|
1 | | -== Authentication Modules |
2 | | -[options="header"] |
3 | | -[cols="20%,80%"] |
4 | | -|===== |
5 | | -| Module | Description |
6 | | -| xref:raddb/mods-available/chap.adoc[chap] | Performs Challenge Handshake Authentication Protocol (CHAP) authentication, as described by RFC 2865. |
7 | | -| xref:raddb/mods-available/digest.adoc[digest] | The digest module performs HTTP digest authentication, usually for a SIP server. See draft-sterman-aaa-sip-00.txt for |
8 | | -details. The module does not support RFC 5090. |
9 | | -| xref:raddb/mods-available/eap.adoc[eap] | Implements the base protocol for EAP (Extensible Authentication Protocol). |
10 | | -| xref:raddb/mods-available/eap_inner.adoc[eap_inner] | EAP/Inner Configuration for secure transmissions. |
11 | | -| xref:raddb/mods-available/imap.adoc[imap] | Allows users to be authenticated against an IMAP server. |
12 | | -| xref:raddb/mods-available/krb5.adoc[krb5] | Implements kerberos authentication, using the result of decrypting the TGT as an indication that the provided password was correct. |
13 | | -| xref:raddb/mods-available/ldap.adoc[ldap] | Can perform user authentication using LDAP binds, or by retrieving the contents of a password attribute for later comparison by a module such as rlm_pap, or an rlm_eap method. |
14 | | -| xref:raddb/mods-available/mschap.adoc[mschap] | Supports MS-CHAP and MS-CHAPv2 authentication. It also enforces the SMB-Account-Ctrl attribute. |
15 | | -| xref:raddb/mods-available/opendirectory.adoc[opendirectory] | Integrates with an Apple OpenDirectory service on the same host as FreeRADIUS to allow OpenDirectory users to authenticate. |
16 | | -| xref:raddb/mods-available/ntlm_auth.adoc[ntlm_auth] | NTLM Auth |
17 | | -| xref:raddb/mods-available/redundant_sql.adoc[redundant_sql] | Configure a redundant sql server. |
18 | | -| xref:raddb/mods-available/pam.adoc[pam] | Performs password checking via the Pluggable Authentication Module (PAM) framework. |
19 | | -| xref:raddb/mods-available/pap.adoc[pap] | Accepts a large number of formats for the "known good" (reference) password, such as crypt hashes, md5 hashes, and etc. The module takes the User-Password and performs the necessary transformations of the user submitted password |
20 | | -to match the copy of the password the server has retrieved. |
21 | | -| xref:raddb/mods-available/smbpasswd.adoc[smbpasswd] | SMBPasswd |
22 | | -| xref:raddb/mods-available/totp.adoc[totp] | Implemments the TOTP algorithm to fufill authentication requests. |
23 | | -| xref:raddb/mods-available/wimax.adoc[wimax] | Implements WiMAX authentication over RADIUS. |
24 | | -| xref:raddb/mods-available/winbind.adoc[winbind] | The module also allows for direct connection to Samba winbindd (version 4.2.1 or above), which communicates with |
25 | | -Active-Directory to retrieve group information and the user's NT-Password. |
26 | | -| xref:raddb/mods-available/yubikey.adoc[yubikey] | Supports authentication of yubikey tokens where the PSK is known to FreeRADIUS, and integrates with the Yubico cloud-based authentication service. |
27 | | -|===== |
28 | | - |
29 | | -== Authorization Modules |
30 | | -[options="header"] |
31 | | -[cols="20%,80%"] |
32 | | -|===== |
33 | | -| Module | Description |
34 | | -| xref:raddb/mods-available/smtp.adoc[smtp] | Allows users to submit smtp formatted, mime-encoded emails to a server Supports User-Name User-Password authentication Supports file attachments, size limited by the MTA. |
35 | | -|===== |
36 | | - |
37 | | -== Datastore Modules |
38 | | -[options="header"] |
39 | | -[cols="20%,80%"] |
40 | | -|===== |
41 | | -| Module | Description |
42 | | -| xref:raddb/mods-available/cache.adoc[cache] | Stores attributes and/or lists and adds them back to a subsequent request or to the current request on a later execution of the module. |
43 | | -| xref:raddb/mods-available/cache_eap.adoc[cache_eap] | Cache EAP |
44 | | -| xref:raddb/mods-available/cache_tls.adoc[cache_tls] | Cache TLS Session |
45 | | -| xref:raddb/mods-available/client.adoc[client] | Reads client definitions from flat files. |
46 | | -| xref:raddb/mods-available/csv.adoc[csv] | Maps values in a CSV file to FreeRADIUS attributes and adds them to the request. |
47 | | -| xref:raddb/mods-available/ldap.adoc[ldap] | Allows LDAP directory entries to be retrieved, modified, inserted and deleted. |
48 | | -| xref:raddb/mods-available/passwd.adoc[passwd] | Reads and caches line-oriented files that are in a format similar to ``/etc/passwd``. |
49 | | -| xref:raddb/mods-available/redis.adoc[redis] | Provides connectivity to single and clustered instances of Redis. This module exposes a string expansion that may be |
50 | | -used to execute queries against Redis. |
51 | | -| xref:raddb/mods-available/redis_ippool.adoc[redis_ippool] | Implements a fast and scalable IP allocation system using Redis. Supports both IPv4 and IPv6 address and prefix |
52 | | -allocation, and implements pre-allocation for use with DHCPv4. |
53 | | -| xref:raddb/mods-available/rediswho.adoc[rediswho] | Records which users are currently logged into the service. The file is used mainly for Simultaneous-Use checking to see |
54 | | -who has current sessions. |
55 | | -| xref:raddb/mods-available/redundant_sql.adoc[redundant_sql] | Configure a redundant sql server. |
56 | | -| xref:raddb/mods-available/sql.adoc[sql] | Provides an abstraction over multiple SQL backends, via database specific drivers. |
57 | | -| xref:raddb/mods-available/sqlippool.adoc[sqlippool] | SQL based IP allocation module. |
58 | | -| xref:raddb/mods-available/unix.adoc[unix] | Retrieves a user's encrypted password from the local system and places it into the ``control.Password.Crypt`` attribute. |
59 | | -The password is retrieved via the ``getpwent()`` and ``getspwent()`` system calls. |
60 | | -|===== |
61 | | - |
62 | | -== IO Modules |
63 | | -[options="header"] |
64 | | -[cols="20%,80%"] |
65 | | -|===== |
66 | | -| Module | Description |
67 | | -| xref:raddb/mods-available/detail.adoc[detail] | Writes attributes from a request list to a flat file in 'detail' format. |
68 | | -|xref:raddb/mods-available/detail.example.com.adoc[Detail Example] | Detail (Sample) |
69 | | -| xref:raddb/mods-available/detail.log.adoc[detail.log] | Detail Log Example |
70 | | -| xref:raddb/mods-available/files.adoc[files] | Implements a traditional Livingston-style users file. |
71 | | -| xref:raddb/mods-available/icmp.adoc[icmp] | Sends an ICMP "echo request" message to a particular IP address. |
72 | | - |
73 | | -| xref:raddb/mods-available/radius.adoc[radius] | Allows Access-Requests, Accounting-Requests, CoA-Requests and Disconnect-Messages to be sent during request processing. |
74 | | -| xref:raddb/mods-available/rest.adoc[rest] | Sends HTTP requests to remote servers and decodes the responses. |
75 | | -| xref:raddb/mods-available/unbound.adoc[unbound] | Performs queries against a DNS service to allow FQDNs to be resolved during request processing. |
76 | | -|===== |
77 | | - |
78 | | -== Language Modules |
79 | | -[options="header"] |
80 | | -[cols="20%,80%"] |
81 | | -|===== |
82 | | -| Module | Description |
83 | | -| xref:raddb/mods-available/exec.adoc[exec] | Executes an external script, passing in FreeRADIUS attributes as environmental variables or as arguments. |
84 | | -| xref:raddb/mods-available/lua.adoc[lua] | Allows the server to call embedded lua scripts. |
85 | | -| xref:raddb/mods-available/mruby.adoc[mruby] | Allows the server to call a persistent, embedded mRuby script. |
86 | | -| xref:raddb/mods-available/perl.adoc[perl] | Allows the server to call a persistent, embedded Perl script. |
87 | | -| xref:raddb/mods-available/python.adoc[python] | Allows the server to call a persistent, embedded Python script. |
88 | | -|===== |
89 | | - |
90 | | -== Policy Modules |
91 | | -[options="header"] |
92 | | -[cols="20%,80%"] |
93 | | -|===== |
94 | | -| Module | Description |
95 | | -| xref:raddb/mods-available/always.adoc[always] | Returns a pre-configured result code such as 'ok', 'noop', 'reject' etc... |
96 | | -| xref:raddb/mods-available/attr_filter.adoc[attr_filter] | Filters attributes in a request. Can delete attributes or permit them to have only certain values. |
97 | | -| xref:raddb/mods-available/cipher.adoc[cipher] | Perform cryptographic calculations on data. |
98 | | -| xref:raddb/mods-available/date.adoc[date] | Converts date strings between user configurable formats. |
99 | | -| xref:raddb/mods-available/delay.adoc[delay] | Introduces an artificial non-blocking delay when processing a request. |
100 | | -| xref:raddb/mods-available/escape.adoc[escape] | Escapes and unescapes strings using the MIME escape format |
101 | | -| xref:raddb/mods-available/idn.adoc[idn] | Converts internationalized domain names to ASCII. |
102 | | -| xref:raddb/mods-available/json.adoc[json] | Parses JSON strings into an in memory format using the json-c library. |
103 | | -| xref:raddb/mods-available/sometimes.adoc[sometimes] | Is a hashing and distribution protocol, that will sometimes return one code or another depending on the input value |
104 | | -configured. |
105 | | -| xref:raddb/mods-available/sqlcounter.adoc[sqlcounter] | Records statistics for users such as data transfer and session time, and prevent further logins when limits are reached. |
106 | | -| xref:raddb/mods-available/unpack.adoc[unpack] | Unpacks binary data from octets type attributes into individual attributes. |
107 | | -| xref:raddb/mods-available/utf8.adoc[utf8] | Checks all attributes of type string in the current request, to ensure that they only contain valid UTF8 sequences. |
108 | | -|===== |
109 | | - |
110 | | -== Protocol Modules |
111 | | -[options="header"] |
112 | | -[cols="20%,80%"] |
113 | | -|===== |
114 | | -| xref:raddb/mods-available/dhcpv4.adoc[dhcpv4] | Implements DHCPv4 (Dynamic Host Configuration Protocol for IPv4) client and relay. |
115 | | -| xref:raddb/mods-available/isc_dhcp.adoc[isc_dhcp] | isc_dhcp |
116 | | -|===== |
117 | | - |
118 | | -== Utility Modules |
119 | | -[options="header"] |
120 | | -[cols="20%,80%"] |
121 | | -|===== |
122 | | -| Module | Description |
123 | | - |
124 | | -| xref:raddb/mods-available/cui.adoc[cui] | CUI |
125 | | - |
126 | | -| xref:raddb/mods-available/echo.adoc[echo] | Echo |
127 | | -| xref:raddb/mods-available/etc_group.adoc[etc_group] | etc_group |
128 | | -| xref:raddb/mods-available/linelog.adoc[linelog] | Creates log entries from attributes, string expansions, or static strings, and writes them to a variety of backends, including syslog, flat files, and raw UDP/TCP sockets. |
129 | | -| xref:raddb/mods-available/logtee.adoc[logtee] | Tee's request logging at runtime, sending it to additional log destinations. |
130 | | -| xref:raddb/mods-available/mac2ip.adoc[mac2ip] | Mac2IP |
131 | | -| xref:raddb/mods-available/mac2vlan.adoc[mac2vlan] | Mac2Vlan |
132 | | -| xref:raddb/mods-available/stats.adoc[stats] | Stats |
133 | | -|===== |
| 1 | += Summary of All Modules |
| 2 | + |
| 3 | +include::partial$authentication_table.adoc[] |
| 4 | + |
| 5 | +include::partial$datastore_table.adoc[] |
| 6 | + |
| 7 | +include::partial$formatconvert_table.adoc[] |
| 8 | + |
| 9 | +include::partial$language_table.adoc[] |
| 10 | + |
| 11 | +include::partial$logging_table.adoc[] |
| 12 | + |
| 13 | +include::partial$policy_table.adoc[] |
| 14 | + |
| 15 | +include::partial$protocol_table.adoc[] |
| 16 | + |
| 17 | +include::partial$utility_table.adoc[] |
| 18 | + |
| 19 | + |
| 20 | + |
| 21 | + |
| 22 | + |
| 23 | + |
| 24 | + |
| 25 | + |
134 | 26 |
|
135 | 27 |
|
136 | 28 | // Copyright (C) 2025 Network RADIUS SAS. Licenced under CC-by-NC 4.0. |
|
0 commit comments