d79a123b59ac297f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
This is unreleased radsecproxy 1.6.3-rc0.

radsecproxy is a generic RADIUS proxy that supports both UDP and TLS
(RadSec) RADIUS transports.  There is also experimental support for
TCP and DTLS.

It should build on most Unix and OSX platforms by simply typing
"./configure && make".  It is possible to specify which RADIUS
transport the build should support.  Without any special options to
configure, all transports supported by the system will be enabled.
See the output from "configure --help" for how to change this.

Known build issues:
- Older BSD's (like NetBSD 4.x) need newer OpenSSL in order to support
  DTLS.  Workaround: ./configure --disable-dtls.

- FreeBSD 6.x need newer OpenSSL to build at all.  OpenSSL 1.0.0c from
  ports is fine f.ex., configure radsecproxy with `--with-ssl=/usr/local'.

To use radsecproxy you need to create a config file which normally is
called "/etc/radsecproxy.conf".  You can also specify the location
with the "-c" command line option (see below).  For further
instructions, please see the enclosed example file and the
documentation at
http://software.uninett.no/radsecproxy/?page=documentation

The following options may be specified on the command line:
"-c configfile" to specify a non-default config file path.
"-d loglevel" to set a loglevel of 1, 2, 3, 4 and 5 where 5 is the
              most detailed.
"-f" to run the proxy in the foreground with logging to stderr.
     Without "-f" the default is to detach as a daemon and log to
     syslog.
"-i pidfile" to name a file to which the PID is written.
"-v" just prints version information and exits.
"-p" (pretend) makes the proxy go through the configuration files as
     normal, but stops before creating any sockets or doing any
     serious work.  This is useful for validating config files.