FR2 - proxying inner tunnel
Dmitry Sergienko
trooper+freeradius+users at email.dp.ua
Mon Feb 18 17:08:51 CET 2008
Hi!
Alan DeKok wrote:
> Dmitry Sergienko wrote:
>> Please give me some tips how/where to fix this issue. I'm somewhat lost
>> while debugging this EAP stuff with tunnelling and proxying ;)
>
> It's rather complicated after a while. I'm not sure how it can be
> easily debugged...
Added some functions to make debugging easier and found out the following:
There is a call of eaplist_add() in eap_post_proxy():
541 if ((handler->eap_ds->request->code == PW_EAP_REQUEST) &&
542 (handler->eap_ds->request->type.type >= PW_EAP_MD5)) {
543 eaplist_add(inst, handler);
and in eaplist_add():
271 handler->src_ipaddr = handler->request->packet->src_ipaddr;
But during proxying handler->request->packet->src_ipaddr.ipaddr.ip4addr is zero:
(gdb) p handler->request->packet->src_ipaddr
$7 = {af = 2, ipaddr = {ip4addr = {s_addr = 0}, ip6addr = {in6_u = {u6_addr8 =
"\000\000\000\000\220\006\030\b\215\b\b\000\000\000",
u6_addr16 = {0, 0, 1680, 2072, 36260, 2056, 0, 0}, u6_addr32 = {0, 135792272, 134778276, 0}}}}}
Then we're trying to find a session with correct ip address of NAS, i.e. 192.168.2.3 and eaplist_find() fails because it
contains session with zero ipaddr.
I'll try to debug deeper and figure out how to fix this correctly (and not to break anything else ;)
--
Best wishes,
Dmitry Sergienko (SDA104-RIPE)
Trifle Co., Ltd.
More information about the Freeradius-Users
mailing list