From 533177003c85fa3f2fd77afd7cf63e63ea0d75d7 Mon Sep 17 00:00:00 2001 From: Reto Buerki Date: Mon, 19 Nov 2012 17:30:58 +0100 Subject: Adapt test configurations Adapt test configurations to the new Debian-based system. --- .../tests/ikev2/rw-radius-accounting/evaltest.dat | 6 +- .../hosts/alice/etc/freeradius/eap.conf | 5 + .../hosts/alice/etc/freeradius/proxy.conf | 5 + .../alice/etc/freeradius/sites-available/default | 42 ++++++++ .../hosts/alice/etc/freeradius/users | 1 + .../hosts/alice/etc/raddb/clients.conf | 4 - .../hosts/alice/etc/raddb/eap.conf | 5 - .../hosts/alice/etc/raddb/proxy.conf | 5 - .../hosts/alice/etc/raddb/radiusd.conf | 120 --------------------- .../hosts/alice/etc/raddb/sites-available/default | 43 -------- .../hosts/alice/etc/raddb/users | 1 - .../tests/ikev2/rw-radius-accounting/posttest.dat | 4 +- .../tests/ikev2/rw-radius-accounting/pretest.dat | 4 +- 13 files changed, 60 insertions(+), 185 deletions(-) create mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/eap.conf create mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/proxy.conf create mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/sites-available/default create mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/users delete mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/clients.conf delete mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/eap.conf delete mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/proxy.conf delete mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/radiusd.conf delete mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/sites-available/default delete mode 100644 testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/users (limited to 'testing/tests/ikev2/rw-radius-accounting') diff --git a/testing/tests/ikev2/rw-radius-accounting/evaltest.dat b/testing/tests/ikev2/rw-radius-accounting/evaltest.dat index 5c453f8b4..ccbc769e2 100644 --- a/testing/tests/ikev2/rw-radius-accounting/evaltest.dat +++ b/testing/tests/ikev2/rw-radius-accounting/evaltest.dat @@ -9,6 +9,6 @@ carol::ping -c 5 -s 1392 PH_IP_ALICE::1400 bytes from PH_IP_ALICE::YES carol::ipsec down home 2> /dev/null::no output expected::NO moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES -alice::cat /var/log/radius/radacct/10.1.0.1/*::User-Name =.*carol::YES -alice::cat /var/log/radius/radacct/10.1.0.1/*::Acct-Output-Octets = 7100::YES -alice::cat /var/log/radius/radacct/10.1.0.1/*::Acct-Input-Octets = 7100::YES +alice::cat /var/log/freeradius/radacct/PH_IP_MOON1/*::User-Name =.*carol::YES +alice::cat /var/log/freeradius/radacct/PH_IP_MOON1/*::Acct-Output-Octets = 7100::YES +alice::cat /var/log/freeradius/radacct/PH_IP_MOON1/*::Acct-Input-Octets = 7100::YES diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/eap.conf b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/eap.conf new file mode 100644 index 000000000..623f42904 --- /dev/null +++ b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/eap.conf @@ -0,0 +1,5 @@ +eap { + default_eap_type = md5 + md5 { + } +} diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/proxy.conf b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/proxy.conf new file mode 100644 index 000000000..783587b55 --- /dev/null +++ b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/proxy.conf @@ -0,0 +1,5 @@ +realm LOCAL { + type = radius + authhost = LOCAL + accthost = LOCAL +} diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/sites-available/default b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/sites-available/default new file mode 100644 index 000000000..a67a5dcb4 --- /dev/null +++ b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/sites-available/default @@ -0,0 +1,42 @@ +authorize { + eap { + ok = return + } + files +} + +authenticate { + eap +} + +preacct { + preprocess + acct_unique + suffix + files +} + +accounting { + detail + unix + radutmp + attr_filter.accounting_response +} + +session { + radutmp +} + +post-auth { + exec + Post-Auth-Type REJECT { + attr_filter.access_reject + } +} + +pre-proxy { +} + +post-proxy { + eap +} diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/users b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/users new file mode 100644 index 000000000..247b918e3 --- /dev/null +++ b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/users @@ -0,0 +1 @@ +carol Cleartext-Password := "Ar3etTnp" diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/clients.conf b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/clients.conf deleted file mode 100644 index f4e179aa4..000000000 --- a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/clients.conf +++ /dev/null @@ -1,4 +0,0 @@ -client PH_IP_MOON1 { - secret = gv6URkSs - shortname = moon -} diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/eap.conf b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/eap.conf deleted file mode 100644 index 623f42904..000000000 --- a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/eap.conf +++ /dev/null @@ -1,5 +0,0 @@ -eap { - default_eap_type = md5 - md5 { - } -} diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/proxy.conf b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/proxy.conf deleted file mode 100644 index 783587b55..000000000 --- a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/proxy.conf +++ /dev/null @@ -1,5 +0,0 @@ -realm LOCAL { - type = radius - authhost = LOCAL - accthost = LOCAL -} diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/radiusd.conf b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/radiusd.conf deleted file mode 100644 index 1143a0473..000000000 --- a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/radiusd.conf +++ /dev/null @@ -1,120 +0,0 @@ -# radiusd.conf -- FreeRADIUS server configuration file. - -prefix = /usr -exec_prefix = ${prefix} -sysconfdir = /etc -localstatedir = /var -sbindir = ${exec_prefix}/sbin -logdir = ${localstatedir}/log/radius -raddbdir = ${sysconfdir}/raddb -radacctdir = ${logdir}/radacct - -# name of the running server. See also the "-n" command-line option. -name = radiusd - -# Location of config and logfiles. -confdir = ${raddbdir} -run_dir = ${localstatedir}/run/radiusd - -# Should likely be ${localstatedir}/lib/radiusd -db_dir = ${raddbdir} - -# libdir: Where to find the rlm_* modules. -libdir = ${exec_prefix}/lib - -# pidfile: Where to place the PID of the RADIUS server. -pidfile = ${run_dir}/${name}.pid - -# max_request_time: The maximum time (in seconds) to handle a request. -max_request_time = 30 - -# cleanup_delay: The time to wait (in seconds) before cleaning up -cleanup_delay = 5 - -# max_requests: The maximum number of requests which the server keeps -max_requests = 1024 - -# listen: Make the server listen on a particular IP address, and send -listen { - type = auth - ipaddr = PH_IP_ALICE - port = 0 -} - -# This second "listen" section is for listening on the accounting -# port, too. -# -listen { - type = acct - ipaddr = PH_IP_ALICE - port = 0 -} - -# hostname_lookups: Log the names of clients or just their IP addresses -hostname_lookups = no - -# Core dumps are a bad thing. This should only be set to 'yes' -allow_core_dumps = no - -# Regular expressions -regular_expressions = yes -extended_expressions = yes - -# Logging section. The various "log_*" configuration items -log { - destination = files - file = ${logdir}/radius.log - syslog_facility = daemon - stripped_names = no - auth = yes - auth_badpass = yes - auth_goodpass = yes -} - -# The program to execute to do concurrency checks. -checkrad = ${sbindir}/checkrad - -# Security considerations -security { - max_attributes = 200 - reject_delay = 1 - status_server = yes -} - -# PROXY CONFIGURATION -proxy_requests = yes -$INCLUDE proxy.conf - -# CLIENTS CONFIGURATION -$INCLUDE clients.conf - -# THREAD POOL CONFIGURATION -thread pool { - start_servers = 5 - max_servers = 32 - min_spare_servers = 3 - max_spare_servers = 10 - max_requests_per_server = 0 -} - -# MODULE CONFIGURATION -modules { - $INCLUDE ${confdir}/modules/ - $INCLUDE eap.conf - $INCLUDE sql.conf - $INCLUDE sql/mysql/counter.conf -} - -# Instantiation -instantiate { - exec - expr - expiration - logintime -} - -# Policies -$INCLUDE policy.conf - -# Include all enabled virtual hosts -$INCLUDE sites-enabled/ diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/sites-available/default b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/sites-available/default deleted file mode 100644 index 2de32a6f2..000000000 --- a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/sites-available/default +++ /dev/null @@ -1,43 +0,0 @@ -authorize { - eap { - ok = return - } - files -} - -authenticate { - eap -} - -preacct { - preprocess - acct_unique - suffix - files -} - -accounting { - detail - unix - radutmp - attr_filter.accounting_response -} - -session { - radutmp -} - -post-auth { - exec - Post-Auth-Type REJECT { - attr_filter.access_reject - } -} - -pre-proxy { -} - -post-proxy { - eap -} - diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/users b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/users deleted file mode 100644 index 247b918e3..000000000 --- a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/raddb/users +++ /dev/null @@ -1 +0,0 @@ -carol Cleartext-Password := "Ar3etTnp" diff --git a/testing/tests/ikev2/rw-radius-accounting/posttest.dat b/testing/tests/ikev2/rw-radius-accounting/posttest.dat index b1f971402..4ccbcb9b9 100644 --- a/testing/tests/ikev2/rw-radius-accounting/posttest.dat +++ b/testing/tests/ikev2/rw-radius-accounting/posttest.dat @@ -1,7 +1,7 @@ carol::ipsec stop moon::ipsec stop -alice::/etc/init.d/radiusd stop -alice::cat /var/log/radius/radacct/10.1.0.1/* +alice::killall radiusd +alice::cat /var/log/freeradius/radacct/PH_IP_MOON1/* carol::/etc/init.d/iptables stop 2> /dev/null moon::/etc/init.d/iptables stop 2> /dev/null diff --git a/testing/tests/ikev2/rw-radius-accounting/pretest.dat b/testing/tests/ikev2/rw-radius-accounting/pretest.dat index 30c8bd573..dbe1802fb 100644 --- a/testing/tests/ikev2/rw-radius-accounting/pretest.dat +++ b/testing/tests/ikev2/rw-radius-accounting/pretest.dat @@ -1,7 +1,7 @@ moon::/etc/init.d/iptables start 2> /dev/null carol::/etc/init.d/iptables start 2> /dev/null -alice::rm /var/log/radius/radacct/10.1.0.1/* -alice::/etc/init.d/radiusd start +alice::rm /var/log/freeradius/radacct/PH_IP_MOON1/* +alice::radiusd moon::ipsec start carol::ipsec start carol::sleep 1 -- cgit v1.2.3