<span style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">hello everybody.</span><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">we are trying to external php script to authenticate user pass.</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
radius return access-accept to nas but client ask user pass again ...</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
here is the -X output;</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><div>FreeRADIUS Version 2.1.12, for host i386-unknown-openbsd5.1, built on Feb 7 2012 at 20:30:59</div>
<div>Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.</div><div>There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A</div><div>PARTICULAR PURPOSE.</div><div>You may redistribute copies of FreeRADIUS under the terms of the</div>
<div>GNU General Public License v2.</div><div>Starting - reading configuration files ...</div><div>including configuration file /etc/raddb/radiusd.conf</div><div>including configuration file /etc/raddb/clients.conf</div><div>
including files in directory /etc/raddb/modules/</div><div>including configuration file /etc/raddb/modules/acct_unique</div><div>including configuration file /etc/raddb/modules/always</div><div>including configuration file /etc/raddb/modules/attr_filter</div>
<div>including configuration file /etc/raddb/modules/attr_rewrite</div><div>including configuration file /etc/raddb/modules/chap</div><div>including configuration file /etc/raddb/modules/checkval</div><div>including configuration file /etc/raddb/modules/counter</div>
<div>including configuration file /etc/raddb/modules/cui</div><div>including configuration file /etc/raddb/modules/detail</div><div>including configuration file /etc/raddb/modules/<a href="http://detail.example.com/" target="_blank" style="color:rgb(17,85,204)">detail.example.com</a></div>
<div>including configuration file /etc/raddb/modules/detail.log</div><div>including configuration file /etc/raddb/modules/digest</div><div>including configuration file /etc/raddb/modules/dynamic_clients</div><div>including configuration file /etc/raddb/modules/echo</div>
<div>including configuration file /etc/raddb/modules/etc_group</div><div>including configuration file /etc/raddb/modules/exec</div><div>including configuration file /etc/raddb/modules/expiration</div><div>including configuration file /etc/raddb/modules/expr</div>
<div>including configuration file /etc/raddb/modules/files</div><div>including configuration file /etc/raddb/modules/inner-eap</div><div>including configuration file /etc/raddb/modules/ippool</div><div>including configuration file /etc/raddb/modules/krb5</div>
<div>including configuration file /etc/raddb/modules/linelog</div><div>including configuration file /etc/raddb/modules/logintime</div><div>including configuration file /etc/raddb/modules/mac2ip</div><div>including configuration file /etc/raddb/modules/mac2vlan</div>
</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><div>including configuration file /etc/raddb/modules/otp</div><div>including configuration file /etc/raddb/modules/mschap</div>
<div>including configuration file /etc/raddb/modules/ntlm_auth</div><div>including configuration file /etc/raddb/modules/opendirectory</div><div>including configuration file /etc/raddb/modules/pap</div><div>including configuration file /etc/raddb/modules/passwd</div>
<div>including configuration file /etc/raddb/modules/policy</div><div>including configuration file /etc/raddb/modules/preprocess</div><div>including configuration file /etc/raddb/modules/radutmp</div><div>including configuration file /etc/raddb/modules/realm</div>
<div>including configuration file /etc/raddb/modules/redis</div><div>including configuration file /etc/raddb/modules/rediswho</div><div>including configuration file /etc/raddb/modules/replicate</div><div>including configuration file /etc/raddb/modules/smbpasswd</div>
<div>including configuration file /etc/raddb/modules/smsotp</div><div>including configuration file /etc/raddb/modules/soh</div><div>including configuration file /etc/raddb/modules/sql_log</div><div>including configuration file /etc/raddb/modules/sqlcounter_expire_on_login</div>
<div>including configuration file /etc/raddb/modules/sradutmp</div><div>including configuration file /etc/raddb/modules/unix</div><div>including configuration file /etc/raddb/modules/wimax</div><div>including configuration file /etc/raddb/eap.conf</div>
<div>including configuration file /etc/raddb/sql.conf</div><div>including configuration file /etc/raddb/sql/mysql/dialup.conf</div><div>including configuration file /etc/raddb/policy.conf</div><div>including files in directory /etc/raddb/sites-enabled/</div>
<div>including configuration file /etc/raddb/sites-enabled/control-socket</div><div>including configuration file /etc/raddb/sites-enabled/default</div><div>including configuration file /etc/raddb/sites-enabled/inner-tunnel</div>
<div>main {</div><div> user = "_freeradius"</div><div> group = "_freeradius"</div><div> allow_core_dumps = no</div><div>}</div><div>including dictionary file /etc/raddb/dictionary</div>
</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><div>main {</div><div> name = "radiusd"</div><div> prefix = "/usr/local"</div>
<div> localstatedir = "/var"</div><div> sbindir = "/usr/local/sbin"</div><div> logdir = "/var/log/radius"</div><div> run_dir = "/var/run/radiusd"</div><div>
libdir = "/usr/local/lib/freeradius"</div><div> radacctdir = "/var/log/radius/radacct"</div><div> hostname_lookups = no</div><div> max_request_time = 30</div><div> cleanup_delay = 5</div>
<div> max_requests = 1024</div><div> pidfile = "/var/run/radiusd/radiusd.pid"</div><div> checkrad = "/usr/local/sbin/checkrad"</div><div> debug_level = 0</div><div> proxy_requests = no</div>
<div> log {</div><div> stripped_names = no</div><div> auth = yes</div><div> auth_badpass = yes</div><div> auth_goodpass = yes</div><div> }</div><div> security {</div><div> max_attributes = 200</div>
<div> reject_delay = 1</div><div> status_server = yes</div><div> }</div><div>}</div><div>radiusd: #### Loading Realms and Home Servers ####</div><div>radiusd: #### Loading Clients ####</div><div> client localhost {</div>
<div> ipaddr = 127.0.0.1</div><div> require_message_authenticator = no</div><div> secret = "testing123"</div><div> nastype = "other"</div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<div> }</div><div> client <a href="http://10.0.0.0/24" target="_blank" style="color:rgb(17,85,204)">10.0.0.0/24</a> {</div><div> require_message_authenticator = no</div><div> secret = "partapoint"</div>
<div> shortname = "private-network-1"</div><div> }</div><div>radiusd: #### Instantiating modules ####</div><div> instantiate {</div><div> Module: Linked to module rlm_exec</div><div> Module: Instantiating module "exec" from file /etc/raddb/modules/exec</div>
<div> exec {</div><div> wait = yes</div><div> program = "/usr/local/bin/php5-3 -f /etc/raddb/php.php %{User-Name} %{User-Password}"</div><div> input_pairs = "request"</div><div> output_pairs = "reply"</div>
<div> shell_escape = yes</div><div> }</div><div> Module: Linked to module rlm_expr</div><div> Module: Instantiating module "expr" from file /etc/raddb/modules/expr</div><div> Module: Linked to module rlm_expiration</div>
<div> Module: Instantiating module "expiration" from file /etc/raddb/modules/expiration</div><div> expiration {</div><div> reply-message = "Password Has Expired "</div><div> }</div><div> Module: Linked to module rlm_logintime</div>
<div> Module: Instantiating module "logintime" from file /etc/raddb/modules/logintime</div><div> logintime {</div><div> reply-message = "You are calling outside your allowed timespan "</div><div>
minimum-timeout = 60</div><div> }</div><div> }</div><div>radiusd: #### Loading Virtual Servers ####</div><div>server { # from file /etc/raddb/radiusd.conf</div><div> modules {</div><div> Module: Creating Post-Auth-Type = REJECT</div>
</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><div>Module: Checking authenticate {...} for more modules to load</div><div> Module: Linked to module rlm_mschap</div>
<div> Module: Instantiating module "mschap" from file /etc/raddb/modules/mschap</div><div> mschap {</div><div> use_mppe = yes</div><div> require_encryption = no</div><div> require_strong = no</div>
<div> with_ntdomain_hack = no</div><div> allow_retry = yes</div><div> }</div><div> Module: Checking authorize {...} for more modules to load</div><div> Module: Linked to module rlm_detail</div><div> Module: Instantiating module "auth_log" from file /etc/raddb/modules/detail.log</div>
<div> detail auth_log {</div><div> detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d"</div><div> header = "%t"</div><div> detailperm = 384</div><div> dirperm = 493</div>
<div> locking = no</div><div> log_packet_header = no</div><div> }</div><div> Module: Linked to module rlm_files</div><div> Module: Instantiating module "files" from file /etc/raddb/modules/files</div>
<div> files {</div><div> usersfile = "/etc/raddb/users"</div><div> acctusersfile = "/etc/raddb/acct_users"</div><div> preproxy_usersfile = "/etc/raddb/preproxy_users"</div>
<div> compat = "no"</div><div> }</div><div> Module: Checking preacct {...} for more modules to load</div><div> Module: Linked to module rlm_preprocess</div><div> Module: Instantiating module "preprocess" from file /etc/raddb/modules/preprocess</div>
<div> preprocess {</div><div> huntgroups = "/etc/raddb/huntgroups"</div><div> hints = "/etc/raddb/hints"</div><div> with_ascend_hack = no</div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<div> ascend_channels_per_line = 23</div><div> with_ntdomain_hack = no</div><div> with_specialix_jetstream_hack = no</div><div> with_cisco_vsa_hack = no</div><div> with_alvarion_vsa_hack = no</div>
<div> }</div><div> Module: Linked to module rlm_acct_unique</div><div> Module: Instantiating module "acct_unique" from file /etc/raddb/modules/acct_unique</div><div> acct_unique {</div><div> key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"</div>
<div> }</div><div> Module: Linked to module rlm_realm</div><div> Module: Instantiating module "suffix" from file /etc/raddb/modules/realm</div><div> realm suffix {</div><div> format = "suffix"</div>
<div> delimiter = "@"</div><div> ignore_default = no</div><div> ignore_null = no</div><div> }</div><div> Module: Checking accounting {...} for more modules to load</div><div> Module: Instantiating module "detail" from file /etc/raddb/modules/detail</div>
<div> detail {</div><div> detailfile = "/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"</div><div> header = "%t"</div><div> detailperm = 384</div>
<div> dirperm = 493</div><div> locking = no</div><div> log_packet_header = no</div><div> }</div><div> Module: Linked to module rlm_unix</div><div> Module: Instantiating module "unix" from file /etc/raddb/modules/unix</div>
<div> unix {</div><div> radwtmp = "/var/log/radius/radwtmp"</div><div> }</div><div> Module: Linked to module rlm_radutmp</div><div> Module: Instantiating module "radutmp" from file /etc/raddb/modules/radutmp</div>
</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><div> radutmp {</div><div> filename = "/var/log/radius/radutmp"</div><div> username = "%{User-Name}"</div>
<div> case_sensitive = yes</div><div> check_with_nas = yes</div><div> perm = 384</div><div> callerid = yes</div><div> }</div><div> Module: Linked to module rlm_sql_log</div><div> Module: Instantiating module "sql_log" from file /etc/raddb/modules/sql_log</div>
<div> sql_log {</div><div> path = "/var/log/radius/radacct/sql-relay"</div><div> Post-Auth = "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ('%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', '%S');"</div>
<div> sql_user_name = "%{%{User-Name}:-DEFAULT}"</div><div> utf8 = no</div><div> safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"</div><div>
}</div><div> Module: Linked to module rlm_attr_filter</div><div> Module: Instantiating module "attr_filter.accounting_response" from file /etc/raddb/modules/attr_filter</div><div> attr_filter attr_filter.accounting_response {</div>
<div> attrsfile = "/etc/raddb/attrs.accounting_response"</div><div> key = "%{User-Name}"</div><div> relaxed = no</div><div> }</div><div> Module: Checking session {...} for more modules to load</div>
<div> Module: Checking post-proxy {...} for more modules to load</div><div> Module: Checking post-auth {...} for more modules to load</div><div> Module: Instantiating module "reply_log" from file /etc/raddb/modules/detail.log</div>
<div> detail reply_log {</div><div> detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d"</div><div> header = "%t"</div><div> detailperm = 384</div><div>
dirperm = 493</div><div> locking = no</div><div> log_packet_header = no</div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><div>
}</div><div> Module: Instantiating module "attr_filter.access_reject" from file /etc/raddb/modules/attr_filter</div><div> attr_filter attr_filter.access_reject {</div><div> attrsfile = "/etc/raddb/attrs.access_reject"</div>
<div> key = "%{User-Name}"</div><div> relaxed = no</div><div> }</div><div> } # modules</div><div>} # server</div><div>server inner-tunnel { # from file /etc/raddb/sites-enabled/inner-tunnel</div><div>
modules {</div><div> Module: Checking authenticate {...} for more modules to load</div><div> Module: Linked to module rlm_pap</div><div> Module: Instantiating module "pap" from file /etc/raddb/modules/pap</div>
<div> pap {</div><div> encryption_scheme = "auto"</div><div> auto_header = no</div><div> }</div><div> Module: Linked to module rlm_chap</div><div> Module: Instantiating module "chap" from file /etc/raddb/modules/chap</div>
<div> Module: Linked to module rlm_eap</div><div> Module: Instantiating module "eap" from file /etc/raddb/eap.conf</div><div> eap {</div><div> default_eap_type = "md5"</div><div> timer_expire = 60</div>
<div> ignore_unknown_eap_types = no</div><div> cisco_accounting_username_bug = no</div><div> max_sessions = 4096</div><div> }</div><div> Module: Linked to sub-module rlm_eap_md5</div><div> Module: Instantiating eap-md5</div>
<div> Module: Linked to sub-module rlm_eap_leap</div><div> Module: Instantiating eap-leap</div><div> Module: Linked to sub-module rlm_eap_gtc</div><div> Module: Instantiating eap-gtc</div><div> gtc {</div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<div>challenge = "Password: "</div><div> auth_type = "PAP"</div><div> }</div><div> Module: Linked to sub-module rlm_eap_tls</div><div> Module: Instantiating eap-tls</div><div> tls {</div><div>
rsa_key_exchange = no</div><div> dh_key_exchange = yes</div><div> rsa_key_length = 512</div><div> dh_key_length = 512</div><div> verify_depth = 0</div><div> CA_path = "/etc/raddb/certs"</div>
<div> pem_file_type = yes</div><div> private_key_file = "/etc/raddb/certs/server.pem"</div><div> certificate_file = "/etc/raddb/certs/server.pem"</div><div> CA_file = "/etc/raddb/certs/ca.pem"</div>
<div> private_key_password = "whatever"</div><div> dh_file = "/etc/raddb/certs/dh"</div><div> random_file = "/dev/urandom"</div><div> fragment_size = 1024</div><div>
include_length = yes</div><div> check_crl = no</div><div> cipher_list = "DEFAULT"</div><div> make_cert_command = "/etc/raddb/certs/bootstrap"</div><div> ecdh_curve = "prime256v1"</div>
<div> cache {</div><div> enable = no</div><div> lifetime = 24</div><div> max_entries = 255</div><div> }</div><div> verify {</div><div> }</div><div> ocsp {</div><div> enable = no</div>
<div> override_cert_url = yes</div><div> url = "<a href="http://127.0.0.1/ocsp/" target="_blank" style="color:rgb(17,85,204)">http://127.0.0.1/ocsp/</a>"</div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
}</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> }</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
Module: Linked to sub-module rlm_eap_ttls</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> Module: Instantiating eap-ttls</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
ttls {</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> default_eap_type = "md5"</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
copy_request_to_tunnel = no</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> use_tunneled_reply = no</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
virtual_server = "inner-tunnel"</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> include_length = yes</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
}</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> Module: Linked to sub-module rlm_eap_peap</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
Module: Instantiating eap-peap</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> peap {</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
default_eap_type = "mschapv2"</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> copy_request_to_tunnel = no</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
use_tunneled_reply = no</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> proxy_tunneled_request_as_eap = yes</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
virtual_server = "inner-tunnel"</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> soh = no</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
}</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> Module: Linked to sub-module rlm_eap_mschapv2</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
Module: Instantiating eap-mschapv2</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> mschapv2 {</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
with_ntdomain_hack = no</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> send_error = no</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
}</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> Module: Checking authorize {...} for more modules to load</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
Module: Checking session {...} for more modules to load</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> Module: Checking post-proxy {...} for more modules to load</div>
<div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"> Module: Checking post-auth {...} for more modules to load</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
} # modules</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">} # server</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
radiusd: #### Opening IP addresses and Ports ####</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">listen {</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
type = "auth"</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><div> ipaddr = *</div><div> port = 0</div><div>}</div><div>listen {</div>
<div> type = "acct"</div><div> ipaddr = *</div><div> port = 0</div><div>}</div><div>listen {</div><div> type = "control"</div><div> listen {</div><div> socket = "/var/run/radiusd/radiusd.sock"</div>
<div> }</div><div>}</div><div>listen {</div><div> type = "auth"</div><div> ipaddr = 127.0.0.1</div><div> port = 18120</div><div>}</div><div>Listening on authentication address * port 1812</div>
<div>Listening on accounting address * port 1813</div><div>Listening on command file /var/run/radiusd/radiusd.sock</div><div>Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel</div><div>Ready to process requests.</div>
<div><br></div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<div>rad_recv: Access-Request packet from host 10.0.0.2 port 2048, id=28, length=141</div><div> User-Name = "test"</div><div> NAS-IP-Address = 10.0.0.2</div><div> NAS-Port = 0</div><div> Called-Station-Id = "00-1E-E5-21-25-58"</div>
<div> Calling-Station-Id = "00-16-44-F9-E6-02"</div><div> Framed-MTU = 1400</div><div> NAS-Port-Type = Wireless-802.11</div><div> Connect-Info = "CONNECT 11Mbps 802.11b"</div>
<div> EAP-Message = 0x020100090174657374</div><div> Message-Authenticator = 0xc695aa1d11f4a5f93876c6f74e240f67</div><div># Executing section authorize from file /etc/raddb/sites-enabled/default</div><div>+- entering group authorize {...}</div>
<div>[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/<a href="http://10.0.0.2/auth-detail-20120920" target="_blank" style="color:rgb(17,85,204)">10.0.0.2/auth-detail-20120920</a></div>
<div>[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/<a href="http://10.0.0.2/auth-detail-20120920" target="_blank" style="color:rgb(17,85,204)">10.0.0.2/auth-detail-20120920</a></div>
<div>[auth_log] expand: %t -> Thu Sep 20 17:25:00 2012</div><div>++[auth_log] returns ok</div><div>++[mschap] returns noop</div><div>[files] users: Matched entry DEFAULT at line 60</div><div>++[files] returns ok</div>
<div>++[expiration] returns noop</div><div>++[logintime] returns noop</div><div>[exec] expand: %{User-Name} -> test</div><div>[exec] expand: %{User-Password} -></div><div>Exec-Program output: Access-Accept</div><div>
Exec-Program-Wait: plaintext: Access-Accept</div><div>Exec-Program: returned: 0</div><div>++[exec] returns ok</div><div>Found Auth-Type = exec</div><div># Executing group from file /etc/raddb/sites-enabled/default</div><div>
+- entering group authenticate {...}</div><div>[exec] expand: %{User-Name} -> test</div><div>[exec] expand: %{User-Password} -></div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<div>Exec-Program output: Access-Accept</div><div>Exec-Program-Wait: plaintext: Access-Accept</div><div>Exec-Program: returned: 0</div><div>++[exec] returns ok</div><div>Login OK: [test/<via Auth-Type = exec>] (from client private-network-1 port 0 cli 00-16-44-F9-E6-02)</div>
<div># Executing section post-auth from file /etc/raddb/sites-enabled/default</div><div>+- entering group post-auth {...}</div><div>[reply_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d -> /var/log/radius/radacct/<a href="http://10.0.0.2/reply-detail-20120920" target="_blank" style="color:rgb(17,85,204)">10.0.0.2/reply-detail-20120920</a></div>
<div>[reply_log] /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to /var/log/radius/radacct/<a href="http://10.0.0.2/reply-detail-20120920" target="_blank" style="color:rgb(17,85,204)">10.0.0.2/reply-detail-20120920</a></div>
<div>[reply_log] expand: %t -> Thu Sep 20 17:25:00 2012</div><div>++[reply_log] returns ok</div><div>[sql_log] Processing sql_log_postauth</div><div>[sql_log] expand: %{User-Name} -> test</div><div>[sql_log] expand: %{%{User-Name}:-DEFAULT} -> test</div>
<div>[sql_log] sql_set_user escaped user --> 'test'</div><div>[sql_log] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details</div><div>[sql_log] ... expanding second conditional</div>
<div>[sql_log] expand: Chap-Password -> Chap-Password</div><div>[sql_log] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ('%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', '%S'); -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ('test', 'Chap-Password', 'Access-Accept', '2012-09-20 17:25:00');</div>
<div>[sql_log] expand: /var/log/radius/radacct/sql-relay -> /var/log/radius/radacct/sql-relay</div><div>++[sql_log] returns ok</div><div>[exec] expand: %{User-Name} -> test</div><div>[exec] expand: %{User-Password} -></div>
<div>Exec-Program output: Access-Accept</div><div>Exec-Program-Wait: plaintext: Access-Accept</div><div>Exec-Program: returned: 0</div><div>++[exec] returns ok</div><div>Sending Access-Accept of id 28 to 10.0.0.2 port 2048</div>
<div>Finished request 0.</div><div>Going to the next request</div><div>Waking up in 4.9 seconds.</div><div>Cleaning up request 0 ID 28 with timestamp +7</div><div>Ready to process requests.</div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">script;</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><div><?php </div><div> $user = getenv("USER_NAME"); </div>
<div> $password = getenv("USER_PASSWORD"); </div><div> </div><div>echo "Access-Accept\n"; </div>
<div><br></div><div>?></div></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
exec module;</div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<div>exec {</div><div> wait = yes</div><div> program = "/usr/local/bin/php-5.3 /etc/raddb/php.php %{User-Name} %{User-Password}"</div><div> input_pairs = request</div><div> output_pairs = reply</div>
<div> shell_escape = yes</div><div>}</div></div>