FR 2.1.9 Frequent SegFault, didn't happen with FR 2.1.8

James J J Hooper jjj.hooper at bristol.ac.uk
Wed Jun 9 18:56:56 CEST 2010


Hi Alan, All,

Since upgrading to 2.1.9, FR is segfaulting frequently (every 20 minutes 
with load, every ~8 hours with less load).

Attached -X at startup, and the last 100 lines before segfault.

If someone can explain how to drive GDB (or any other method to track this 
down), I'm happy to try it.

Thanks,
  James


--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk 	 	http://www.jamesjj.net
--

-------------- next part --------------
FreeRADIUS Version 2.1.9, for host i686-pc-linux-gnu, built on May 26 2010 at 14:38:55
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. 
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A 
PARTICULAR PURPOSE. 
You may redistribute copies of FreeRADIUS under the terms of the 
GNU General Public License v2. 
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/ubextestpasswd
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/eduroamalieneap-bris-ca
including configuration file /usr/local/etc/raddb/modules/eduroamlocaleap-bris-ca
including configuration file /usr/local/etc/raddb/modules/files-bristol-research-net
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/always-handled
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/eduroamubexeap
including configuration file /usr/local/etc/raddb/modules/logsql
including configuration file /usr/local/etc/raddb/modules/vpimschap
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/eduroamlocaleap
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/detail-bsql
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/eduroamubexmschap
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/modules/eduroamlocalmschap
including configuration file /usr/local/etc/raddb/modules/nomadicvpnmschap
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/eduroamalieneap
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/files-uob-gear
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/vpieap
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/uobroammschap
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/eduroamalienmschap
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/uobdetailsslog
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/uobroameap
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/uobgear
including configuration file /usr/local/etc/raddb/sites-enabled/regex-test-svr
including configuration file /usr/local/etc/raddb/sites-enabled/uobroam-bsql
including configuration file /usr/local/etc/raddb/sites-enabled/nomadicvpn
including configuration file /usr/local/etc/raddb/sites-enabled/vpi
including configuration file /usr/local/etc/raddb/sites-enabled/nomadicvpn-bsql
including configuration file /usr/local/etc/raddb/sites-enabled/vpi-inner
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamalien-inner
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamlocal-inner
including configuration file /usr/local/etc/raddb/sites-enabled/uobroam-inner
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamalien
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamlocal-bsql
including configuration file /usr/local/etc/raddb/sites-enabled/bristolresearchnet
including configuration file /usr/local/etc/raddb/sites-enabled/status
including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
including configuration file /usr/local/etc/raddb/sites-enabled/uobroam
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamlocal
main {
	user = "radiusd"
	group = "radiusd"
	allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
	prefix = "/usr/local"
	localstatedir = "/usr/local/var"
	logdir = "/var/log/radius"
	libdir = "/usr/local/lib"
	radacctdir = "/var/log/radius/radacct"
	hostname_lookups = no
	max_request_time = 30
	cleanup_delay = 4
	max_requests = 1048576
	pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
	checkrad = "/usr/local/sbin/checkrad"
	debug_level = 0
	proxy_requests = yes
 log {
	stripped_names = no
	auth = yes
	auth_badpass = no
	auth_goodpass = no
 }
 security {
	max_attributes = 200
	reject_delay = 1
	status_server = yes
 }
}
radiusd: #### Loading Realms and Home Servers ####
 realm LOCAL {
 }
 realm bris.ac.uk {
 }
 realm bristol.ac.uk {
 }
 home_server jrs0 {
	ipaddr = X.Y.Z.185
	port = 1812
	type = "auth+acct"
	secret = "XXX"
	response_window = 10
	max_outstanding = 65536
	zombie_period = 40
	status_check = "status-server"
	ping_interval = 30
	check_interval = 30
	num_answers_to_alive = 3
	num_pings_to_alive = 3
	revive_interval = 300
	status_check_timeout = 4
	historic_average_window = 10000
	irt = 2
	mrt = 16
	mrc = 5
	mrd = 30
 }
 home_server jrs1 {
	ipaddr = X.Y.Z.233
	port = 1812
	type = "auth+acct"
	secret = "XXX"
	response_window = 10
	max_outstanding = 65536
	zombie_period = 40
	status_check = "status-server"
	ping_interval = 30
	check_interval = 30
	num_answers_to_alive = 3
	num_pings_to_alive = 3
	revive_interval = 300
	status_check_timeout = 4
	historic_average_window = 10000
	irt = 2
	mrt = 16
	mrc = 5
	mrd = 30
 }
 home_server jrs2 {
	ipaddr = X.Y.Z.249
	port = 1812
	type = "auth+acct"
	secret = "XXX"
	response_window = 10
	max_outstanding = 65536
	zombie_period = 40
	status_check = "status-server"
	ping_interval = 30
	check_interval = 30
	num_answers_to_alive = 3
	num_pings_to_alive = 3
	revive_interval = 300
	status_check_timeout = 4
	historic_average_window = 10000
	irt = 2
	mrt = 16
	mrc = 5
	mrd = 30
 }
 home_server_pool jrs {
	type = fail-over
	home_server = jrs0
	home_server = jrs1
	home_server = jrs2
 }
 realm jrs {
	pool = jrs
 }
radiusd: #### Loading Clients ####
 client JamesJJ {
	ipaddr = X.Y.Z.191
	require_message_authenticator = no
	secret = "XXX"
 }
 client rhubarb-65 {
	ipaddr = pptpdnsnode1.nomadic IP address [X.Y.Z.65]
	require_message_authenticator = no
	secret = "XXX"
 }
 client rhubarb-91 {
	ipaddr = rhubarb IP address [X.Y.Z.91]
	require_message_authenticator = no
	secret = "XXX"
 }
 client custard-66 {
	ipaddr = pptpdnsnode2.nomadic IP address [X.Y.Z.66]
	require_message_authenticator = no
	secret = "XXX"
 }
 client custard-92 {
	ipaddr = custard IP address [X.Y.Z.92]
	require_message_authenticator = no
	secret = "XXX"
 }
 client gilbert {
	ipaddr = gilbert IP address [X.Y.Z.154]
	require_message_authenticator = no
	secret = "XXX"
 }
 client sullivan {
	ipaddr = sullivan IP address [X.Y.Z.153]
	require_message_authenticator = no
	secret = "XXX"
 }
 client roaming0.ja.net {
	ipaddr = roaming0.ja.net IP address [X.Y.Z.185]
	require_message_authenticator = no
	secret = "XXX"
	virtual_server = "eduroamalien"
 }
 client roaming1.ja.net {
	ipaddr = roaming1.ja.net IP address [X.Y.Z.233]
	require_message_authenticator = no
	secret = "XXX"
	virtual_server = "eduroamalien"
 }
 client roaming2.ja.net {
	ipaddr = roaming2.ja.net IP address [X.Y.Z.249]
	require_message_authenticator = no
	secret = "XXX"
	virtual_server = "eduroamalien"
 }
 client WISM1 {
	ipaddr = X.Y.Z.201
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM2 {
	ipaddr = X.Y.Z.202
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM3 {
	ipaddr = X.Y.Z.203
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM4 {
	ipaddr = X.Y.Z.204
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM5 {
	ipaddr = X.Y.Z.205
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM6 {
	ipaddr = X.Y.Z.206
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM7 {
	ipaddr = X.Y.Z.207
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM8 {
	ipaddr = X.Y.Z.208
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM9 {
	ipaddr = X.Y.Z.209
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM10 {
	ipaddr = X.Y.Z.210
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM11 {
	ipaddr = X.Y.Z.211
	require_message_authenticator = no
	secret = "XXX"
 }
 client WISM12 {
	ipaddr = X.Y.Z.212
	require_message_authenticator = no
	secret = "XXX"
 }
 client pptpnode1 {
	ipaddr = X.Y.Z.67
	require_message_authenticator = no
	secret = "XXX"
	virtual_server = "nomadicvpn"
 }
 client pptpnode2 {
	ipaddr = X.Y.Z.68
	require_message_authenticator = no
	secret = "XXX"
	virtual_server = "nomadicvpn"
 }
 client pptpnode3 {
	ipaddr = X.Y.Z.69
	require_message_authenticator = no
	secret = "XXX"
	virtual_server = "nomadicvpn"
 }
 client pptpnode4 {
	ipaddr = X.Y.Z.70
	require_message_authenticator = no
	secret = "XXX"
	virtual_server = "nomadicvpn"
 }
radiusd: #### Instantiating modules ####
 instantiate {
 Module: Linked to module rlm_exec
 Module: Instantiating exec
  exec {
	wait = no
	input_pairs = "request"
	shell_escape = yes
  }
 Module: Linked to module rlm_expr
 Module: Instantiating expr
 Module: Linked to module rlm_expiration
 Module: Instantiating expiration
  expiration {
	reply-message = "Password Has Expired  "
  }
 Module: Linked to module rlm_logintime
 Module: Instantiating logintime
  logintime {
	reply-message = "You are calling outside your allowed timespan  "
	minimum-timeout = 60
  }
 }
radiusd: #### Loading Virtual Servers ####
server uobgear {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_pap
 Module: Instantiating pap
  pap {
	encryption_scheme = "auto"
	auto_header = no
  }
 Module: Checking authorize {...} for more modules to load
 Module: Linked to module rlm_always
 Module: Instantiating reject
  always reject {
	rcode = "reject"
	simulcount = 0
	mpp = no
  }
 Module: Linked to module rlm_preprocess
 Module: Instantiating preprocess
  preprocess {
	huntgroups = "/usr/local/etc/raddb/huntgroups"
	hints = "/usr/local/etc/raddb/hints"
	with_ascend_hack = no
	ascend_channels_per_line = 23
	with_ntdomain_hack = no
	with_specialix_jetstream_hack = no
	with_cisco_vsa_hack = no
	with_alvarion_vsa_hack = no
  }
 Module: Linked to module rlm_files
 Module: Instantiating files-uob-gear
  files files-uob-gear {
	usersfile = "/usr/local/etc/raddb/users-uobgear"
	acctusersfile = "/usr/local/etc/raddb/acct_users-uobgear"
	preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users-uobgear"
	compat = "no"
  }
 Module: Checking preacct {...} for more modules to load
 Module: Linked to module rlm_acct_unique
 Module: Instantiating acct_unique
  acct_unique {
	key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
  }
 Module: Instantiating files-bristol-research-net
  files files-bristol-research-net {
	usersfile = "/usr/local/etc/raddb/users-bristolresearchnet"
	acctusersfile = "/usr/local/etc/raddb/acct_users-bristolresearchnet"
	preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users-bristolresearchnet"
	compat = "no"
  }
 Module: Checking accounting {...} for more modules to load
 Module: Linked to module rlm_detail
 Module: Instantiating detail
  detail {
	detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/detail-%Y%m%d.log"
	header = "%t"
	detailperm = 384
	dirperm = 493
	locking = no
	log_packet_header = no
  }
 Module: Linked to module rlm_attr_filter
 Module: Instantiating attr_filter.accounting_response
  attr_filter attr_filter.accounting_response {
	attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
	key = "%{User-Name}"
  }
 Module: Checking post-auth {...} for more modules to load
 Module: Instantiating reply_log
  detail reply_log {
	detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/reply-detail-%Y%m%d.log"
	header = "%t"
	detailperm = 384
	dirperm = 493
	locking = no
	log_packet_header = no
  }
 Module: Instantiating attr_filter.access_reject
  attr_filter attr_filter.access_reject {
	attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
	key = "%{User-Name}"
  }
 } # modules
} # server
server regex-test-svr {
 modules {
 Module: Checking authorize {...} for more modules to load
 Module: Instantiating auth_log
  detail auth_log {
	detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/auth-detail-%Y%m%d.log"
	header = "%t"
	detailperm = 384
	dirperm = 493
	locking = no
	log_packet_header = no
  }
 Module: Linked to module rlm_realm
 Module: Instantiating suffix
  realm suffix {
	format = "suffix"
	delimiter = "@"
	ignore_default = no
	ignore_null = no
  }
 Module: Instantiating echo
  exec echo {
	wait = yes
	program = "/bin/echo %{User-Name}"
	input_pairs = "request"
	output_pairs = "reply"
	shell_escape = yes
  }
 Module: Checking preacct {...} for more modules to load
 Module: Instantiating files
  files {
	usersfile = "/usr/local/etc/raddb/users"
	acctusersfile = "/usr/local/etc/raddb/acct_users"
	preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
	compat = "no"
  }
 } # modules
} # server
server uobroam-bsql {
 modules {
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Linked to module rlm_sql
 Module: Instantiating logsql
  sql logsql {
	driver = "rlm_sql_mysql"
	server = "satsuma.nomadic-core"
	port = "3306"
	login = "radiusloguser"
	password = "XXX"
	radius_db = "radiuslog"
	read_groups = yes
	sqltrace = no
	sqltracefile = "/var/log/radius/sqltrace.sql"
	readclients = no
	deletestalesessions = yes
	num_sql_socks = 3
	lifetime = 0
	max_queries = 0
	sql_user_name = "%{%{Stripped-User-Name}:-%{User-Name}}"
	default_user_profile = ""
	nas_query = "SELECT id, nasname, shortname, type, secret FROM nas"
	authorize_check_query = "SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
	authorize_reply_query = "SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
	authorize_group_check_query = "SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
	authorize_group_reply_query = "SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
	accounting_onoff_query = "          UPDATE radacct           SET              acctstoptime       =  unix_timestamp('%S'),              acctsessiontime    =  unix_timestamp('%S') -                                    unix_timestamp(acctstarttime),              acctterminatecause =  '%{Acct-Terminate-Cause}',              radiusip =  'X.Y.Z.92',              acctstopdelay      =  %{%{Acct-Delay-Time}:-0}           WHERE acctstoptime IS NULL           AND nasipaddress      =  '%{NAS-IP-Address}'           AND acctstarttime     <= unix_timestamp('%S')"
	accounting_update_query = "           UPDATE radacct           SET              framedipaddress = '%{Framed-IP-Address}',              acctsessiontime     = unix_timestamp('%{Acct-Session-Time}'),              acctinputoctets     = '%{%{Acct-Input-Gigawords}:-0}'  << 32 |                                    '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets    = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                    '%{%{Acct-Output-Octets}:-0}'           WHERE acctsessionid = '%{Acct-Session-Id}'           AND username        = '%{SQL-User-Name}'           AND nasipaddress    = '%{NAS-IP-Address}'"
	accounting_update_query_alt = ""
	accounting_start_query = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,     username,              realm,            nasipaddress,     nasportid,              nasporttype,      acctstarttime,    acctstoptime,              acctsessiontime,  acctauthentic,    connectinfo_start,              connectinfo_stop, acctinputoctets,  acctoutputoctets,              calledstationid,  callingstationid, acctterminatecause,              servicetype,      framedprotocol,   framedipaddress,              nasidentifier,   tunnelprivategroupid, mschapdomain,              acctstartdelay,   acctstopdelay,    servicename, radiusip)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}', unix_timestamp('%S'), NULL,              '0', '%{Acct-Authentic}', '%{Connect-Info}',              '', '0', '0',              '%{Called-Station-Id}', '%{Calling-Station-Id}', '',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '%{NAS-Identifier}', '%{Tunnel-Private-Group-Id}', '%{MS-CHAP-Domain}',              '%{%{Acct-Delay-Time}:-0}', '0', '%{Virtual-Server}', 'X.Y.Z.92')"
	accounting_start_query_alt = ""
	accounting_stop_query = "           UPDATE radacct SET              acctstoptime       = unix_timestamp('%S'),              acctsessiontime    = '%{Acct-Session-Time}',              acctinputoctets    = '%{%{Acct-Input-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets   = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Output-Octets}:-0}',              acctterminatecause = '%{Acct-Terminate-Cause}',              acctstopdelay      = '%{%{Acct-Delay-Time}:-0}',              connectinfo_stop   = '%{Connect-Info}'           WHERE acctsessionid   = '%{Acct-Session-Id}'           AND username          = '%{SQL-User-Name}'           AND nasipaddress      = '%{NAS-IP-Address}'"
	accounting_stop_query_alt = ""
	group_membership_query = "SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority"
	connect_failure_retry_delay = 20
	simul_count_query = ""
	simul_verify_query = "SELECT radacctid, acctsessionid, username,                                nasipaddress, nasportid, framedipaddress,                                callingstationid, framedprotocol                                FROM radacct                                WHERE username = '%{SQL-User-Name}'                                AND acctstoptime IS NULL"
	postauth_query = "INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S')"
	safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
  }
rlm_sql (logsql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (logsql): Attempting to connect to radiusloguser at satsuma.nomadic-core:3306/radiuslog
rlm_sql (logsql): starting 0
rlm_sql (logsql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (logsql): Connected new DB handle, #0
rlm_sql (logsql): starting 1
rlm_sql (logsql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (logsql): Connected new DB handle, #1
rlm_sql (logsql): starting 2
rlm_sql (logsql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (logsql): Connected new DB handle, #2
 Module: Instantiating ok
  always ok {
	rcode = "ok"
	simulcount = 0
	mpp = no
  }
 } # modules
} # server
server nomadicvpn {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_mschap
 Module: Instantiating nomadicvpnmschap
  mschap nomadicvpnmschap {
	use_mppe = yes
	require_encryption = no
	require_strong = no
	with_ntdomain_hack = yes
	ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{nomadicvpnmschap:User-Name} --challenge=%{nomadicvpnmschap:Challenge} --nt-response=%{nomadicvpnmschap:NT-Response}  --require-membership-of=%{NN-Homeservice-Name}"
  }
 Module: Checking authorize {...} for more modules to load
 Module: Instantiating ss-log
  detail ss-log {
	detailfile = "/var/log/radius/radacct/ss-log-detail-%Y%m%d.log"
	header = "%t,%{Packet-Src-IP-Address},%{Packet-Dst-Port}"
	detailperm = 384
	dirperm = 493
	locking = no
	log_packet_header = no
  }
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Instantiating detail-bsql
  detail detail-bsql {
	detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}-bsql/detail-bsql.log"
	header = "%t"
	detailperm = 384
	dirperm = 493
	locking = no
	log_packet_header = no
  }
 Module: Checking pre-proxy {...} for more modules to load
 Module: Instantiating pre_proxy_log
  detail pre_proxy_log {
	detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-DEFAULT}/pre-proxy-detail-%Y%m%d.log"
	header = "%t"
	detailperm = 384
	dirperm = 493
	locking = no
	log_packet_header = no
  }
 Module: Checking post-proxy {...} for more modules to load
 Module: Instantiating post_proxy_log
  detail post_proxy_log {
	detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-DEFAULT}/post-proxy-detail-%Y%m%d.log"
	header = "%t"
	detailperm = 384
	dirperm = 493
	locking = no
	log_packet_header = no
  }
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server vpi {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_eap
 Module: Instantiating vpieap
  eap vpieap {
	default_eap_type = "ttls"
	timer_expire = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no
	max_sessions = 2048
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
	challenge = "Password: "
	auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
	rsa_key_exchange = no
	dh_key_exchange = yes
	rsa_key_length = 512
	dh_key_length = 512
	verify_depth = 0
	pem_file_type = yes
	private_key_file = "/usr/local/etc/raddb/certs/vpi/vpi.wireless.key"
	certificate_file = "/usr/local/etc/raddb/certs/vpi/vpi.wireless-cert.pem"
	CA_file = "/usr/local/etc/raddb/certs/vpi/ca-vpi.wireless.pem"
	dh_file = "/usr/local/etc/raddb/certs/vpi/dh"
	random_file = "/usr/local/etc/raddb/certs/vpi/random"
	fragment_size = 1024
	include_length = yes
	check_crl = no
	cipher_list = "DEFAULT"
    cache {
	enable = yes
	lifetime = 24
	max_entries = 10000
    }
   }
 Module: Linked to sub-module rlm_eap_ttls
 Module: Instantiating eap-ttls
   ttls {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	virtual_server = "vpi-inner"
	include_length = yes
   }
 Module: Linked to sub-module rlm_eap_peap
 Module: Instantiating eap-peap
   peap {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	proxy_tunneled_request_as_eap = yes
	virtual_server = "vpi-inner"
   }
 Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
	with_ntdomain_hack = no
   }
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking pre-proxy {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 Module: Instantiating attr_filter.access_accept
  attr_filter attr_filter.access_accept {
	attrsfile = "/usr/local/etc/raddb/attrs.access_accept"
	key = "%{User-Name}"
  }
 } # modules
} # server
server nomadicvpn-bsql {
 modules {
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 } # modules
} # server
server vpi-inner {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Instantiating vpimschap
  mschap vpimschap {
	use_mppe = yes
	require_encryption = no
	require_strong = no
	with_ntdomain_hack = yes
	ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{vpimschap:User-Name}} --challenge=%{vpimschap:Challenge} --nt-response=%{vpimschap:NT-Response}"
  }
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking pre-proxy {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server eduroamalien-inner {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Instantiating eduroamalienmschap
  mschap eduroamalienmschap {
	use_mppe = yes
	require_encryption = no
	require_strong = no
	with_ntdomain_hack = yes
	ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{eduroamalienmschap:User-Name}} --challenge=%{eduroamalienmschap:Challenge} --nt-response=%{eduroamalienmschap:NT-Response} --require-membership-of=S-1-5-21-1117850145-1682116191-196506527-48263"
  }
 Module: Instantiating eduroamalieneap
  eap eduroamalieneap {
	default_eap_type = "peap"
	timer_expire = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no
	max_sessions = 2048
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
	challenge = "Password: "
	auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
	rsa_key_exchange = no
	dh_key_exchange = yes
	rsa_key_length = 512
	dh_key_length = 512
	verify_depth = 0
	pem_file_type = yes
	private_key_file = "/usr/local/etc/raddb/certs/server.key"
	certificate_file = "/usr/local/etc/raddb/certs/server.pem"
	CA_file = "/usr/local/etc/raddb/certs/ca.pem"
	dh_file = "/usr/local/etc/raddb/certs/dh"
	random_file = "/usr/local/etc/raddb/certs/random"
	fragment_size = 1024
	include_length = yes
	check_crl = no
	cipher_list = "DEFAULT"
    cache {
	enable = yes
	lifetime = 24
	max_entries = 1000
    }
   }
 Module: Linked to sub-module rlm_eap_ttls
 Module: Instantiating eap-ttls
   ttls {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	virtual_server = "eduroamalien-inner"
	include_length = yes
   }
 Module: Linked to sub-module rlm_eap_peap
 Module: Instantiating eap-peap
   peap {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	proxy_tunneled_request_as_eap = yes
	virtual_server = "eduroamalien-inner"
   }
 Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
	with_ntdomain_hack = no
   }
 Module: Instantiating eduroamalieneap-bris-ca
  eap eduroamalieneap-bris-ca {
	default_eap_type = "peap"
	timer_expire = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no
	max_sessions = 2048
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
	challenge = "Password: "
	auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
	rsa_key_exchange = no
	dh_key_exchange = yes
	rsa_key_length = 512
	dh_key_length = 512
	verify_depth = 0
	pem_file_type = yes
	private_key_file = "/usr/local/etc/raddb/certs/eduroam.wireless/eduroam.wireless.key"
	certificate_file = "/usr/local/etc/raddb/certs/eduroam.wireless/eduroam.wireless-combined.pem"
	dh_file = "/usr/local/etc/raddb/certs/eduroam.wireless/dh"
	random_file = "/usr/local/etc/raddb/certs/eduroam.wireless/random"
	fragment_size = 1024
	include_length = yes
	check_crl = no
	cipher_list = "DEFAULT"
    cache {
	enable = yes
	lifetime = 24
	max_entries = 1000
    }
   }
 Module: Linked to sub-module rlm_eap_ttls
 Module: Instantiating eap-ttls
   ttls {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	virtual_server = "eduroamalien-inner"
	include_length = yes
   }
 Module: Linked to sub-module rlm_eap_peap
 Module: Instantiating eap-peap
   peap {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	proxy_tunneled_request_as_eap = yes
	virtual_server = "eduroamalien-inner"
   }
 Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
	with_ntdomain_hack = no
   }
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking pre-proxy {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server eduroamlocal-inner {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Instantiating eduroamlocalmschap
  mschap eduroamlocalmschap {
	use_mppe = yes
	require_encryption = no
	require_strong = no
	with_ntdomain_hack = yes
	ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{eduroamlocalmschap:User-Name}} --challenge=%{eduroamlocalmschap:Challenge} --nt-response=%{eduroamlocalmschap:NT-Response} --require-membership-of=S-1-5-21-1117850145-1682116191-196506527-48263"
  }
 Module: Instantiating eduroamlocaleap
  eap eduroamlocaleap {
	default_eap_type = "peap"
	timer_expire = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no
	max_sessions = 2048
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
	challenge = "Password: "
	auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
	rsa_key_exchange = no
	dh_key_exchange = yes
	rsa_key_length = 512
	dh_key_length = 512
	verify_depth = 0
	pem_file_type = yes
	private_key_file = "/usr/local/etc/raddb/certs/server.key"
	certificate_file = "/usr/local/etc/raddb/certs/server.pem"
	CA_file = "/usr/local/etc/raddb/certs/ca.pem"
	dh_file = "/usr/local/etc/raddb/certs/dh"
	random_file = "/usr/local/etc/raddb/certs/random"
	fragment_size = 1024
	include_length = yes
	check_crl = no
	cipher_list = "DEFAULT"
    cache {
	enable = yes
	lifetime = 24
	max_entries = 20000
    }
   }
 Module: Linked to sub-module rlm_eap_ttls
 Module: Instantiating eap-ttls
   ttls {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	virtual_server = "eduroamlocal-inner"
	include_length = yes
   }
 Module: Linked to sub-module rlm_eap_peap
 Module: Instantiating eap-peap
   peap {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	proxy_tunneled_request_as_eap = yes
	virtual_server = "eduroamlocal-inner"
   }
 Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
	with_ntdomain_hack = no
   }
 Module: Instantiating eduroamlocaleap-bris-ca
  eap eduroamlocaleap-bris-ca {
	default_eap_type = "peap"
	timer_expire = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no
	max_sessions = 2048
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
	challenge = "Password: "
	auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
	rsa_key_exchange = no
	dh_key_exchange = yes
	rsa_key_length = 512
	dh_key_length = 512
	verify_depth = 0
	pem_file_type = yes
	private_key_file = "/usr/local/etc/raddb/certs/eduroam.wireless/eduroam.wireless.key"
	certificate_file = "/usr/local/etc/raddb/certs/eduroam.wireless/eduroam.wireless-combined.pem"
	dh_file = "/usr/local/etc/raddb/certs/eduroam.wireless/dh"
	random_file = "/usr/local/etc/raddb/certs/eduroam.wireless/random"
	fragment_size = 1024
	include_length = yes
	check_crl = no
	cipher_list = "DEFAULT"
    cache {
	enable = yes
	lifetime = 24
	max_entries = 20000
    }
   }
 Module: Linked to sub-module rlm_eap_ttls
 Module: Instantiating eap-ttls
   ttls {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	virtual_server = "eduroamlocal-inner"
	include_length = yes
   }
 Module: Linked to sub-module rlm_eap_peap
 Module: Instantiating eap-peap
   peap {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	proxy_tunneled_request_as_eap = yes
	virtual_server = "eduroamlocal-inner"
   }
 Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
	with_ntdomain_hack = no
   }
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking pre-proxy {...} for more modules to load
 Module: Instantiating attr_filter.pre-proxy
  attr_filter attr_filter.pre-proxy {
	attrsfile = "/usr/local/etc/raddb/attrs.pre-proxy"
	key = "%{Realm}"
  }
 Module: Checking post-proxy {...} for more modules to load
 Module: Instantiating attr_filter.post-proxy
  attr_filter attr_filter.post-proxy {
	attrsfile = "/usr/local/etc/raddb/attrs"
	key = "%{Realm}"
  }
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server uobroam-inner {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Instantiating uobroammschap
  mschap uobroammschap {
	use_mppe = yes
	require_encryption = no
	require_strong = no
	with_ntdomain_hack = yes
	ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{uobroammschap:User-Name}} --challenge=%{uobroammschap:Challenge} --nt-response=%{uobroammschap:NT-Response} --require-membership-of=S-1-5-21-1117850145-1682116191-196506527-48263"
  }
 Module: Instantiating uobroameap
  eap uobroameap {
	default_eap_type = "peap"
	timer_expire = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no
	max_sessions = 2048
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
	challenge = "Password: "
	auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
	rsa_key_exchange = no
	dh_key_exchange = yes
	rsa_key_length = 512
	dh_key_length = 512
	verify_depth = 0
	pem_file_type = yes
	private_key_file = "/usr/local/etc/raddb/certs/server.key"
	certificate_file = "/usr/local/etc/raddb/certs/server.pem"
	CA_file = "/usr/local/etc/raddb/certs/ca.pem"
	dh_file = "/usr/local/etc/raddb/certs/dh"
	random_file = "/usr/local/etc/raddb/certs/random"
	fragment_size = 1024
	include_length = yes
	check_crl = no
	cipher_list = "DEFAULT"
    cache {
	enable = yes
	lifetime = 24
	max_entries = 10000
    }
   }
 Module: Linked to sub-module rlm_eap_ttls
 Module: Instantiating eap-ttls
   ttls {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	virtual_server = "uobroam-inner"
	include_length = yes
   }
 Module: Linked to sub-module rlm_eap_peap
 Module: Instantiating eap-peap
   peap {
	default_eap_type = "mschapv2"
	copy_request_to_tunnel = yes
	use_tunneled_reply = yes
	proxy_tunneled_request_as_eap = yes
	virtual_server = "uobroam-inner"
   }
 Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
	with_ntdomain_hack = no
   }
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking pre-proxy {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server eduroamalien {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Instantiating attr_filter.access_challenge
  attr_filter attr_filter.access_challenge {
	attrsfile = "/usr/local/etc/raddb/attrs.access_challenge"
	key = "%{User-Name}"
  }
 Module: Instantiating handled
  always handled {
	rcode = "handled"
	simulcount = 0
	mpp = no
  }
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking pre-proxy {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server eduroamlocal-bsql {
 modules {
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 } # modules
} # server
server bristolresearchnet {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server status {
 modules {
 Module: Checking authorize {...} for more modules to load
 } # modules
} # server
server uobroam {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking pre-proxy {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server eduroamlocal {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Checking authorize {...} for more modules to load
 Module: Checking preacct {...} for more modules to load
 Module: Checking accounting {...} for more modules to load
 Module: Checking pre-proxy {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
server {
 modules {
 } # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
	type = "control"
 listen {
	socket = "/usr/local/var/run/radiusd/radiusd.sock"
 }
}
listen {
	type = "auth"
	ipaddr = X.Y.Z.92
	port = 16010
}
listen {
	type = "acct"
	ipaddr = X.Y.Z.92
	port = 16011
}
listen {
	type = "auth"
	ipaddr = X.Y.Z.1
	port = 9999
  client localhost {
	ipaddr = X.Y.Z.1
	require_message_authenticator = no
	secret = "XXX"
  }
}
listen {
	type = "detail"
  listen {
	filename = "/var/log/radius/radacct/uobroam-bsql/detail-bsql.log"
	load_factor = 10
	poll_interval = 10
	retry_interval = 30
  }
}
listen {
	type = "auth"
	ipaddr = X.Y.Z.92
	port = 16003
}
listen {
	type = "acct"
	ipaddr = X.Y.Z.92
	port = 16004
}
listen {
	type = "auth"
	ipaddr = X.Y.Z.92
	port = 16020
}
listen {
	type = "acct"
	ipaddr = X.Y.Z.92
	port = 16021
}
listen {
	type = "detail"
  listen {
	filename = "/var/log/radius/radacct/nomadicvpn-bsql/detail-bsql.log"
	load_factor = 10
	poll_interval = 10
	retry_interval = 30
  }
}
listen {
	type = "auth"
	ipaddr = X.Y.Z.92
	port = 1812
}
listen {
	type = "acct"
	ipaddr = X.Y.Z.92
	port = 1813
}
listen {
	type = "detail"
  listen {
	filename = "/var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log"
	load_factor = 10
	poll_interval = 10
	retry_interval = 30
  }
}
listen {
	type = "auth"
	ipaddr = X.Y.Z.92
	port = 16014
}
listen {
	type = "acct"
	ipaddr = X.Y.Z.92
	port = 16015
}
listen {
	type = "status"
	ipaddr = X.Y.Z.1
	port = 18120
  client localhost {
	ipaddr = X.Y.Z.1
	require_message_authenticator = no
	secret = "XXX"
  }
  client gilbert {
	ipaddr = X.Y.Z.154
	require_message_authenticator = no
	secret = "XXX"
  }
  client sullivan {
	ipaddr = X.Y.Z.153
	require_message_authenticator = no
	secret = "XXX"
  }
  client apricot {
	ipaddr = X.Y.Z.97
	require_message_authenticator = no
	secret = "XXX"
  }
}
listen {
	type = "status"
	ipaddr = X.Y.Z.92
	port = 18120
}
listen {
	type = "auth"
	ipaddr = X.Y.Z.92
	port = 16000
}
listen {
	type = "acct"
	ipaddr = X.Y.Z.92
	port = 16001
}
listen {
	type = "auth"
	ipaddr = X.Y.Z.92
	port = 16006
}
listen {
	type = "acct"
	ipaddr = X.Y.Z.92
	port = 16007
}
Listening on command file /usr/local/var/run/radiusd/radiusd.sock
Listening on authentication address X.Y.Z.92 port 16010 as server uobgear
Listening on accounting address X.Y.Z.92 port 16011 as server uobgear
Listening on authentication address X.Y.Z.1 port 9999 as server regex-test-svr
Listening on detail file /var/log/radius/radacct/uobroam-bsql/detail-bsql.log as server uobroam-bsql
Detail listener /var/log/radius/radacct/uobroam-bsql/detail-bsql.log state unopened signalled 0 waiting 10.000000 sec
Listening on authentication address X.Y.Z.92 port 16003 as server nomadicvpn
Listening on accounting address X.Y.Z.92 port 16004 as server nomadicvpn
Listening on authentication address X.Y.Z.92 port 16020 as server vpi
Listening on accounting address X.Y.Z.92 port 16021 as server vpi
Listening on detail file /var/log/radius/radacct/nomadicvpn-bsql/detail-bsql.log as server nomadicvpn-bsql
Detail listener /var/log/radius/radacct/nomadicvpn-bsql/detail-bsql.log state unopened signalled 0 waiting 10.000000 sec
Listening on authentication address X.Y.Z.92 port 1812 as server eduroamalien
Listening on accounting address X.Y.Z.92 port 1813 as server eduroamalien
Listening on detail file /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log as server eduroamlocal-bsql
Detail listener /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log state unopened signalled 0 waiting 10.000000 sec
Listening on authentication address X.Y.Z.92 port 16014 as server bristolresearchnet
Listening on accounting address X.Y.Z.92 port 16015 as server bristolresearchnet
Listening on status address X.Y.Z.1 port 18120 as server status
Listening on status address X.Y.Z.92 port 18120 as server status
Listening on authentication address X.Y.Z.92 port 16000 as server uobroam
Listening on accounting address X.Y.Z.92 port 16001 as server uobroam
Listening on authentication address X.Y.Z.92 port 16006 as server eduroamlocal
Listening on accounting address X.Y.Z.92 port 16007 as server eduroamlocal
Listening on proxy address X.Y.Z.92 port 16012
Waking up in 9.9 seconds.
rad_recv: Access-Request packet from host X.Y.Z.203 port 32770, id=112, length=186
	User-Name = "OpenSuse 11.2"
	Calling-Station-Id = "00-1E-65-B7-80-02"
	Called-Station-Id = "00-23-33-A3-D3-D0:UoB-Roam"
	NAS-Port = 29
	NAS-IP-Address = X.Y.Z.203
	NAS-Identifier = "wism3"
	Airespace-Wlan-Id = 2
	Service-Type = Framed-User
	Framed-MTU = 1300
	NAS-Port-Type = Wireless-802.11
	Tunnel-Type:0 = VLAN
	Tunnel-Medium-Type:0 = IEEE-802
	Tunnel-Private-Group-Id:0 = "449"
	EAP-Message = 0x02010012014f70656e537573652031312e32
	Message-Authenticator = 0x48a9c7fb1666550219dcaff02c2d69f6
server uobroam {
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] 	expand: %{Virtual-Server} -> uobroam
[auth_log] 	expand: /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/auth-detail-%Y%m%d.log -> /var/log/radius/radacct/uobroam/auth-detail-20100607.log
[auth_log] /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/auth-detail-%Y%m%d.log expands to /var/log/radius/radacct/uobroam/auth-detail-20100607.log
[auth_log] 	expand: %t -> Mon Jun  7 10:46:29 2010
++[auth_log] returns ok
++? if (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i)
? Evaluating (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i) -> TRUE
++? if (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i) -> TRUE
++- entering if (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i) {...}
+++? if (User-Name !~ /^[_\\ \\\\\\$\\.[:alnum:]-]*(@bris\\.ac\\.uk|@bristol\\.ac\\.uk)?$/i)
? Evaluating (User-Name !~ /^[_\\ \\\\\\$\\.[:alnum:]-]*(@bris\\.ac\\.uk|@bristol\\.ac\\.uk)?$/i) -> FALSE
+++? if (User-Name !~ /^[_\\ \\\\\\$\\.[:alnum:]-]*(@bris\\.ac\\.uk|@bristol\\.ac\\.uk)?$/i) -> FALSE
++- if (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i) returns ok
[uobroameap] EAP packet type response id 1 length 18
-------------- next part --------------
	Acct-Status-Type = Start
	Calling-Station-Id = "d4-9a-20-9e-cd-c5"
	Called-Station-Id = "00-19-30-fb-bd-c0"
	Acct-Unique-Session-Id = "6c91a548f2eb560c"
	Stripped-User-Name = "A"
	Realm = "bris.ac.uk"
	Packet-Original-Timestamp = "Jun  7 2010 11:35:19 UTC"
	Acct-Delay-Time = 1
server eduroamlocal-bsql {
+- entering group preacct {...}
++[preprocess] returns ok
++[acct_unique] returns noop
+- entering group accounting {...}
++? if (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/)
? Evaluating (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/) -> TRUE
++? if (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/) -> TRUE
++- entering if (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/) {...}
	expand: %{1} -> A
	expand: %{2} -> bris.ac.uk
+++[request] returns noop
++- if (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/) returns noop
++? if (User-Name =~ /^([^@\\\\]+)\\\\+[^@\\\\]+/)
? Evaluating (User-Name =~ /^([^@\\\\]+)\\\\+[^@\\\\]+/) -> FALSE
++? if (User-Name =~ /^([^@\\\\]+)\\\\+[^@\\\\]+/) -> FALSE
[logsql] 	expand: %{Stripped-User-Name} -> A
[logsql] 	expand: %{%{Stripped-User-Name}:-%{User-Name}} -> A
[logsql] sql_set_user escaped user --> 'A'
[logsql] 	expand: %{Acct-Delay-Time} -> 1
[logsql] 	expand:            INSERT INTO radacct             (acctsessionid,    acctuniqueid,     username,              realm,            nasipaddress,     nasportid,              nasporttype,      acctstarttime,    acctstoptime,              acctsessiontime,  acctauthentic,    connectinfo_start,              connectinfo_stop, acctinputoctets,  acctoutputoctets,              calledstationid,  callingstationid, acctterminatecause,              servicetype,      framedprotocol,   framedipaddress,              nasidentifier,   tunnelprivategroupid, mschapdomain,              acctstartdelay,   acctstopdelay,    servicename, radiusip)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}', unix_timestamp('%S'), NULL,              '0', '%{Acct-Authentic}', '%{Connect-Info}',              '', '0', '0',              '%{Called-Station-Id}', '%{Calling-Station-Id}', '
rlm_sql (logsql): Reserving sql socket id: 2
rlm_sql (logsql): Released sql socket id: 2
++[logsql] returns ok
++? if (noop)
? Evaluating (noop) -> FALSE
++? if (noop) -> FALSE
} # server eduroamlocal-bsql
Finished request 26505.
Cleaning up request 26505 ID 7207 with timestamp +2931
Going to the next request
Detail listener /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log state replied signalled 0 waiting 0.048159 sec
Cleaning up request 26416 ID 97 with timestamp +2927
Cleaning up request 26417 ID 160 with timestamp +2927
Detail - unlinking /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log.work
Detail listener /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log state unopened signalled 0 waiting 10.012545 sec
Cleaning up request 26418 ID 98 with timestamp +2927
Cleaning up request 26419 ID 161 with timestamp +2927
rad_recv: Accounting-Request packet from host 172.17.107.208 port 32770, id=28, length=166
	User-Name = "B"
	NAS-Port = 29
	NAS-IP-Address = 172.17.107.208
	Framed-IP-Address = 172.21.97.41
	NAS-Identifier = "wism8"
	Airespace-Wlan-Id = 2
	Acct-Session-Id = "4c0cd978/00:1d:e0:98:92:03/27101"
	Acct-Authentic = RADIUS
	Tunnel-Type:0 = VLAN
	Tunnel-Medium-Type:0 = IEEE-802
	Tunnel-Private-Group-Id:0 = "504"
	Acct-Status-Type = Start
	Calling-Station-Id = "00-1d-e0-98-92-03"
	Called-Station-Id = "00-1e-f7-d7-06-40"
server uobroam {
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing 'NAS-Port = 29,Client-IP-Address = 172.17.107.208,NAS-IP-Address = 172.17.107.208,Acct-Session-Id = "4c0cd978/00:1d:e0:98:92:03/27101",User-Name = "B"'
[acct_unique] Acct-Unique-Session-ID = "67468389b00deb11".
++[acct_unique] returns ok
++[files] returns noop
+- entering group accounting {...}
[detail] 	expand: %{Virtual-Server} -> uobroam
[detail] 	expand: /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/detail-%Y%m%d.log -> /var/log/radius/radacct/uobroam/detail-20100607.log
[detail] /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/detail-%Y%m%d.log expands to /var/log/radius/radacct/uobroam/detail-20100607.log
[detail] 	expand: %t -> Mon Jun  7 11:35:20 2010
++[detail] returns ok
[detail-bsql] 	expand: %{Virtual-Server} -> uobroam
[detail-bsql] 	expand: /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}-bsql/detail-bsql.log -> /var/log/radius/radacct/uobroam-bsql/detail-bsql.log
[detail-bsql] /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}-bsql/detail-bsql.log expands to /var/log/radius/radacct/uobroam-bsql/detail-bsql.log
[detail-bsql] 	expand: %t -> Mon Jun  7 11:35:20 2010
++[detail-bsql] returns ok
[attr_filter.accounting_response] 	expand: %{User-Name} -> B
 attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
} # server uobroam
Sending Accounting-Response of id 28 to 172.17.107.208 port 32770
Finished request 26506.
Cleaning up request 26506 ID 28 with timestamp +2931
Going to the next request
Cleaning up request 26421 ID 182 with timestamp +2927
Cleaning up request 26423 ID 162 with timestamp +2927
Marking home server 194.82.174.185 port 1812 as zombie (it looks like it is dead).
Sending Status-Server of id 142 to 194.82.174.185 port 1812
	Message-Authenticator := 0x00000000000000000000000000000000
	NAS-Identifier := "Status Check. Are you alive?"
Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host 172.17.107.203 port 32770, id=235, length=378
Discarding duplicate request from client WISM3 port 32770 - ID: 235 due to unfinished request 26270
Waking up in 0.1 seconds.
Cleaning up request 26424 ID 163 with timestamp +2927
Cleaning up request 26425 ID 183 with timestamp +2928
rad_recv: Access-Accept packet from host 194.82.174.185 port 1812, id=142, length=840


More information about the Freeradius-Users mailing list