unlang equivalent of radlog

Nasser Heidari nasser at rasana.net
Mon May 20 07:43:36 CEST 2013 

Thanks guys,  it worked for me. 

-----Original Message-----
From: freeradius-users-bounces+nasser=rasana.net at lists.freeradius.org
[mailto:freeradius-users-bounces+nasser=rasana.net at lists.freeradius.org] On
Behalf Of Peter Lambrechtsen
Sent: Monday, May 20, 2013 2:40 AM
To: FreeRadius users mailing list
Subject: Re: unlang equivalent of radlog

On Mon, May 20, 2013 at 5:13 AM, Arran Cudbard-Bell
<a.cudbardb at freeradius.org> wrote:
>
> On 19 May 2013, at 12:47, Nasser Heidari <nasser at rasana.net> wrote:
>
>> Hi,
>>
>> I have several Perl modules running on my Radius server, I'm going to 
>> remove them all and use unlang instead. I have two questions:
>>
>>       1- The reason that I'm going to change Perl modules with unlang 
>> is Performance ! I think unlang should have better performance in 
>> comparison to Perl (Note that I have some mysql queries in my perl 
>> modules), is this correct?
>
> Yes.
>
>>       2- I have used &radius::radlog in my perl modules to  log some 
>> cases on radius.log, is there any equivalent for it in unlang? Could 
>> you please kindly give an example?
>
> The linelog module.
>
> https://github.com/FreeRADIUS/freeradius-server/blob/master/raddb/mods
> -available/linelog
>
> You either use the 'format' config item, which is xlat expanded and adds a
single line to the log, or you can use 'reference' which is used as a
configuration path, and selects one of multiple other format type config
items.
>
> How you use them is up to you, and what you're trying to do.
>
> I believe linelog can also log to syslog.

That's exactly what we are doing, we are using this slightly ugly hack in
2.1.12 to syslog all our events into our centralised syslog server (yeah I
know we should upgrade)
http://lists.freeradius.org/pipermail/freeradius-users/2012-February/058743.
html

The only quirk we have is the really depending on what you are doing you
will only ever get Access-Request or Accounting-Request packets into linelog
(be it an access-accept or access-reject, or accounting start,interim or
stop).  So we format our two lines to have CSV with escaped quotes using the
\" going into the local linelog and via syslog so we get a consistent file
format and our upstream syslog server can deal with those messages
accordingly:

Access-Request =
"\"%{ADSL-Agent-Remote-Id}\",\"%{reply:Framed-IP-Address}\",\"%S\",\"Auth\",
\"%{reply:Packet-Type}\",\"%{Framed-Protocol}\",\"%{Packet-Src-IP-Address}\"
,\"%{NAS-IP-Address}\",\"%{NAS-Port}\",\"%{NAS-Port-Id}\",\"%{NAS-Identifier
}\",\"%{ADSL-Agent-Circuit-Id}\",\"%{Actual-Data-Rate-Downstream}\",\"%{Actu
al-Data-Rate-Upstream}\",\"%{reply:Framed-Pool}\",\"%{Acct-Session-Id}\",\"%
{Acct-Multi-Session-Id}\",\"%{Acct-Session-Time}\",\"%{Acct-Terminate-Cause}
\",\"%{Event-Timestamp}\",\"%{Acct-Delay-Time}\",\"%{Client-Shortname}\",\"%
{Huntgroup-Name}\",\"%{reply:Reply-Message}\""

Accounting-Request =
"\"%{ADSL-Agent-Remote-Id}\",\"%{Framed-IP-Address}\",\"%S\",\"Acct\",\"%{Ac
ct-Status-Type}\",\"%{Framed-Protocol}\",\"%{Packet-Src-IP-Address}\",\"%{NA
S-IP-Address}\",\"%{NAS-Port}\",\"%{NAS-Port-Id}\",\"%{NAS-Identifier}\",\"%
{ADSL-Agent-Circuit-Id}\",\"%{Actual-Data-Rate-Downstream}\",\"%{Actual-Data
-Rate-Upstream}\"\"%{Framed-Pool}\",\"%{Acct-Session-Id}\",\"%{Acct-Multi-Se
ssion-Id}\",\"%{Acct-Session-Time}\",\"%{Acct-Terminate-Cause}\",\"%{Event-T
imestamp}\",\"%{Acct-Delay-Time}\",\"%{Client-Shortname}\",\"%{Huntgroup-Nam
e}\",\"%{reply:Reply-Message}\""

Then we have two copies of the same file, one which is to log the events
locally to a file and another to send them to syslog, where the only
difference in the file is:

linelog linelog.file {
	filename = ${logdir}/linelog.%Y-%m
	#syslog_facility = local6

vs

linelog linelog.syslog6 {
	filename = syslog
	syslog_facility = local6

And then just call both modules in our sites-enabled/default or whichever
site we need it in during the post-auth and accounting.

post-auth {
	linelog.file
	linelog.syslog6
	Post-Auth-Type REJECT {
		linelog.file
		linelog.syslog6
	}
}

and

accounting {
	linelog.file
	linelog.syslog6

That works a treat for us.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6566 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130520/ae4d599c/attachment-0001.bin>

More information about the Freeradius-Users mailing list