Download 2.1.0 and have a look at linelog there. It is much improved. Ivan Kalik Kalik Informatika ISP
Dana 5/9/2008, "jehan procaccia" <[EMAIL PROTECTED]> piše: >[EMAIL PROTECTED] wrote: >>> I can run debug log by starting radiusd -X , but for production, I want >>> logs to go to a file and not stdout . >>> >> >> http://linuxbasics.org/course/book/chap_05 >> >indeed ;-) >>> for now with that config I only get 2 lines in radiusd.log when I log in >>> 802.X EAP-ttls , telling: >>> >>> Sep 5 10:42:30 radiustux radiusd[14619]: Login OK: [procacci] (from >>> client APS_Cisco port 29 cli 00-1F-3C-59-5E-52) >>> Sep 5 10:42:30 radiustux radiusd[14619]: Login OK: [anonymous] (from >>> client APS_Cisco port 29 cli 00-1F-3C-59-5E-52) >>> >>> >> >> What else do you want? You can log additional lines with linelog module. >> >> linelog { >> >> filename = ... you probably want radius.log file >> >> format = "Things you want to log ..." >> >> } >> >In fact radiusd -X gives me too much logs, but the only one line of log >per logging I have now is not enough. >I search for a compromise between -X full logs and what I want: the >Username, the ldap servers used to autheticate him (we have 3 >directories depending on the @domain ), the IP adresse assigned and the >vlan assigned . >from the -X I found these kind of logs which are relevant to me, how can >I get them in syslog or logfile or linelog ? > >rad_check_password: Found Auth-Type EAP >rlm_ldap: performing user authorization for procacci >lm_ldap: (re)connect to ldap1.int-evry.fr:389, authentication 0 >Exec-Program output: Tunnel-Type := VLAN, Tunnel-Medium-Type := >IEEE-802, Tunnel-Private-Group-Id := 903 >Sending Access-Accept of id 70 to 157.159.27.100 port 32768 >User-Name = "procacci" >Tunnel-Type:0 := VLAN >Tunnel-Medium-Type:0 := IEEE-802 >Tunnel-Private-Group-Id:0 := "903" >rad_recv: Accounting-Request packet from host 157.159.27.100 port 32768, >id=87, length=200 >User-Name = "procacci" >NAS-Port = 29 >NAS-IP-Address = 157.159.27.100 >Framed-IP-Address = 192.168.200.17 >Calling-Station-Id = "192.168.200.17" >Called-Station-Id = "157.159.27.100" > >I tested that without succes :-( > ># Jehan >linelog { >filename = ${logdir}/jehan.log >format = "JP Login OK for %{User-Name} on %{NAS-Port-Id} ..." >} > >the file keeps been empty >[EMAIL PROTECTED] /var/log/radius] >$ ls -al jehan.log >-rw-rw---- 1 root radiusd 0 sep 5 15:12 jehan.log > >If it eventually works, where can I get the list of the %{Variables} >available ? >> If you have attribute values in format statement list linelog in the >> section where the values will be known (post-auth etc.). >> >> Ivan Kalik >> Kalik Informatika IS >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html