Cannot disconnect radius user using radclient
Jon Morby
jon at fido.net
Mon Oct 21 21:09:32 CEST 2013
I’m afraid to say I am having very similar problems to the user who has been so sadly flamed for not reading the config/docs/etc/etc/etc …. believe me I have tried to find the answer for this using the resources available (wiki, docs, config files, etc) but am sadly missing something which I’m sure is obvious to a guru who eats sleeps and breathes radiusd
I am trying to learn and understand RADIUS, and I am trying to understand the documentation and follow it …
I am trying to disconnect users via a command (eventually a script) when all the available info I have is the username they have logged in with (and whether or not their subscription has expired and they need to be cut off)
I have a coa listener on port 3799 and am issuing the following command with the following results
echo "User-Name = jonhome1 at fido.net.uk" | /usr/local/bin/radclient -x localhost disconnect testing123
Sending Disconnect-Request of id 125 to 127.0.0.1 port 3799
User-Name = "jonhome1 at fido.net.uk"
rad_recv: Disconnect-ACK packet from host 127.0.0.1 port 3799, id=125, length=20
debug output
rad_recv: Disconnect-Request packet from host 127.0.0.1 port 57377, id=125, length=42
User-Name = "jonhome1 at fido.net.uk"
server coa {
# Executing section recv-coa from file /usr/local/etc/raddb/sites-enabled/coa
+group recv-coa {
++[ok] = ok
+} # group recv-coa = ok
# Executing section send-coa from file /usr/local/etc/raddb/sites-enabled/coa
+group send-coa {
++[ok] = ok
+} # group send-coa = ok
} # server coa
Sending Disconnect-ACK of id 125 to 127.0.0.1 port 57377
Finished request 7.
Going to the next request
Cleaning up request 7 ID 125 with timestamp +21
Ready to process requests.
I have cow and originate-coa in my sites-enabled .. however I have a feeling there should be something other than “ok” in the policy sections, but I can’t find any examples indicating what these might be made to look like
my LNS doesn’t seem to report or receive the ack and everything seems to swing around localhost … I have tried adding the IP address of the NAS (although we have several, but hard coding it for the test hasn’t helped) .. and I’m a little confused .. I have been looking at this on and off for 4-5 months now and am really in need of some help
listen {
type = coa
ipaddr = *
port = 3799
server = coa
}
server coa {
recv-coa {
ok
}
send-coa {
ok
}
}
home_server localhost-coa {
type = coa
ipaddr = 127.0.0.1
port = 3799
secret = testing123
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
home_server_pool coa {
type = fail-over
home_server = localhost-coa
virtual_server = originate-coa.example.com
}
server originate-coa.example.com {
pre-proxy {
update proxy-request {
NAS-IP-Address = 80.252.124.201
}
}
post-proxy {
switch "%{proxy-reply:Packet-Type}" {
case CoA-ACK {
ok
}
case CoA-NAK {
ok
}
case Disconnect-ACK {
ok
}
case Disconnect-NAK {
ok
}
case {
fail
}
}
Post-Proxy-Type Fail-CoA {
ok
}
Post-Proxy-Type Fail-Disconnect {
ok
}
}
}
my default file looks like this (comments removed for brevity)
authorize {
preprocess
auth_log
chap
mschap
digest
suffix
eap {
ok = return
}
unix
files
sql
expiration
logintime
pap
update coa {
User-Name = "%{User-Name}"
Acct-Session-Id = "%{Acct-Session-Id}"
NAS-IP-Address = "%{NAS-IP-Address}"
}
update disconnect {
User-Name = "%{User-Name}"
Acct-Session-Id = "%{Acct-Session-Id}"
NAS-IP-Address = "%{NAS-IP-Address}"
}
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
digest
unix
eap
}
preacct {
preprocess
acct_unique
suffix
files
}
accounting {
detail
unix
radutmp
sql
attr_filter.accounting_response
}
session {
radutmp
sql
}
post-auth {
main_pool
reply_log
sql
Post-Auth-Type REJECT {
attr_filter.access_reject
}
update coa {
User-Name = "%{User-Name}"
Acct-Session-Id = "%{Acct-Session-Id}"
NAS-IP-Address = "%{NAS-IP-Address}"
}
update disconnect {
User-Name = "%{User-Name}"
Acct-Session-Id = "%{Acct-Session-Id}"
NAS-IP-Address = "%{NAS-IP-Address}"
}
}
pre-proxy {
}
post-proxy {
eap
update coa {
User-Name = "%{User-Name}"
Acct-Session-Id = "%{Acct-Session-Id}"
NAS-IP-Address = "%{NAS-IP-Address}"
}
update disconnect {
User-Name = "%{User-Name}"
Acct-Session-Id = "%{Acct-Session-Id}"
NAS-IP-Address = "%{NAS-IP-Address}"
}
}
output from radiusd -X
[root at ras-1 run]# radiusd -X
radiusd: FreeRADIUS Version 2.2.1, for host x86_64-unknown-linux-gnu, built on Oct 21 2013 at 18:47:04
Copyright (C) 1999-2013 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License.
For more information about these matters, see the file named COPYRIGHT.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/sqlippool.conf
including configuration file /usr/local/etc/raddb/ippool.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including configuration file /usr/local/etc/raddb/snmp.conf
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/sql.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/coa
including configuration file /usr/local/etc/raddb/sites-enabled/originate-coa
main {
user = "radiusd"
group = "radiusd"
allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
name = "radiusd"
prefix = "/usr/local"
localstatedir = "/var"
sbindir = "/usr/local/sbin"
logdir = "/var/log/radius"
run_dir = "/var/run/radiusd"
libdir = "/usr/local/lib"
radacctdir = "/var/log/radius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/radiusd/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = yes
auth = yes
auth_badpass = yes
auth_goodpass = yes
}
security {
max_attributes = 200
reject_delay = 5
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = yes
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost-coa {
ipaddr = 127.0.0.1
port = 3799
type = "coa"
secret = "testing123"
response_window = 30
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
realm LOCAL {
authhost = LOCAL
accthost = LOCAL
}
realm fido.net.uk {
nostrip
authhost = LOCAL
accthost = LOCAL
}
** other entries snipped **
home_server_pool coa {
type = fail-over
virtual_server = originate-coa.example.com
home_server = localhost-coa
}
radiusd: #### Loading Clients ####
client 127.0.0.1 {
require_message_authenticator = no
secret = "testing123"
shortname = "localhost"
nastype = "other"
}
** other entries snipped **
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_exec
Module: Instantiating module "exec" from file /usr/local/etc/raddb/radiusd.conf
exec {
wait = yes
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating module "expr" from file /usr/local/etc/raddb/radiusd.conf
Module: Linked to module rlm_expiration
Module: Instantiating module "expiration" from file /usr/local/etc/raddb/radiusd.conf
expiration {
reply-message = "Your account has been suspended, %{User-Name} "
}
}
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating module "pap" from file /usr/local/etc/raddb/radiusd.conf
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating module "chap" from file /usr/local/etc/raddb/radiusd.conf
Module: Linked to module rlm_mschap
Module: Instantiating module "mschap" from file /usr/local/etc/raddb/radiusd.conf
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = no
allow_retry = yes
}
Module: Linked to module rlm_unix
Module: Instantiating module "unix" from file /usr/local/etc/raddb/radiusd.conf
unix {
radwtmp = "/var/log/radius/radwtmp"
}
Module: Linked to module rlm_eap
Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.conf
eap {
default_eap_type = "md5"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
send_error = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating module "preprocess" from file /usr/local/etc/raddb/radiusd.conf
preprocess {
huntgroups = "/usr/local/etc/raddb/huntgroups"
hints = "/usr/local/etc/raddb/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
reading pairlist file /usr/local/etc/raddb/huntgroups
reading pairlist file /usr/local/etc/raddb/hints
Module: Linked to module rlm_detail
Module: Instantiating module "auth_log" from file /usr/local/etc/raddb/radiusd.conf
detail auth_log {
detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_realm
Module: Instantiating module "suffix" from file /usr/local/etc/raddb/radiusd.conf
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating module "files" from file /usr/local/etc/raddb/radiusd.conf
files {
usersfile = "/usr/local/etc/raddb/users"
acctusersfile = "/usr/local/etc/raddb/acct_users"
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
compat = "no"
}
reading pairlist file /usr/local/etc/raddb/users
reading pairlist file /usr/local/etc/raddb/acct_users
reading pairlist file /usr/local/etc/raddb/preproxy_users
Module: Linked to module rlm_sql
Module: Instantiating module "sql" from file /usr/local/etc/raddb/sql.conf
sql {
driver = "rlm_sql_mysql"
server = "localhost"
port = ""
login = "radiusd"
password = "password"
radius_db = "radiusd"
read_groups = yes
sqltrace = yes
sqltracefile = "/var/log/radius/sqltrace.sql"
readclients = no
deletestalesessions = yes
num_sql_socks = 40
lifetime = 0
max_queries = 0
sql_user_name = "%{User-Name}"
default_user_profile = "DEFAULT"
nas_query = "SELECT id,nasname,shortname,type,secret FROM nas"
authorize_check_query = "SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id"
authorize_reply_query = "SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id"
authorize_group_check_query = "SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id"
authorize_group_reply_query = "SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id"
accounting_onoff_query = "UPDATE radacct SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}', ChargeableUserIdentity='%{Chargeable-User-Identity}', AcctStopDelay = '%{Acct-Delay-Time}' WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime <= '%S'"
accounting_update_query = " UPDATE radacct SET AcctInputOctets = '%{Acct-Input-Gigawords:-0}' << 32 | '%{Acct-Input-Octets:-0}', AcctOutputOctets = '%{Acct-Output-Gigawords:-0}' << 32 | '%{Acct-Output-Octets:-0}', FramedIPAddress = '%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress= '%{NAS-IP-Address}' AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStopTime = 0"
accounting_update_query_alt = "INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, ChargeableUserIdentity) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S',INTERVAL '(%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0})' SECOND), '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Acct-Input-Gigawords:-0}' << 32 | '%{Acct-Input-Octets:-0}', '%{Acct-Output-Gigawords:-0}' << 32 | '%{Acct-Output-Octets:-0}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{Chargeable-User-Identity}')"
accounting_start_query = "INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay, ChargeableUserIdentity) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0', '%{Chargeable-User-Identity}')"
accounting_start_query_alt = "UPDATE radacct SET AcctStartTime = '%S', AcctStartDelay = '%{Acct-Delay-Time}', ChargeableUserIdentity='%{Chargeable-User-Identity}', ConnectInfo_start = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}'"
accounting_stop_query = " UPDATE radacct SET AcctStopTime = '%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets = '%{Acct-Input-Gigawords:-0}' << 32 | '%{Acct-Input-Octets:-0}', AcctOutputOctets = '%{Acct-Output-Gigawords:-0}' << 32 | '%{Acct-Output-Octets:-0}', AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}' AND AcctStopTime=0"
accounting_stop_query_alt = "INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay, ChargeableUserIdentity) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL '(%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0})' SECOND), '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Gigawords:-0}' << 32 | '%{Acct-Input-Octets:-0}', '%{Acct-Output-Gigawords:-0}' << 32 | '%{Acct-Output-Octets:-0}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}', '%{Chargeable-User-Identity}')"
group_membership_query = "SELECT GroupName FROM usergroup WHERE UserName='%{SQL-User-Name}'"
connect_failure_retry_delay = 60
simul_count_query = "SELECT COUNT(*) FROM radacct WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress, NASPortId, FramedIPAddress, CallingStationId, FramedProtocol FROM radacct WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
postauth_query = "INSERT into radpostauth (id, user, pass, reply, date, ChargeableUserIdentity) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', NOW(), '%{Chargeable-User-Identity}')"
safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
}
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to radiusd at localhost:/radiusd
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
rlm_sql (sql): starting 1
** snip **
rlm_sql (sql): Attempting to connect rlm_sql_mysql #39
rlm_sql_mysql: Starting connect to MySQL server for #39
rlm_sql (sql): Connected new DB handle, #39
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating module "acct_unique" from file /usr/local/etc/raddb/radiusd.conf
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Instantiating module "detail" from file /usr/local/etc/raddb/radiusd.conf
detail {
detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_radutmp
Module: Instantiating module "radutmp" from file /usr/local/etc/raddb/radiusd.conf
radutmp {
filename = "/var/log/radius/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Linked to module rlm_ippool
Module: Instantiating module "main_pool" from file /usr/local/etc/raddb/radiusd.conf
ippool main_pool {
session-db = "/usr/local/etc/raddb/db.ippool"
ip-index = "/usr/local/etc/raddb/db.ipindex"
key = "%{NAS-IP-Address} %{NAS-Port}"
range-start = 84.246.197.10
range-stop = 84.246.197.254
netmask = 255.255.255.255
cache-size = 245
override = no
maximum-timeout = 0
}
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Instantiating module "reply_log" from file /usr/local/etc/raddb/radiusd.conf
detail reply_log {
detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
} # modules
} # server
server coa { # from file /usr/local/etc/raddb/sites-enabled/coa
modules {
Module: Checking recv-coa {...} for more modules to load
Module: Linked to module rlm_always
Module: Instantiating module "ok" from file /usr/local/etc/raddb/radiusd.conf
always ok {
rcode = "ok"
simulcount = 0
mpp = no
}
Module: Checking send-coa {...} for more modules to load
} # modules
} # server
server originate-coa.example.com { # from file /usr/local/etc/raddb/sites-enabled/originate-coa
modules {
Module: Creating Post-Proxy-Type = Fail-CoA
Module: Creating Post-Proxy-Type = Fail-Disconnect
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Instantiating module "fail" from file /usr/local/etc/raddb/radiusd.conf
always fail {
rcode = "fail"
simulcount = 0
mpp = no
}
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
listen {
type = "control"
listen {
socket = "/var/run/radiusd/radiusd.sock"
uid = "radiusd"
gid = "radiusd"
}
}
listen {
type = "coa"
server = "coa"
ipaddr = *
port = 3799
}
... adding new socket proxy address * port 35373
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on coa address * port 3799 as server coa
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Disconnect-Request packet from host 127.0.0.1 port 49227, id=199, length=42
User-Name = "jonhome1 at fido.net.uk"
server coa {
# Executing section recv-coa from file /usr/local/etc/raddb/sites-enabled/coa
+group recv-coa {
++[ok] = ok
+} # group recv-coa = ok
# Executing section send-coa from file /usr/local/etc/raddb/sites-enabled/coa
+group send-coa {
++[ok] = ok
+} # group send-coa = ok
} # server coa
Sending Disconnect-ACK of id 199 to 127.0.0.1 port 49227
Finished request 170.
Going to the next request
Cleaning up request 170 ID 199 with timestamp +439
Ready to process requests.
More information about the Freeradius-Users
mailing list