How to log failed auth attempts?
Todd R.
tjrlist at lightwavetech.com
Wed Dec 17 21:14:31 CET 2008
Alan,
Thanks for your response..
First, I can't believe I missed this section of the radiusd.conf file, I
looked, really I did :)
I also noticed that it said that many things are logged when running
"radiusd -X" which explains some other things..
I made some changes and now I have sufficient log info in the text files.
Hate to push my luck here but I would love to expand what is being logged
SQL wise in my MySql db.
Right now, I have something like this logging on a failed attempt in the
MySQL DB within the radpostauth table:
id, username, pass, reply, authdate
41, dude at somerealm.com, mypass, Access-Accept, 2008-12-17 13:09:15
What I would like to see is something like this:
id, username, pass, reply, reply-message, authdate
41, dude at somerealm.com, mybadpass, Access-Accept, Login incorrect (rlm_pap:
CLEAR TEXT password check failed), 2008-12-17 13:09:15
Any help with this would be appreciated.
Regards,
Todd R.
-----Original Message-----
From:
freeradius-users-bounces+tjrlist=lightwavetech.com at lists.freeradius.org
[mailto:freeradius-users-bounces+tjrlist=lightwavetech.com at lists.freeradius.
org] On Behalf Of Alan DeKok
Sent: Wednesday, December 17, 2008 5:32 AM
To: FreeRadius users mailing list
Subject: Re: How to log failed auth attempts?
Todd R. wrote:
> It seems that most things I have read suggest that failed authentication
> attempts are logged to the radius.log by default but they do not show up
for
> me.
Edit raddb/radiusd.conf, and read the "log" section. It has
configuration entries that control this behavior.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list