) ) ( ( ( (
* ) ( /( ( ( /( )\ ) ( )\ ) )\ ) )\ ) (
` ) /( )\()) ( )\ ) )\()) (()/( )\ (()/( (()/( ( (()/( ( ( )\ )
( )(_)) ((_)\ )\ (()/( ((_)\ /(_)) ((((_)( /(_)) /(_)) )\ /(_)) )\ )\ (()/(
(_(_()) ((_) _ ((_) /(_))_ _((_) (_)) )\ _ )\ (_))_ (_)) _ ((_) (_)) ((_)((_) /(_))
|_ _| / _ \ | | | | (_)) __| | || | | _ \ (_)_\(_) | \ |_ _| | | | | / __| \ \ / / (_) /
| | | (_) | | |_| | | (_ | | __ | | / / _ \ | |) | | | | |_| | \__ \ \ V / / _ \
|_| \___/ \___/ \___| |_||_| |_|_\ /_/ \_\ |___/ |___| \___/ |___/ \_/ \___/
/)
_ __ __ _ _/_ ___ _ (/ _ _/_ __ _ _/_ _ ______
(_(/ (_(/ (_(/ . (__ (_) (_(_ (_/_/ )_/_)_(__ / (_(_(_(__(__ . (__(_) // (_
.-/
(_/
TOUGHRADIUS 是一个开源的Radius服务软件,支持标准RADIUS协议(RFC 2865, RFC 2866),提供完整的AAA实现。支持灵活的策略管理,支持各种主流接入设备并轻松扩展,具备丰富的计费策略支持。
至 6.x 版本开始,基于Java语言重新开发。提供了一个高性能的 RADIUS 处理引擎,同时提供了一个简洁易用的 WEB管理界面,可以轻松上手。
TOUGHRADIUS 的功能类似于 freeRADIUS,但它使用起来更简单,更易于扩展开发。
- 操作系统:支持跨平台部署 (Linux,Windows,MacOS等)
- java 版本: 1.8或更高
- 数据库服务器:MySQL/MariaDB
数据库的安装配置请自行完成,首先确保你的数据库服务器已经运行
运行创建数据库脚本以及创建专用用户
create database toughradius DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL ON toughradius.* TO raduser@'127.0.0.1' IDENTIFIED BY 'radpwd' WITH GRANT OPTION;FLUSH PRIVILEGES;
创建数据库表
create table if not exists tr_bras
(
id bigint auto_increment primary key,
identifier varchar(128) null,
name varchar(64) not null,
ipaddr varchar(32) null,
vendor_id varchar(32) not null,
portal_vendor varchar(32) not null,
secret varchar(64) not null,
coa_port int not null,
ac_port int not null,
auth_limit int null,
acct_limit int null,
status enum('enabled', 'disabled') null,
remark varchar(512) null,
create_time datetime not null
);
create index ix_tr_bras_identifier on tr_bras (identifier);
create index ix_tr_bras_ipaddr on tr_bras (ipaddr);
create table if not exists tr_config
(
id bigint auto_increment primary key,
type varchar(32) not null,
name varchar(128) not null,
value varchar(255) null,
remark varchar(255) null
);
create table if not exists tr_subscribe
(
id bigint auto_increment primary key,
node_id bigint default 0 not null,
subscriber varchar(32) null,
realname varchar(32) null,
password varchar(128) not null,
domain varchar(128) null,
addr_pool varchar(128) null,
policy varchar(512) null,
is_online int null,
active_num int null,
bind_mac tinyint(1) null,
bind_vlan tinyint(1) null,
ip_addr varchar(32) null,
mac_addr varchar(32) null,
in_vlan int null,
out_vlan int null,
up_rate bigint null,
down_rate bigint null,
up_peak_rate bigint null,
down_peak_rate bigint null,
up_rate_code varchar(32) null,
down_rate_code varchar(32) null,
status enum('enabled', 'disabled') null,
remark varchar(512) null,
begin_time datetime not null,
expire_time datetime not null,
create_time datetime not null,
update_time datetime null
);
create index ix_tr_subscribe_create_time
on tr_subscribe (create_time);
create index ix_tr_subscribe_expire_time
on tr_subscribe (expire_time);
create index ix_tr_subscribe_status
on tr_subscribe (status);
create index ix_tr_subscribe_subscriber
on tr_subscribe (subscriber);
create index ix_tr_subscribe_update_time
on tr_subscribe (update_time);
插入测试数据
INSERT INTO toughradius.tr_bras
(identifier, name, ipaddr, vendor_id, portal_vendor,secret, coa_port,ac_port, auth_limit, acct_limit, STATUS, remark, create_time)
VALUES ('radius-tester', 'radius-tester', '127.0.0.1', '14988',"cmccv1", 'secret', 3799,2000, 1000, 1000, NULL, '0', '2019-03-01 14:07:46');
INSERT INTO toughradius.tr_subscribe
(node_id, subscriber, realname, password, domain, addr_pool, policy, is_online, active_num,
bind_mac, bind_vlan, ip_addr, mac_addr, in_vlan, out_vlan, up_rate, down_rate, up_peak_rate,
down_peak_rate, up_rate_code,down_rate_code, status, remark, begin_time, expire_time, create_time, update_time)
VALUES (0, 'test01', '', '888888', null, null, null, null, 10, 0, 0, '', '', 0, 0, 10.000, 10.000, 100.000, 100.000,
'10', '10', 'enabled', '', '2019-03-01 14:13:02', '2019-03-01 14:13:00', '2019-03-01 14:12:59', '2019-03-01 14:12:56');
java -jar -Xms256M -Xmx1024M /opt/toughradius-latest.jar --spring.profiles.active=prod
注意 jar 文件(toughradius-latest.jar)的路径
/opt/application-prod.properties
# web访问端口
server.port = 1816
# 如果启用 https, 取消以下注释即可
#server.security.require-ssl=true
#server.ssl.key-store-type=PKCS12
#server.ssl.key-store=classpath:toughradius.p12
#server.ssl.key-store-password=toughstruct
#server.ssl.key-alias=toughradius
# 日志配置,可选 logback-prod.xml 或 logback-dev.xml, 日志目录为 /var/toughradius/logs
logging.config=classpath:logback-prod.xml
# 数据库配置
spring.datasource.url=${RADIUS_DBURL:jdbc:mysql://127.0.0.1:3306/toughradius?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true}
spring.datasource.username=${RADIUS_DBUSER:raduser}
spring.datasource.password=${RADIUS_DBPWD:radpwd}
spring.datasource.max-active=${RADIUS_DBPOOL:120}
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
/usr/lib/systemd/system/toughradius.service
[Unit]
Description=toughradius
After=syslog.target
[Service]
WorkingDirectory=/opt
User=root
LimitNOFILE=65535
LimitNPROC=65535
Type=simple
ExecStart=/usr/bin/java -server -jar -Xms256M -Xmx1024M /opt/toughradius-latest.jar --spring.profiles.active=prod
SuccessExitStatus=143
[Install]
WantedBy=multi-user.target
如果了解 spring systemd和配置原理,可以根据自己的实际需要进行修改
通过以下指令启动服务
systemctl enable toughradius
systemctl start toughradius