RADIUS sniffer
Joe Maimon
jmaimon at ttec.com
Thu Jan 19 19:29:08 CET 2006
Nicolas Baradakis wrote:
> When debugging a problem in prod environment, it's not possible to
> restart FreeRADIUS in debug mode, so we have to use a sniffer to
> display the RADIUS traffic on the network. However, general purpose
> sniffers like tcpdump or ethereal can only decode a few RADIUS
> attribute, while FreeRADIUS has thousands of attributes in its
> dictionaries.
>
> That's why I wrote a simple sniffer based on the libradius of
> FreeRADIUS. It prints the RADIUS packets exactly like running
> "radiusd -X". It can also filter the packets based on any RADIUS
> attributes: the sniffer accepts the same strings as the "users" file
> to match a packet. I think it's a very useful RADIUS debug tool.
>
Since now you can go and replay the request to another radius server
running on say port 11812
> As it's easier to build the sniffer in the FreeRADIUS source tree,
> I've made a patch against CVS head. It is available here:
>
> http://nbk.perso.cegetel.net/radsniff.patch
>
> If people would be interested, it can be added to the CVS tree (pending
> Alan's approval).
>
More information about the Freeradius-Devel
mailing list