1Smokeping_probes_Radius(3) SmokePing Smokeping_probes_Radius(3)
2
3
4
6 Smokeping::probes::Radius - a RADIUS authentication probe for SmokePing
7
9 Measures RADIUS authentication latency for SmokePing
10
12 *** Probes ***
13
14 +Radius
15
16 forks = 5
17 offset = 50%
18 passwordfile = /some/place/secret
19 secretfile = /another/place/secret
20 step = 300
21
22 # The following variables can be overridden in each target section
23 allowreject = true
24 mininterval = 1
25 nas_ip_address = 10.1.2.3
26 password = test-password
27 pings = 5
28 port = 1645
29 secret = test-secret
30 timeout = 5
31 username = test-user # mandatory
32
33 # [...]
34
35 *** Targets ***
36
37 probe = Radius # if this should be the default probe
38
39 # [...]
40
41 + mytarget
42 # probe = Radius # if the default probe is something else
43 host = my.host
44 allowreject = true
45 mininterval = 1
46 nas_ip_address = 10.1.2.3
47 password = test-password
48 pings = 5
49 port = 1645
50 secret = test-secret
51 timeout = 5
52 username = test-user # mandatory
53
55 This probe measures RADIUS (RFC 2865) authentication latency for
56 SmokePing.
57
58 The username to be tested is specified in either the probe-specific or
59 the target-specific variable `username', with the target-specific one
60 overriding the probe-specific one.
61
62 The password can be specified either (in order of precedence, with the
63 latter overriding the former) in the probe-specific variable
64 `password', in an external file or in the target-specific variable
65 `password'. The location of this file is given in the probe-specific
66 variable `passwordfile'. See Smokeping::probes::passwordchecker(3pm)
67 for the format of this file (summary: colon-separated triplets of the
68 form `<host>:<username>:<password>')
69
70 The RADIUS protocol requires a shared secret between the server and the
71 client. This secret can be specified either (in order of precedence,
72 with the latter overriding the former) in the probe-specific variable
73 `secret', in an external file or in the target-specific variable
74 `secret'. This external file is located by the probe-specific variable
75 `secretfile', and it should contain whitespace-separated pairs of the
76 form `<host> <secret>'. Comments and blank lines are OK.
77
78 If the optional probe-specific variable `nas_ip_address' is specified,
79 its value is inserted into the authentication requests as the
80 `NAS-IP-Address' RADIUS attribute.
81
82 The probe tries to be nice to the server and does not send
83 authentication requests more frequently than once every X seconds,
84 where X is the value of the target-specific "min_interval" variable (1
85 by default).
86
88 Supported probe-specific variables:
89
90 forks
91 Run this many concurrent processes at maximum
92
93 Example value: 5
94
95 Default value: 5
96
97 offset
98 If you run many probes concurrently you may want to prevent them
99 from hitting your network all at the same time. Using the probe-
100 specific offset parameter you can change the point in time when
101 each probe will be run. Offset is specified in % of total interval,
102 or alternatively as 'random', and the offset from the 'General'
103 section is used if nothing is specified here. Note that this does
104 NOT influence the rrds itself, it is just a matter of when data
105 acqusition is initiated. (This variable is only applicable if the
106 variable 'concurrentprobes' is set in the 'General' section.)
107
108 Example value: 50%
109
110 passwordfile
111 Location of the file containing usernames and passwords.
112
113 Example value: /some/place/secret
114
115 secretfile
116 A file containing the RADIUS shared secrets for the targets. It
117 should contain whitespace-separated pairs of the form `<host>
118 <secret>'. Comments and blank lines are OK.
119
120 Example value: /another/place/secret
121
122 step
123 Duration of the base interval that this probe should use, if
124 different from the one specified in the 'Database' section. Note
125 that the step in the RRD files is fixed when they are originally
126 generated, and if you change the step parameter afterwards, you'll
127 have to delete the old RRD files or somehow convert them. (This
128 variable is only applicable if the variable 'concurrentprobes' is
129 set in the 'General' section.)
130
131 Example value: 300
132
133 Supported target-specific variables:
134
135 allowreject
136 Treat "reject" responses as OK
137
138 Example value: true
139
140 mininterval
141 The minimum interval between each authentication request sent, in
142 (possibly fractional) seconds.
143
144 Default value: 1
145
146 nas_ip_address
147 The NAS-IP-Address RADIUS attribute for the authentication
148 requests. Not needed everywhere.
149
150 Example value: 10.1.2.3
151
152 password
153 The password for the user, if not present in the password file.
154
155 Example value: test-password
156
157 pings
158 How many pings should be sent to each target, if different from the
159 global value specified in the Database section. Note that the
160 number of pings in the RRD files is fixed when they are originally
161 generated, and if you change this parameter afterwards, you'll have
162 to delete the old RRD files or somehow convert them.
163
164 Example value: 5
165
166 port
167 The RADIUS port to be used
168
169 Example value: 1645
170
171 secret
172 The RADIUS shared secret for the target, if not present in the
173 secrets file.
174
175 Example value: test-secret
176
177 timeout
178 Timeout in seconds for the RADIUS queries.
179
180 Default value: 5
181
182 username
183 The username to be tested.
184
185 Example value: test-user
186
187 This setting is mandatory.
188
190 Niko Tyni <ntyni@iki.fi>
191
193 There should be a more general way of specifying RADIUS attributes.
194
195
196
1972.7.3 2021-07-23 Smokeping_probes_Radius(3)