(0) Received Access-Request Id 1 from 10.108.21.198:63803 to 10.108.15.25:1812 length 49 (0) User-Name = "rmcguire" (0) CHAP-Password = 0x5931f0a5bce53a4c4f02d7225491f5525f (0) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default (0) authorize { (0) policy filter_username { (0) if (&User-Name) { (0) if (&User-Name) -> TRUE (0) if (&User-Name) { (0) if (&User-Name =~ / /) { (0) if (&User-Name =~ / /) -> FALSE (0) if (&User-Name =~ /@[^@]*@/ ) { (0) if (&User-Name =~ /@[^@]*@/ ) -> FALSE (0) if (&User-Name =~ /\.\./ ) { (0) if (&User-Name =~ /\.\./ ) -> FALSE (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (0) if (&User-Name =~ /\.$/) { (0) if (&User-Name =~ /\.$/) -> FALSE (0) if (&User-Name =~ /@\./) { (0) if (&User-Name =~ /@\./) -> FALSE (0) } # if (&User-Name) = notfound (0) } # policy filter_username = notfound (0) [preprocess] = ok (0) chap: &control:Auth-Type := CHAP (0) [chap] = ok (0) [mschap] = noop (0) [digest] = noop (0) suffix: Checking for suffix after "@" (0) suffix: No '@' in User-Name = "rmcguire", looking up realm NULL (0) suffix: No such realm "NULL" (0) [suffix] = noop (0) eap: No EAP-Message, not doing EAP (0) [eap] = noop (0) [files] = noop (0) sql: EXPAND %{User-Name} (0) sql: --> rmcguire (0) sql: SQL-User-Name set to 'rmcguire' rlm_sql (sql): Reserved connection (1) (0) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (0) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'rmcguire' ORDER BY id (0) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'rmcguire' ORDER BY id (0) sql: User found in radcheck table (0) sql: Conditional check items matched, merging assignment check items (0) sql: Cleartext-Password := "password123" (0) sql: EXPAND SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id (0) sql: --> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'rmcguire' ORDER BY id (0) sql: Executing select query: SELECT id, username, attribute, value, op FROM radreply WHERE username = 'rmcguire' ORDER BY id (0) sql: EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority (0) sql: --> SELECT groupname FROM radusergroup WHERE username = 'rmcguire' ORDER BY priority (0) sql: Executing select query: SELECT groupname FROM radusergroup WHERE username = 'rmcguire' ORDER BY priority (0) sql: User found in the group table (0) sql: EXPAND SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{SQL-Group}' ORDER BY id (0) sql: --> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'admin' ORDER BY id (0) sql: Executing select query: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'admin' ORDER BY id (0) sql: Group "admin": Conditional check items matched (0) sql: Group "admin": Merging assignment check items (0) sql: Auth-Type := Accept (0) sql: EXPAND SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{SQL-Group}' ORDER BY id (0) sql: --> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'admin' ORDER BY id (0) sql: Executing select query: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'admin' ORDER BY id (0) sql: Group "admin": Merging reply items (0) sql: Tunnel-Medium-Type = IEEE-802 (0) sql: Tunnel-Type = VLAN (0) sql: Tunnel-Private-Group-Id = "17" rlm_sql (sql): Released connection (1) Need more connections to reach 10 spares rlm_sql (sql): Opening additional connection (6), 1 of 26 pending slots used rlm_sql_mysql: Starting connect to MySQL server WARNING: MYSQL_OPT_RECONNECT is deprecated and will be removed in a future version. rlm_sql_mysql: Connected to database 'radius' on Localhost via UNIX socket, server version 5.5.5-10.6.18-MariaDB-0ubuntu0.22.04.1, protocol version 10 rlm_sql (sql): Closing expired connection (5) - Hit idle_timeout limit rlm_sql_mysql: Socket destructor called, closing socket rlm_sql (sql): Closing expired connection (4) - Hit idle_timeout limit rlm_sql_mysql: Socket destructor called, closing socket rlm_sql (sql): Closing expired connection (3) - Hit idle_timeout limit rlm_sql_mysql: Socket destructor called, closing socket rlm_sql (sql): Closing expired connection (2) - Hit idle_timeout limit rlm_sql_mysql: Socket destructor called, closing socket rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing expired connection (0) - Hit idle_timeout limit rlm_sql_mysql: Socket destructor called, closing socket (0) [sql] = ok (0) [expiration] = noop (0) [logintime] = noop (0) pap: WARNING: Auth-Type already set. Not setting to PAP (0) [pap] = noop (0) } # authorize = ok (0) Found Auth-Type = Accept (0) Auth-Type = Accept, accepting the user (0) # Executing section post-auth from file /etc/freeradius/3.0/sites-enabled/default (0) post-auth { (0) if (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) { (0) if (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) -> FALSE (0) update { (0) No attributes updated for RHS &session-state: (0) } # update = noop (0) sql: EXPAND .query (0) sql: --> .query (0) sql: Using query template 'query' rlm_sql (sql): Reserved connection (1) (0) sql: EXPAND %{User-Name} (0) sql: --> rmcguire (0) sql: SQL-User-Name set to 'rmcguire' (0) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S.%M' ) (0) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( 'rmcguire', '0x5931f0a5bce53a4c4f02d7225491f5525f', 'Access-Accept', '2024-07-10 17:24:10.490812' ) (0) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( 'rmcguire', '0x5931f0a5bce53a4c4f02d7225491f5525f', 'Access-Accept', '2024-07-10 17:24:10.490812' ) (0) sql: SQL query returned: success (0) sql: 1 record(s) updated rlm_sql (sql): Released connection (1) (0) [sql] = ok (0) [exec] = noop (0) policy remove_reply_message_if_eap { (0) if (&reply:EAP-Message && &reply:Reply-Message) { (0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (0) else { (0) [noop] = noop (0) } # else = noop (0) } # policy remove_reply_message_if_eap = noop (0) if (EAP-Key-Name && &reply:EAP-Session-Id) { (0) if (EAP-Key-Name && &reply:EAP-Session-Id) -> FALSE (0) } # post-auth = ok (0) Sent Access-Accept Id 1 from 10.108.15.25:1812 to 10.108.21.198:63803 length 36 (0) Tunnel-Medium-Type = IEEE-802 (0) Tunnel-Type = VLAN (0) Tunnel-Private-Group-Id = "17" (0) Finished request Waking up in 4.9 seconds. (0) Cleaning up request packet ID 1 with timestamp +86 due to cleanup_delay was reached Ready to process requests (1) Received Access-Request Id 2 from 10.108.21.198:55761 to 10.108.15.25:1812 length 49 (1) User-Name = "rmcguire" (1) CHAP-Password = 0x23b187158e032518b46d48c3e440d84fb9 (1) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default (1) authorize { (1) policy filter_username { (1) if (&User-Name) { (1) if (&User-Name) -> TRUE (1) if (&User-Name) { (1) if (&User-Name =~ / /) { (1) if (&User-Name =~ / /) -> FALSE (1) if (&User-Name =~ /@[^@]*@/ ) { (1) if (&User-Name =~ /@[^@]*@/ ) -> FALSE (1) if (&User-Name =~ /\.\./ ) { (1) if (&User-Name =~ /\.\./ ) -> FALSE (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (1) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (1) if (&User-Name =~ /\.$/) { (1) if (&User-Name =~ /\.$/) -> FALSE (1) if (&User-Name =~ /@\./) { (1) if (&User-Name =~ /@\./) -> FALSE (1) } # if (&User-Name) = notfound (1) } # policy filter_username = notfound (1) [preprocess] = ok (1) chap: &control:Auth-Type := CHAP (1) [chap] = ok (1) [mschap] = noop (1) [digest] = noop (1) suffix: Checking for suffix after "@" (1) suffix: No '@' in User-Name = "rmcguire", looking up realm NULL (1) suffix: No such realm "NULL" (1) [suffix] = noop (1) eap: No EAP-Message, not doing EAP (1) [eap] = noop (1) [files] = noop (1) sql: EXPAND %{User-Name} (1) sql: --> rmcguire (1) sql: SQL-User-Name set to 'rmcguire' rlm_sql (sql): Reserved connection (6) (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'rmcguire' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'rmcguire' ORDER BY id (1) sql: User found in radcheck table (1) sql: Conditional check items matched, merging assignment check items (1) sql: Cleartext-Password := "password123" (1) sql: EXPAND SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id (1) sql: --> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'rmcguire' ORDER BY id (1) sql: Executing select query: SELECT id, username, attribute, value, op FROM radreply WHERE username = 'rmcguire' ORDER BY id (1) sql: EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority (1) sql: --> SELECT groupname FROM radusergroup WHERE username = 'rmcguire' ORDER BY priority (1) sql: Executing select query: SELECT groupname FROM radusergroup WHERE username = 'rmcguire' ORDER BY priority (1) sql: User found in the group table (1) sql: EXPAND SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{SQL-Group}' ORDER BY id (1) sql: --> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'admin' ORDER BY id (1) sql: Executing select query: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'admin' ORDER BY id (1) sql: Group "admin": Conditional check items matched (1) sql: Group "admin": Merging assignment check items (1) sql: Auth-Type := Accept (1) sql: EXPAND SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{SQL-Group}' ORDER BY id (1) sql: --> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'admin' ORDER BY id (1) sql: Executing select query: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'admin' ORDER BY id (1) sql: Group "admin": Merging reply items (1) sql: Tunnel-Medium-Type = IEEE-802 (1) sql: Tunnel-Type = VLAN (1) sql: Tunnel-Private-Group-Id = "17" rlm_sql (sql): Released connection (6) Need 1 more connections to reach min connections (3) Need more connections to reach 10 spares rlm_sql (sql): Opening additional connection (7), 1 of 30 pending slots used rlm_sql_mysql: Starting connect to MySQL server WARNING: MYSQL_OPT_RECONNECT is deprecated and will be removed in a future version. rlm_sql_mysql: Connected to database 'radius' on Localhost via UNIX socket, server version 5.5.5-10.6.18-MariaDB-0ubuntu0.22.04.1, protocol version 10 rlm_sql (sql): You probably need to lower "min" rlm_sql (sql): Closing expired connection (1) - Hit idle_timeout limit rlm_sql_mysql: Socket destructor called, closing socket (1) [sql] = ok (1) [expiration] = noop (1) [logintime] = noop (1) pap: WARNING: Auth-Type already set. Not setting to PAP (1) [pap] = noop (1) } # authorize = ok (1) Found Auth-Type = Accept (1) Auth-Type = Accept, accepting the user (1) # Executing section post-auth from file /etc/freeradius/3.0/sites-enabled/default (1) post-auth { (1) if (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) { (1) if (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) -> FALSE (1) update { (1) No attributes updated for RHS &session-state: (1) } # update = noop (1) sql: EXPAND .query (1) sql: --> .query (1) sql: Using query template 'query' rlm_sql (sql): Reserved connection (6) (1) sql: EXPAND %{User-Name} (1) sql: --> rmcguire (1) sql: SQL-User-Name set to 'rmcguire' (1) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S.%M' ) (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( 'rmcguire', '0x23b187158e032518b46d48c3e440d84fb9', 'Access-Accept', '2024-07-10 17:26:46.074838' ) (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate ) VALUES ( 'rmcguire', '0x23b187158e032518b46d48c3e440d84fb9', 'Access-Accept', '2024-07-10 17:26:46.074838' ) (1) sql: SQL query returned: success (1) sql: 1 record(s) updated rlm_sql (sql): Released connection (6) (1) [sql] = ok (1) [exec] = noop (1) policy remove_reply_message_if_eap { (1) if (&reply:EAP-Message && &reply:Reply-Message) { (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (1) else { (1) [noop] = noop (1) } # else = noop (1) } # policy remove_reply_message_if_eap = noop (1) if (EAP-Key-Name && &reply:EAP-Session-Id) { (1) if (EAP-Key-Name && &reply:EAP-Session-Id) -> FALSE (1) } # post-auth = ok (1) Sent Access-Accept Id 2 from 10.108.15.25:1812 to 10.108.21.198:55761 length 36 (1) Tunnel-Medium-Type = IEEE-802 (1) Tunnel-Type = VLAN (1) Tunnel-Private-Group-Id = "17" (1) Finished request Waking up in 4.9 seconds. (1) Cleaning up request packet ID 2 with timestamp +242 due to cleanup_delay was reached Ready to process requests