Hi all, I wonder about the freeradius server behaviour after receiving a response from a proxy. Is it normal that the request passes through the post-auth section once the request has been received ?
Below, the behaviour i observed Note: this is only a test in order to undersand the freeradius server behaviour in that case. rad_recv: Access-Request packet from host 127.0.0.1:16395, id=235, length=109 User-Name = "D00000" User-Password = "password" NAS-IP-Address = 172.26.233.2 NAS-Port-Type = Wireless-802.11 WISPr-Location-Name = "Testing:FR,localhost" NAS-Identifier = "FRAF1" Event-Timestamp = "Jun 12 2007 09:26:34 GMT" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall: entering group request_processing for request 0 radius_xlat: 'test.fr' rlm_attr_rewrite: Added attribute Proxy-To-Realm with value 'test.fr' modcall[authorize]: module "add_proxy_to_realm" returns ok for request 0 modcall: leaving group request_processing (returns ok) for request 0 modcall: leaving group authorize (returns ok) for request 0 Processing the pre-proxy section of radiusd.conf modcall: entering group pre-proxy for request 0 modcall: entering group request_processing for request 0 radius_xlat: '/var/log/freeradius/radacct//RADIUS-Trace-20070612' rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/RADIUS-Trace-%Y%m%d expands to /var/log/freeradius/radacct//RADIUS-Trace-20070612 modcall[pre-proxy]: module "radius_trace" returns ok for request 0 modcall: leaving group request_processing (returns ok) for request 0 modcall: leaving group pre-proxy (returns ok) for request 0 Sending Access-Request of id 0 to 172.26.233.2 port 1812 User-Name = "D000001" User-Password = "password" NAS-IP-Address = 172.26.233.2 NAS-Port-Type = Wireless-802.11 WISPr-Location-Name = "Testing:FR,localhost" NAS-Identifier = "FRAF1" Event-Timestamp = "Jun 12 2007 09:26:34 GMT" Proxy-State = 0x323335 --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Accept packet from host 172.26.233.2:1812, id=0, length=67 Reply-Message = "User authenticated on remote platform." Proxy-State = 0x323335 Processing the post-proxy section of radiusd.conf modcall: entering group post-proxy for request 0 radius_xlat: '/var/log/freeradius/radacct//RADIUS-Trace-20070612' rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/RADIUS-Trace-%Y%m%d expands to /var/log/freeradius/radacct//RADIUS-Trace-20070612 modcall[post-proxy]: module "radius_trace" returns ok for request 0 modcall: leaving group post-proxy (returns ok) for request 0 authorize: Skipping authorize in post-proxy stage rad_check_password: Found Auth-Type rad_check_password: Auth-Type = Accept, accepting the user radius_xlat: 'User authenticated on remote platform.' Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 0 modcall: entering group request_processing for request 0 modcall[post-auth]: module "local_voucher_account_info" returns ok for request 0 radius_xlat: '/var/log/freeradius/radacct//RADIUS-Trace-20070612' rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/RADIUS-Trace-%Y%m%d expands to /var/log/freeradius/radacct//RADIUS-Trace-20070612 modcall[post-auth]: module "radius_trace" returns ok for request 0 modcall: leaving group request_processing (returns ok) for request 0 modcall: leaving group post-auth (returns ok) for request 0 Sending Access-Accept of id 91 to 127.0.0.1 port 16395 Reply-Message = "User authenticated on remote platform." Finished request 0 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 91 with timestamp 466e71d8 Nothing to do. Sleeping until we see a request. The example above shows that the request passes through authorize, pre-proxy, post-proxy and then though post-auth. Is there any way that the request does not pass through the post-auth section ? Thanks in advance.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html