access rejected
Hi,
I added FreeRADIUS-EAP-TNC-Patch on FreeRADIUS which is developed by TNC@FFH so that eap-tnc can be supported by FreeRADIUS.Then I entered radiusd -X command but some error occured , which indicated that access was rejected and the debug info is "Could not open file tnc_log.properties!" but the file tnc_log.properties had been put under /etc/tnc/ . The debug info is appended with this mail.
Could you please tell me why the access was rejected and how to deal with the problem?
Thank you very much.
雅虎邮箱,终生伙伴!
雅虎邮箱,终生伙伴! #radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
pap: auto_header = yes
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "tnc"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type tnc
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = "Password: "
gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Addre
ss, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/de
tail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 25.20.227.141:1645, id=39, length=125
NAS-IP-Address = 25.20.227.141
NAS-Port = 50001
NAS-Port-Type = Ethernet
User-Name = "Lumpy"
Called-Station-Id = "00-15-62-BE-79-03"
Calling-Station-Id = "00-15-58-7B-83-9D"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message = 0x0200000a014c756d7079
Message-Authenticator = 0x114efcb9b595e8e9a67550efd45f3d04
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "Lumpy", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 0 length 10
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 172
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tnc
§§§§§§§§§§§§§§§§§§§§§§§§§ tnc_initiate: 1191750591
VLAN_ISOLATE: 97
VLAN_ACCESS: 96
PATH to SO: /usr/local/fhh/NAA-TNCS/build/libNAA-TNCS.so
OPENED HANDLE!
SO /usr/local/fhh/NAA-TNCS/build/libNAA-TNCS.so found!
Searching for function exchangeTNCCSMessages
TNCS is connected
$$$$$$$$$$$$$$$$Flags: 33
TYPE: EAP-TNC set
Malloc 2 bytes for packet
Set Flags/Version: 33
No TNCCS-Data presentPacket built
modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 39 to 25.20.227.141 port 1645
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message = 0x010100062621
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xcbdca71f5a85c4d539cc34de801a92f2
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 25.20.227.141:1645, id=40, length=1175
NAS-IP-Address = 25.20.227.141
NAS-Port = 50001
NAS-Port-Type = Ethernet
User-Name = "Lumpy"
Called-Station-Id = "00-15-62-BE-79-03"
Calling-Station-Id = "00-15-58-7B-83-9D"
Service-Type = Framed-User
Framed-MTU = 1500
State = 0xcbdca71f5a85c4d539cc34de801a92f2
EAP-Message = 0x0201040a26013c3f786d6c2076657273696f6e3d22312e302220656e
636f64696e673d225554462d3822207374616e64616c6f6e653d226e6f22203f3e0a3c544e434353
2d426174636820426174636849643d22302220526563697069656e743d22544e43532220786d6c6e
733d22687474703a2f2f7777772e74727573746564636f6d707574696e6767726f75702e6f72672f
4957472f544e432f315f302f49465f544e434353232220786d6c6e733a7873693d22687474703a2f
2f7777772e74727573746564636f6d707574696e6767726f75702e6f72672f4957472f544e432f31
5f302f49465f544e434353232068747470733a2f2f7777772e
EAP-Message = 0x74727573746564636f6d707574696e6767726f75702e6f72672f584d
4c2f534348454d412f544e4343535f312e302e787364223e0a0a20203c494d432d494d562d4d6573
736167653e0a202020203c547970653e46464646303033303c2f547970653e0a202020203c426173
6536343e5044393462577767646d567963326c76626a30694d5334774969426c626d4e765a476c75
5a7a3069565652474c54676949484e305957356b59577876626d5539496d35764969412f50676f38
526b684958306c4e513068766333525459324675626d567949485a6c636e4e7062323439496a4575
4d43492b43676f674944784962334e3055324e68626d356c63
EAP-Message = 0x69426859335270646d5539496e5279645755694c7a344b436a777652
6b684958306c4e513068766333525459324675626d567950676f3d3c2f4261736536343e0a20203c
2f494d432d494d562d4d6573736167653e0a0a20203c494d432d494d562d4d6573736167653e0a20
2020203c547970653e46464646303031303c2f547970653e0a202020203c4261736536343e504439
3462577767646d567963326c76626a30694d5334774969426c626d4e765a476c755a7a3069565652
474c54676949484e305957356b59577876626d5539496d35764969412f50676f38526b684958306c
4e51314a6c5a326c7a64484a3549485a6c636e4e7062323439
EAP-Message = 0x496a45754d43492b43676f67494478795a57644259324e6c63334d67
595778736233646c5a44306964484a315a53497650676f4b504339475345686653553144556d566e
61584e30636e6b2b43673d3d3c2f4261736536343e0a20203c2f494d432d494d562d4d6573736167
653e0a0a20203c544e43432d544e43532d4d6573736167653e0a202020203c547970653e30303030
303030313c2f547970653e0a202020203c584d4c3e0a2020202020203c544e4361744648483e6265
74612076657273696f6e202d20646f206e6f742074727573743c2f544e4361744648483e0a202020
203c2f584d4c3e0a20203c2f544e43432d544e43532d4d6573
EAP-Message = 0x736167653e0a0a3c2f544e4343532d42617463683e0a
Message-Authenticator = 0xe3a9f5b4cb73a9859e4222794943d68c
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: No '@' in User-Name = "Lumpy", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 1 length 253
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 172
modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/tnc
rlm_eap: processing type tnc
HANDLER_OPAQUE: 0
XXXXXXXXXXXX TNC-AUTHENTICATE is starting now for 0..........
Flags/Ver: 1
no data_length included
Data received: (1028)
SO /usr/local/fhh/NAA-TNCS/build/libNAA-TNCS.so found!
TNCS is connected
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
GOT TNC_ConnectionState (juhuuu): 1
GOT State 1 from TNCS
GOT Message from TNCS (length: 1114)
outIsLengthIncluded: 0, outMoreFragments: 0, outOverallLength: 0
NEW STATE: 1
Set Reply->Code to EAP-REQUEST
SET LENGTH: 1120
TYPE: EAP-TNC set
Malloc 1120 bytes for packet
Set Flags/Version: 1
Adding TNCCS-Data without Fragmentation
TNCCS-Datalength: 1114
Packet built
modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 40 to 25.20.227.141 port 1645
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message = 0x0102046026013c3f786d6c2076657273696f6e3d22312e302220656e
636f64696e673d225554462d3822207374616e64616c6f6e653d226e6f22203f3e0a3c544e434353
2d426174636820426174636849643d22312220526563697069656e743d22544e43432220786d6c6e
733d22687474703a2f2f7777772e74727573746564636f6d707574696e6767726f75702e6f72672f
4957472f544e432f315f302f49465f544e434353232220786d6c6e733a7873693d22687474703a2f
2f7777772e74727573746564636f6d707574696e6767726f75702e6f72672f4957472f544e432f31
5f302f49465f544e434353232068747470733a2f2f7777772e
EAP-Message = 0x74727573746564636f6d707574696e6767726f75702e6f72672f584d
4c2f534348454d412f544e4343535f312e302e787364223e0a0a20203c494d432d494d562d4d6573
736167653e0a202020203c547970653e46464646303033313c2f547970653e0a202020203c426173
6536343e5044393462577767646d567963326c76626a30694d5334774969426c626d4e765a476c75
5a7a3069565652474c54676949484e305957356b59577876626d5539496d35764969412f50676f38
526b684958306c4e566b68766333525459324675626d567949485a6c636e4e7062323439496a4575
4d43492b43676b386347397964484d2b43676b4a4943413863
EAP-Message = 0x47397964434275645731695a584939496a49784969382b43516f6749
434167504345744c53426d644841674c53302b43676b4a494341386347397964434275645731695a
584939496a49794969382b43516f6749434167504345744c53427a633267674c53302b43676b4a49
4341386347397964434275645731695a584939496a49314969382b43516f6749434167504345744c
53427a625852774943307450676f4a4353416750484276636e5167626e5674596d5679505349304d
69497650676b4b49434167494477684c533067626d46745a584e6c636e5a6c636941744c54344b43
516b674944787762334a304947353162574a6c636a30694e6a
EAP-Message = 0x63694c7a344a43694167494341384953307449474a76623352776379
41764947526f593341674c53302b43676b4a494341386347397964434275645731695a584939496a
457a4e53497650676b4b49434167494477684c533067556c4244494556755a484276615735304945
31686348426c636941744c54344b435477766347397964484d2b43676f384c305a495346394a5456
5a4962334e3055324e68626d356c636a344b3c2f4261736536343e0a20203c2f494d432d494d562d
4d6573736167653e0a0a20203c544e43432d544e43532d4d6573736167653e0a202020203c547970
653e30303030303030313c2f547970653e0a202020203c584d
EAP-Message = 0x4c3e0a2020202020203c544e4361744648483e626574612076657273
696f6e202d20646f206e6f742074727573743c2f544e4361744648483e0a202020203c2f584d4c3e
0a20203c2f544e43432d544e43532d4d6573736167653e0a0a3c2f544e4343532d42617463683e0a
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xcf3557a473bec4ac6a0a70a599c5e131
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 39 with timestamp 4708abbf
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 40 with timestamp 4708abc0
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 25.20.227.141:1645, id=41, length=1221
NAS-IP-Address = 25.20.227.141
NAS-Port = 50001
NAS-Port-Type = Ethernet
User-Name = "Lumpy"
Called-Station-Id = "00-15-62-BE-79-03"
Calling-Station-Id = "00-15-58-7B-83-9D"
Service-Type = Framed-User
Framed-MTU = 1500
State = 0xcf3557a473bec4ac6a0a70a599c5e131
EAP-Message = 0x0202043826013c3f786d6c2076657273696f6e3d22312e302220656e
636f64696e673d225554462d3822207374616e64616c6f6e653d226e6f22203f3e0a3c544e434353
2d426174636820426174636849643d22322220526563697069656e743d22544e43532220786d6c6e
733d22687474703a2f2f7777772e74727573746564636f6d707574696e6767726f75702e6f72672f
4957472f544e432f315f302f49465f544e434353232220786d6c6e733a7873693d22687474703a2f
2f7777772e74727573746564636f6d707574696e6767726f75702e6f72672f4957472f544e432f31
5f302f49465f544e434353232068747470733a2f2f7777772e
EAP-Message = 0x74727573746564636f6d707574696e6767726f75702e6f72672f584d
4c2f534348454d412f544e4343535f312e302e787364223e0a0a20203c494d432d494d562d4d6573
736167653e0a202020203c547970653e46464646303033323c2f547970653e0a202020203c426173
6536343e5044393462577767646d567963326c76626a30694d5334774969426c626d4e765a476c75
5a7a3069565652474c54676949484e305957356b59577876626d5539496d35764969412f50676f38
526b684958306c4e513068766333525459324675626d567949485a6c636e4e7062323439496a4575
4d43492b43676f674944787762334a30637a344b4943416749
EAP-Message = 0x44787762334a304947353162574a6c636a30694d6a4569494739775a
573439496d5a6862484e6c4969382b43694167494341386347397964434275645731695a58493949
6a4979496942766347567550534a6d5957787a5a53497650676f674943416750484276636e516762
6e5674596d5679505349794e5349676233426c626a306964484a315a53496763325679646d6c6a5a
543069633231306343497650676f674943416750484276636e5167626e5674596d5679505349304d
6949676233426c626a30695a6d4673633255694c7a344b494341674944787762334a304947353162
574a6c636a30694e6a6369494739775a573439496d5a686248
EAP-Message = 0x4e6c4969382b43694167494341386347397964434275645731695a58
4939496a457a4e5349676233426c626a306964484a315a53496763325679646d6c6a5a5430695a58
4274595841694c7a344b494341384c334276636e527a50676f4b5043394753456866535531445347
397a64464e6a595735755a58492b43673d3d3c2f4261736536343e0a20203c2f494d432d494d562d
4d6573736167653e0a0a20203c544e43432d544e43532d4d6573736167653e0a202020203c547970
653e30303030303030313c2f547970653e0a202020203c584d4c3e0a2020202020203c544e436174
4648483e626574612076657273696f6e202d20646f206e6f74
EAP-Message = 0x2074727573743c2f544e4361744648483e0a202020203c2f584d4c3e
0a20203c2f544e43432d544e43532d4d6573736167653e0a0a3c2f544e4343532d42617463683e0a
Message-Authenticator = 0x03896d48a518712015da804dbf894391
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
rlm_realm: No '@' in User-Name = "Lumpy", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: EAP packet type response id 2 length 253
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 172
modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns updated) for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP/tnc
rlm_eap: processing type tnc
HANDLER_OPAQUE: 0
XXXXXXXXXXXX TNC-AUTHENTICATE is starting now for 0..........
Flags/Ver: 1
no data_length included
Data received: (1074)
SO /usr/local/fhh/NAA-TNCS/build/libNAA-TNCS.so found!
TNCS is connected
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
GOT TNC_ConnectionState (juhuuu): 1
GOT State 1 from TNCS
GOT Message from TNCS (length: 598)
outIsLengthIncluded: 0, outMoreFragments: 0, outOverallLength: 0
NEW STATE: 1
Set Reply->Code to EAP-REQUEST
SET LENGTH: 604
TYPE: EAP-TNC set
Malloc 604 bytes for packet
Set Flags/Version: 1
Adding TNCCS-Data without Fragmentation
TNCCS-Datalength: 598
Packet built
modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 41 to 25.20.227.141 port 1645
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message = 0x0103025c26013c3f786d6c2076657273696f6e3d22312e302220656e
636f64696e673d225554462d3822207374616e64616c6f6e653d226e6f22203f3e3c544e4343532d
426174636820426174636849643d22332220526563697069656e743d22544e43432220786d6c6e73
3d22687474703a2f2f7777772e74727573746564636f6d707574696e6767726f75702e6f72672f49
57472f544e432f315f302f49465f544e434353232220786d6c6e733a7873693d22687474703a2f2f
7777772e74727573746564636f6d707574696e6767726f75702e6f72672f4957472f544e432f315f
302f49465f544e434353232068747470733a2f2f7777772e74
EAP-Message = 0x727573746564636f6d707574696e6767726f75702e6f72672f584d4c
2f534348454d412f544e4343535f312e302e787364223e0a0a20203c544e43432d544e43532d4d65
73736167653e0a202020203c547970653e30303030303030313c2f547970653e0a202020203c584d
4c3e0a2020202020203c544e4361744648483e626574612076657273696f6e202d20646f206e6f74
2074727573743c2f544e4361744648483e0a202020203c2f584d4c3e0a20203c2f544e43432d544e
43532d4d6573736167653e0a0a20203c544e43432d544e43532d4d6573736167653e0a202020203c
547970653e30303030303030313c2f547970653e0a20202020
EAP-Message = 0x3c584d4c3e0a2020202020203c544e4343532d5265636f6d6d656e64
6174696f6e20747970653d226e6f6e65222f3e0a202020203c2f584d4c3e0a20203c2f544e43432d
544e43532d4d6573736167653e0a0a3c2f544e4343532d42617463683e0a
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xbcb65528efe45909a32729180fc18f05
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 25.20.227.141:1645, id=42, length=139
NAS-IP-Address = 25.20.227.141
NAS-Port = 50001
NAS-Port-Type = Ethernet
User-Name = "Lumpy"
Called-Station-Id = "00-15-62-BE-79-03"
Calling-Station-Id = "00-15-58-7B-83-9D"
Service-Type = Framed-User
Framed-MTU = 1500
State = 0xbcb65528efe45909a32729180fc18f05
EAP-Message = 0x020300062601
Message-Authenticator = 0xca70b9d228d7919940b38d5e824405e7
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
rlm_realm: No '@' in User-Name = "Lumpy", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: EAP packet type response id 3 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 172
modcall[authorize]: module "files" returns ok for request 3
modcall: leaving group authorize (returns updated) for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP/tnc
rlm_eap: processing type tnc
HANDLER_OPAQUE: 0
XXXXXXXXXXXX TNC-AUTHENTICATE is starting now for 0..........
Flags/Ver: 1
no data_length included
Data received: (0)
SO /usr/local/fhh/NAA-TNCS/build/libNAA-TNCS.so found!
TNCS is connected
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
Could not open file tnc_log.properties!
GOT TNC_ConnectionState (juhuuu): 4
GOT State 4 from TNCS
GOT Message from TNCS (length: 2)
outIsLengthIncluded: 0, outMoreFragments: 0, outOverallLength: 0
NEW STATE: 4
SET LENGTH: 8
rlm_eap: Freeing handler
Possible memory leak ...
modcall[authenticate]: module "eap" returns reject for request 3
modcall: leaving group authenticate (returns reject) for request 3
auth: Failed to validate the user.
Delaying request 3 for 1 seconds
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 25.20.227.141:1645, id=42, length=139
Sending Access-Reject of id 42 to 25.20.227.141 port 1645
EAP-Message = 0x04030004
Message-Authenticator = 0x00000000000000000000000000000000
--- Walking the entire request list ---
Cleaning up request 2 ID 41 with timestamp 4708abc7
Cleaning up request 3 ID 42 with timestamp 4708abc7
Nothing to do. Sleeping until we see a request.
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.