--- freeradius-1.1.2/raddb/radiusd.conf.in.orig	2006-07-13 01:43:52 +0600

+++ freeradius-1.1.2/raddb/radiusd.conf.in	2006-07-13 01:49:45 +0600

@@ -106,8 +106,8 @@

 #  that the debugging mode server is running as a user that can read the

 #  shadow info, and the user listed below can not.

 #

-#user = nobody

-#group = nobody

+user = radius

+group = radius

 #  max_request_time: The maximum time (in seconds) to handle a request.

 #

@@ -184,7 +184,7 @@

 #  As of 1.0, you can also use the "listen" directive.  See below for

 #  more information.

 #

-bind_address = *

+#bind_address = *

 #  port: Allows you to bind FreeRADIUS to a specific port.

 #

@@ -224,28 +224,39 @@

 #  types of packets, and it was impossible to make it listen for only

 #  one type of packet.

 #

-#listen {

+listen {

 	#  IP address on which to listen.

 	#  Allowed values are:

 	#	dotted quad (1.2.3.4)

 	#       hostname    (radius.example.com)

 	#       wildcard    (*)

-#	ipaddr = *

+	ipaddr = 127.0.0.1

 	#  Port on which to listen.

 	#  Allowed values are:

 	#	integer port number (1812)

 	#	0 means "use /etc/services for the proper port"

-#	port = 0

+	port = 0

 	#  Type of packets to listen for.

 	#  Allowed values are:

 	#	auth	listen for authentication packets

 	#	acct	listen for accounting packets

 	#

-#	type = auth

-#}

+	type = auth

+}

+

+# This second "listen" section is for listening on the accounting

+#  port, too.

+listen {

+	ipaddr = 127.0.0.1

+	#   ipv6addr = ::

+	port = 0

+	type = acct

+	#   interface = eth0

+	#   clients = per_socket_clients

+}

 #  hostname_lookups: Log the names of clients or just their IP addresses

 #  e.g., www.freeradius.org (on) or 206.47.27.232 (off).

@@ -301,7 +312,7 @@

 #

 #  allowed values: {no, yes}

 #

-log_auth_badpass = no

+log_auth_badpass = yes

 log_auth_goodpass = no

 # usercollide:  Turn "username collision" code on and off.  See the