unlang equivalent of radlog

Peter Lambrechtsen peter at crypt.co.nz
Mon May 20 00:09:43 CEST 2013


On Mon, May 20, 2013 at 5:13 AM, Arran Cudbard-Bell
<a.cudbardb at freeradius.org> wrote:
>
> On 19 May 2013, at 12:47, Nasser Heidari <nasser at rasana.net> wrote:
>
>> Hi,
>>
>> I have several Perl modules running on my Radius server, I'm going to remove
>> them all and use unlang instead. I have two questions:
>>
>>       1- The reason that I'm going to change Perl modules with unlang is
>> Performance ! I think unlang should have better performance in comparison to
>> Perl (Note that I have some mysql queries in my perl modules), is this
>> correct?
>
> Yes.
>
>>       2- I have used &radius::radlog in my perl modules to  log some cases
>> on radius.log, is there any equivalent for it in unlang? Could you please
>> kindly give an example?
>
> The linelog module.
>
> https://github.com/FreeRADIUS/freeradius-server/blob/master/raddb/mods-available/linelog
>
> You either use the 'format' config item, which is xlat expanded and adds a single line to the log, or you can use 'reference' which is used as a configuration path, and selects one of multiple other format type config items.
>
> How you use them is up to you, and what you're trying to do.
>
> I believe linelog can also log to syslog.

That's exactly what we are doing, we are using this slightly ugly hack
in 2.1.12 to syslog all our events into our centralised syslog server
(yeah I know we should upgrade)
http://lists.freeradius.org/pipermail/freeradius-users/2012-February/058743.html

The only quirk we have is the really depending on what you are doing
you will only ever get Access-Request or Accounting-Request packets
into linelog (be it an access-accept or access-reject, or accounting
start,interim or stop).  So we format our two lines to have CSV with
escaped quotes using the \" going into the local linelog and via
syslog so we get a consistent file format and our upstream syslog
server can deal with those messages accordingly:

Access-Request =
"\"%{ADSL-Agent-Remote-Id}\",\"%{reply:Framed-IP-Address}\",\"%S\",\"Auth\",\"%{reply:Packet-Type}\",\"%{Framed-Protocol}\",\"%{Packet-Src-IP-Address}\",\"%{NAS-IP-Address}\",\"%{NAS-Port}\",\"%{NAS-Port-Id}\",\"%{NAS-Identifier}\",\"%{ADSL-Agent-Circuit-Id}\",\"%{Actual-Data-Rate-Downstream}\",\"%{Actual-Data-Rate-Upstream}\",\"%{reply:Framed-Pool}\",\"%{Acct-Session-Id}\",\"%{Acct-Multi-Session-Id}\",\"%{Acct-Session-Time}\",\"%{Acct-Terminate-Cause}\",\"%{Event-Timestamp}\",\"%{Acct-Delay-Time}\",\"%{Client-Shortname}\",\"%{Huntgroup-Name}\",\"%{reply:Reply-Message}\""

Accounting-Request =
"\"%{ADSL-Agent-Remote-Id}\",\"%{Framed-IP-Address}\",\"%S\",\"Acct\",\"%{Acct-Status-Type}\",\"%{Framed-Protocol}\",\"%{Packet-Src-IP-Address}\",\"%{NAS-IP-Address}\",\"%{NAS-Port}\",\"%{NAS-Port-Id}\",\"%{NAS-Identifier}\",\"%{ADSL-Agent-Circuit-Id}\",\"%{Actual-Data-Rate-Downstream}\",\"%{Actual-Data-Rate-Upstream}\"\"%{Framed-Pool}\",\"%{Acct-Session-Id}\",\"%{Acct-Multi-Session-Id}\",\"%{Acct-Session-Time}\",\"%{Acct-Terminate-Cause}\",\"%{Event-Timestamp}\",\"%{Acct-Delay-Time}\",\"%{Client-Shortname}\",\"%{Huntgroup-Name}\",\"%{reply:Reply-Message}\""

Then we have two copies of the same file, one which is to log the
events locally to a file and another to send them to syslog, where the
only difference in the file is:

linelog linelog.file {
	filename = ${logdir}/linelog.%Y-%m
	#syslog_facility = local6

vs

linelog linelog.syslog6 {
	filename = syslog
	syslog_facility = local6

And then just call both modules in our sites-enabled/default or
whichever site we need it in during the post-auth and accounting.

post-auth {
	linelog.file
	linelog.syslog6
	Post-Auth-Type REJECT {
		linelog.file
		linelog.syslog6
	}
}

and

accounting {
	linelog.file
	linelog.syslog6

That works a treat for us.


More information about the Freeradius-Users mailing list