Logging configuration

leopold vova_b at yahoo.com
Tue Sep 29 20:05:15 CEST 2009


Hello,
Could someone please recommend the way to configure a very simple logging in
FreeRadius 2.1.7?
As you know there are many sections like Authorize,Authenticate,Post-Auth
and there is some logic in unlang so depending on if/else statements and
flow regardless if authentication passed Access-Reject/Access-Accept can be
send. 

What we need is logging all the real FINAL messages that RADIUS sends to the
client Access-Rejects/Access-Accept in one line with simple detail about NAS
and UserName: 

Something like:
Time,Access-Reject(or Accept),NAS-IP-Address,User-Name


I looked into "modules/detail.log" module and I have a couple of questions
because apparently I have problem using it:

1. In post-auth I need to put it many places depending on unlang logic
I had to add it in REJECT
post-auth {
.... person can get rejected

Post-Auth-Type REJECT {
--->                 reply_log
                attr_filter.access_reject
        }
..
}

Is there a way to put logging in one final place so it will be invoked
regardless of UNLANG flow?

2. In post-auth reply_log does not log "User-Name" for PAP requests with
Kerberos authentication

In my case I have something like that
Tue Sep 29 13:38:46 2009
        Packet-Type = Access-Accept
        Attr1 = Val1
        Attr2 = Val2
But User-Name is not logged. Is the a way to log it?
For EAP-TLS apparently "User-Name" is part of reply attributes and it logs
it correctly

3)
If I do not want to use a separate file for every Client-Ip-Address
detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d 
Is there a way to force it to log Client-IP-Address/NAS-Ip address into one
file as prt of log message line?
detailfile = ${radacctdir}/auth-detail-%Y%m%d 
It is just difficult to manage so many files for every NAS device

Thanks a lot for you help.
-- 
View this message in context: http://www.nabble.com/Logging-configuration-tp25668034p25668034.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.




More information about the Freeradius-Users mailing list