How to log failed auth attempts?

Todd R. tjrlist at lightwavetech.com
Thu Dec 18 02:23:44 CET 2008 

>>>>
>What variable can I use to pull the reject reason, is it something like 
>%{reply:Reply-Message}

That is a good choice.
>>>>

I tried this but I just end up with a blank entry in the database.



>>>>
>Am I missing anything else to accomplish this?
>

You just need to compose text that will go into the Reply-Message.
>>>>

Thing is, I don't want to compose anything, I want to insert the same reject
reason that is being displayed in the text error log. I don't have to
compose the text to get it to log to the text log, it just happens.

I am looking to populate my "rejectreason" field in the radpostauth table
with the reason for the reject. I already have "Access-Reject" under the
reply field but this isn't very informative and causes me to go dig through
the text log to find the reason or the reject.

Thanks for any clarification you can provide.

Regards,
 Todd Routhier




-----Original Message-----
From:
freeradius-users-bounces+tjrlist=lightwavetech.com at lists.freeradius.org
[mailto:freeradius-users-bounces+tjrlist=lightwavetech.com at lists.freeradius.
org] On Behalf Of tnt at kalik.net
Sent: Wednesday, December 17, 2008 7:08 PM
To: FreeRadius users mailing list
Subject: RE: How to log failed auth attempts?

>I do see this query in sql/mysql/dialup.conf that controls the insert:
>
>        postauth_query = "INSERT INTO ${postauth_table} \
>                          (username, pass, reply, authdate) \
>                          VALUES ( \
>                          '%{User-Name}', \
>                          '%{%{User-Password}:-%{Chap-Password}}', \
>                          '%{reply:Packet-Type}', '%S')"
>
>I am guessing I need to modify this query and the DB schema to suite my
>needs.

Yes.

>What variable can I use to pull the reject reason, is it something like
>%{reply:Reply-Message}

That is a good choice.

>Am I missing anything else to accomplish this?
>

You just need to compose text that will go into the Reply-Message.

>Is there a list of available variables to use

doc/variables.txt

Ivan Kalik
Kalik Informatika ISP

-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list