prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct

name = radiusd

confdir = ${raddbdir}
modconfdir = ${confdir}/mods-config
certdir = ${confdir}/certs
cadir   = ${confdir}/certs
run_dir = ${localstatedir}/run/${name}

db_dir = ${raddbdir}

libdir = /usr/local/lib/freeradius/freeradius

pidfile = ${run_dir}/${name}.pid

correct_escapes = true

max_request_time = 30

cleanup_delay = 5

max_requests = 16384

hostname_lookups = no

log {
	destination = syslog
	colourise = yes
	file = ${logdir}/radius.log
	syslog_facility = daemon
	#  Log the full User-Name attribute, as it was found in the request.
	stripped_names = no
	#  Log all (accept and reject) authentication results to the log file.
	auth = no
	#  Log Access-Accept results to the log file.
	auth_accept = no
	#  Log Access-Reject results to the log file.
	auth_reject = yes

	#  Log passwords with the authentication requests.
	#  auth_badpass  - logs password if it's rejected
	#  auth_goodpass - logs password if it's correct
	auth_badpass = no
	auth_goodpass = no
	msg_denied = "You are already logged in - access denied"
}

checkrad = ${sbindir}/checkrad

security {
	user = _freeradius
	group = _freeradius
	allow_core_dumps = no
	max_attributes = 200
	reject_delay = 1
	status_server = no
	allow_vulnerable_openssl = no
}

proxy_requests  = yes
$INCLUDE proxy.conf



$INCLUDE clients.conf


thread pool {
	start_servers = 2
	max_servers = 32
	min_spare_servers = 1
	max_spare_servers = 5
	#  Clean up old threads periodically.  For no reason other than
	#  it might be useful.
	#  '0' is a special value meaning 'infinity', or 'the servers never
	#  exit'
	max_requests_per_server = 1000
	auto_limit_acct = no
}


modules {
	$INCLUDE mods-enabled/
}

instantiate {
}

policy {
	$INCLUDE policy.d/
}

$INCLUDE sites-enabled/