I was trying to get linelog to log a CSV style log file with the Access
Accept and Reject messages for auditing purposes.
Took a while to see that the "Access-Reject" verb doesn't work in the
modules/linelog file, it only ever uses the Access-Request since all the
requests are Access-Request messages. So I had to log the
%{reply:Packet-Type}
So this is what I did in the end in the linelog module file:
Access-Request =
"\"%S\",\"%{reply:Packet-Type}\",\"%{Packet-Src-IP-Address}\",\"%{NAS-IP-Address}\",\"%{Client-Shortname}\",\"%{User-Name}\""
Then I updated the post-auth section of the default file to include the
linelog module in both the main and the Post-Auth-Type REJECT to log the
Access-Reject messages too.
post-auth {
* linelog*
Post-Auth-Type REJECT {
* linelog*
reject
}
And I get this in the linelog file.
"2012-03-06
20:40:02","Access-Accept","192.168.1.2","192.168.1.2","APP","Peter"
"2012-03-06
20:40:46","Access-Reject","192.168.1.2","192.168.1.2","APP","Peter"
Which is what we needed to have logged.
Hope it helps someone else.
Cheers
Peter
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
