Installing PPTP
Directly using the Chao PPTP one-click installation package
wget Http://dl.zrblog.net/pptpd.sh;sh pptpd.sh;
Installing LNMP
I am using AMH4.2, is also a key installation package
Wget http://amysql.com/file/AMH/4.2/amh.sh; chmod 775 amh.sh;./amh.sh 2>&1 | Tee Amh.log;
Installing Pear
AMH installed without pear, and daloradius need pear db plug-in
wget http://pear.php.net/go-pear.phar;php Go-pear.phar;
You can return
/usr/local/php/bin/pear Install DB
Install the DB plugin.
Add a virtual Host
Login AMH background, install the Amchroot module, and then create a new virtual host, enter the Amchroot to set the newly-created host to compatibility mode. Because of the strict authority management, resulting in the inability to call the pear plug-in, tossing for several nights ...
Installing Daloradius
wget Http://downloads.sourceforge.net/project/daloradius/daloradius/daloradius0.9-9/daloradius-0.9-9.tar.gz;tar Xvzf DALORADIUS-0.9-9.TAR.GZ;MV daloradius-0.9-9/*/home/wwwroot/replaced with the domain name of the virtual host you just created/web
Configure Daloradius
Create a new database with phpMyAdmin, and then import the./contrib/db/fr2-mysql-daloradius-and-freeradius.sql
Edit./library/daloradius.conf.php
$configValues [' config_db_host '] = ' localhost ';
$configValues [' config_db_port '] = ' 3306 ';
$configValues [' config_db_user '] = ' database user name ';
$configValues [' config_db_pass '] = ' database password ';
$configValues [' config_db_name '] = ' database name ';
$configValues [' config_path_dalo_variable_data '] = '/home/wwwroot/replaced with the domain name of the virtual host just established/web/var ';
Installing Freeradius (SERVER)
Yum Install Freeradius2 Freeradius2-mysql freeradius2-utils
-
Install client
wget ftp://ftp.samba.org/pub/ppp/ppp-2.4.5.tar.gz;tar ZXVF ppp-2.4.5.tar.gz;cp-r /root/ppp-2.4.5/pppd/plugins/radius/etc/ /usr/local/etc/radiusclient
-
Configure Freeradius
Edit usr/local/etc/radiusclient/servers, trailing add
127.0.0.1 Xxvpn
Edit/usr/local/etc/radiusclient/dictionary, delete the last line, and then add the
blockquote> include /usr/local/etc/radiusclient/dictionary.microsoft
include/usr/ local/etc/radiusclient/dictionary.merit Edit/etc/raddb/ clients.conf, the client localhost secret changed to Xxvpn
Edit/etc/raddb/radiusd.conf, find $include sql.conf, remove the previous #; INCLUDE sql/mysql/counter.conf, remove the previous #
Edit/etc/raddb/sql.conf, configure login (user name), password (password), radius_db (database name) fields
Edit/etc/raddb/sites-enabled/default
authorize segment, turn off files, Unix, open sql
Preacct segment, Turn off files
Accounting segment, open SQL, turn off unix
Session, open sql
Post-auth segment, open sql
Pre-proxy section, turn off files
Configuring PPTP
Edit/ETC/PPP/OPTIONS.PPTPD, trailing add
Plugin radius.so
Plugin radattr.so
Radius-config-file/usr/local/etc/radiusclient/radiusclient.conf
Flow control
Edit/etc/raddb/sql/mysql/counter.conf, trailing add
Sqlcounter Monthlytrafficcounter {
Counter-name = monthly-traffic
Check-name = max-monthly-traffic
Reply-name = Monthly-traffic-limit
Sqlmod-inst = sql
Key = User-name
reset = Monthly
query = "Select SUM (Acctinputoctets + acctoutputoctets) from Radacct WHERE username= '%{%k} ' and Unix_timestamp (Acctstartt IME) > '%b ' "
}
The above code means monthly statistics, from the database's Radacct table, according to the user name (%k) All inbound and outbound traffic accumulated.
Time is also customizable (months, weeks, days, hours), or you can specify a specific value, such as three days reset "reset = 3 D"
Edit/etc/raddb/sites-enabled/default, add "Monthlytrafficcounter" at the end of the authorize block
Edit/etc/raddb/dictionary, trailing add
ATTRIBUTE max-monthly-traffic 3003 integer
ATTRIBUTE monthly-traffic-limit 3004 Integer
Enter phpMyAdmin, execute SQL
INSERT into Radgroupreply (groupname,attribute,op,value) VALUES (' User ', ' Mikrotik-rate-limi ', ': = ', ' 512k/1m ');
INSERT into Radgroupreply (groupname,attribute,op,value) VALUES (' User ', ' acct-interim-interval ', ': = ', ' 300 ');
INSERT into Radgroupcheck (groupname,attribute,op,value) VALUES (' User ', ' simultaneous-use ', ': = ', ' 1 ');
INSERT into Radgroupcheck (groupname,attribute,op,value) VALUES (' User ', ' max-monthly-traffic ', ': = ', ' 1073741824 ');
User Disconnection Detection Script
#!/bin/bash
Mysql_pass=xxxxxxxxxx
/USR/LOCAL/MYSQL/BIN/MYSQL-UROOT-P$MYSQL_PASS-E "UPDATE database name. RADACCT SET acctstoptime = acctstarttime + Acctsessionti Me WHERE ((Unix_timestamp (acctstarttime) + Acctsessiontime + 240-unix_timestamp ()) <0) and Acctstoptime is NULL; "
Multi-line limit
Modify/etc/raddb/sites-enabled/defalut to add in authorize chunks
Update Request {
Group-name: = "%{sql:select groupname from Radusergroup WHERE username= '%{user-name} ' ORDER by priority}"
}
if (group-name && "%{sql:select count (value) from Radgroupcheck WHERE groupname= '%{group-name} ' and attribute= ' Nas-ip-address '} ') {
if ("%{sql:select count (value) from Radgroupcheck WHERE groupname= '%{group-name} ' and value= '%{nas-ip-address} '}" < 1 ) {
Reject
}
}