RADIUS sniffer
Alan DeKok
aland at ox.org
Thu Jan 19 18:17:46 CET 2006
Nicolas Baradakis <nbk at sitadelle.com> wrote:
> That's why I wrote a simple sniffer based on the libradius of
> FreeRADIUS. It prints the RADIUS packets exactly like running
> "radiusd -X". It can also filter the packets based on any RADIUS
> attributes: the sniffer accepts the same strings as the "users" file
> to match a packet. I think it's a very useful RADIUS debug tool.
Nice.
> As it's easier to build the sniffer in the FreeRADIUS source tree,
> I've made a patch against CVS head. It is available here:
>
> http://nbk.perso.cegetel.net/radsniff.patch
Comments:
- use #ifdef HAVE_FOO_H around the #includes, and wrap the whole
radsniff.h in #ifdef HAVE_PCAP_H. There's some crazy system out there
with libpcap, but not pcap.h, and it's admin will complain to the list.
- the code you're copying from lib/radius.c could be abstracted a bit
better, so you don't have to copy it. I've started down some of that
path with the rad_encode, rad_sign, etc. functions. We could do more.
> If people would be interested, it can be added to the CVS tree (pending
> Alan's approval).
Looks good to me.
Also, the Ethereal people have grabbed the FreeRADIUS dictionaries
whole-sale. So Ethereal can understand *most* of the attributes
FreeRADIUS understands. I've still got to send them a patch to handle
USR, Lucent, and Starent VSA's. But once that's done, they'll be as
capable as FreeRADIUS.
Alan DeKok.
More information about the Freeradius-Devel
mailing list