Syed Jahanzaib Personal Blog to Share Knowledge !

June 16, 2017

Quick Notes on moving MySQL database(s) directory to New Partition

Filed under: Linux Related — Syed Jahanzaib / Pinochio~:) @ 4:59 PM

moving

Following are short notes on how you can move mysql db directory to another partition.

Background:

Our Government base telecom authority called PTA (in PK) regularly issues letter to local ISP’s asking them to keep user traffic data for period of minimum one year.

As showed here (Thanks to Mr. Khalid for providing this notice copy)

pta letter

We know that almost all small scale ISP are natting there users by using local dsl or other medium bandwidth, and keeping private IP data traffic is (almost) useless because finding any thing from such data is like finding a needle in the haystack. If OP is assigning users with public ip, then OP should record users public ip assignment only like showed here, but as private natted IP are still being used therefore OP should save users traffic as per law despite of it will almost useless in practical)

In general we can log user traffic by using mikrotik own small scale web proxy, or adding external proxy like SQUID and route all traffic to squid proxy and keep logs there.

But if you are using Radius Manager, we have option of CONNECTION TRACKING. Using this method, we can track all users connection in mysql DB.

c1

c2

Connection Tracking requires lot of disk space for local ISP. Recently I recommend many OP to use SSD disk as SSD disks are more reliable , long life & offer fast disk access with minimal latency, but as SSD are costly therefore as alternative, we can add secondary disk for mysql like 2.TB and move our MySQL DB in this drive, rest OS or RM will operate from our primary SSD.


Scenario:

We have 2 disk in system as follows

  1. 128 GB SSD [Ubuntu 12.4 installed along with radius manager 4.1.5]
  2. 2 TB SATA Disk [Empty & Mounted as /2tb, howto mount disk read this ]

So our requirement is to move MySQL DB to this 2 TB disk.


Quick Cmd’s …

First login to MySQL and see your current Data Directory location.


mysql> select @@datadir;
+-------------+
| @@datadir |
+-------------+
| /var/lib/mysql |
+-------------+
1 row in set (0.00 sec)

Now we need to move this folder to our new 2tb. Follow below ,,,


Stop MySQL Service & Moves files to 2 TB Disk

sudo service mysql stop

Copy mysql DB Data directory to our 2tb disk with permissions intact, this part is crucial, pay attention to this section. We will use RSYNC to have same permission level in new folder.

sudo rsync -av /var/lib/mysql /2tb/

Rename current MySQL DB directory /var/lib/mysql to .bak [for backup purposes so that in case any thing goes wrong , we still have this restore point]

sudo mv /var/lib/mysql /var/lib/mysql.bak

Change PATH in MySQL INF file

Edit mysql inf file to change the DB directory

sudo nano /etc/mysql/my.cnf

in this file, find DATADIR line and change the old path to new one As showed below …

datadir = /2tb/mysql

Save & Exit


Apparmor Section [for Ubuntu OS]:

Allow new folder in APPARMOR (if you will skip this, you will get access / permission  errors)

sudo nano /etc/apparmor.d/tunables/alias

at the bottom add this line

alias /var/lib/mysql/ -> /2tb/mysql/,

Save n Exit.

It’s also recommended to disable SELINUX.


Start MySQL & Test

Now start the mysql service

service mysql start

& if all ok you may see following …

mysql start/running, process 1881

further verify it with process check

root@radius:~# ps aux |grep mysql
mysql 1881 0.1 3.9 328928 40536 ? Ssl 16:09 0:00 /usr/sbin/mysqld

Login to my mysql and verify all db/tables showing ok


root@radius:~# mysql -uroot -pMYSQLPASSWORD
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 964
Server version: 5.5.54-0ubuntu0.12.04.1 (Ubuntu)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> select @@datadir;
+-------------+
| @@datadir |
+-------------+
| /2tb/mysql/ |
+-------------+
1 row in set (0.00 sec)

mysql>

🙂


Regard’s
Syed Jahanzaib

Advertisements

June 7, 2017

Generating Refill Cards in Radius Manager

Filed under: Radius Manager — Tags: , , , — Syed Jahanzaib / Pinochio~:) @ 2:29 PM

On Demand Guide!

DMASoftlab Radius Manager is a nice billing system for any ISP. It works on Linux base OS like Ubuntu / Centos etc. It uses Free-radius as back-end engine and PHP as fronted GUI. It provides variety of ways to manage users. You can manually create users . Or it also provide self registration service for user via registration option where user can sign up, choose his Id / Package & renew it using refill card.

Radius manager provides 2 type of Cards system.

  1. Prepaid Cards
  2. Refill Cards [Scratch card]

 

1- Prepaid cards are simpler as they contains username / password , and starts counting expiry/quota after first usage / login from user. they also binds with selected service. This is suitable for environment where users join.leave very frequently, like Cafe’s / restaurants / public hotspot places.

2- Refill cards does not contains any user name or password. they contains only amount, which user can deposit in his account himself by login to the UCP , user control panel and use redeem voucher option). Refill cards are useful if you have more permanent type of clients who renews on monthly basis. Using refill cards, you can providers with liberty to change his service on his own if required. off course he would required higher amount of refill card to renew his new upscale service. but user can do it all on his own if required. so its kind of fully automatic system as well.

Refill cards does not binds with any specific service, they contains only AMOUNT. Once the user add deposit using refill card code, his account wont get auto renewed (although we can use script for it) . He have to activate the service as well after depositing amount. So in short user have to perform 2 steps in order to renew his account. Using refill cards, you just have to only sell cards to user, rest user will maintain on his own.

Example:

We have created a service with 1mb speed, 15gb quota & 30 days expiry limit. We want to create refill cards so that we sell refill card to user, and user will renew his account by using the portal.

Service Example:

2- services


To create refill cards, Goto Card System / Generate Cards

1- refill card menu

 

3- refill generation process

To view these generated cards, Goto Cards System  / List Refill Cards

view refill

As you can see in above screenshot, it have generated cards. You can view it in CSV which will contains cards details in the text format (for local customized card printing in bulk), and if you click on PDF button, it will show you cards in ready to print format using PDF viewer As showed in the image below

refill card in pdf

Now you can sell this card to users and they can use it from there user panel called UCP.


Using REFILL card to renew account.

From user end, login to user portal, and you will see something like this for new / expired user

1- user.PNG

As we can see that user account is in expired state, to renew it ,

Goto REDEEM VOUCHER & enter the code of refill card.

2- refill number

Once submit, it will add 100 Rs deposit in user account. Goto HOME tab and you will see following

deposite

Notice that now user have 100 rs in DEPOSIT but the account is still in EXPIRED status. We will use this deposit amount to renew / activate the account.

Goto Purchase credits, and select 1 in AMOUNT field. As showed in the image below …

1- purchase credits

 

2- refill done

 

3- refill done

Go back to HOME tabe

4- done

Account is now active, and user can login by hotspot / ppp or whatever auth method you have in your mikrotik or other NAS.

You can also refill cards by sending SMS to the radius system connected gsm modem. You will be requiring KANNEL along with Play SMS as well. I shared the idea here.

https://aacable.wordpress.com/2015/05/25/sharing-ideas-renew-expired-user-account-via-sms-in-dmasoftlab-radius-manager/

reill-with-no-quota-showing-it


 

Done.

 

Blocking WhatsApp in Mikrotik

Filed under: Mikrotik Related — Tags: , , , — Syed Jahanzaib / Pinochio~:) @ 1:14 PM

block whatsapp image.PNG

Updates: This guide may no longer work as whatsapp have moved there ip pool to facebook pool. as stated here.

(You may still be able to block the whatsapp by using script to catch only whatsapp related ip’s which may take some time to catch all the related ip’s but maybe some other contents will be blocked as well. you need to do deep inspection in this regard. I am not removing this post just for reference purposes)

Dear partners,
Please note that we have migrated the latest IP pools of WhatsApp to Facebook Mobile Partner Portal. Feel free to browse to the Settings page of the portal and download the latest WhatsApp IP pool: https://fb.me/mpp_support
Further IP pool updates are also done through the portal and are no longer distributed via email or through WhatsApp web site.
If you have not yet registered on the Mobile Partner Portal or have difficulties accessing it – please request access through the following form and we’ll be happy to assist: https://fb.me/mpp_access
For any technical requests please contact us through the Support section of the portal: https://fb.me/mpp_support
WhatsApp team


In order to block WhatsAPP application in Mikrotik I used WhatsAPP provided address list [167 IPV4 addresses as of June,2017] in order to block the app. [there are already many guides on internet, but I used old school method to block this app & got success!]. Please beware that if user uses vpn, then this restriction will not be effective.

I am sharing two methods to achieve the same target. There is also another method in which you forcefully divert users dns traffic to your mikrotik dns and use script to fetch ip addresses associated with any URL having whatsapp in it, but I am not discussing it here at a moment.

You can also automate this task by fetching the list from whatsapp directly and import it in address list , so that you can always have updated whatsapp servers list. Although the list doesn’t update very frequently but still its good idea to automate it with scheduler.


Method #1 – Download list & import to address list along with firewall block rule

 

1- Download whatsapp IP (CIDR) list from

https://www.whatsapp.com/cidr.txt

Save it as  cidr.txt

Note: If you dont have ipv6 , then open this file and remove all the IPV6 addressess or else you will see below error while importing 

ipv6 error

 

2- Upload this cidr.txt file to Mikrotik FILES section.

[if you use fetch method to download file directly to mikrotik, then you dont need to upload file manualy, but I used this method because most local networks are running on ipv4, so I had to remove ipv6 entries first in order to import list)

cidr

 

3- Import the file contents (which includes ip addresses) using following script. you can simply copy paste it. make sure file name is correct in it.

{
:local content [/file get [/file find name=cidr.txt] contents]
:local contentLen [:len $content]
:local lineEnd 0
:local line ""
:local lastEnd 0
:while ($lineEnd < $contentLen) do={
:set lineEnd [:find $content "\r\n" $lastEnd]
:if ([:len $lineEnd] = 0) do={
:set lineEnd $contentLen
}
:set line [:pick $content $lastEnd $lineEnd]
:set lastEnd ($lineEnd + 2)
/ip firewall address-list add list="whatsapp_list" address=$line
}
}

If successfull , you will see address list as below [currently 167 entries] …

whtsapp address list

4- Create Firewall Filter rule to block requests going to whatsapp_list 

/ip firewall filter
add action=drop chain=forward comment="Block Whatsapp address list - zaib" disabled=yes dst-address-list=whatsapp_list

Result!

block whatapp result

Done!







Method #2 – Copy Paste Method with ipV4 package only.

Open Terminal & copy paste following code. It will add address list name ‘whatsapp_list’ along with firewall rule to block requests going to this list.

/ip firewall address-list
add address=31.13.64.51 list=whatsapp_list
add address=31.13.65.49 list=whatsapp_list
add address=31.13.66.49 list=whatsapp_list
add address=31.13.68.52 list=whatsapp_list
add address=31.13.69.240 list=whatsapp_list
add address=31.13.70.49 list=whatsapp_list
add address=31.13.71.49 list=whatsapp_list
add address=31.13.72.52 list=whatsapp_list
add address=31.13.73.49 list=whatsapp_list
add address=31.13.74.49 list=whatsapp_list
add address=31.13.75.52 list=whatsapp_list
add address=31.13.76.81 list=whatsapp_list
add address=31.13.77.49 list=whatsapp_list
add address=31.13.78.53 list=whatsapp_list
add address=31.13.80.53 list=whatsapp_list
add address=31.13.81.53 list=whatsapp_list
add address=31.13.82.51 list=whatsapp_list
add address=31.13.83.51 list=whatsapp_list
add address=31.13.84.51 list=whatsapp_list
add address=31.13.85.51 list=whatsapp_list
add address=31.13.86.51 list=whatsapp_list
add address=31.13.87.51 list=whatsapp_list
add address=31.13.88.49 list=whatsapp_list
add address=31.13.90.51 list=whatsapp_list
add address=31.13.91.51 list=whatsapp_list
add address=31.13.92.52 list=whatsapp_list
add address=31.13.93.51 list=whatsapp_list
add address=31.13.94.52 list=whatsapp_list
add address=31.13.95.63 list=whatsapp_list
add address=50.22.198.204/30 list=whatsapp_list
add address=50.22.210.32/30 list=whatsapp_list
add address=50.22.210.128/27 list=whatsapp_list
add address=50.22.225.64/27 list=whatsapp_list
add address=50.22.235.248/30 list=whatsapp_list
add address=50.22.240.160/27 list=whatsapp_list
add address=50.23.90.128/27 list=whatsapp_list
add address=50.97.57.128/27 list=whatsapp_list
add address=75.126.39.32/27 list=whatsapp_list
add address=108.168.174.0/27 list=whatsapp_list
add address=108.168.176.192/26 list=whatsapp_list
add address=108.168.177.0/27 list=whatsapp_list
add address=108.168.180.96/27 list=whatsapp_list
add address=108.168.254.65 list=whatsapp_list
add address=108.168.255.224 list=whatsapp_list
add address=108.168.255.227 list=whatsapp_list
add address=157.240.0.53 list=whatsapp_list
add address=157.240.1.53 list=whatsapp_list
add address=157.240.2.53 list=whatsapp_list
add address=157.240.3.53 list=whatsapp_list
add address=157.240.6.53 list=whatsapp_list
add address=157.240.7.54 list=whatsapp_list
add address=157.240.8.53 list=whatsapp_list
add address=157.240.9.53 list=whatsapp_list
add address=157.240.10.53 list=whatsapp_list
add address=157.240.11.53 list=whatsapp_list
add address=157.240.12.53 list=whatsapp_list
add address=157.240.13.54 list=whatsapp_list
add address=158.85.0.96/27 list=whatsapp_list
add address=158.85.5.192/27 list=whatsapp_list
add address=158.85.46.128/27 list=whatsapp_list
add address=158.85.48.224/27 list=whatsapp_list
add address=158.85.58.0/25 list=whatsapp_list
add address=158.85.61.192/27 list=whatsapp_list
add address=158.85.224.160/27 list=whatsapp_list
add address=158.85.233.32/27 list=whatsapp_list
add address=158.85.249.128/27 list=whatsapp_list
add address=158.85.254.64/27 list=whatsapp_list
add address=169.44.23.192/27 list=whatsapp_list
add address=169.44.36.0/25 list=whatsapp_list
add address=169.44.57.64/27 list=whatsapp_list
add address=169.44.58.64/27 list=whatsapp_list
add address=169.44.80.0/26 list=whatsapp_list
add address=169.44.82.96/27 list=whatsapp_list
add address=169.44.82.128/27 list=whatsapp_list
add address=169.44.82.192/26 list=whatsapp_list
add address=169.44.83.0/26 list=whatsapp_list
add address=169.44.83.96/27 list=whatsapp_list
add address=169.44.83.128/27 list=whatsapp_list
add address=169.44.83.192/26 list=whatsapp_list
add address=169.44.84.0/24 list=whatsapp_list
add address=169.44.85.64/27 list=whatsapp_list
add address=169.44.87.160/27 list=whatsapp_list
add address=169.44.167.0/27 list=whatsapp_list
add address=169.45.71.32/27 list=whatsapp_list
add address=169.45.71.96/27 list=whatsapp_list
add address=169.45.87.128/26 list=whatsapp_list
add address=169.45.169.192/27 list=whatsapp_list
add address=169.45.182.96/27 list=whatsapp_list
add address=169.45.210.64/27 list=whatsapp_list
add address=169.45.214.224/27 list=whatsapp_list
add address=169.45.219.224/27 list=whatsapp_list
add address=169.45.237.192/27 list=whatsapp_list
add address=169.45.238.32/27 list=whatsapp_list
add address=169.45.248.96/27 list=whatsapp_list
add address=169.45.248.160/27 list=whatsapp_list
add address=169.46.52.224/27 list=whatsapp_list
add address=169.46.111.144/28 list=whatsapp_list
add address=169.47.5.192/26 list=whatsapp_list
add address=169.47.6.64/27 list=whatsapp_list
add address=169.47.33.128/27 list=whatsapp_list
add address=169.47.35.32/27 list=whatsapp_list
add address=169.47.37.128/27 list=whatsapp_list
add address=169.47.40.128/27 list=whatsapp_list
add address=169.47.42.96/27 list=whatsapp_list
add address=169.47.42.160/27 list=whatsapp_list
add address=169.47.42.192/26 list=whatsapp_list
add address=169.47.47.160/27 list=whatsapp_list
add address=169.47.130.96/27 list=whatsapp_list
add address=169.47.192.192/27 list=whatsapp_list
add address=169.47.194.128/27 list=whatsapp_list
add address=169.47.198.128/27 list=whatsapp_list
add address=169.47.212.160/27 list=whatsapp_list
add address=169.53.29.128/27 list=whatsapp_list
add address=169.53.48.32/27 list=whatsapp_list
add address=169.53.71.224/27 list=whatsapp_list
add address=169.53.81.64/27 list=whatsapp_list
add address=169.53.250.128/26 list=whatsapp_list
add address=169.53.252.64/27 list=whatsapp_list
add address=169.53.255.64/27 list=whatsapp_list
add address=169.54.2.160/27 list=whatsapp_list
add address=169.54.44.224/27 list=whatsapp_list
add address=169.54.51.32/27 list=whatsapp_list
add address=169.54.55.192/27 list=whatsapp_list
add address=169.54.193.160/27 list=whatsapp_list
add address=169.54.210.0/27 list=whatsapp_list
add address=169.54.222.128/27 list=whatsapp_list
add address=169.55.67.224/27 list=whatsapp_list
add address=169.55.69.128/26 list=whatsapp_list
add address=169.55.74.32/27 list=whatsapp_list
add address=169.55.75.96/27 list=whatsapp_list
add address=169.55.100.160/27 list=whatsapp_list
add address=169.55.126.64/26 list=whatsapp_list
add address=169.55.210.96/27 list=whatsapp_list
add address=169.55.235.160/27 list=whatsapp_list
add address=173.192.162.32/27 list=whatsapp_list
add address=173.192.219.128/27 list=whatsapp_list
add address=173.192.222.160/27 list=whatsapp_list
add address=173.192.231.32/27 list=whatsapp_list
add address=173.193.205.0/27 list=whatsapp_list
add address=173.193.230.96/27 list=whatsapp_list
add address=173.193.230.128/27 list=whatsapp_list
add address=173.193.230.192/27 list=whatsapp_list
add address=173.193.239.0/27 list=whatsapp_list
add address=174.36.208.128/27 list=whatsapp_list
add address=174.36.210.32/27 list=whatsapp_list
add address=174.36.251.192/27 list=whatsapp_list
add address=174.37.199.192/27 list=whatsapp_list
add address=174.37.217.64/27 list=whatsapp_list
add address=174.37.243.64/27 list=whatsapp_list
add address=174.37.251.0/27 list=whatsapp_list
add address=179.60.192.51 list=whatsapp_list
add address=179.60.195.51 list=whatsapp_list
add address=184.173.136.64/27 list=whatsapp_list
add address=184.173.147.32/27 list=whatsapp_list
add address=184.173.161.64 list=whatsapp_list
add address=184.173.173.116 list=whatsapp_list
add address=184.173.179.32/27 list=whatsapp_list
add address=185.60.216.53 list=whatsapp_list
add address=185.60.218.53 list=whatsapp_list
add address=185.60.219.53 list=whatsapp_list
add address=192.155.212.192/27 list=whatsapp_list
add address=198.11.193.182/31 list=whatsapp_list
add address=198.11.251.32/27 list=whatsapp_list
add address=198.23.80.0/27 list=whatsapp_list
add address=208.43.115.192/27 list=whatsapp_list
add address=208.43.117.79 list=whatsapp_list
add address=208.43.122.128/27 list=whatsapp_list
# Adding firewall rule to block whatsapp address list.
/ip firewall filter
add action=drop chain=forward comment="Block Whatsapp address list" dst-address-list=whatsapp_list

Result:

block whatapp result


Regard’s
Syed Jahanzaib

June 2, 2017

Howto install DMASoftlab Radius Manager in Centos 7 – 64bit

Filed under: Radius Manager — Tags: , — Syed Jahanzaib / Pinochio~:) @ 12:17 PM

centos7

dma415

No doubt, Radius billing is one of the most important point of focus in any ISP network. ISP finance depends on this system to work smoothly. There are various ready made radius application based on LINUX are available in the market to cater different requirements of various operators. Among many, DMASoftlab Radius Manager is one of the most cheapest but feature rich radius candidate starting from 99$ only. It provide variety of options for any ISP. best thing is its ONE TIME COST only & it works life time 🙂 , you can install it locally on your system or on cloud as well, it requires Linux base OS like Debian/Ubuntu/Centos. Its full features can be viewed at Radius Manager web site. It required very little resources to run, provide plenty of user administration functions, backup / restoration / management is quite simple as well. plus in background you can accompany it with many scripting of your own to perform various customized functions.

We all know that cloud is every where now and almost all hosting providers are now providing latest versions of operating system like Centos 7. Some of us are well aware that DMA Radius Manager is quite comfortable with following flavors of nix …

  • Ubuntu 12.4 / 32bit [*** Best OS & my personnel choice, as recovery & troubleshooting is much easier in this variant]
  • Centos 6.5/6.6

But now a days many operators are switching to cloud where hosting providers are not providing older versions of centos/ubuntu. As i had to do few installation on cloud for few clients & I had to recall all the bits & bytes to do the installation every time, therefore I am posting step by step copy paste friendly version of guide on howto install Radius Manager in Centos 7. I posted ready made scripts for Ubuntu 12 Installation Script &Centos 6 in previous guides but This one is for Centos 7 to make installation quicker. I will make its script but better to do it manually as Centos 7 is a bit tricky which will give you some tough time in various aspects

  • OS Used in this guide = CentOS Linux release 7.3.1611 (Core)

Steps:

1# Disabling Firewall to avoid interruption

First we will update YUM & install nano for easy text editing, as many of us are not much comfortable with VI. NANO is better …

yum install update
yum -y install nano

* Disable IPTABLES

service iptables stop
chkconfig iptables off

* Disable SELINUX

So that it may not interfere with our installation/accessing. To disable builtin firewall permanently in centos, edit following

nano /etc/selinux/config

and change the

SELINUX=enforcing

to

SELINUX=disabled

Save & Exit .

*Disable Firewall(Daemon)

Now Disable Firewall’Daemon’ so that it may not interfere with our installation/accessing

systemctl status firewalld
systemctl stop firewalld
systemctl disable firewalld

Reboot system to take effect.


2# Installing various supporting modules !

1- Installing EPEL Repo to download various other supporting packages like mysql,apache etc

rpm -ivh https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
yum -y install mc wget crontabs make gcc libtool-ltdl curl mysql-devel php php-mysql php-gd php-snmp php-process ntp alpine mariadb-server mariadb php-mcrypt cronie wget net-tools psmisc
yum -y install glibc.i686 libgcc_s.so.1
systemctl start mariadb.service
systemctl enable mariadb.service

3# Configuring Mysql Section

Now initiate mysql initial setup

mysql_secure_installation

Above command will ask few queries, read and select accordingly. ** Make sure to setup mysql root password **

*Now start / enable APACHE services 

systemctl start httpd.service
systemctl enable httpd.service

4# Adding IONCUBE module in PHP

Verify your PHP version  by php -v & copy the iocube load accordingly.
At my station, I had `PHP 5.4.16 (cli) (built: Nov  6 2016 00:29:02)` version installed by YUM.

wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
tar -xvzf ioncube_loaders_lin_x86-64.tar.gz
cd ioncube
mv ioncube_loader_lin_5.4.so /usr/lib64/php/modules/
chmod 777 /usr/lib64/php/modules/ioncube_loader_lin_5.4.so

Now add ioncube library in php

nano /etc/php.ini

and add following line after [PHP] heading, usually this heading is in first line.

zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.4.so

& restart APACHE service so it can load the new module

systemctl restart httpd.service

re-run ​​’php -v to verify you have something like [if successfull]

PHP 5.4.16 (cli) (built: Nov 6 2016 00:29:02)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
with the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com unconfigured) v6.1.0 (), Copyright (c) 2002-2017, by ionCube Ltd.

5# Download FREERADIUS & compile.

cd /temp
wget http://www.dmasoftlab.com/cont/download/freeradius-server-2.2.0-dma-patch-2.tar.gz
tar -xvzf freeradius-server-2.2.0-dma-patch-2.tar.gz
cd freeradius-server-2.2.0
./configure
make
make install

Above may take some time to compile. After its done, issue following command to initiate radius

radiusd -X

If you get error in first attempt, try to run it again, and you may see following message on success

centos-radiusdx

Now press CTRL+C to return to command prompt.


 

6- Radius DB creation in MYSQL

Create mysql DATABASES for radius usage. Make sure to change the passwords where required, example mysql root password. It’s OK to use default passwords for the test flight, but for production server Its Highly recommended to use different passwords while you do the installation.

mysql -u root -pYOURMYSQLPASS
CREATE DATABASE radius;
CREATE DATABASE radius;
CREATE DATABASE conntrack;
CREATE USER 'radius'@'localhost' IDENTIFIED BY 'radius123';
CREATE USER 'conntrack'@'localhost' IDENTIFIED BY 'conn123';
GRANT ALL ON radius.* TO radius@localhost;
GRANT ALL ON conntrack.* TO conntrack@localhost;

7# Download & Install RADIUS MANAGER 4.1.0

cd /temp/
wget http://wifismartzone.com/files/rm_related/radiusmanager-4.1.0.tgz
tar zxvf radiusmanager-4.1.0.tgz
cd radiusmanager-4.1.0
chmod 755 install.sh
# Now start the Radius Install Script.
# once you will run INSTALL.SH , it will ask various queries, select according to your OS choice 

./install.sh

8# Access Radius Manager Administration Panel

Now try to access your radius manager admin panel from any browser pointing to ..

http://yourip/radiusmanager/admin.php

If all ok , you will see following window in your browser

dma-login-ok

* Default ID Password 
ID = admin
Password = 1111

Enjoy,

~*~*~*~*~*~*~*~*~*~*~*~*~*~*~

If you see error or blank page, use following Apache error/access logs for further trouble shoot. Most common causes are invalid license files / in-correct php ioncube files.

tail -f /var/log/httpd/error_log
tail -f /var/log/httpd/access_log

 


# TIPS

 

TIP#1 – How to create Virtual NIC with customized / cloned MAC address

First check what ethernet name you have currently, mostly its eth0, [change it according to your network].

ip link add link eth0 address 00:11:22:33:44:55 eth0.1 type macvlan
ifconfig eth0.1 up
ifconfig eth0.1 10.0.0.2

Verify if NIC is created with our desired NIC as well.

ifconfig

# Restart APACHE service if required, YKWIM ; )

systemctl restart httpd.service

TIP#2 – Deploying PATCH 4.1.5 for Centos

DMA released few patches for its radius application. Latest version is 4.1.6 , but I usually prefer to go with 4.1.5. Following is quick copy paste version to upgrade. Make sure that you have proper working installation of radius manager & if you are not much familiarized with the restoration process then you should backup your current installation before proceeding.

# SYED JAHANZAIB
# HTTPS://AACABLE . WORDPRESS . COM
# AACABLE at HOTMAIL dot COM
mkdir /temp
cd /temp
wget http://wifismartzone.com/files/rm_related/radiusmanager-4.1-cumulative_patch.tgz
tar zxvf /temp/radiusmanager-4.1-cumulative_patch.tgz
cd /temp/radiusmanager-4.1-cumulative_patch/
cp -vrf www/radiusmanager/* /var/www/html/radiusmanager
chmod 755 bin/rm*
service rmpoller stop
cp bin/* /usr/local/bin
cp raddb/acct_users /usr/local/etc/raddb
chmod 640 /usr/local/etc/raddb/acct_users
chown root.root /usr/local/etc/raddb/acct_users
service radiusd restart
service rmpoller start

For more information, please refer to

Dmasoftlab Radius Manager 4.1.5 Patch


Note: If you find any errors in this guide, please do let me know

Thanks & Best Regard’s

~SYED JAHANZAIB~

%d bloggers like this: