freeradius 自带了非常好的客户端程序 radtest, radclient 用来模拟和调试设备和通信过程。radtest多用于认证,radclient更为强大一些,认证,计费,coa都可以模拟,还可以自定义协议包非常强大。

命令帮助

这里大家自己看下就好了,非常容易理解。测试的时候用的都比较简单一些。


radclient -h

Usage: radclient [options] server[:port] <command> [<secret>]

  <command>              One of auth, acct, status, coa, disconnect or auto.

  -4                     Use IPv4 address of server

  -6                     Use IPv6 address of server.

  -c <count>             Send each packet 'count' times.

  -d <raddb>             Set user dictionary directory (defaults to /usr/local/etc/raddb).

  -D <dictdir>           Set main dictionary directory (defaults to /usr/local/share/freeradius).

  -f <file>[:<file>]     Read packets from file, not stdin.

                         If a second file is provided, it will be used to verify responses

  -F                     Print the file name, packet number and reply code.

  -h                     Print usage help information.

  -i <id>                Set request id to 'id'.  Values may be 0..255

  -n <num>               Send N requests/s

  -p <num>               Send 'num' packets from a file in parallel.

  -q                     Do not print anything out.

  -r <retries>           If timeout, retry sending the packet 'retries' times.

  -s                     Print out summary information of auth results.

  -S <file>              read secret from file, not command line.

  -t <timeout>           Wait 'timeout' seconds before retrying (may be a floating point number).

  -v                     Show program version information.

  -x                     Debugging mode.

  -P <proto>             Use proto (tcp or udp) for transport.

模拟认证请求


$ echo "User-Name=ff:ff:ff:ff:ff,User-Password=benu123" |radclient 127.0.0.1:1812 auth testing123 -x

Sent Access-Request Id 71 from 0.0.0.0:47403 to 127.0.0.1:1812 length 54

    User-Name = "ff:ff:ff:ff:ff"

    User-Password = "benu123"

    Cleartext-Password = "benu123"

Received Access-Accept Id 71 from 127.0.0.1:1812 to 0.0.0.0:0 length 158

    User-Name = "ff:ff:ff:ff:ff"

    Benu-Redirection-URL = "http://10.10.4.9:8080/WebAuthLogin1?portal_ip=10.10.4.2&client_id=ff:ff:ff:ff:ff&wbaredirect=http://www.google.com"

echo 的内容是请求内容,127.0.0.0:1812是radius认证端口, auth 是请求类型 , testing123 是cleint和radius的密钥, -x 表明查看详细过程。

模拟coa请求

coa_auth.txt 请求包内容


User-Name=C4-07-2F-85-15-9F

NAS-IP-Address=172.16.15.188

Calling-Station-Id=C4-07-2F-85-15-9F

Benu-ACL-Policy=auth_sla

Benu-QoS-Policy=32M_Full

测试以及结果



# radclient 172.16.15.188:3799 coa test -f coa_auth.txt -x

Sent CoA-Request Id 121 from 0.0.0.0:59699 to 172.16.15.188:3799 length 96

        User-Name = "C4-07-2F-85-15-9F"

        NAS-IP-Address = 172.16.15.188

        Calling-Station-Id = "C4-07-2F-85-15-9F"

        Benu-ACL-Policy = "auth_sla"

        Benu-QoS-Policy = "32M_Full"

Received CoA-ACK Id 121 from 172.16.15.188:3799 to 0.0.0.0:0 length 26

        Event-Timestamp = "Jan  8 2016 10:05:47 CST"

模拟计费请求

主要包含了计费开始,计费更新,计费停止几个报文。

请求命令

radclient 127.0.0.1 auto testing123 -f acct_start.txt

如果想看到详细的过程 命令结尾增加一个 -x 参数即可。

acct_start.txt 


Packet-Type=4

Packet-Dst-Port=1813

Acct-Session-Id = "4D2BB8AC-00000099"

Acct-Status-Type = Start

Acct-Authentic = RADIUS

User-Name = "ff:ff:ff:ff:ff"

NAS-Port = 0

Called-Station-Id = "00-02-6F-AA-AA-AA:My Wireless"

Calling-Station-Id = "00-1C-B3-AA-AA-AA"

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 48Mbps 802.11b"

Benu-ACL-Policy = "AM"

Benu-QoS-Policy = "DC"

Benu-Acct-Reason-Code = "40"

Benu-Private-Ip-Address = "127.0.0.1"

Benu-Napt-Public-Port-Range = "50"

acct_update.txt 


Packet-Type=4

Packet-Dst-Port=1813

Acct-Session-Id = "4D2BB8AC-00000099"

Acct-Status-Type = Interim-Update

Acct-Authentic = RADIUS

User-Name = "ff:ff:ff:ff:ff"

NAS-Port = 0

Called-Station-Id = "00-02-6F-AA-AA-AA:My Wireless"

Calling-Station-Id = "00-1C-B3-AA-AA-AA"

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 48Mbps 802.11b"

Acct-Session-Time = 11

Acct-Input-Packets = 15

Acct-Output-Packets = 3

Acct-Input-Octets = 1407

Acct-Output-Octets = 467

acct_stop.txt


Packet-Type=4

Packet-Dst-Port=1813

Acct-Session-Id = "4D2BB8AC-00000099"

Acct-Status-Type = Stop

Acct-Authentic = RADIUS

User-Name = "ff:ff:ff:ff:ff"

NAS-Port = 0

Called-Station-Id = "00-02-6F-AA-AA-AA:My Wireless"

Calling-Station-Id = "00-1C-B3-AA-AA-AA"

NAS-Port-Type = Wireless-802.11

Connect-Info = "CONNECT 48Mbps 802.11b"

Acct-Session-Time = 30

Acct-Input-Packets = 25

Acct-Output-Packets = 7

Acct-Input-Octets = 3407

Acct-Output-Octets = 867

Acct-Terminate-Cause = User-Request

测试


[root@orangleliu raddb]# radclient 127.0.0.1 auto testing123 -f acct_start.txt

Sent Accounting-Request Id 74 from 0.0.0.0:45094 to 127.0.0.1:1813 length 205

Received Accounting-Response Id 74 from 127.0.0.1:1813 to 0.0.0.0:0 length 20

[root@orangleliu raddb]# radclient 127.0.0.1 auto testing123 -f acct_update.txt

Sent Accounting-Request Id 231 from 0.0.0.0:28329 to 127.0.0.1:1813 length 183

Received Accounting-Response Id 231 from 127.0.0.1:1813 to 0.0.0.0:0 length 20

[root@orangleliu raddb]# radclient 127.0.0.1 auto testing123 -f acct_stop.txt

Sent Accounting-Request Id 209 from 0.0.0.0:62388 to 127.0.0.1:1813 length 189

Received Accounting-Response Id 209 from 127.0.0.1:1813 to 0.0.0.0:0 length 20

【freeradius】使用radclient调试radius协议的更多相关文章

  1. 【转】 浅谈Radius协议

    浅谈Radius协议 2013-12-03 16:06 5791人阅读 评论(0) 收藏 举报  分类: Radius协议分析(6)  从事Radius协议开发有段时间了,小弟不怕才疏学浅,卖弄一下, ...

  2. 转:浅谈Radius协议 -来自CSDN:http://blog.csdn.net/wangpengqi/article/details/17097221

    浅谈Radius协议 2013-12-03 16:06 5791人阅读 评论(0) 收藏 举报  分类: Radius协议分析(6)  从事Radius协议开发有段时间了,小弟不怕才疏学浅,卖弄一下, ...

  3. 无线局域网中RADIUS协议原理与实现

    转载自:http://blog.csdn.net/jinhill/article/details/5901042 摘要  RADIUS协议是一个被广泛应用于网络认证.授权和计费的协议.本文在介绍了RA ...

  4. 【协议】AAA Radius协议的常用报文分析

    写在前面的话 RADIUS:Remote Authentication Dial In User Service,远程用户拨号认证系统由RFC2865,RFC2866定义,是应用最广泛的AAA协议. ...

  5. Radius协议-学习

    目录 RFC Radius 协议 Radius-学习 RADIUS协议的主要特征 客户端/服务器模式 安全的消息交互机制 良好的扩展性 AAA介绍 C/S结构 RADIUS在协议栈中的位置 RADIU ...

  6. CentOS6.5下搭建LAMP+FreeRadius+Daloradius Web管理和TP-LINK路由器、H3C交换机连接,实现,上网认证和记账功能

    什么是RADIUS服务: RADIUS:(Remote Authentication Dial In User Service)中文名为远程用户拨号认证服务,简称RADIUS,是目前应用最广泛的AAA ...

  7. wifi认证Portal开发系列(一):Radius与FreeRadius简介

    RADIUS 维基百科上的介绍: Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that p ...

  8. vlc源码分析(七) 调试学习HLS协议

    HTTP Live Streaming(HLS)是苹果公司提出来的流媒体传输协议.与RTP协议不同的是,HLS可以穿透某些允许HTTP协议通过的防火墙. 一.HLS播放模式 (1) 点播模式(Vide ...

  9. Radius 认证协议介绍-兼rfc导读

    老规矩, 先看维基: 远端用户拨入验证服务(RADIUS, Remote Authentication Dial In User Service)是一个AAA协议,意思就是同时兼顾验证(authent ...

随机推荐

  1. Dynamics CRM2016 Web API之更新记录

    本篇继续探索web api,介绍如何通过web api更新记录. 下面是一段简单的更新代码,更新了几个不同类型的字段,entity的赋值和前篇创建时候的一样的. var entity = {}; en ...

  2. pandas小记:pandas时间序列分析和处理Timeseries

    http://blog.csdn.net/pipisorry/article/details/52209377 其它时间序列处理相关的包 [P4J 0.6: Periodic light curve ...

  3. java创建对象详解和多态问题

    一. java 构造方法不等于创建对象而是初始化对象,new 关键字分配内存和创建对象的.  二.Test test = new Test(); 有人用上面的表达式来说明构造方法返回对象引用,这是明显 ...

  4. Asp.net 在刷新或提交页面后保持滚动条的位置

    网页内容在较长时,每次回传刷新页面或提交网页时都会定位到最顶端,非常不利于用户交互. 将Page.MaintainScrollPositionOnPostBack属性值设置为true即可实现刷新后保持 ...

  5. JQuery之动画与特效

    显示与隐藏 show(spped,[callback])与hide(spped,[callback]) speed可选填slow.normal.fast,对应的速度分别为600ms.400ms.200 ...

  6. Linux/Unix--设备类型

          在Linux以及所有的Unix系统中,设备被分为以下三种类型:       块设备       字符设备       网络设备        块设备通常写为 blkdev ,它是可以寻址的 ...

  7. 小文本——Cookies

    http协议的无状态性导致在需要会话的场景下寸步难行,例如一个网站为了方便用户,在一段时间内登录过改网站的浏览器客户端实现自动登录,为实现这种客户端与服务器之间的会话机制需要额外的一些标识,http头 ...

  8. SDL2源代码分析8:视频显示总结

    ===================================================== SDL源代码分析系列文章列表: SDL2源代码分析1:初始化(SDL_Init()) SDL ...

  9. Android:android sdk源码中怎么没有httpclient的源码了

    欢迎关注公众号,每天推送Android技术文章,二维码如下:(可扫描) 今天想使用这个API,怎么也找不到.废了好多时间... 查阅资料才知道如下解释: 在android 6.0(API 23)中,G ...

  10. windbg分析运行在64位环境下的32位程序的dump

    windbg命令如下 1.   .load wow64exts 2.   !sw 3.   ~* kvnf