Hi all,
I wonder about the freeradius server behaviour after receiving a response
from a proxy. Is it normal that the request passes through the post-auth
section once the request has been received ?
Below, the behaviour i observed
Note: this is only a test in order to undersand the freeradius server
behaviour in that case.
rad_recv: Access-Request packet from host 127.0.0.1:16395, id=235,
length=109
User-Name = "D00000"
User-Password = "password"
NAS-IP-Address = 172.26.233.2
NAS-Port-Type = Wireless-802.11
WISPr-Location-Name = "Testing:FR,localhost"
NAS-Identifier = "FRAF1"
Event-Timestamp = "Jun 12 2007 09:26:34 GMT"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall: entering group request_processing for request 0
radius_xlat: 'test.fr'
rlm_attr_rewrite: Added attribute Proxy-To-Realm with value 'test.fr'
modcall[authorize]: module "add_proxy_to_realm" returns ok for request 0
modcall: leaving group request_processing (returns ok) for request 0
modcall: leaving group authorize (returns ok) for request 0
Processing the pre-proxy section of radiusd.conf
modcall: entering group pre-proxy for request 0
modcall: entering group request_processing for request 0
radius_xlat: '/var/log/freeradius/radacct//RADIUS-Trace-20070612'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/RADIUS-Trace-%Y%m%d expands
to /var/log/freeradius/radacct//RADIUS-Trace-20070612
modcall[pre-proxy]: module "radius_trace" returns ok for request 0
modcall: leaving group request_processing (returns ok) for request 0
modcall: leaving group pre-proxy (returns ok) for request 0
Sending Access-Request of id 0 to 172.26.233.2 port 1812
User-Name = "D000001"
User-Password = "password"
NAS-IP-Address = 172.26.233.2
NAS-Port-Type = Wireless-802.11
WISPr-Location-Name = "Testing:FR,localhost"
NAS-Identifier = "FRAF1"
Event-Timestamp = "Jun 12 2007 09:26:34 GMT"
Proxy-State = 0x323335
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Accept packet from host 172.26.233.2:1812, id=0, length=67
Reply-Message = "User authenticated on remote platform."
Proxy-State = 0x323335
Processing the post-proxy section of radiusd.conf
modcall: entering group post-proxy for request 0
radius_xlat: '/var/log/freeradius/radacct//RADIUS-Trace-20070612'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/RADIUS-Trace-%Y%m%d expands
to /var/log/freeradius/radacct//RADIUS-Trace-20070612
modcall[post-proxy]: module "radius_trace" returns ok for request 0
modcall: leaving group post-proxy (returns ok) for request 0
authorize: Skipping authorize in post-proxy stage
rad_check_password: Found Auth-Type
rad_check_password: Auth-Type = Accept, accepting the user
radius_xlat: 'User authenticated on remote platform.'
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
modcall: entering group request_processing for request 0
modcall[post-auth]: module "local_voucher_account_info" returns ok for
request 0
radius_xlat: '/var/log/freeradius/radacct//RADIUS-Trace-20070612'
rlm_detail:
/var/log/freeradius/radacct/%{Client-IP-Address}/RADIUS-Trace-%Y%m%d expands
to /var/log/freeradius/radacct//RADIUS-Trace-20070612
modcall[post-auth]: module "radius_trace" returns ok for request 0
modcall: leaving group request_processing (returns ok) for request 0
modcall: leaving group post-auth (returns ok) for request 0
Sending Access-Accept of id 91 to 127.0.0.1 port 16395
Reply-Message = "User authenticated on remote platform."
Finished request 0
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 91 with timestamp 466e71d8
Nothing to do. Sleeping until we see a request.
The example above shows that the request passes through authorize,
pre-proxy, post-proxy and then though post-auth. Is there any way that the
request does not pass through the post-auth section ?
Thanks in advance.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
