Try this patch and let me know if it worked for you so I can submit it to the official bugs site. Thanks, Emilio -----Original Message----- From: freeradius-users-bounces+emilio.escobar=hp.com@lists.freeradius.org [mailto:freeradius-users-bounces+emilio.escobar=hp.com@lists.freeradius.org] On Behalf Of David WU Sent: Friday, March 07, 2008 11:21 AM To: FreeRadius users mailing list Subject: radwtmp I found that the first character of login in the logout record of each login/logout pair missing, as illustrated by the attached file (logins and host ips changed with an hex editor to anonymize the data). This in contrast to the local wtmp file. I discovered this anomaly when I ran a perl script on radwtmp (which was designed to be ran on wtmp and used to find hackers - strange logins not found in the local password database). The native 'last' command operated on radwtmp with normal results, so I suspect 'last' uses as index the host field instead of the name field. I am running freeradius-1.1.7 and then freeradius-2.0.1 on FreeBSD 6.3-RELEASE, with the same results. Best Regards David
Attachment:
fix.patch
Description: fix.patch