| # -*- text -*- |
| ###################################################################### |
| # |
| # A virtual server to handle ONLY Status-Server packets. |
| # |
| # Server statistics can be queried with a properly formatted |
| # Status-Server request. See dictionary.freeradius for comments. |
| # |
| # If radiusd.conf has "status_server = yes", then any client |
| # will be able to send a Status-Server packet to any port |
| # (listen section type "auth", "acct", or "status"), and the |
| # server will respond. |
| # |
| # If radiusd.conf has "status_server = no", then the server will |
| # ignore Status-Server packets to "auth" and "acct" ports. It |
| # will respond only if the Status-Server packet is sent to a |
| # "status" port. |
| # |
| # The server statistics are available ONLY on socket of type |
| # "status". Queries for statistics sent to any other port |
| # are ignored. |
| # |
| # Similarly, a socket of type "status" will not process |
| # authentication or accounting packets. This is for security. |
| # |
| # $Id: e7d4346310b837d56bffe4c991b4e5680742ebc0 $ |
| # |
| ###################################################################### |
| |
| server status { |
| listen { |
| # ONLY Status-Server is allowed to this port. |
| # ALL other packets are ignored. |
| type = status |
| |
| ipaddr = 127.0.0.1 |
| port = 18121 |
| } |
| |
| # |
| # We recommend that you list ONLY management clients here. |
| # i.e. NOT your NASes or Access Points, and for an ISP, |
| # DEFINITELY not any RADIUS servers that are proxying packets |
| # to you. |
| # |
| # If you do NOT list a client here, then any client that is |
| # globally defined (i.e. all of them) will be able to query |
| # these statistics. |
| # |
| # Do you really want your partners seeing the internal details |
| # of what your RADIUS server is doing? |
| # |
| client admin { |
| ipaddr = 127.0.0.1 |
| secret = adminsecret |
| } |
| |
| # |
| # Simple authorize section. The "Autz-Type Status-Server" |
| # section will work here, too. See "raddb/sites-available/default". |
| authorize { |
| ok |
| |
| # respond to the Status-Server request. |
| Autz-Type Status-Server { |
| ok |
| } |
| } |
| } |
| |
| # Statistics can be queried via a number of methods: |
| # |
| # All packets received/sent by the server (1 = auth, 2 = acct) |
| # FreeRADIUS-Statistics-Type = 3 |
| # |
| # All packets proxied by the server (4 = proxy-auth, 8 = proxy-acct) |
| # FreeRADIUS-Statistics-Type = 12 |
| # |
| # All packets sent && received: |
| # FreeRADIUS-Statistics-Type = 15 |
| # |
| # Internal server statistics: |
| # FreeRADIUS-Statistics-Type = 16 |
| # |
| # All packets for a particular client (globally defined) |
| # FreeRADIUS-Statistics-Type = 35 |
| # FreeRADIUS-Stats-Client-IP-Address = 192.0.2.1 |
| # |
| # All packets for a client attached to a "listen" ip/port |
| # FreeRADIUS-Statistics-Type = 35 |
| # FreeRADIUS-Stats-Client-IP-Address = 192.0.2.1 |
| # FreeRADIUS-Stats-Server-IP-Address = 127.0.0.1 |
| # FreeRADIUS-Stats-Server-Port = 1812 |
| # |
| # All packets for a "listen" IP/port |
| # FreeRADIUS-Statistics-Type = 67 |
| # FreeRADIUS-Stats-Server-IP-Address = 127.0.0.1 |
| # FreeRADIUS-Stats-Server-Port = 1812 |
| # |
| # All packets for a home server IP / port |
| # FreeRADIUS-Statistics-Type = 131 |
| # FreeRADIUS-Stats-Server-IP-Address = 192.0.2.2 |
| # FreeRADIUS-Stats-Server-Port = 1812 |
| |
| # |
| # You can also get exponentially weighted moving averages of |
| # response times (in usec) of home servers. Just set the config |
| # item "historic_average_window" in a home_server section. |
| # |
| # By default it is zero (don't calculate it). Useful values |
| # are between 100, and 10,000. The server will calculate and |
| # remember the moving average for this window, and for 10 times |
| # that window. |
| # |
| |
| # |
| # Some of this could have been simplified. e.g. the proxy-auth and |
| # proxy-acct bits aren't completely necessary. But using them permits |
| # the server to be queried for ALL inbound && outbound packets at once. |
| # This gives a good snapshot of what the server is doing. |
| # |
| # Due to internal limitations, the statistics might not be exactly up |
| # to date. Do not expect all of the numbers to add up perfectly. |
| # The Status-Server packets are also counted in the total requests && |
| # responses. The responses are counted only AFTER the response has |
| # been sent. |
| # |