>
> It's a section, just like any other section. This is documented in
> "man unlang". You put modules or "unlang" rules there. This is
> documented in "man unlang".
>
Thanks!! That is exactly what I needed. I did not know to look in that man
page. Awesome!
>
> > If there is documentation on
Josh Hiner wrote:
> Im not sure why people kept telling me to read the spot
> above the Post-Auth-Type Reject section.
Because it describes how the Post-Auth-Type Reject section works.
Note: no text saying "it magically doesn't log User-Names"
> Here is a paste of the text
> above that secti
Josh Hiner wrote:
> ...to remind you what Alan said:
>
>> �Read raddb/sites-available/default. �Look for Post-Auth-Type Reject.
>>
>> �This is documented.
>
> in post-auth section
>
>
>Post-Auth-Type REJECT {
>attr_filter.access_reject
>}
*This* is
Ok. I did follow this advice:
>Ok I went back, looked at the config, and used some common sense to
figure
>part of it out. I have it now logging replys for rejects using the
...to remind you what Alan said:
> �Read raddb/sites-available/default. �Look for Post-Auth-Type Reject.
>
Hi,
>being a mooch. The only reason I can think of such short and erroneous
>replies is that some people helping on the list are generally annoyed by
>any questions. That is too bad. A quick reply of "use linelog" would have
>been helpful. Why not help people?
...or it could be th
Well I eventually found and switched to using linelog to log access rejects
since I can define my own variables that are logged. Oddly enough
freeradius was showing a packet-type of Access-Request for eap
authentication failures. Since I was calling linelog only from the
post_auth_reject spot I jus
Alan. Thanks for the reply. One of my previous emails I did put
reply_log in the post auth reject spot. Im also copying the user from
the inner tunnel to the outer tunnel. I am getting reject logs but
without the username. I swear I have read the section above the post
auth reject spot in my defaul
Hi,
>Ok I went back, looked at the config, and used some common sense to figure
>part of it out. I have it now logging replys for rejects using the
...to remind you what Alan said:
> �Read raddb/sites-available/default. �Look for Post-Auth-Type Reject.
>
> �This is documented
Along with enabling user_tunneled_reply=yes etc.. I am also updating the
outer tunnel with the inner tunnel username like this:
update outer.reply {
User-Name = "%{request:User-Name}"
}
in ./sites-enabled/inner-tunnel
Watching radius debug I can even see attr_filter.access
Ok I went back, looked at the config, and used some common sense to figure
part of it out. I have it now logging replys for rejects using the
reply_log section of ./modules/detail.log (I also enabled copy tunneled
reply to the outer tunnel in eap.conf). In the logged rejections Im not
getting the u
Josh Hiner wrote:
> Hello. Im running freeradius 2.1.6 and logging to /var/log/radius in
> file/detail format. Currently connection logging is working if the user
> authenticates correctly. I cant get access rejects to log though. Ive
> turned on reply detail but that is only showing successful att
11 matches
Mail list logo
