integrate dhcpd and freeRADIUS logs

Arran Cudbard-Bell A.Cudbard-Bell at sussex.ac.uk
Thu Apr 2 21:00:00 CEST 2009


On 2/4/09 19:32, deveshgade wrote:
> 	I want to maintain a log of the username,ip address and the mac address
> of the client connecting to my FreeRADIUS-2.1.1 server in a wireless
> network.
> I am using dhcpd, from which the mac address of client can be obtained.
>
> 	I wanted to know if anyone has written a script to map radius logs to the
> dhcpd logs
> so that one would be able to compare the username,ip address and mac address
> of the client.
> Based on comparison of the above values,access to the wifi network  would be
> granted to the user.
> Can anyone give me a sample or an real shell script or php script for the
> same??

The best way to do this is to modify the sql schema for the post-auth or 
radacct table, and insert a Framed-IP-Address field, then have something 
tail the dhcpd logs parsing the entries and inserting IP addresses for 
relevant records.

I'm sure there must be something out there already to convert dhcpd logs 
into sql rows... If not it'd be pretty trivial to do in PHP...

A few vendors now have integrated DHCP snooping and RADIUS Accounting on 
their switches and wireless access points, so that the Accounting 
records generated also include the IP address learned via DHCP snooping. 
IMHO this is a much cleaner way to achieve what you're attempting, so 
i'd check if your NAS vendor supports this.

Ones i've come across so far are HP ProCurve switches (2600+)(though 
it's slightly broken), and Trapeze wireless controllers.

Regards,
Arran
-- 
Arran Cudbard-Bell (A.Cudbard-Bell at sussex.ac.uk),
Authentication, Authorisation and Accounting Officer,
Infrastructure Services (IT Services),
E1-1-08, Engineering 1, University Of Sussex, Brighton, BN1 9QT
DDI+FAX: +44 1273 873900 | INT: 3900
GPG: 86FF A285 1AA1 EE40 D228 7C2E 71A9 25BB 1E68 54A2



More information about the Freeradius-Users mailing list