Linux Authentification Gateway

  • Description
  • Authgateway Server
  • Authgateway Clients
  • Downloads
  • Author
  • Configuration

    log_verbose - log verbose (0 - minimum, 1 - common information, 2 - verbose, 3 - debug)

    bindaddr - IP address for binding listener socket

    port - port for waiting incomming connections

    floodtimer - integer, which describes minimum interval between two "ALIVE" messages from client. If client sends messages often than this interval, server recognize flood attempt and disconnect client.

    authplugin - string value, which describes path to auth plugin.

    adm_socket_path - path to unix socket for server administration.

    daemonize - run as daemon (0 - no, 1 - yes).

    timer - integer, which shows time interval between to "ALIVE" messages from client.

    stoptimeout - integer value, which shows time in seconds from last message after that socket is closed and rule is removed. It must be more than timer

    selecttime - is a time in seconds between two calls of select function, if no changes of socket descriptors. If it`s value is 0, you will have cycle without sleep and very high CPU usage. Maximum time for deleting inactive client equals stoptimeout + selecttime

    startscript - string value, which shows path to shell script, executed after successfull authentification.

    stopscript - string value, which shows path to shell script, executed after user is disconnected.

    keepalive - use KEEPALIVE packets (0 - no, 1 - yes).

    keepidle - inactive time before sending KEEPALIVE packet. It should be more than timer and less than stoptimeout.

    keepcnt - count of KEEPALIVE packets.

    keepinvl - interval between sending KEEPALIVE packets.

    server server_name {

    • authhost - IP address of auth server
    • authport - port of auth server
    • authsecret - secret key
    • authtries - count of tries
    • authtimeout - time of waiting answer from server


    Not all of operation systems allows you set KEEPALIVE value for your socket. In some systems it is global value for all sockets and equals 7200 seconds by default.