First of all log_badlogins is getting confused if there is a space in username. Also I thought it is not very efficent to give the error a name and record this name to sql. I think its better to record the error as it is and then recall it from mysql as it is. Well I attached a patch for that to log_badlogins which breaks the failed_logins page which is waiting to find the names that log_badlogins put into mysql. But the fix for that is below also... The files were from freeradius-0.9.0-pre3 release so patch apply to dialup_adminn log_badlogins in that release
The other problem is in truncate_radacct... it gives this error. But it works when the commands are given line by line 2003-04-20 18:35:04 DBD::mysql::db do failed: You have an error in your SQL syntax near ';DELETE FROM radacct WHERE AcctStopTime < '2003-04-20 18:35:04';UNLOCK TABLES' at line 1 at ./truncate_radacct line 30. ---------- Forwarded message ---------- Date: Fri, 18 Jul 2003 03:01:59 +0300 (WET) From: Evren Yurtesen <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: fix to patch log_badlogins.patch :) Oups I realized that the patch was adding other messages than auth messages to mysql too :) So I fixed it. This should be bug free :) and I used context output in diff so its better now... Evren On Fri, 18 Jul 2003, Evren Yurtesen wrote: > Since I changed the log_badlogin script I realized the failed_logins page > doesnt work :) I thought since the error is dynamically changing now. > We can look for ServiceType and FramedProtocol if they are NULL > I am pretty sure at least one wouldnt be NULL if a user logs in, so the > SQL statement looks like this inside failed_logins page > > $search = @da_sql_query($link,$config, > "SELECT > AcctStopTime,UserName,NASIPAddress,NASPortId,AcctTerminateCause,CallingStationId,ServiceType,FramedProtocol > FROM $config[sql_accounting_table] > WHERE AcctStopTime <= '$now_str' AND AcctStopTime >= '$prev_str' > AND ( ServiceType IS NULL AND > FramedProtocol IS NULL ) $callerid_str $server_str > ORDER BY AcctStopTime $order $limit;"); > > Also this way, if there are different kind of errors in future, the code > doesnt need updating... > > Evren > > On Fri, 18 Jul 2003, Evren Yurtesen wrote: > > > Hi, > > I have realized that if people enter usernames with spaces in > > (accidentally or not) then the log_badlogins script is getting > > confused. > > Example: > > Thu Jul 17 23:49:03 2003 : Auth: Login incorrect: [Kullanici Adinizi Girin] (from > > client as1 port 55 cli 01231234567) > > Thus I have devised a patch. I dont know if this is the right way to do > > but I also removed the error detection part and changed it so that it > > catches anything else than "Login OK" > > Please just check it out and let me know. > > > > Also I wonder why in sourgeforce the version number is 1.62 and in > > freeradius it comes 1.63... > > http://sourceforge.net/projects/dialup-admin/ > > I have installed sourceforge version thinking it would be newer though. > >
*** log_badlogins Sat Apr 19 19:26:10 2003 --- log_bad Fri Jul 18 02:56:51 2003 *************** *** 61,106 **** seek LOG, 0, 2 if ($all_file eq 'no'); for(;;){ while(<LOG>){ - $do=0; chomp; if ($_ ne ''){ $user = $nas = $port = $caller = '-'; ! if (/Login incorrect/){ ! if (/Login incorrect \((.+?)\):/){ ! $cause = "Login-Incorrect ($1)"; ! }else{ ! $cause='Login-Incorrect'; ! } ! $do=1; ! } ! elsif (/Invalid user/){ ! if (/Invalid user \((.+?)\):/){ ! $cause = "Invalid-User ($1)"; ! }else{ ! $cause='Invalid-User'; ! } ! $do=1; ! } ! elsif (/Multiple logins/){ ! $cause='Multiple-Logins'; ! $do=1; ! } ! elsif (/(Outside allowed timespan \(.+?\)):/){ ! $cause = "$1"; ! $do=1; ! } ! if ($do){ $date = (split / : /,$_)[0]; $date2 = ParseDate($date); if ($date2){ ($year,$mon,$mday,$hour,$min,$sec)=UnixDate($date2,'%Y','%m','%d','%H','%M','%S'); } $time = "$year-$mon-$mday $hour:$min:$sec"; ! if (/\[([EMAIL PROTECTED])\]\s+\(from (.+?)\)/){ $user = $1; ($nas,$port,$caller) = (split /\s+/,$2)[1,3,5]; } ! elsif (/\[([EMAIL PROTECTED])\/.+?\]\s+\(from (.+?)\)/){ $user = $1; ($nas,$port,$caller) = (split /\s+/,$2)[1,3,5]; } --- 61,84 ---- seek LOG, 0, 2 if ($all_file eq 'no'); for(;;){ while(<LOG>){ chomp; if ($_ ne ''){ $user = $nas = $port = $caller = '-'; ! #process if login is not ok ! if ( ! /Login OK/ && /: Auth:.+\(from client.+/ ) { $date = (split / : /,$_)[0]; $date2 = ParseDate($date); if ($date2){ ($year,$mon,$mday,$hour,$min,$sec)=UnixDate($date2,'%Y','%m','%d','%H','%M','%S'); } $time = "$year-$mon-$mday $hour:$min:$sec"; ! $cause = (split /:/,$_)[4]; ! $cause =~ s/^\s+|\s+$//g; ! if (/\[([\ [EMAIL PROTECTED])\]\s+\(from (.+?)\)/){ $user = $1; ($nas,$port,$caller) = (split /\s+/,$2)[1,3,5]; } ! elsif (/\[([\ [EMAIL PROTECTED])\/.+?\]\s+\(from (.+?)\)/){ $user = $1; ($nas,$port,$caller) = (split /\s+/,$2)[1,3,5]; }