On Wed, Sep 27, 2000 at 09:53:11AM +1100, Hugh Irvine wrote:
>
> Hello Carlos -
>
> On Wed, 27 Sep 2000, Carlos Canau wrote:
> > Hi,
> >
> > howto to log the auth failure or auth accepted into a logfile
> > or syslog ? And howto log a line for each ACCT packet received ?
> >
>
> At the moment your only option is to use the Trace option in the configuration
> file, and you will need to use Trace 4 to get all packets logged. Note that
> this is not a good option in a production environment due to the large amount
> of overhead involved.
>
> One of the things on our to-do list is to improve the logging facilities in
> Radiator, but in the meantime your only alternative is to modify the code to
> log the things you require.
I've done that. I've inserted a new keyword, LogSentPackets,
that can go on the global config or on the Handler/Realm scope.
It can have the values 'Answers' for answer packets sent,
'Requests' for request packets sent and anything else for both.
It will log into LOG_INFO the following:
Thu Sep 28 15:48:14 2000: INFO: Server started: Radiator 2.16.3 on my_server
Thu Sep 28 15:48:19 2000: INFO: Access Request sent to 10.1.1.10 for
'[EMAIL PROTECTED]' from 12.12.12.12 port 50
Thu Sep 28 15:48:19 2000: INFO: AUTH SUCCEDED for '[EMAIL PROTECTED]' from
12.12.12.12 port 50
Thu Sep 28 15:48:19 2000: INFO: Accounting Request sent to 10.1.1.10 for
'[EMAIL PROTECTED]' from 12.12.12.12 port 50
Thu Sep 28 15:48:19 2000: INFO: ACCT for '[EMAIL PROTECTED]' from 12.12.12.12 port
50 , ID 00001234 , IP 255.255.255.254 , type Start
Thu Sep 28 15:48:19 2000: INFO: Accounting Request sent to 10.1.1.10 for
'[EMAIL PROTECTED]' from 12.12.12.12 port 50
Thu Sep 28 15:48:19 2000: INFO: ACCT for '[EMAIL PROTECTED]' from 12.12.12.12 port
50 , ID 00001234 , IP 255.255.255.254 , type Stop
Thu Sep 28 15:55:57 2000: INFO: Access Request sent to 10.1.1.10 for
'[EMAIL PROTECTED]' from 12.12.12.12 port 50
Thu Sep 28 15:55:57 2000: INFO: AUTH FAILED for '[EMAIL PROTECTED]' from
12.12.12.12 port 50: Authentication failure
- Lines with AUTH or ACCT are Answers to Client, lines with
Request sent are Requests sent to remote Radius.
- 10.1.1.10 is the remote Radius
- 12.12.12.12 is the NAS
- 255.255.255.254 is the Framed-IP-Address (note that this was
generated with radpwtst)
I took the inspiration for the log messages from the logfile
of Merit Radius.
Trace must be at 3 in the Log stream (like <Log SYSLOG>).
If someone wants the patches against 2.16.3, just ask.
Hugh, will you have something like this or better in future
versions ??
Kind regards,
</canau
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
