Re: debug log and syslog

Fri, 05 Sep 2008 07:31:00 -0700 

[EMAIL PROTECTED] wrote:

I can run debug log by starting radiusd -X , but for production, I want
logs to go to a file and not stdout .


http://linuxbasics.org/course/book/chap_05

  

indeed ;-)

for now with that config I only get 2 lines in radiusd.log when I log in
802.X EAP-ttls , telling:

Sep  5 10:42:30 radiustux radiusd[14619]: Login OK: [procacci] (from
client APS_Cisco port 29 cli 00-1F-3C-59-5E-52)
Sep  5 10:42:30 radiustux radiusd[14619]: Login OK: [anonymous] (from
client APS_Cisco port 29 cli 00-1F-3C-59-5E-52)


    


What else do you want? You can log additional lines with linelog module.

linelog {

     filename = ... you probably want radius.log file

     format = "Things you want to log ..."

}

  

In fact radiusd -X gives me too much logs, but the only one line of log 
per logging I have now is not enough.
I search for a compromise between -X full logs and what I want: the 
Username, the ldap servers used to autheticate him (we have 3 
directories depending on the @domain ), the IP adresse assigned and the 
vlan assigned .
from the -X I found these kind of logs which are relevant to me, how can 
I get them in syslog or logfile or linelog ?


rad_check_password: Found Auth-Type EAP
rlm_ldap: performing user authorization for procacci
lm_ldap: (re)connect to ldap1.int-evry.fr:389, authentication 0

Exec-Program output: Tunnel-Type := VLAN, Tunnel-Medium-Type := 
IEEE-802, Tunnel-Private-Group-Id := 903

Sending Access-Accept of id 70 to 157.159.27.100 port 32768
User-Name = "procacci"
Tunnel-Type:0 := VLAN
Tunnel-Medium-Type:0 := IEEE-802
Tunnel-Private-Group-Id:0 := "903"

rad_recv: Accounting-Request packet from host 157.159.27.100 port 32768, 
id=87, length=200

User-Name = "procacci"
NAS-Port = 29
NAS-IP-Address = 157.159.27.100
Framed-IP-Address = 192.168.200.17
Calling-Station-Id = "192.168.200.17"
Called-Station-Id = "157.159.27.100"

I tested that without succes :-(

# Jehan
linelog {
filename = ${logdir}/jehan.log
format = "JP Login OK for %{User-Name} on %{NAS-Port-Id} ..."
}

the file keeps been empty
[EMAIL PROTECTED] /var/log/radius]
$ ls -al jehan.log
-rw-rw---- 1 root radiusd 0 sep 5 15:12 jehan.log


If it eventually works, where can I get the list of the %{Variables} 
available ?

If you have attribute values in format statement list linelog in the
section where the values will be known (post-auth etc.).

Ivan Kalik
Kalik Informatika IS

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html






















					Reply via email to