Mon Jan 11 13:37:23 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=233, length=205
Mon Jan 11 13:37:23 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 13:37:23 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 13:37:23 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 13:37:23 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 13:37:23 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 13:37:23 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 13:37:23 2010 : Debug: 	EAP-Message = 0x0202001901353534363934407377616e7365612e61632e756b
Mon Jan 11 13:37:23 2010 : Debug: 	Message-Authenticator = 0xcbf3e2e5a208f5029a973dfc75fe647c
Mon Jan 11 13:37:23 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 13:37:23 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 13:37:23 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++ ... skipping else for request 3048846: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++ ... skipping else for request 3048846: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++ ... skipping else for request 3048846: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 13:37:23 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 13:37:23 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++ ... skipping else for request 3048846: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++ ... skipping else for request 3048846: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 13:37:23 2010 : Debug: sql_xlat
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 13:37:23 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 13:37:23 2010 : Debug: sql_xlat finished
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 13:37:23 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 13:37:23 2010
Mon Jan 11 13:37:23 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++[chap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 13:37:23 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 13:37:23 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++[control] returns ok
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: +++[request] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: +++[sql] returns ok
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++[request] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 13:37:23 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 13:37:23 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 13:37:23 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 13:37:23 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 13:37:23 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 13:37:23 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 13:37:23 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 13:37:23 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 13:37:23 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 13:37:23 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 13:37:23 2010 : Debug: ++[pap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [eap] EAP packet type response id 2 length 25
Mon Jan 11 13:37:23 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 13:37:23 2010 : Debug: ++[eap] returns updated
Mon Jan 11 13:37:23 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 13:37:23 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 13:37:23 2010 : Debug: [eap] EAP Identity
Mon Jan 11 13:37:23 2010 : Debug: [eap] processing type tls
Mon Jan 11 13:37:23 2010 : Debug: [tls] Initiate
Mon Jan 11 13:37:23 2010 : Debug: [tls] Start returned 1
Mon Jan 11 13:37:23 2010 : Debug: ++[eap] returns handled
Mon Jan 11 13:37:23 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=233, length=0
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 13:37:23 2010 : Debug: 	EAP-Message = 0x010300061920
Mon Jan 11 13:37:23 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 13:37:23 2010 : Debug: 	State = 0xff4aefbdff49f65313c5c1e1bed5e5f9
Mon Jan 11 13:37:23 2010 : Debug: Finished request 3048846.
Mon Jan 11 13:37:23 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=234, length=491
Mon Jan 11 13:37:23 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 13:37:23 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 13:37:23 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 13:37:23 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 13:37:23 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 13:37:23 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 13:37:23 2010 : Debug: 	EAP-Message = 0x0203012319800000011916030101140100011003014b4b28a0051d4a278f25f235b5ad52e1a6ae9b0d458d6b463e81ab2cc8a35e4500003200390038003500880087008400160013000a00330032002f004500440041000500040015001200090014001100080006000302010000b4002300b0621c624559876427913ed02221efeb37b80bc33ab625525ec6ec47394ce8e11ed0bf0bb72f5cf3cf7e491e7495e7bba2eac65395348a24bd7538294f811f579e58e5c27fbd5adb53b6fe1130d7d307b4ce868f7a2ff7b2555a7c27940e48bc2e8c6dcdb441685f1c9333eee83e28d01bfcc339425b56b7ced3ff55c322e973ea4d3f7cf689a4ea30434a
Mon Jan 11 13:37:23 2010 : Debug: 	EAP-Message = 0xf977e956e7750476e3a1df750e458fd43d639ca083092878807d36ccffef5bb69d106748e650
Mon Jan 11 13:37:23 2010 : Debug: 	State = 0xff4aefbdff49f65313c5c1e1bed5e5f9
Mon Jan 11 13:37:23 2010 : Debug: 	Message-Authenticator = 0xaacd550a7b99a80f6a4c8a7ea23a36d1
Mon Jan 11 13:37:23 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 13:37:23 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 13:37:23 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++ ... skipping else for request 3048852: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++ ... skipping else for request 3048852: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++ ... skipping else for request 3048852: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 13:37:23 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 13:37:23 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++ ... skipping else for request 3048852: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++ ... skipping else for request 3048852: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 13:37:23 2010 : Debug: sql_xlat
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 13:37:23 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 13:37:23 2010 : Debug: sql_xlat finished
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 13:37:23 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 13:37:23 2010
Mon Jan 11 13:37:23 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++[chap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 13:37:23 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 13:37:23 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++[control] returns ok
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: +++[request] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: +++[sql] returns ok
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++[request] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 13:37:23 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 13:37:23 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 13:37:23 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 13:37:23 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 13:37:23 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 13:37:23 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 13:37:23 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 13:37:23 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 13:37:23 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 13:37:23 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 13:37:23 2010 : Debug: ++[pap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [eap] EAP packet type response id 3 length 253
Mon Jan 11 13:37:23 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 13:37:23 2010 : Debug: ++[eap] returns ok
Mon Jan 11 13:37:23 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 13:37:23 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 13:37:23 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 13:37:23 2010 : Debug: [eap] EAP/peap
Mon Jan 11 13:37:23 2010 : Debug: [eap] processing type peap
Mon Jan 11 13:37:23 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 13:37:23 2010 : Debug: [peap] Length Included
Mon Jan 11 13:37:23 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 13:37:23 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 13:37:23 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 13:37:23 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 13:37:23 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 13:37:23 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 13:37:23 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 13:37:23 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 13:37:23 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read finished A
Mon Jan 11 13:37:23 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 13:37:23 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 13:37:23 2010 : Debug: ++[eap] returns handled
Mon Jan 11 13:37:23 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=234, length=0
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 13:37:23 2010 : Debug: 	EAP-Message = 0x010400701900160301002a0200002603014b4b2993e48599846c67f5dfd6889160a7203609bf9a791253d89a63e8f7b58a000039011403010001011603010030ee7cd633ba5a7bb3a771576e4492dff0b59ccb8f3392cea09fcfc467f051ff19b7c64187bbd5d80ba453cf3143618747
Mon Jan 11 13:37:23 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 13:37:23 2010 : Debug: 	State = 0xff4aefbdfe4ef65313c5c1e1bed5e5f9
Mon Jan 11 13:37:23 2010 : Debug: Finished request 3048852.
Mon Jan 11 13:37:23 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=235, length=263
Mon Jan 11 13:37:23 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 13:37:23 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 13:37:23 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 13:37:23 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 13:37:23 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 13:37:23 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 13:37:23 2010 : Debug: 	EAP-Message = 0x020400411900140301000101160301003089567c284bc6efee426076bdf987a1ad7fcaa72b6fac51dfda2e3734451a03df3885f5b9d70f748331dab4b72f772231
Mon Jan 11 13:37:23 2010 : Debug: 	State = 0xff4aefbdfe4ef65313c5c1e1bed5e5f9
Mon Jan 11 13:37:23 2010 : Debug: 	Message-Authenticator = 0x4bbfefedbb7cbf274599131e9d9dc624
Mon Jan 11 13:37:23 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 13:37:23 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 13:37:23 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++ ... skipping else for request 3048858: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++ ... skipping else for request 3048858: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++ ... skipping else for request 3048858: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 13:37:23 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 13:37:23 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++ ... skipping else for request 3048858: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++ ... skipping else for request 3048858: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 13:37:23 2010 : Debug: sql_xlat
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 13:37:23 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 13:37:23 2010 : Debug: sql_xlat finished
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 13:37:23 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 13:37:23 2010
Mon Jan 11 13:37:23 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++[chap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 13:37:23 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 13:37:23 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++[control] returns ok
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: +++[request] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: +++[sql] returns ok
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++[request] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 13:37:23 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 13:37:23 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 13:37:23 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 13:37:23 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 13:37:23 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 13:37:23 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 13:37:23 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 13:37:23 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 13:37:23 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 13:37:23 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 13:37:23 2010 : Debug: ++[pap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [eap] EAP packet type response id 4 length 65
Mon Jan 11 13:37:23 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 13:37:23 2010 : Debug: ++[eap] returns ok
Mon Jan 11 13:37:23 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 13:37:23 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 13:37:23 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 13:37:23 2010 : Debug: [eap] EAP/peap
Mon Jan 11 13:37:23 2010 : Debug: [eap] processing type peap
Mon Jan 11 13:37:23 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 13:37:23 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 13:37:23 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 13:37:23 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 13:37:23 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 13:37:23 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 13:37:23 2010 : Debug: [peap] Skipping Phase2 because of session resumption.
Mon Jan 11 13:37:23 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 13:37:23 2010 : Debug: ++[eap] returns handled
Mon Jan 11 13:37:23 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=235, length=0
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 13:37:23 2010 : Debug: 	EAP-Message = 0x0105003b19001703010030cce4be996a08ba4b0bbf320618cbf550d5565cbaaeb6c04fd47371c7e58b075dba2d87bf4e661af013a1a6519cb6d11a
Mon Jan 11 13:37:23 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 13:37:23 2010 : Debug: 	State = 0xff4aefbdfd4ff65313c5c1e1bed5e5f9
Mon Jan 11 13:37:23 2010 : Debug: Finished request 3048858.
Mon Jan 11 13:37:23 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=236, length=294
Mon Jan 11 13:37:23 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 13:37:23 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 13:37:23 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 13:37:23 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 13:37:23 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 13:37:23 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 13:37:23 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 13:37:23 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 13:37:23 2010 : Debug: 	EAP-Message = 0x02050060190017030100205e327db064e5cbf5ce4d383e7515c38b47938edf8f29ac42827dec02a409d1641703010030cb0e3dff38e5dcb66493983d91228ec74cb782db9d58007f6c28af768f852ab69fcc8f5450c016f0f919423be3c77d85
Mon Jan 11 13:37:23 2010 : Debug: 	State = 0xff4aefbdfd4ff65313c5c1e1bed5e5f9
Mon Jan 11 13:37:23 2010 : Debug: 	Message-Authenticator = 0x07f57668d429910961dec032c996fa06
Mon Jan 11 13:37:23 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 13:37:23 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 13:37:23 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++ ... skipping else for request 3048861: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++ ... skipping else for request 3048861: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++ ... skipping else for request 3048861: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 13:37:23 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 13:37:23 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++ ... skipping else for request 3048861: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++ ... skipping else for request 3048861: Preceding "if" was taken
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 13:37:23 2010 : Debug: sql_xlat
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 13:37:23 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 13:37:23 2010 : Debug: sql_xlat finished
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 13:37:23 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 13:37:23 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 13:37:23 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 13:37:23 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 13:37:23 2010
Mon Jan 11 13:37:23 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++[chap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 13:37:23 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 13:37:23 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++[control] returns ok
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: +++[request] returns ok
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 13:37:23 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 13:37:23 2010 : Debug: +++[sql] returns ok
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: +++[request] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 13:37:23 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 13:37:23 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 13:37:23 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 13:37:23 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 13:37:23 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 13:37:23 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 13:37:23 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 13:37:23 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 13:37:23 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 13:37:23 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 13:37:23 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 13:37:23 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 13:37:23 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 13:37:23 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 13:37:23 2010 : Debug: ++[pap] returns noop
Mon Jan 11 13:37:23 2010 : Debug: [eap] EAP packet type response id 5 length 96
Mon Jan 11 13:37:23 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 13:37:23 2010 : Debug: ++[eap] returns ok
Mon Jan 11 13:37:23 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 13:37:23 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 13:37:23 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 13:37:23 2010 : Debug: [eap] EAP/peap
Mon Jan 11 13:37:23 2010 : Debug: [eap] processing type peap
Mon Jan 11 13:37:23 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 13:37:23 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 13:37:23 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 13:37:23 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 13:37:23 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 13:37:23 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 13:37:23 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 13:37:23 2010 : Debug: [peap] Success
Mon Jan 11 13:37:23 2010 : Debug: [peap] WARNING: No information in cached session!
Mon Jan 11 13:37:23 2010 : Debug: [eap] Freeing handler
Mon Jan 11 13:37:23 2010 : Debug: ++[eap] returns reject
Mon Jan 11 13:37:23 2010 : Debug: Failed to authenticate the user.
Mon Jan 11 13:37:23 2010 : Debug: 	expand: Bad Password -> Bad Password
Mon Jan 11 13:37:23 2010 : Debug: Using Post-Auth-Type Reject
Mon Jan 11 13:37:23 2010 : Debug: +- entering group REJECT {...}
Mon Jan 11 13:37:23 2010 : Debug: [attr_filter.access_reject] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: ++[attr_filter.access_reject] returns updated
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 13:37:23 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 13:37:23 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Reject', '2010-01-11 13:37:23', '')
Mon Jan 11 13:37:23 2010 : Debug: ++[sql] returns ok
Mon Jan 11 13:37:23 2010 : Debug: Delaying reject of request 3048861 for 1 seconds
Mon Jan 11 13:37:24 2010 : Debug: Sending delayed reject for request 3048861
Mon Jan 11 13:37:24 2010 : Debug: Sending Access-Reject packet to host 10.10.246.234 port 32768, id=236, length=0
Mon Jan 11 13:37:24 2010 : Debug: 	EAP-Message = 0x04050004
Mon Jan 11 13:37:24 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 13:37:28 2010 : Debug: Cleaning up request 3048846 ID 233 with timestamp +507462
Mon Jan 11 13:37:28 2010 : Debug: Cleaning up request 3048852 ID 234 with timestamp +507462
Mon Jan 11 13:37:28 2010 : Debug: Cleaning up request 3048858 ID 235 with timestamp +507462
Mon Jan 11 13:37:29 2010 : Debug: Cleaning up request 3048861 ID 236 with timestamp +507462
Mon Jan 11 14:22:55 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=253, length=205
Mon Jan 11 14:22:55 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:55 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:55 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:55 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:55 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:55 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x0202001901353534363934407377616e7365612e61632e756b
Mon Jan 11 14:22:55 2010 : Debug: 	Message-Authenticator = 0xfe6c5f0e953cbac72e31ed117770479c
Mon Jan 11 14:22:55 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:55 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:55 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++ ... skipping else for request 3086702: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++ ... skipping else for request 3086702: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++ ... skipping else for request 3086702: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:55 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:55 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++ ... skipping else for request 3086702: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++ ... skipping else for request 3086702: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:55 2010 : Debug: sql_xlat
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:55 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:55 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:55 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:55 2010
Mon Jan 11 14:22:55 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:55 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:55 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:55 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:55 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:55 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:55 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:55 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:55 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:55 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:55 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:55 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:55 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:55 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [eap] EAP packet type response id 2 length 25
Mon Jan 11 14:22:55 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:22:55 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:22:55 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:55 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:55 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:22:55 2010 : Debug: [eap] processing type tls
Mon Jan 11 14:22:55 2010 : Debug: [tls] Initiate
Mon Jan 11 14:22:55 2010 : Debug: [tls] Start returned 1
Mon Jan 11 14:22:55 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:55 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=253, length=0
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x010300061920
Mon Jan 11 14:22:55 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:55 2010 : Debug: 	State = 0x735b2056735839d1801af16ebf2bd1da
Mon Jan 11 14:22:55 2010 : Debug: Finished request 3086702.
Mon Jan 11 14:22:55 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=254, length=313
Mon Jan 11 14:22:55 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:55 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:55 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:55 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:55 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:55 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x0203007319800000006916030100640100006003014b4b334dc4f1b9a709df4096fca97b3f58fab876899fc768958edd51d0145ead00003200390038003500880087008400160013000a00330032002f0045004400410005000400150012000900140011000800060003020100000400230000
Mon Jan 11 14:22:55 2010 : Debug: 	State = 0x735b2056735839d1801af16ebf2bd1da
Mon Jan 11 14:22:55 2010 : Debug: 	Message-Authenticator = 0xe6ccef22991fd539cb98a56fcc325549
Mon Jan 11 14:22:55 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:55 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:55 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++ ... skipping else for request 3086704: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++ ... skipping else for request 3086704: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++ ... skipping else for request 3086704: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:55 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:55 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++ ... skipping else for request 3086704: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++ ... skipping else for request 3086704: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:55 2010 : Debug: sql_xlat
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:55 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:55 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:55 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:55 2010
Mon Jan 11 14:22:55 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:55 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:55 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:55 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:55 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:55 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:55 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:55 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:55 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:55 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:55 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:55 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:55 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:55 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [eap] EAP packet type response id 3 length 115
Mon Jan 11 14:22:55 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:55 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:55 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:55 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:55 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:55 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:55 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:55 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:55 2010 : Debug: [peap] Length Included
Mon Jan 11 14:22:55 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:22:55 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 14:22:55 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 14:22:55 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 14:22:55 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 14:22:55 2010 : Debug: [peap]     TLS_accept: SSLv3 write certificate A

Mon Jan 11 14:22:55 2010 : Debug: [peap]     TLS_accept: SSLv3 write key exchange A

Mon Jan 11 14:22:55 2010 : Debug: [peap]     TLS_accept: SSLv3 write server done A

Mon Jan 11 14:22:55 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:22:55 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read client certificate A
Mon Jan 11 14:22:55 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:22:55 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:22:55 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:55 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=254, length=0
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x0104040019c000000b1916030100300200002c03014b4b343f6aa044f12141543a29f6192a0c9e22d0fbea92fcf2e657953ce4e84c0000390100040023000016030108c40b0008c00008bd0004713082046d30820355a003020102020b0100000000011eff3e0688300d06092a864886f70d0101050500305f310b300906035504061302424531133011060355040a130a4379626572747275737431173015060355040b130e456475636174696f6e616c20434131223020060355040313194379626572747275737420456475636174696f6e616c204341301e170d3039303132323135353634365a170d3132303132323135353634365a308194310b
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x3009060355040613024742310e300c0603550408130557616c65733110300e060355040713075377616e736561311b3019060355040a13125377616e73656120556e6976657273697479311b301906035504031312726164617574682e7377616e2e61632e756b3129302706092a864886f70d010901161a702e772e6d61747468657773407377616e7365612e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100bd23254279d1afe451a4b5cb064f178fd933268aa28ad565dcefa51573644f07553e14d51614885b1613138d1dc64bd85ae73a84293f98b8886ffed75fbea0a313c8745a35b9435389b4
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x8e7a96a7e2efa3355f3828fbc159633555611f7c4f02cf01702626fb66ddf5e0fa94ed9f3b6bac1cf4c9b0ef4b93b8a3f89fdf711cff875c50981306197a43934d5a79fda691d0d0f68e78aa451e887b4bbab905f718dd7184db73acb7a3d94f32b91250fa0aebd0e242a5fd44d0fbc3651f7af2e79c9e59fc019d81ef94268f7519979c0a22530f0a57684e78038fd7b9fce3197bc167ed86aba278eef4f3de4a3be032d7297ba1754732d266ec697f8173664898a90203010001a381f33081f0300e0603551d0f0101ff0404030205a0301f0603551d230418301680146565a33dd73b11a30a072537c9424a5b767750e1301d0603551d0e04160414
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x30072f05699503ba553c1f4a9fcd22fb29f3c5d3303a0603551d1f04333031302fa02da02b8629687474703a2f2f63726c2e676c6f62616c7369676e2e6e65742f656475636174696f6e616c2e63726c304f06082b0601050507010104433041303f06082b060105050730028633687474703a2f2f7365637572652e676c6f62616c7369676e2e6e65742f6361636572742f656475636174696f6e616c2e637274301106096086480186f84201010404030206c0300d06092a864886f70d01010505000382010100638ef22ec52088cf11d282ae772839a7737ada87c29245cd9b6a0b910598a449da9355d776fb52e1f5d7466d6bbaf2c64349f3a477
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0xae09ae3994d591302f968b35
Mon Jan 11 14:22:55 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:55 2010 : Debug: 	State = 0x735b2056725f39d1801af16ebf2bd1da
Mon Jan 11 14:22:55 2010 : Debug: Finished request 3086704.
Mon Jan 11 14:22:55 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=255, length=204
Mon Jan 11 14:22:55 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:55 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:55 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:55 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:55 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:55 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x020400061900
Mon Jan 11 14:22:55 2010 : Debug: 	State = 0x735b2056725f39d1801af16ebf2bd1da
Mon Jan 11 14:22:55 2010 : Debug: 	Message-Authenticator = 0x368bf393d549e2ad6496df8916412645
Mon Jan 11 14:22:55 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:55 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:55 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++ ... skipping else for request 3086708: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++ ... skipping else for request 3086708: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++ ... skipping else for request 3086708: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:55 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:55 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++ ... skipping else for request 3086708: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++ ... skipping else for request 3086708: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:55 2010 : Debug: sql_xlat
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:55 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:55 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:55 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:55 2010
Mon Jan 11 14:22:55 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:55 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:55 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:55 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:55 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:55 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:55 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:55 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:55 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:55 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:55 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:55 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:55 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:55 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [eap] EAP packet type response id 4 length 6
Mon Jan 11 14:22:55 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:55 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:55 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:55 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:55 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:55 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:55 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:55 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:55 2010 : Debug: [peap] Received TLS ACK
Mon Jan 11 14:22:55 2010 : Debug: [peap] ACK handshake fragment handler
Mon Jan 11 14:22:55 2010 : Debug: [peap] eaptls_verify returned 1

Mon Jan 11 14:22:55 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:22:55 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:22:55 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:55 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=255, length=0
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x010503fc19404c1d731c414818499351208d609cecb34f96e016e74ead4b9a57d584823536c69839b9836bac68d0bbf50e1697b66d4a2c226b520208a30b9699e3a908e501572960b1674641aa32bac6457e096d64011addf03e64393514f7d33fb9e63fe7dca2ff31a9cf0451a7ced15be993d7355af0479830f3a3643ca1c66feff2adfca34d7e16172d9eb37ee53dac51fbfdede2b8e73238866faee668600cea1790630e2f550905cb3579a4be819a45a997088733ebb065be2b1c72463848938fdeb300044630820442308203aba0030201020204040003fb300d06092a864886f70d01010505003075310b300906035504061302555331183016
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x060355040a130f47544520436f72706f726174696f6e31273025060355040b131e475445204379626572547275737420536f6c7574696f6e732c20496e632e312330210603550403131a475445204379626572547275737420476c6f62616c20526f6f74301e170d3036303331343230333030305a170d3133303331343233353930305a305f310b300906035504061302424531133011060355040a130a4379626572747275737431173015060355040b130e456475636174696f6e616c20434131223020060355040313194379626572747275737420456475636174696f6e616c20434130820122300d06092a864886f70d01010105000382010f00
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x3082010a02820101009522a1101d4a46606e05919bdf83c2ed12b25a7cf8abe1f8505c282c7e7e003893b08b4af1c24c3c102c3cefb0eca1692fb9fccc08146b8d4f18f383d2faa9370820aa5caa8060a2d5a52200cf5ae5b497dfba1ebe5c8e171966fdaf9f7c7b89b20e24d8c7ab63c495328d48e663597d04b833a8bdd75d64bc63b5f74d28fdf90672315cba459465a3d2b458ec3b615844a32f62b39b80b482fdd5c7cc5125e5953f472f307bacc8786ee2e16d27eb3dcc0182e835778dab58bb55d1d5a481568d1cd014b1b006dea09122f3f0a8341747c6e03ef60c5aac7e504bcde1696e06fc067e6a4db49599a0595c3566ecd949d417e060
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0xb05da5d71ae22a6e66f2af1d0203010001a382016f3082016b30450603551d1f043e303c303aa038a0368634687474703a2f2f7777772e7075626c69632d74727573742e636f6d2f6367692d62696e2f43524c2f323031382f6364702e63726c301d0603551d0e041604146565a33dd73b11a30a072537c9424a5b767750e130530603551d20044c304a304806092b06010401b13e0100303b303906082b06010505070201162d687474703a2f2f7777772e7075626c69632d74727573742e636f6d2f4350532f4f6d6e69526f6f742e68746d6c3081890603551d23048181307fa179a4773075310b300906035504061302555331183016060355040a
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x130f47544520436f
Mon Jan 11 14:22:55 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:55 2010 : Debug: 	State = 0x735b2056715e39d1801af16ebf2bd1da
Mon Jan 11 14:22:55 2010 : Debug: Finished request 3086708.
Mon Jan 11 14:22:55 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=0, length=204
Mon Jan 11 14:22:55 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:55 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:55 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:55 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:55 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:55 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:55 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x020500061900
Mon Jan 11 14:22:55 2010 : Debug: 	State = 0x735b2056715e39d1801af16ebf2bd1da
Mon Jan 11 14:22:55 2010 : Debug: 	Message-Authenticator = 0x2e8e770062ea2900f727c59079ef9f18
Mon Jan 11 14:22:55 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:55 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:55 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++ ... skipping else for request 3086711: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++ ... skipping else for request 3086711: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++ ... skipping else for request 3086711: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:55 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:55 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++ ... skipping else for request 3086711: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++ ... skipping else for request 3086711: Preceding "if" was taken
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:55 2010 : Debug: sql_xlat
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:55 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:55 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:55 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:55 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:55 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:55 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:55 2010
Mon Jan 11 14:22:55 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:55 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:55 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:55 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:55 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:55 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:55 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:55 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:55 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:55 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:55 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:55 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:55 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:55 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:55 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:55 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:55 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:55 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:55 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:55 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:55 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:55 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:55 2010 : Debug: [eap] EAP packet type response id 5 length 6
Mon Jan 11 14:22:55 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:55 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:55 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:55 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:55 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:55 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:55 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:55 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:55 2010 : Debug: [peap] Received TLS ACK
Mon Jan 11 14:22:55 2010 : Debug: [peap] ACK handshake fragment handler
Mon Jan 11 14:22:55 2010 : Debug: [peap] eaptls_verify returned 1

Mon Jan 11 14:22:55 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:22:55 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:22:55 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:55 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=0, length=0
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:55 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x01060333190072706f726174696f6e31273025060355040b131e475445204379626572547275737420536f6c7574696f6e732c20496e632e312330210603550403131a475445204379626572547275737420476c6f62616c20526f6f74820201a5300e0603551d0f0101ff04040302010630120603551d130101ff040830060101ff020100300d06092a864886f70d01010505000381810043b345835471c41fdcb23c6b4ebf26f24ef2ad9a5bfa863788e8146c4118425fef653eeb0377a0b79e757a517cbb155bb8af91a0349253ed7f2a4984acb9804bb5c7b22322fbebd8fb6ec93cf3d2d1bbbec91cff6d01db69800e99a5ea9e7b97988fb7cf22
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x9cb3b85de5a9331774c697370fb4e926825f610b3f1e3d64e92b9b160301020d0c0002090080cef85ff6a1e8ed6e7dc7d84beb0430d5d1c1d529059571fa07bab2e72f39e9a1abf2c3230f8e16698e888961dd7f5c75c01a37e680f9d204d0f066ad96c77167abd82814178b9be1513c226cf6bf2b5387b0a3034f1298af4221f1bc420e833b35b73b47ebec3c64f25b8c398abb13ef3714bce74700d5ef825609a8ea1a224b00010200800f3f60599f8b3b9333a27fa76c4c7c290622c6fab9634acbc54940daba213336f769fd8d103ec46d02f2a6b7a3e3e71abc2041ea362563dd5a7e310eb6113297d00924c025ce7a4b7f83a85d258ced700cd6
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x7af58bef8bf41d0a537d89ee70e45c4b630035a557c165bec58681f02453526787f72a5f98c7839f6fdaef4cdfdf010056be0211b392f976c195d7bf0a5fac0f12fef68830fe03e42b26e28a715d4b64bed82caec2188fa84482d39bf45927b6868b10fed96f87784d4a92b0f23fd6d93e66dd9f265ce06a80b328e710c9a8dfc006878bd5147430688586d11f7fbc9c6334dc5e2ac5a3476301c95d7d6d3dec086e0912aca6a9d4f674c754ef65db33911c126034dff60af18c3a4a38506b73b267f22b4294b8f0b3643d24d9623a4a2530f702f563780c302dfb08f0151a8a27edb8dd7489105eb2121637c40ad842b88a297f68d8c97ad9f87fca16
Mon Jan 11 14:22:55 2010 : Debug: 	EAP-Message = 0x2306d633b40b116665b405f7be3ccd69dc0834a83cf50d2267eeed8913035a09a298d6a4f2c5980a526aedf17bf084f72d3bb916030100040e000000
Mon Jan 11 14:22:55 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:55 2010 : Debug: 	State = 0x735b2056705d39d1801af16ebf2bd1da
Mon Jan 11 14:22:55 2010 : Debug: Finished request 3086711.
Mon Jan 11 14:22:56 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=1, length=406
Mon Jan 11 14:22:56 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:56 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:56 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:56 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:56 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:56 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x020600d01980000000c616030100861000008200804b72193da0ca2ab7f39533e5d9c3a584e76ba3d6577e3d32cd6f78329ad2ca2ebc04b0dfb623b92b7e9f65c9a0618614ce366f5beff9f65915abb490406908fd019278ac41ea4e09435a0eca9308c99bee606518bcdc42e0eec10e80d6663992c83d619f60b443a5727c80bb5c18f74df10ba1acb4b682db267d8d6043ba53661403010001011603010030537bab1835016b47ae1e8a6ef2b3600c14863c91f0f20defe2ce99a1137e902630b5562b74334f43b2e1fad9db22d3e7
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056705d39d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0xbbf70800674dd793989a219bb98c0d8e
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086712: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086712: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086712: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086712: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086712: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:56 2010
Mon Jan 11 14:22:56 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 6 length 208
Mon Jan 11 14:22:56 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:56 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:56 2010 : Debug: [peap] Length Included
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:22:56 2010 : Debug: [peap]     TLS_accept: SSLv3 read client key exchange A

Mon Jan 11 14:22:56 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 14:22:56 2010 : Debug: [peap]     TLS_accept: unknown state

Mon Jan 11 14:22:56 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 14:22:56 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 14:22:56 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:22:56 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:22:56 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:56 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=1, length=0
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x01070100190016030100ba040000b60000000000b0621c624559876427913ed02221efeb37a02ca9312c072969596cbc0c0d0e9e7c0f34487d1b0392ee160b60d99898d05d06fdc3354e27060654f360ec097f91963c1b76ba920cf0cb59ae564f9b191e33cdd26fc44764a9d13c39166815d4f09c983db69d7bc7a8c0dd6633dda6e0f988b20d04192dcd59d6a8dbd1539d3173638d840b504a6ae9d7ee105227ec5d628dcfa96818dab024a27f5324020a0203072b0cff6c16085b6256a717a6c1329793140301000101160301003073da8943aa574451cbc6e37a37c86d1137c2fd5789b39a06b5c74bc92443897d4efd26910797bf11eda18dac73
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x5c36f9
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056775c39d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: Finished request 3086712.
Mon Jan 11 14:22:56 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=2, length=204
Mon Jan 11 14:22:56 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:56 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:56 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:56 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:56 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:56 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x020700061900
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056775c39d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x5f8e304aed5498164e515392bd87c0a3
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086715: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086715: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086715: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086715: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086715: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:56 2010
Mon Jan 11 14:22:56 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 7 length 6
Mon Jan 11 14:22:56 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:56 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:56 2010 : Debug: [peap] Received TLS ACK
Mon Jan 11 14:22:56 2010 : Debug: [peap] ACK handshake is finished
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_verify returned 3

Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 14:22:56 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:56 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=2, length=0
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x0108002b190017030100201015bcab3fecd144f4a02caaaa5b6d5046f924d9678605f6f240bbf8d031413d
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056765339d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: Finished request 3086715.
Mon Jan 11 14:22:56 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=3, length=294
Mon Jan 11 14:22:56 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:56 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:56 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:56 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:56 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:56 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x020800601900170301002035ec7ea423f7bb5ae7ed9d6c7c4b7c3ec76d5dd4b5a4db23958ce3faac57b03d170301003086657fa15d0879890335cf0da128bb9d0c6804f2f5df3d434931325a279c4da83898e1f301561c01a2616c427d97c082
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056765339d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x9eae8309e1ba993cb97c61bb2c0c357f
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:56 2010
Mon Jan 11 14:22:56 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 8 length 96
Mon Jan 11 14:22:56 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:56 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:22:56 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:22:56 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:22:56 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:22:56 2010 : Debug: [peap] Identity - 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086717: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[unix] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 8 length 25
Mon Jan 11 14:22:56 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] Found existing Auth-Type, not changing it.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type mschapv2
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:56 2010 : Debug: [peap] Got tunneled Access-Challenge
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:56 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=3, length=0
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x0109005b19001703010050e62ba8f26f94518219ee7515217de6b4343db4d2b3b5333e72f21fd492190379df5d10b5fae802bc7c900a86ebab03a05d51426d5ee861d0ebc7746d49f8b2b519d713c93ba9b27f1d597744d8452b09
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056755239d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: Finished request 3086717.
Mon Jan 11 14:22:56 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=4, length=342
Mon Jan 11 14:22:56 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:56 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:56 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:56 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:56 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:56 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x02090090190017030100205718d4da9a060f6d7b8fa136a1d8e4701227d9644e87e368c5571d3958e9f9491703010060fc95b49863cd49ca50dc3d9e249e1c7481c69853840310e322fc507d23875f06b5621a371a9cff28f20b25f6f1792177c87a8b4e2359f58d8d6c787a54a854a785da9e87fed22e3a92a7cc1747534c0f3a9279b6c99dfdd8867383cf34023d44
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056755239d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x919a44b49ea8e66eb44199ad77928268
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:56 2010
Mon Jan 11 14:22:56 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 9 length 144
Mon Jan 11 14:22:56 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:56 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:22:56 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:22:56 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:22:56 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:22:56 2010 : Debug: [peap] EAP type mschapv2
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086720: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[unix] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 9 length 79
Mon Jan 11 14:22:56 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] Found existing Auth-Type, not changing it.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP/mschapv2
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type mschapv2
Mon Jan 11 14:22:56 2010 : Debug: [mschapv2] +- entering group MS-CHAP {...}
Mon Jan 11 14:22:56 2010 : Debug: [mschap] Told to do MS-CHAPv2 for 524292@swansea.ac.uk with NT-Password
Mon Jan 11 14:22:56 2010 : Debug: [mschap] adding MS-CHAPv2 MPPE keys
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:56 2010 : Debug: [peap] Got tunneled Access-Challenge
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:56 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=4, length=0
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x010a005b1900170301005041cba1796f0c15774cbe3932bc4ac9a97584dfe9d2360fa31f9d270084220b57968608d245de966ca9726129a12acffd82a3e362426c5d8dbbaf0f57ad847d48660af4d593081e7b2c9ff69ed4080d79
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056745139d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: Finished request 3086720.
Mon Jan 11 14:22:56 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=5, length=278
Mon Jan 11 14:22:56 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:56 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:56 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:56 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:56 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:56 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x020a0050190017030100208200ba441353a29e667d950d5236d9182187add76811aa57c95da02cdba611d4170301002098a113acc4ce76489a504dc735b0c6de75ee4ad9c39a9ba691af0f74978a17a5
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b2056745139d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0xed2b9a8db9534fbc392c1b3be9cb5b04
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:56 2010
Mon Jan 11 14:22:56 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 10 length 80
Mon Jan 11 14:22:56 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:56 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:22:56 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:22:56 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:22:56 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:22:56 2010 : Debug: [peap] EAP type mschapv2
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086723: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[unix] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 10 length 6
Mon Jan 11 14:22:56 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] Found existing Auth-Type, not changing it.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP/mschapv2
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type mschapv2
Mon Jan 11 14:22:56 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: +- entering group post-auth {...}
Mon Jan 11 14:22:56 2010 : Debug: [reply_log] 	expand: /usr/local/var/log/radius/radacct/reply-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/reply-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [reply_log] /usr/local/var/log/radius/radacct/reply-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/reply-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [reply_log] 	expand: %t -> Mon Jan 11 14:22:56 2010
Mon Jan 11 14:22:56 2010 : Debug: ++[reply_log] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: ++[sql.authorize] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [peap] Tunneled authentication was successful.
Mon Jan 11 14:22:56 2010 : Debug: [peap] SUCCESS
Mon Jan 11 14:22:56 2010 : Debug: [peap] Saving tunneled attributes for later
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:22:56 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=5, length=0
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x010b003b190017030100304bae6bfc5e7a25a801448410b851ee612c70e7389434756642bddc7fc5a4c0b47853e053959817739c94873f1c92f7ab
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b20567b5039d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: Finished request 3086723.
Mon Jan 11 14:22:56 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=6, length=294
Mon Jan 11 14:22:56 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:22:56 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:22:56 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:22:56 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:22:56 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:22:56 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:22:56 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x020b0060190017030100200b85151ea91cf83dbde992c8525cfcd40974756477e276cd07b9c834e373ac8317030100300730cb50bc014af6d28ae783c39fc9dda7b475a5a9b7f2cf775a0c73daa87e5c546b141c411471ec56762a99df7eea91
Mon Jan 11 14:22:56 2010 : Debug: 	State = 0x735b20567b5039d1801af16ebf2bd1da
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0xfb655139a68e169cb07911e2f23d2d78
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++ ... skipping else for request 3086727: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086727: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086727: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:22:56 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:22:56 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++ ... skipping else for request 3086727: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++ ... skipping else for request 3086727: Preceding "if" was taken
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:22:56 2010 : Debug: sql_xlat finished
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:22:56 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:22:56 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:22:56 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:22:56 2010
Mon Jan 11 14:22:56 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:22:56 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:22:56 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:22:56 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:22:56 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:22:56 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:22:56 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:22:56 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:22:56 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:22:56 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:22:56 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:22:56 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP packet type response id 11 length 96
Mon Jan 11 14:22:56 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:22:56 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:22:56 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:22:56 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:22:56 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:22:56 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:22:56 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:22:56 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:22:56 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:22:56 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:22:56 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 14:22:56 2010 : Debug: [peap] Success
Mon Jan 11 14:22:56 2010 : Debug: [peap] Using saved attributes from the original Access-Accept
Mon Jan 11 14:22:56 2010 : Debug: [peap] Saving response in the cache
Mon Jan 11 14:22:56 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:22:56 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:22:56 2010 : Debug: +- entering group post-auth {...}
Mon Jan 11 14:22:56 2010 : Debug: [reply_log] 	expand: /usr/local/var/log/radius/radacct/reply-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/reply-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [reply_log] /usr/local/var/log/radius/radacct/reply-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/reply-detail-20100111
Mon Jan 11 14:22:56 2010 : Debug: [reply_log] 	expand: %t -> Mon Jan 11 14:22:56 2010
Mon Jan 11 14:22:56 2010 : Debug: ++[reply_log] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Accept', '2010-01-11 14:22:56', '')
Mon Jan 11 14:22:56 2010 : Debug: ++[sql] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: ++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:22:56 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:22:56 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:22:56 2010 : Debug: ++[sql.authorize] returns ok
Mon Jan 11 14:22:56 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:22:56 2010 : Debug: ++[request] returns ok
Mon Jan 11 14:22:56 2010 : Debug: ++[exec] returns noop
Mon Jan 11 14:22:56 2010 : Debug: [attr_filter.post-auth] 	expand: %{Realm} -> local
Mon Jan 11 14:22:56 2010 : Debug: ++[attr_filter.post-auth] returns updated
Mon Jan 11 14:22:56 2010 : Debug: Sending Access-Accept packet to host 10.10.246.234 port 32768, id=6, length=0
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:22:56 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:22:56 2010 : Debug: 	MS-MPPE-Recv-Key = 0xfcdbbffb758b7a2ab3d90ab5db0466f8f4a91aa30fefd0f12c84e83a7ba66731
Mon Jan 11 14:22:56 2010 : Debug: 	MS-MPPE-Send-Key = 0xbddb8ccb05d9d580fbb993ad5aa1823d527c2811168a9c57f29b7b5d3077a36e
Mon Jan 11 14:22:56 2010 : Debug: 	EAP-Message = 0x030b0004
Mon Jan 11 14:22:56 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:22:56 2010 : Debug: Finished request 3086727.
Mon Jan 11 14:23:00 2010 : Debug: Cleaning up request 3086702 ID 253 with timestamp +510194
Mon Jan 11 14:23:00 2010 : Debug: Cleaning up request 3086704 ID 254 with timestamp +510194
Mon Jan 11 14:23:00 2010 : Debug: Cleaning up request 3086708 ID 255 with timestamp +510194
Mon Jan 11 14:23:00 2010 : Debug: Cleaning up request 3086711 ID 0 with timestamp +510194
Mon Jan 11 14:23:01 2010 : Debug: Cleaning up request 3086712 ID 1 with timestamp +510195
Mon Jan 11 14:23:01 2010 : Debug: Cleaning up request 3086715 ID 2 with timestamp +510195
Mon Jan 11 14:23:01 2010 : Debug: Cleaning up request 3086717 ID 3 with timestamp +510195
Mon Jan 11 14:23:01 2010 : Debug: Cleaning up request 3086720 ID 4 with timestamp +510195
Mon Jan 11 14:23:01 2010 : Debug: Cleaning up request 3086723 ID 5 with timestamp +510195
Mon Jan 11 14:23:01 2010 : Debug: Cleaning up request 3086727 ID 6 with timestamp +510195
Mon Jan 11 14:52:49 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=134, length=204
Mon Jan 11 14:52:49 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:52:49 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:52:49 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:52:49 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:52:49 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:52:49 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:52:49 2010 : Debug: 	EAP-Message = 0x0201001901353534363934407377616e7365612e61632e756b
Mon Jan 11 14:52:49 2010 : Debug: 	Message-Authenticator = 0x6d4348b6a41e7b84e520c78072e66ce7
Mon Jan 11 14:52:49 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:52:49 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:52:49 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++ ... skipping else for request 3111835: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++ ... skipping else for request 3111835: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++ ... skipping else for request 3111835: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:52:49 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:52:49 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++ ... skipping else for request 3111835: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++ ... skipping else for request 3111835: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:52:49 2010 : Debug: sql_xlat
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:52:49 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:52:49 2010 : Debug: sql_xlat finished
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:52:49 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:52:49 2010
Mon Jan 11 14:52:49 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:52:49 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:52:49 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:52:49 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:52:49 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:52:49 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:52:49 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:52:49 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:52:49 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:52:49 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:52:49 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:52:49 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:52:49 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:52:49 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [eap] EAP packet type response id 1 length 25
Mon Jan 11 14:52:49 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:52:49 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:52:49 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:52:49 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:52:49 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:52:49 2010 : Debug: [eap] processing type tls
Mon Jan 11 14:52:49 2010 : Debug: [tls] Initiate
Mon Jan 11 14:52:49 2010 : Debug: [tls] Start returned 1
Mon Jan 11 14:52:49 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:52:49 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=134, length=0
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:52:49 2010 : Debug: 	EAP-Message = 0x010200061920
Mon Jan 11 14:52:49 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:52:49 2010 : Debug: 	State = 0x0f04c0f40f06d9ad354f9db13f888ed2
Mon Jan 11 14:52:49 2010 : Debug: Finished request 3111835.
Mon Jan 11 14:52:49 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=136, length=490
Mon Jan 11 14:52:49 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:52:49 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:52:49 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:52:49 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:52:49 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:52:49 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:52:49 2010 : Debug: 	EAP-Message = 0x0202012319800000011916030101140100011003014b4b3a4e75cd4421e57fb77f202cfba92438b26501e51a09746e10003ca7daef00003200390038003500880087008400160013000a00330032002f004500440041000500040015001200090014001100080006000302010000b4002300b0621c624559876427913ed02221efeb37a02ca9312c072969596cbc0c0d0e9e7c0f34487d1b0392ee160b60d99898d05d06fdc3354e27060654f360ec097f91963c1b76ba920cf0cb59ae564f9b191e33cdd26fc44764a9d13c39166815d4f09c983db69d7bc7a8c0dd6633dda6e0f988b20d04192dcd59d6a8dbd1539d3173638d840b504a6ae9d7ee10
Mon Jan 11 14:52:49 2010 : Debug: 	EAP-Message = 0x5227ec5d628dcfa96818dab024a27f5324020a0203072b0cff6c16085b6256a717a6c1329793
Mon Jan 11 14:52:49 2010 : Debug: 	State = 0x0f04c0f40f06d9ad354f9db13f888ed2
Mon Jan 11 14:52:49 2010 : Debug: 	Message-Authenticator = 0xef968723362bca9ebd6c1c6c4aab15d6
Mon Jan 11 14:52:49 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:52:49 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:52:49 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++ ... skipping else for request 3111837: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++ ... skipping else for request 3111837: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++ ... skipping else for request 3111837: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:52:49 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:52:49 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++ ... skipping else for request 3111837: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++ ... skipping else for request 3111837: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:52:49 2010 : Debug: sql_xlat
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:52:49 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:52:49 2010 : Debug: sql_xlat finished
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:52:49 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:52:49 2010
Mon Jan 11 14:52:49 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:52:49 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:52:49 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:52:49 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:52:49 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:52:49 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:52:49 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:52:49 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:52:49 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:52:49 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:52:49 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:52:49 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:52:49 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:52:49 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [eap] EAP packet type response id 2 length 253
Mon Jan 11 14:52:49 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:52:49 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:52:49 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:52:49 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:52:49 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:52:49 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:52:49 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:52:49 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:52:49 2010 : Debug: [peap] Length Included
Mon Jan 11 14:52:49 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:52:49 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 14:52:49 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 14:52:49 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 14:52:49 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 14:52:49 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 14:52:49 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 14:52:49 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:52:49 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read finished A
Mon Jan 11 14:52:49 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:52:49 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:52:49 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:52:49 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=136, length=0
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:52:49 2010 : Debug: 	EAP-Message = 0x010300701900160301002a0200002603014b4b3b412508836b7d31fa8b4444ab4759b246b6da3244fb56db5a71303c234f000039011403010001011603010030e980a1abc16a968d3b31cd8529611f88ec35273e9af1a36e9866e2d773cb3d3022862d8e3c74c6e85147ea9c0331869d
Mon Jan 11 14:52:49 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:52:49 2010 : Debug: 	State = 0x0f04c0f40e07d9ad354f9db13f888ed2
Mon Jan 11 14:52:49 2010 : Debug: Finished request 3111837.
Mon Jan 11 14:52:49 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=138, length=262
Mon Jan 11 14:52:49 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:52:49 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:52:49 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:52:49 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:52:49 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:52:49 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:52:49 2010 : Debug: 	EAP-Message = 0x02030041190014030100010116030100308e045c95bc48ec5d969759efa83e9f5da90db0f82a60a5dbd5eb55da902e7c2f267db5c16548dad920198e7495a9fb0d
Mon Jan 11 14:52:49 2010 : Debug: 	State = 0x0f04c0f40e07d9ad354f9db13f888ed2
Mon Jan 11 14:52:49 2010 : Debug: 	Message-Authenticator = 0x9e2520c833d0d97d69ff76c3260d9a6a
Mon Jan 11 14:52:49 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:52:49 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:52:49 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++ ... skipping else for request 3111840: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++ ... skipping else for request 3111840: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++ ... skipping else for request 3111840: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:52:49 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:52:49 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++ ... skipping else for request 3111840: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++ ... skipping else for request 3111840: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:52:49 2010 : Debug: sql_xlat
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:52:49 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:52:49 2010 : Debug: sql_xlat finished
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:52:49 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:52:49 2010
Mon Jan 11 14:52:49 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:52:49 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:52:49 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:52:49 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:52:49 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:52:49 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:52:49 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:52:49 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:52:49 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:52:49 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:52:49 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:52:49 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:52:49 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:52:49 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [eap] EAP packet type response id 3 length 65
Mon Jan 11 14:52:49 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:52:49 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:52:49 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:52:49 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:52:49 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:52:49 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:52:49 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:52:49 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:52:49 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:52:49 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:52:49 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 14:52:49 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 14:52:49 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 14:52:49 2010 : Debug: [peap] Skipping Phase2 because of session resumption.
Mon Jan 11 14:52:49 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 14:52:49 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:52:49 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=138, length=0
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:52:49 2010 : Debug: 	EAP-Message = 0x0104003b190017030100302b7604cd317ad54c94522231a683476a416b1a7207c88c256b222eeb52d53d834f0ed64df8deaffc8dc7cd38aa7d61df
Mon Jan 11 14:52:49 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:52:49 2010 : Debug: 	State = 0x0f04c0f40d00d9ad354f9db13f888ed2
Mon Jan 11 14:52:49 2010 : Debug: Finished request 3111840.
Mon Jan 11 14:52:49 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=139, length=293
Mon Jan 11 14:52:49 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:52:49 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:52:49 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:52:49 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:52:49 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:52:49 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:52:49 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:52:49 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:52:49 2010 : Debug: 	EAP-Message = 0x0204006019001703010020ef37ab893439edd2ab04fbc220feccc8b97b124682dc45aeae6918264685409d17030100307534b1e05588b856e2087f859a2e1a7d94746eb5a11c65df186053147fe39c851a447e7012c42d0a939013f6d06944ab
Mon Jan 11 14:52:49 2010 : Debug: 	State = 0x0f04c0f40d00d9ad354f9db13f888ed2
Mon Jan 11 14:52:49 2010 : Debug: 	Message-Authenticator = 0xc81a9c6ecd42631df53b4ecd27797550
Mon Jan 11 14:52:49 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:52:49 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:52:49 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++ ... skipping else for request 3111842: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++ ... skipping else for request 3111842: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++ ... skipping else for request 3111842: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:52:49 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:52:49 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++ ... skipping else for request 3111842: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++ ... skipping else for request 3111842: Preceding "if" was taken
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:52:49 2010 : Debug: sql_xlat
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:52:49 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:52:49 2010 : Debug: sql_xlat finished
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:52:49 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:52:49 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:52:49 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:52:49 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:52:49 2010
Mon Jan 11 14:52:49 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:52:49 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:52:49 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:52:49 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:52:49 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:52:49 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:52:49 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:52:49 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:52:49 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:52:49 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:52:49 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:52:49 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:52:49 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:52:49 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:52:49 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:52:49 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:52:49 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:52:49 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:52:49 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:52:49 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:52:49 2010 : Debug: [eap] EAP packet type response id 4 length 96
Mon Jan 11 14:52:49 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:52:49 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:52:49 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:52:49 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:52:49 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:52:49 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:52:49 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:52:49 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:52:49 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:52:49 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:52:49 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:52:49 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:52:49 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:52:49 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 14:52:49 2010 : Debug: [peap] Success
Mon Jan 11 14:52:49 2010 : Debug: [peap] WARNING: No information in cached session!
Mon Jan 11 14:52:49 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:52:49 2010 : Debug: ++[eap] returns reject
Mon Jan 11 14:52:49 2010 : Debug: Failed to authenticate the user.
Mon Jan 11 14:52:49 2010 : Debug: 	expand: Bad Password -> Bad Password
Mon Jan 11 14:52:49 2010 : Debug: Using Post-Auth-Type Reject
Mon Jan 11 14:52:49 2010 : Debug: +- entering group REJECT {...}
Mon Jan 11 14:52:49 2010 : Debug: [attr_filter.access_reject] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: ++[attr_filter.access_reject] returns updated
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:52:49 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 14:52:49 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Reject', '2010-01-11 14:52:49', '')
Mon Jan 11 14:52:49 2010 : Debug: ++[sql] returns ok
Mon Jan 11 14:52:49 2010 : Debug: Delaying reject of request 3111842 for 1 seconds
Mon Jan 11 14:52:50 2010 : Debug: Sending delayed reject for request 3111842
Mon Jan 11 14:52:50 2010 : Debug: Sending Access-Reject packet to host 10.10.246.234 port 32768, id=139, length=0
Mon Jan 11 14:52:50 2010 : Debug: 	EAP-Message = 0x04040004
Mon Jan 11 14:52:50 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:52:54 2010 : Debug: Cleaning up request 3111835 ID 134 with timestamp +511988
Mon Jan 11 14:52:54 2010 : Debug: Cleaning up request 3111837 ID 136 with timestamp +511988
Mon Jan 11 14:52:54 2010 : Debug: Cleaning up request 3111840 ID 138 with timestamp +511988
Mon Jan 11 14:52:55 2010 : Debug: Cleaning up request 3111842 ID 139 with timestamp +511988
Mon Jan 11 14:54:10 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=79, length=204
Mon Jan 11 14:54:10 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:54:10 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:54:10 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:54:10 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:54:10 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:54:10 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:54:10 2010 : Debug: 	EAP-Message = 0x0209001901353534363934407377616e7365612e61632e756b
Mon Jan 11 14:54:10 2010 : Debug: 	Message-Authenticator = 0x7778a6970218bca6a82a03de79eb9bed
Mon Jan 11 14:54:10 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:54:10 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:54:10 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++ ... skipping else for request 3113117: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++ ... skipping else for request 3113117: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++ ... skipping else for request 3113117: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:54:10 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:54:10 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++ ... skipping else for request 3113117: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++ ... skipping else for request 3113117: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:54:10 2010 : Debug: sql_xlat
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:54:10 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:54:10 2010 : Debug: sql_xlat finished
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:54:10 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:54:10 2010
Mon Jan 11 14:54:10 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:54:10 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:54:10 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:54:10 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:54:10 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:54:10 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:54:10 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:54:10 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:54:10 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:54:10 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:54:10 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:54:10 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:54:10 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:54:10 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [eap] EAP packet type response id 9 length 25
Mon Jan 11 14:54:10 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:54:10 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:54:10 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:54:10 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:54:10 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:54:10 2010 : Debug: [eap] processing type tls
Mon Jan 11 14:54:10 2010 : Debug: [tls] Initiate
Mon Jan 11 14:54:10 2010 : Debug: [tls] Start returned 1
Mon Jan 11 14:54:10 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:54:10 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=79, length=0
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:54:10 2010 : Debug: 	EAP-Message = 0x010a00061920
Mon Jan 11 14:54:10 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:54:10 2010 : Debug: 	State = 0x6b7d7e456b77671d85850a1b9714a581
Mon Jan 11 14:54:10 2010 : Debug: Finished request 3113117.
Mon Jan 11 14:54:10 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=80, length=490
Mon Jan 11 14:54:10 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:54:10 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:54:10 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:54:10 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:54:10 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:54:10 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:54:10 2010 : Debug: 	EAP-Message = 0x020a012319800000011916030101140100011003014b4b3a9f8ff61166f109dce22004237a416d91d6c93e2b1f025f2b8401a0b30900003200390038003500880087008400160013000a00330032002f004500440041000500040015001200090014001100080006000302010000b4002300b0621c624559876427913ed02221efeb37a02ca9312c072969596cbc0c0d0e9e7c0f34487d1b0392ee160b60d99898d05d06fdc3354e27060654f360ec097f91963c1b76ba920cf0cb59ae564f9b191e33cdd26fc44764a9d13c39166815d4f09c983db69d7bc7a8c0dd6633dda6e0f988b20d04192dcd59d6a8dbd1539d3173638d840b504a6ae9d7ee10
Mon Jan 11 14:54:10 2010 : Debug: 	EAP-Message = 0x5227ec5d628dcfa96818dab024a27f5324020a0203072b0cff6c16085b6256a717a6c1329793
Mon Jan 11 14:54:10 2010 : Debug: 	State = 0x6b7d7e456b77671d85850a1b9714a581
Mon Jan 11 14:54:10 2010 : Debug: 	Message-Authenticator = 0x89bdeddb18dc335ad12162bd765826b6
Mon Jan 11 14:54:10 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:54:10 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:54:10 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++ ... skipping else for request 3113119: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++ ... skipping else for request 3113119: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++ ... skipping else for request 3113119: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:54:10 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:54:10 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++ ... skipping else for request 3113119: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++ ... skipping else for request 3113119: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:54:10 2010 : Debug: sql_xlat
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:54:10 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:54:10 2010 : Debug: sql_xlat finished
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:54:10 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:54:10 2010
Mon Jan 11 14:54:10 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:54:10 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:54:10 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:54:10 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:54:10 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:54:10 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:54:10 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:54:10 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:54:10 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:54:10 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:54:10 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:54:10 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:54:10 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:54:10 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [eap] EAP packet type response id 10 length 253
Mon Jan 11 14:54:10 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:54:10 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:54:10 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:54:10 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:54:10 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:54:10 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:54:10 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:54:10 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:54:10 2010 : Debug: [peap] Length Included
Mon Jan 11 14:54:10 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:54:10 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 14:54:10 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 14:54:10 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 14:54:10 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 14:54:10 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 14:54:10 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 14:54:10 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:54:10 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read finished A
Mon Jan 11 14:54:10 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:54:10 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:54:10 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:54:10 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=80, length=0
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:54:10 2010 : Debug: 	EAP-Message = 0x010b00701900160301002a0200002603014b4b3b92fcc06740a1857aa7a04b7cd6d04eaeb85197e253cfe1711c2aa63107000039011403010001011603010030b5a6b82789bcd4e2c5f8e2c516c593c4a065c79bf8f0c9dd602b98e47eba895176075124e059dd021620283d9370dc70
Mon Jan 11 14:54:10 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:54:10 2010 : Debug: 	State = 0x6b7d7e456a76671d85850a1b9714a581
Mon Jan 11 14:54:10 2010 : Debug: Finished request 3113119.
Mon Jan 11 14:54:10 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=81, length=262
Mon Jan 11 14:54:10 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:54:10 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:54:10 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:54:10 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:54:10 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:54:10 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:54:10 2010 : Debug: 	EAP-Message = 0x020b004119001403010001011603010030ef8b1165b7bb2c5369473fdba598e08f61443bcec3c234457c66fe49b8c9004b88d025134cf7c1582cfc743607a040a4
Mon Jan 11 14:54:10 2010 : Debug: 	State = 0x6b7d7e456a76671d85850a1b9714a581
Mon Jan 11 14:54:10 2010 : Debug: 	Message-Authenticator = 0x81a12193342875fc607cc689b479a0de
Mon Jan 11 14:54:10 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:54:10 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:54:10 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++ ... skipping else for request 3113121: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++ ... skipping else for request 3113121: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++ ... skipping else for request 3113121: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:54:10 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:54:10 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++ ... skipping else for request 3113121: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++ ... skipping else for request 3113121: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:54:10 2010 : Debug: sql_xlat
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:54:10 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:54:10 2010 : Debug: sql_xlat finished
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:54:10 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:54:10 2010
Mon Jan 11 14:54:10 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:54:10 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:54:10 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:54:10 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:54:10 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:54:10 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:54:10 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:54:10 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:54:10 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:54:10 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:54:10 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:54:10 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:54:10 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:54:10 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [eap] EAP packet type response id 11 length 65
Mon Jan 11 14:54:10 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:54:10 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:54:10 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:54:10 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:54:10 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:54:10 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:54:10 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:54:10 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:54:10 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:54:10 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:54:10 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 14:54:10 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 14:54:10 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 14:54:10 2010 : Debug: [peap] Skipping Phase2 because of session resumption.
Mon Jan 11 14:54:10 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 14:54:10 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:54:10 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=81, length=0
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:54:10 2010 : Debug: 	EAP-Message = 0x010c003b19001703010030343a996aac964aa575db3c0fb6f8a45794e21431c372ec6197a351dbd6fc27aa67eca839d6070ca10ada92c82595c705
Mon Jan 11 14:54:10 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:54:10 2010 : Debug: 	State = 0x6b7d7e456971671d85850a1b9714a581
Mon Jan 11 14:54:10 2010 : Debug: Finished request 3113121.
Mon Jan 11 14:54:10 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=82, length=293
Mon Jan 11 14:54:10 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:54:10 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:54:10 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:54:10 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:54:10 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:54:10 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:54:10 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:54:10 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:54:10 2010 : Debug: 	EAP-Message = 0x020c006019001703010020c9b6f95b1f4a8fc922e0abba89a87d31cc0e5af256e932e7b1684ec20d62d41f17030100307d3973ef3e47f4fb541308f8c8492ef99956c2ec055a74aa28b2b714b8c0856aef75a27ab5d010e1a4f5005c8a08ea71
Mon Jan 11 14:54:10 2010 : Debug: 	State = 0x6b7d7e456971671d85850a1b9714a581
Mon Jan 11 14:54:10 2010 : Debug: 	Message-Authenticator = 0xf10533b4958d0e99972a290eb9385139
Mon Jan 11 14:54:10 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:54:10 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:54:10 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++ ... skipping else for request 3113123: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++ ... skipping else for request 3113123: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++ ... skipping else for request 3113123: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:54:10 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:54:10 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++ ... skipping else for request 3113123: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++ ... skipping else for request 3113123: Preceding "if" was taken
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:54:10 2010 : Debug: sql_xlat
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:54:10 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:54:10 2010 : Debug: sql_xlat finished
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:54:10 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:54:10 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:54:10 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:54:10 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:54:10 2010
Mon Jan 11 14:54:10 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:54:10 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:54:10 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:54:10 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:54:10 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:54:10 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:54:10 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:54:10 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:54:10 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:54:10 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:54:10 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:54:10 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:54:10 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:54:10 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:54:10 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:54:10 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:54:10 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:54:10 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:54:10 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:54:10 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:54:10 2010 : Debug: [eap] EAP packet type response id 12 length 96
Mon Jan 11 14:54:10 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:54:10 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:54:10 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:54:10 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:54:10 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:54:10 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:54:10 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:54:10 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:54:10 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:54:10 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:54:10 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:54:10 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:54:10 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:54:10 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 14:54:10 2010 : Debug: [peap] Success
Mon Jan 11 14:54:10 2010 : Debug: [peap] WARNING: No information in cached session!
Mon Jan 11 14:54:10 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:54:10 2010 : Debug: ++[eap] returns reject
Mon Jan 11 14:54:10 2010 : Debug: Failed to authenticate the user.
Mon Jan 11 14:54:10 2010 : Debug: 	expand: Bad Password -> Bad Password
Mon Jan 11 14:54:10 2010 : Debug: Using Post-Auth-Type Reject
Mon Jan 11 14:54:10 2010 : Debug: +- entering group REJECT {...}
Mon Jan 11 14:54:10 2010 : Debug: [attr_filter.access_reject] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: ++[attr_filter.access_reject] returns updated
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:54:10 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 14:54:10 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Reject', '2010-01-11 14:54:10', '')
Mon Jan 11 14:54:10 2010 : Debug: ++[sql] returns ok
Mon Jan 11 14:54:10 2010 : Debug: Delaying reject of request 3113123 for 1 seconds
Mon Jan 11 14:54:11 2010 : Debug: Sending delayed reject for request 3113123
Mon Jan 11 14:54:11 2010 : Debug: Sending Access-Reject packet to host 10.10.246.234 port 32768, id=82, length=0
Mon Jan 11 14:54:11 2010 : Debug: 	EAP-Message = 0x040c0004
Mon Jan 11 14:54:11 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:54:15 2010 : Debug: Cleaning up request 3113117 ID 79 with timestamp +512069
Mon Jan 11 14:54:15 2010 : Debug: Cleaning up request 3113119 ID 80 with timestamp +512069
Mon Jan 11 14:54:15 2010 : Debug: Cleaning up request 3113121 ID 81 with timestamp +512069
Mon Jan 11 14:54:16 2010 : Debug: Cleaning up request 3113123 ID 82 with timestamp +512069
Mon Jan 11 14:55:31 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=24, length=204
Mon Jan 11 14:55:31 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:55:31 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:55:31 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:55:31 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:55:31 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:55:31 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:55:31 2010 : Debug: 	EAP-Message = 0x0211001901353534363934407377616e7365612e61632e756b
Mon Jan 11 14:55:31 2010 : Debug: 	Message-Authenticator = 0x1a167bbe4555ccb919e99f2cb1f282a0
Mon Jan 11 14:55:31 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:55:31 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:31 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++ ... skipping else for request 3114260: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++ ... skipping else for request 3114260: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++ ... skipping else for request 3114260: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:55:31 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:55:31 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++ ... skipping else for request 3114260: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++ ... skipping else for request 3114260: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:55:31 2010 : Debug: sql_xlat
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:31 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:55:31 2010 : Debug: sql_xlat finished
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:55:31 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:55:31 2010
Mon Jan 11 14:55:31 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:55:31 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:55:31 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:55:31 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:55:31 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:55:31 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:55:31 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:55:31 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:55:31 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:55:31 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:55:31 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:55:31 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:55:31 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:55:31 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [eap] EAP packet type response id 17 length 25
Mon Jan 11 14:55:31 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:55:31 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:55:31 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:55:31 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:55:31 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:55:31 2010 : Debug: [eap] processing type tls
Mon Jan 11 14:55:31 2010 : Debug: [tls] Initiate
Mon Jan 11 14:55:31 2010 : Debug: [tls] Start returned 1
Mon Jan 11 14:55:31 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:55:31 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=24, length=0
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:55:31 2010 : Debug: 	EAP-Message = 0x011200061920
Mon Jan 11 14:55:31 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:55:31 2010 : Debug: 	State = 0x01acb8d801bea1778b6b1d540fa74fb0
Mon Jan 11 14:55:31 2010 : Debug: Finished request 3114260.
Mon Jan 11 14:55:31 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=25, length=490
Mon Jan 11 14:55:31 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:55:31 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:55:31 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:55:31 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:55:31 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:55:31 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:55:31 2010 : Debug: 	EAP-Message = 0x0212012319800000011916030101140100011003014b4b3af0210268b8e7f65331f359ab84b16af67085d02db1b0203c6640fd6fd200003200390038003500880087008400160013000a00330032002f004500440041000500040015001200090014001100080006000302010000b4002300b0621c624559876427913ed02221efeb37a02ca9312c072969596cbc0c0d0e9e7c0f34487d1b0392ee160b60d99898d05d06fdc3354e27060654f360ec097f91963c1b76ba920cf0cb59ae564f9b191e33cdd26fc44764a9d13c39166815d4f09c983db69d7bc7a8c0dd6633dda6e0f988b20d04192dcd59d6a8dbd1539d3173638d840b504a6ae9d7ee10
Mon Jan 11 14:55:31 2010 : Debug: 	EAP-Message = 0x5227ec5d628dcfa96818dab024a27f5324020a0203072b0cff6c16085b6256a717a6c1329793
Mon Jan 11 14:55:31 2010 : Debug: 	State = 0x01acb8d801bea1778b6b1d540fa74fb0
Mon Jan 11 14:55:31 2010 : Debug: 	Message-Authenticator = 0x42e48da2317f24ab98e94ee6ffcc6be8
Mon Jan 11 14:55:31 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:55:31 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:31 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++ ... skipping else for request 3114261: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++ ... skipping else for request 3114261: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++ ... skipping else for request 3114261: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:55:31 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:55:31 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++ ... skipping else for request 3114261: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++ ... skipping else for request 3114261: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:55:31 2010 : Debug: sql_xlat
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:31 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:55:31 2010 : Debug: sql_xlat finished
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:55:31 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:55:31 2010
Mon Jan 11 14:55:31 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:55:31 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:55:31 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:55:31 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:55:31 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:55:31 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:55:31 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:55:31 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:55:31 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:55:31 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:55:31 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:55:31 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:55:31 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:55:31 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [eap] EAP packet type response id 18 length 253
Mon Jan 11 14:55:31 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:55:31 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:55:31 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:55:31 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:55:31 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:55:31 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:55:31 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:55:31 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:55:31 2010 : Debug: [peap] Length Included
Mon Jan 11 14:55:31 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:55:31 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 14:55:31 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 14:55:31 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 14:55:31 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 14:55:31 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 14:55:31 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 14:55:31 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:55:31 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read finished A
Mon Jan 11 14:55:31 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:55:31 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:55:31 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:55:31 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=25, length=0
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:55:31 2010 : Debug: 	EAP-Message = 0x011300701900160301002a0200002603014b4b3be3010ad221af00fbeaa2f67e4acc1f04fac68f6a837a1a943488a11ec1000039011403010001011603010030b2cdaaf9d9e3768036ac042b6c95e6a076396402e5432fd761b05b6dd1932527c6bae11535b3ceb11503413722628971
Mon Jan 11 14:55:31 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:55:31 2010 : Debug: 	State = 0x01acb8d800bfa1778b6b1d540fa74fb0
Mon Jan 11 14:55:31 2010 : Debug: Finished request 3114261.
Mon Jan 11 14:55:31 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=26, length=262
Mon Jan 11 14:55:31 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:55:31 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:55:31 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:55:31 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:55:31 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:55:31 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:55:31 2010 : Debug: 	EAP-Message = 0x0213004119001403010001011603010030d0c7514b29b0ea2facf45df3cb38faee9bde5f26281bdc27385e3d97e4ea9f130cd7d683e9ef0dd2e388576a188999c3
Mon Jan 11 14:55:31 2010 : Debug: 	State = 0x01acb8d800bfa1778b6b1d540fa74fb0
Mon Jan 11 14:55:31 2010 : Debug: 	Message-Authenticator = 0x3e750bd92f52bb2d639379d05781fd49
Mon Jan 11 14:55:31 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:55:31 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:31 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++ ... skipping else for request 3114262: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++ ... skipping else for request 3114262: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++ ... skipping else for request 3114262: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:55:31 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:55:31 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++ ... skipping else for request 3114262: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++ ... skipping else for request 3114262: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:55:31 2010 : Debug: sql_xlat
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:31 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:55:31 2010 : Debug: sql_xlat finished
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:55:31 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:55:31 2010
Mon Jan 11 14:55:31 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:55:31 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:55:31 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:55:31 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:55:31 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:55:31 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:55:31 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:55:31 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:55:31 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:55:31 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:55:31 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:55:31 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:55:31 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:55:31 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [eap] EAP packet type response id 19 length 65
Mon Jan 11 14:55:31 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:55:31 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:55:31 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:55:31 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:55:31 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:55:31 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:55:31 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:55:31 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:55:31 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:55:31 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:55:31 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 14:55:31 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 14:55:31 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 14:55:31 2010 : Debug: [peap] Skipping Phase2 because of session resumption.
Mon Jan 11 14:55:31 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 14:55:31 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:55:31 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=26, length=0
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:55:31 2010 : Debug: 	EAP-Message = 0x0114003b19001703010030bd6b10b4c86733cecb9e9e9aa4ce69bdf7b361aca4708edb42e24b5431bef2a5b40aa4adc2b0bf0c73a370e5196a0265
Mon Jan 11 14:55:31 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:55:31 2010 : Debug: 	State = 0x01acb8d803b8a1778b6b1d540fa74fb0
Mon Jan 11 14:55:31 2010 : Debug: Finished request 3114262.
Mon Jan 11 14:55:31 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=27, length=293
Mon Jan 11 14:55:31 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:55:31 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:55:31 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:55:31 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:55:31 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:55:31 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:55:31 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:55:31 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "80"
Mon Jan 11 14:55:31 2010 : Debug: 	EAP-Message = 0x02140060190017030100200355aaadb6904e3ffe0192b41640f2954a1ff8ebabd862f351ae45c47f9651471703010030e2cc225a2db50be8a5490ffa42ced5cdcd491a974969fb63a328abfabfb6d5c0ff3dcf379a70c000be21841ab58a6ca7
Mon Jan 11 14:55:31 2010 : Debug: 	State = 0x01acb8d803b8a1778b6b1d540fa74fb0
Mon Jan 11 14:55:31 2010 : Debug: 	Message-Authenticator = 0x57f2193bba17d8c65912f3fed9b27260
Mon Jan 11 14:55:31 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:55:31 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:31 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++ ... skipping else for request 3114263: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++ ... skipping else for request 3114263: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++ ... skipping else for request 3114263: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:55:31 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:55:31 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++ ... skipping else for request 3114263: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++ ... skipping else for request 3114263: Preceding "if" was taken
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:55:31 2010 : Debug: sql_xlat
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:31 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:55:31 2010 : Debug: sql_xlat finished
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:55:31 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:55:31 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:55:31 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:31 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:55:31 2010
Mon Jan 11 14:55:31 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:55:31 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:55:31 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:55:31 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:31 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:55:31 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:55:31 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:31 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:55:31 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:55:31 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:55:31 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:55:31 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:55:31 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:55:31 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:55:31 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:55:31 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:55:31 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:55:31 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:55:31 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:55:31 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:55:31 2010 : Debug: [eap] EAP packet type response id 20 length 96
Mon Jan 11 14:55:31 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:55:31 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:55:31 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:55:31 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:55:31 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:55:31 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:55:31 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:55:31 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:55:31 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:55:31 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:55:31 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:55:31 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:55:31 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:55:31 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 14:55:31 2010 : Debug: [peap] Success
Mon Jan 11 14:55:31 2010 : Debug: [peap] WARNING: No information in cached session!
Mon Jan 11 14:55:31 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:55:31 2010 : Debug: ++[eap] returns reject
Mon Jan 11 14:55:31 2010 : Debug: Failed to authenticate the user.
Mon Jan 11 14:55:31 2010 : Debug: 	expand: Bad Password -> Bad Password
Mon Jan 11 14:55:31 2010 : Debug: Using Post-Auth-Type Reject
Mon Jan 11 14:55:31 2010 : Debug: +- entering group REJECT {...}
Mon Jan 11 14:55:31 2010 : Debug: [attr_filter.access_reject] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: ++[attr_filter.access_reject] returns updated
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:31 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 14:55:31 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Reject', '2010-01-11 14:55:31', '')
Mon Jan 11 14:55:31 2010 : Debug: ++[sql] returns ok
Mon Jan 11 14:55:31 2010 : Debug: Delaying reject of request 3114263 for 1 seconds
Mon Jan 11 14:55:32 2010 : Debug: Sending delayed reject for request 3114263
Mon Jan 11 14:55:32 2010 : Debug: Sending Access-Reject packet to host 10.10.246.234 port 32768, id=27, length=0
Mon Jan 11 14:55:32 2010 : Debug: 	EAP-Message = 0x04140004
Mon Jan 11 14:55:32 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:55:36 2010 : Debug: Cleaning up request 3114260 ID 24 with timestamp +512150
Mon Jan 11 14:55:36 2010 : Debug: Cleaning up request 3114261 ID 25 with timestamp +512150
Mon Jan 11 14:55:36 2010 : Debug: Cleaning up request 3114262 ID 26 with timestamp +512150
Mon Jan 11 14:55:37 2010 : Debug: Cleaning up request 3114263 ID 27 with timestamp +512150
Mon Jan 11 14:55:53 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=95, length=205
Mon Jan 11 14:55:53 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:55:53 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:55:53 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:55:53 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:55:53 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:55:53 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:55:53 2010 : Debug: 	EAP-Message = 0x0202001901353534363934407377616e7365612e61632e756b
Mon Jan 11 14:55:53 2010 : Debug: 	Message-Authenticator = 0x51d33586a01368880d706828e2d9a3b5
Mon Jan 11 14:55:53 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:55:53 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:53 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++ ... skipping else for request 3114511: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++ ... skipping else for request 3114511: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++ ... skipping else for request 3114511: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:55:53 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:55:53 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++ ... skipping else for request 3114511: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++ ... skipping else for request 3114511: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:55:53 2010 : Debug: sql_xlat
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:53 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:55:53 2010 : Debug: sql_xlat finished
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:55:53 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:55:53 2010
Mon Jan 11 14:55:53 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:55:53 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:55:53 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:55:53 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:55:53 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:55:53 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:55:53 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:55:53 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:55:53 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:55:53 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:55:53 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:55:53 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:55:53 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:55:53 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [eap] EAP packet type response id 2 length 25
Mon Jan 11 14:55:53 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:55:53 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:55:53 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:55:53 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:55:53 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:55:53 2010 : Debug: [eap] processing type tls
Mon Jan 11 14:55:53 2010 : Debug: [tls] Initiate
Mon Jan 11 14:55:53 2010 : Debug: [tls] Start returned 1
Mon Jan 11 14:55:53 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:55:53 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=95, length=0
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:55:53 2010 : Debug: 	EAP-Message = 0x010300061920
Mon Jan 11 14:55:53 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:55:53 2010 : Debug: 	State = 0x44b7408744b4590d99e72c45cfb0d7d8
Mon Jan 11 14:55:53 2010 : Debug: Finished request 3114511.
Mon Jan 11 14:55:53 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=96, length=491
Mon Jan 11 14:55:53 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:55:53 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:55:53 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:55:53 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:55:53 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:55:53 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:55:53 2010 : Debug: 	EAP-Message = 0x0203012319800000011916030101140100011003014b4b3b06c163bfdde0ef0a40338e0752f49ac57c8d8b3b22f1ce2b899ad84f9500003200390038003500880087008400160013000a00330032002f004500440041000500040015001200090014001100080006000302010000b4002300b0621c624559876427913ed02221efeb37a02ca9312c072969596cbc0c0d0e9e7c0f34487d1b0392ee160b60d99898d05d06fdc3354e27060654f360ec097f91963c1b76ba920cf0cb59ae564f9b191e33cdd26fc44764a9d13c39166815d4f09c983db69d7bc7a8c0dd6633dda6e0f988b20d04192dcd59d6a8dbd1539d3173638d840b504a6ae9d7ee10
Mon Jan 11 14:55:53 2010 : Debug: 	EAP-Message = 0x5227ec5d628dcfa96818dab024a27f5324020a0203072b0cff6c16085b6256a717a6c1329793
Mon Jan 11 14:55:53 2010 : Debug: 	State = 0x44b7408744b4590d99e72c45cfb0d7d8
Mon Jan 11 14:55:53 2010 : Debug: 	Message-Authenticator = 0xd1b29506b8f2d4fe2e508800bcf4ce10
Mon Jan 11 14:55:53 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:55:53 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:53 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++ ... skipping else for request 3114512: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++ ... skipping else for request 3114512: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++ ... skipping else for request 3114512: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:55:53 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:55:53 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++ ... skipping else for request 3114512: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++ ... skipping else for request 3114512: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:55:53 2010 : Debug: sql_xlat
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:53 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:55:53 2010 : Debug: sql_xlat finished
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:55:53 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:55:53 2010
Mon Jan 11 14:55:53 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:55:53 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:55:53 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:55:53 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:55:53 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:55:53 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:55:53 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:55:53 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:55:53 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:55:53 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:55:53 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:55:53 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:55:53 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:55:53 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [eap] EAP packet type response id 3 length 253
Mon Jan 11 14:55:53 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:55:53 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:55:53 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:55:53 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:55:53 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:55:53 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:55:53 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:55:53 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:55:53 2010 : Debug: [peap] Length Included
Mon Jan 11 14:55:53 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:55:53 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 14:55:53 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 14:55:53 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 14:55:53 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 14:55:53 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 14:55:53 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 14:55:53 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:55:53 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read finished A
Mon Jan 11 14:55:53 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:55:53 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:55:53 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:55:53 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=96, length=0
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:55:53 2010 : Debug: 	EAP-Message = 0x010400701900160301002a0200002603014b4b3bf9f3ae611881cb4bd088def3a8947b67dfe431323af6405dfef0eba8af000039011403010001011603010030b29b9f444c078b865a49be3630a79da596acea439a332510da774d6a22da4a109553610647cbfb537d5c31b365ca2d83
Mon Jan 11 14:55:53 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:55:53 2010 : Debug: 	State = 0x44b7408745b3590d99e72c45cfb0d7d8
Mon Jan 11 14:55:53 2010 : Debug: Finished request 3114512.
Mon Jan 11 14:55:53 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=97, length=263
Mon Jan 11 14:55:53 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:55:53 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:55:53 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:55:53 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:55:53 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:55:53 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:55:53 2010 : Debug: 	EAP-Message = 0x0204004119001403010001011603010030133813fb0cb58ecf8f641e596ec0c831a4cefe74d39e94b02df026f3764f004b6c032e66ae977bf8a60274071b6e77f3
Mon Jan 11 14:55:53 2010 : Debug: 	State = 0x44b7408745b3590d99e72c45cfb0d7d8
Mon Jan 11 14:55:53 2010 : Debug: 	Message-Authenticator = 0x0eb385f2620c0fb9905bd3a2f873485a
Mon Jan 11 14:55:53 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:55:53 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:53 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++ ... skipping else for request 3114513: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++ ... skipping else for request 3114513: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++ ... skipping else for request 3114513: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:55:53 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:55:53 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++ ... skipping else for request 3114513: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++ ... skipping else for request 3114513: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:55:53 2010 : Debug: sql_xlat
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:53 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:55:53 2010 : Debug: sql_xlat finished
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:55:53 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:55:53 2010
Mon Jan 11 14:55:53 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:55:53 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:55:53 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:55:53 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:55:53 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:55:53 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:55:53 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:55:53 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:55:53 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:55:53 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:55:53 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:55:53 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:55:53 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:55:53 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [eap] EAP packet type response id 4 length 65
Mon Jan 11 14:55:53 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:55:53 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:55:53 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:55:53 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:55:53 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:55:53 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:55:53 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:55:53 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:55:53 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:55:53 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:55:53 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 14:55:53 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 14:55:53 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 14:55:53 2010 : Debug: [peap] Skipping Phase2 because of session resumption.
Mon Jan 11 14:55:53 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 14:55:53 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:55:53 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=97, length=0
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:55:53 2010 : Debug: 	EAP-Message = 0x0105003b19001703010030db0a5544e8fc8560f3132d7b083f6b64dc1b7499fdf6839b3d5fbfe28221c6bb7297e4d4a759e3852044430c333a83f6
Mon Jan 11 14:55:53 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:55:53 2010 : Debug: 	State = 0x44b7408746b2590d99e72c45cfb0d7d8
Mon Jan 11 14:55:53 2010 : Debug: Finished request 3114513.
Mon Jan 11 14:55:53 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=98, length=294
Mon Jan 11 14:55:53 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:55:53 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:55:53 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:55:53 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:55:53 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:55:53 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:55:53 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:55:53 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:55:53 2010 : Debug: 	EAP-Message = 0x0205006019001703010020b80c5e8a9ec2b7ec597cd19c0738790ca3c945c19a526fd185cca5582d7759f61703010030fd21f8c51557712f2f61eafe415c22956b018d4079fde49b1e9076b7f4b6a9d68a619c506c1b0e8dc350045cd1566060
Mon Jan 11 14:55:53 2010 : Debug: 	State = 0x44b7408746b2590d99e72c45cfb0d7d8
Mon Jan 11 14:55:53 2010 : Debug: 	Message-Authenticator = 0x0425039b1e949c7ef39f000088f01a5a
Mon Jan 11 14:55:53 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:55:53 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:53 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++ ... skipping else for request 3114514: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++ ... skipping else for request 3114514: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++ ... skipping else for request 3114514: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:55:53 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:55:53 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++ ... skipping else for request 3114514: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++ ... skipping else for request 3114514: Preceding "if" was taken
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:55:53 2010 : Debug: sql_xlat
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:53 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:55:53 2010 : Debug: sql_xlat finished
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:55:53 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:55:53 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:55:53 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:55:53 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:55:53 2010
Mon Jan 11 14:55:53 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:55:53 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:55:53 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:55:53 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:55:53 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:55:53 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:55:53 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:55:53 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:55:53 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:55:53 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:55:53 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:55:53 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:55:53 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:55:53 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:55:53 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:55:53 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:55:53 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:55:53 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:55:53 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:55:53 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:55:53 2010 : Debug: [eap] EAP packet type response id 5 length 96
Mon Jan 11 14:55:53 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:55:53 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:55:53 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:55:53 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:55:53 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:55:53 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:55:53 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:55:53 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:55:53 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:55:53 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:55:53 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:55:53 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:55:53 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:55:53 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 14:55:53 2010 : Debug: [peap] Success
Mon Jan 11 14:55:53 2010 : Debug: [peap] WARNING: No information in cached session!
Mon Jan 11 14:55:53 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:55:53 2010 : Debug: ++[eap] returns reject
Mon Jan 11 14:55:53 2010 : Debug: Failed to authenticate the user.
Mon Jan 11 14:55:53 2010 : Debug: 	expand: Bad Password -> Bad Password
Mon Jan 11 14:55:53 2010 : Debug: Using Post-Auth-Type Reject
Mon Jan 11 14:55:53 2010 : Debug: +- entering group REJECT {...}
Mon Jan 11 14:55:53 2010 : Debug: [attr_filter.access_reject] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: ++[attr_filter.access_reject] returns updated
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:55:53 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 14:55:53 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Reject', '2010-01-11 14:55:53', '')
Mon Jan 11 14:55:53 2010 : Debug: ++[sql] returns ok
Mon Jan 11 14:55:53 2010 : Debug: Delaying reject of request 3114514 for 1 seconds
Mon Jan 11 14:55:54 2010 : Debug: Sending delayed reject for request 3114514
Mon Jan 11 14:55:54 2010 : Debug: Sending Access-Reject packet to host 10.10.246.234 port 32768, id=98, length=0
Mon Jan 11 14:55:54 2010 : Debug: 	EAP-Message = 0x04050004
Mon Jan 11 14:55:54 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:55:58 2010 : Debug: Cleaning up request 3114511 ID 95 with timestamp +512172
Mon Jan 11 14:55:58 2010 : Debug: Cleaning up request 3114512 ID 96 with timestamp +512172
Mon Jan 11 14:55:58 2010 : Debug: Cleaning up request 3114513 ID 97 with timestamp +512172
Mon Jan 11 14:55:59 2010 : Debug: Cleaning up request 3114514 ID 98 with timestamp +512172
Mon Jan 11 14:56:21 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=161, length=205
Mon Jan 11 14:56:21 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:56:21 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:56:21 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:56:21 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:56:21 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:56:21 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:56:21 2010 : Debug: 	EAP-Message = 0x0202001901353534363934407377616e7365612e61632e756b
Mon Jan 11 14:56:21 2010 : Debug: 	Message-Authenticator = 0xa8d2de38bf7b227fcef5729d3766cf1f
Mon Jan 11 14:56:21 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:56:21 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:21 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++ ... skipping else for request 3114953: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++ ... skipping else for request 3114953: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++ ... skipping else for request 3114953: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:56:21 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:56:21 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++ ... skipping else for request 3114953: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++ ... skipping else for request 3114953: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:56:21 2010 : Debug: sql_xlat
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:21 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:56:21 2010 : Debug: sql_xlat finished
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:56:21 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:56:21 2010
Mon Jan 11 14:56:21 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:56:21 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:56:21 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:56:21 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:56:21 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:56:21 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:56:21 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:56:21 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:56:21 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:56:21 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:56:21 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:56:21 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:56:21 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:56:21 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [eap] EAP packet type response id 2 length 25
Mon Jan 11 14:56:21 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:56:21 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:56:21 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:56:21 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:56:21 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:56:21 2010 : Debug: [eap] processing type tls
Mon Jan 11 14:56:21 2010 : Debug: [tls] Initiate
Mon Jan 11 14:56:21 2010 : Debug: [tls] Start returned 1
Mon Jan 11 14:56:21 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:56:21 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=161, length=0
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:56:21 2010 : Debug: 	EAP-Message = 0x010300061920
Mon Jan 11 14:56:21 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:56:21 2010 : Debug: 	State = 0xbc704e27bc7357f93dcf7de4114d127d
Mon Jan 11 14:56:21 2010 : Debug: Finished request 3114953.
Mon Jan 11 14:56:21 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=162, length=491
Mon Jan 11 14:56:21 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:56:21 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:56:21 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:56:21 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:56:21 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:56:21 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:56:21 2010 : Debug: 	EAP-Message = 0x0203012319800000011916030101140100011003014b4b3b228d5b890e0727c5d18040723a6251590f115d2bbb3853500baac4a91100003200390038003500880087008400160013000a00330032002f004500440041000500040015001200090014001100080006000302010000b4002300b0621c624559876427913ed02221efeb37a02ca9312c072969596cbc0c0d0e9e7c0f34487d1b0392ee160b60d99898d05d06fdc3354e27060654f360ec097f91963c1b76ba920cf0cb59ae564f9b191e33cdd26fc44764a9d13c39166815d4f09c983db69d7bc7a8c0dd6633dda6e0f988b20d04192dcd59d6a8dbd1539d3173638d840b504a6ae9d7ee10
Mon Jan 11 14:56:21 2010 : Debug: 	EAP-Message = 0x5227ec5d628dcfa96818dab024a27f5324020a0203072b0cff6c16085b6256a717a6c1329793
Mon Jan 11 14:56:21 2010 : Debug: 	State = 0xbc704e27bc7357f93dcf7de4114d127d
Mon Jan 11 14:56:21 2010 : Debug: 	Message-Authenticator = 0xf4b3e2dbd571bb1471a21019a7171498
Mon Jan 11 14:56:21 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:56:21 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:21 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++ ... skipping else for request 3114954: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++ ... skipping else for request 3114954: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++ ... skipping else for request 3114954: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:56:21 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:56:21 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++ ... skipping else for request 3114954: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++ ... skipping else for request 3114954: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:56:21 2010 : Debug: sql_xlat
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:21 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:56:21 2010 : Debug: sql_xlat finished
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:56:21 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:56:21 2010
Mon Jan 11 14:56:21 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:56:21 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:56:21 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:56:21 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:56:21 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:56:21 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:56:21 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:56:21 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:56:21 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:56:21 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:56:21 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:56:21 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:56:21 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:56:21 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [eap] EAP packet type response id 3 length 253
Mon Jan 11 14:56:21 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:56:21 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:56:21 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:56:21 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:56:21 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:56:21 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:56:21 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:56:21 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:56:21 2010 : Debug: [peap] Length Included
Mon Jan 11 14:56:21 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:56:21 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 14:56:21 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 14:56:21 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 14:56:21 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 14:56:21 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 14:56:21 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 14:56:21 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:56:21 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read finished A
Mon Jan 11 14:56:21 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:56:21 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:56:21 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:56:21 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=162, length=0
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:56:21 2010 : Debug: 	EAP-Message = 0x010400701900160301002a0200002603014b4b3c15baa918a4e9a8649e69435351950a9b4d7b7d2fbbfc9ca60b03d8109f00003901140301000101160301003028ffa2b95edc248be1c37f7fc8f0705f02b63f059d732f10dbd7d51147ac14a9a6c7a102cebbdd5036a125d2698e91f3
Mon Jan 11 14:56:21 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:56:21 2010 : Debug: 	State = 0xbc704e27bd7457f93dcf7de4114d127d
Mon Jan 11 14:56:21 2010 : Debug: Finished request 3114954.
Mon Jan 11 14:56:21 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=163, length=263
Mon Jan 11 14:56:21 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:56:21 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:56:21 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:56:21 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:56:21 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:56:21 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:56:21 2010 : Debug: 	EAP-Message = 0x020400411900140301000101160301003053f55aea0687d202f1c13e93272579d422d8004913721e9fa354d0a4c6e9d84cca49ee322781b8bed35f58b8d4810142
Mon Jan 11 14:56:21 2010 : Debug: 	State = 0xbc704e27bd7457f93dcf7de4114d127d
Mon Jan 11 14:56:21 2010 : Debug: 	Message-Authenticator = 0x99446f6a821c61ae59b3b8ead9f56c24
Mon Jan 11 14:56:21 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:56:21 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:21 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++ ... skipping else for request 3114955: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++ ... skipping else for request 3114955: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++ ... skipping else for request 3114955: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:56:21 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:56:21 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++ ... skipping else for request 3114955: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++ ... skipping else for request 3114955: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:56:21 2010 : Debug: sql_xlat
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:21 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:56:21 2010 : Debug: sql_xlat finished
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:56:21 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:56:21 2010
Mon Jan 11 14:56:21 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:56:21 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:56:21 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:56:21 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:56:21 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:56:21 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:56:21 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:56:21 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:56:21 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:56:21 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:56:21 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:56:21 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:56:21 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:56:21 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [eap] EAP packet type response id 4 length 65
Mon Jan 11 14:56:21 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:56:21 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:56:21 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:56:21 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:56:21 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:56:21 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:56:21 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:56:21 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:56:21 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:56:21 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:56:21 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 14:56:21 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 14:56:21 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 14:56:21 2010 : Debug: [peap] Skipping Phase2 because of session resumption.
Mon Jan 11 14:56:21 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 14:56:21 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:56:21 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=163, length=0
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:56:21 2010 : Debug: 	EAP-Message = 0x0105003b190017030100303cb1535aa41d461bbb8e630f00e5977a962764c99ee6b38b5e9290551b41523947f94c20b67d61ff6b5b06851dac5c07
Mon Jan 11 14:56:21 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:56:21 2010 : Debug: 	State = 0xbc704e27be7557f93dcf7de4114d127d
Mon Jan 11 14:56:21 2010 : Debug: Finished request 3114955.
Mon Jan 11 14:56:21 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=164, length=294
Mon Jan 11 14:56:21 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:56:21 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:56:21 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:56:21 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:56:21 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:56:21 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:56:21 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:56:21 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:56:21 2010 : Debug: 	EAP-Message = 0x0205006019001703010020488dad2d094d8eab7dc04713776749e3d3bfb4aac9709d1ebae20efd523937ca17030100303adf08429d9b3282c45a562377552cb8fa965342a246c179c7929089c114c2e64c5a5b70e31f0c8eb7e75fcd8ba9657d
Mon Jan 11 14:56:21 2010 : Debug: 	State = 0xbc704e27be7557f93dcf7de4114d127d
Mon Jan 11 14:56:21 2010 : Debug: 	Message-Authenticator = 0xb9cc35dca8ca561bec98291ff29b3eee
Mon Jan 11 14:56:21 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:56:21 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:21 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++ ... skipping else for request 3114956: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++ ... skipping else for request 3114956: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++ ... skipping else for request 3114956: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:56:21 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:56:21 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++ ... skipping else for request 3114956: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++ ... skipping else for request 3114956: Preceding "if" was taken
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:56:21 2010 : Debug: sql_xlat
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:21 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:56:21 2010 : Debug: sql_xlat finished
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:56:21 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:56:21 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:56:21 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:21 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:56:21 2010
Mon Jan 11 14:56:21 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:56:21 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:56:21 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:56:21 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:21 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:56:21 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:56:21 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:21 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:56:21 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:56:21 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:56:21 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:56:21 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:56:21 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:56:21 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:56:21 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:56:21 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:56:21 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:56:21 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:56:21 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:56:21 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:56:21 2010 : Debug: [eap] EAP packet type response id 5 length 96
Mon Jan 11 14:56:21 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:56:21 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:56:21 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:56:21 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:56:21 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:56:21 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:56:21 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:56:21 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:56:21 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:56:21 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:56:21 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:56:21 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:56:21 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:56:21 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 14:56:21 2010 : Debug: [peap] Success
Mon Jan 11 14:56:21 2010 : Debug: [peap] WARNING: No information in cached session!
Mon Jan 11 14:56:21 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:56:21 2010 : Debug: ++[eap] returns reject
Mon Jan 11 14:56:21 2010 : Debug: Failed to authenticate the user.
Mon Jan 11 14:56:21 2010 : Debug: 	expand: Bad Password -> Bad Password
Mon Jan 11 14:56:21 2010 : Debug: Using Post-Auth-Type Reject
Mon Jan 11 14:56:21 2010 : Debug: +- entering group REJECT {...}
Mon Jan 11 14:56:21 2010 : Debug: [attr_filter.access_reject] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: ++[attr_filter.access_reject] returns updated
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:21 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 14:56:21 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Reject', '2010-01-11 14:56:21', '')
Mon Jan 11 14:56:21 2010 : Debug: ++[sql] returns ok
Mon Jan 11 14:56:21 2010 : Debug: Delaying reject of request 3114956 for 1 seconds
Mon Jan 11 14:56:22 2010 : Debug: Sending delayed reject for request 3114956
Mon Jan 11 14:56:22 2010 : Debug: Sending Access-Reject packet to host 10.10.246.234 port 32768, id=164, length=0
Mon Jan 11 14:56:22 2010 : Debug: 	EAP-Message = 0x04050004
Mon Jan 11 14:56:22 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:56:26 2010 : Debug: Cleaning up request 3114953 ID 161 with timestamp +512200
Mon Jan 11 14:56:26 2010 : Debug: Cleaning up request 3114954 ID 162 with timestamp +512200
Mon Jan 11 14:56:26 2010 : Debug: Cleaning up request 3114955 ID 163 with timestamp +512200
Mon Jan 11 14:56:27 2010 : Debug: Cleaning up request 3114956 ID 164 with timestamp +512200
Mon Jan 11 14:56:42 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=225, length=205
Mon Jan 11 14:56:42 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:56:42 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:56:42 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:56:42 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:56:42 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:56:42 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:56:42 2010 : Debug: 	EAP-Message = 0x0201001901353534363934407377616e7365612e61632e756b
Mon Jan 11 14:56:42 2010 : Debug: 	Message-Authenticator = 0x0358ccf94fc58b790ed7dc434c1d29fb
Mon Jan 11 14:56:42 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:56:42 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:42 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++ ... skipping else for request 3115228: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++ ... skipping else for request 3115228: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++ ... skipping else for request 3115228: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:56:42 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:56:42 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++ ... skipping else for request 3115228: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++ ... skipping else for request 3115228: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:56:42 2010 : Debug: sql_xlat
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:42 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:56:42 2010 : Debug: sql_xlat finished
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:56:42 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:56:42 2010
Mon Jan 11 14:56:42 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:56:42 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:56:42 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:56:42 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:56:42 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:56:42 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:56:42 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:56:42 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:56:42 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:56:42 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:56:42 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:56:42 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:56:42 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:56:42 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [eap] EAP packet type response id 1 length 25
Mon Jan 11 14:56:42 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:56:42 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:56:42 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:56:42 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:56:42 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:56:42 2010 : Debug: [eap] processing type tls
Mon Jan 11 14:56:42 2010 : Debug: [tls] Initiate
Mon Jan 11 14:56:42 2010 : Debug: [tls] Start returned 1
Mon Jan 11 14:56:42 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:56:42 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=225, length=0
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:56:42 2010 : Debug: 	EAP-Message = 0x010200061920
Mon Jan 11 14:56:42 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:56:42 2010 : Debug: 	State = 0x0d41ddd80d43c41ff5537079bda2eb78
Mon Jan 11 14:56:42 2010 : Debug: Finished request 3115228.
Mon Jan 11 14:56:42 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=226, length=491
Mon Jan 11 14:56:42 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:56:42 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:56:42 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:56:42 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:56:42 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:56:42 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:56:42 2010 : Debug: 	EAP-Message = 0x0202012319800000011916030101140100011003014b4b3b376bbfb27151a2b5d8a9ab1dbc387ebb0f8d43be1d835e5a9cea273f3600003200390038003500880087008400160013000a00330032002f004500440041000500040015001200090014001100080006000302010000b4002300b0621c624559876427913ed02221efeb37a02ca9312c072969596cbc0c0d0e9e7c0f34487d1b0392ee160b60d99898d05d06fdc3354e27060654f360ec097f91963c1b76ba920cf0cb59ae564f9b191e33cdd26fc44764a9d13c39166815d4f09c983db69d7bc7a8c0dd6633dda6e0f988b20d04192dcd59d6a8dbd1539d3173638d840b504a6ae9d7ee10
Mon Jan 11 14:56:42 2010 : Debug: 	EAP-Message = 0x5227ec5d628dcfa96818dab024a27f5324020a0203072b0cff6c16085b6256a717a6c1329793
Mon Jan 11 14:56:42 2010 : Debug: 	State = 0x0d41ddd80d43c41ff5537079bda2eb78
Mon Jan 11 14:56:42 2010 : Debug: 	Message-Authenticator = 0x353c7f290523c256be8c0aff11263324
Mon Jan 11 14:56:42 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:56:42 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:42 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++ ... skipping else for request 3115229: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++ ... skipping else for request 3115229: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++ ... skipping else for request 3115229: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:56:42 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:56:42 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++ ... skipping else for request 3115229: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++ ... skipping else for request 3115229: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:56:42 2010 : Debug: sql_xlat
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:42 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:56:42 2010 : Debug: sql_xlat finished
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:56:42 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:56:42 2010
Mon Jan 11 14:56:42 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:56:42 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:56:42 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:56:42 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:56:42 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:56:42 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:56:42 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:56:42 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:56:42 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:56:42 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:56:42 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:56:42 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:56:42 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:56:42 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [eap] EAP packet type response id 2 length 253
Mon Jan 11 14:56:42 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:56:42 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:56:42 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:56:42 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:56:42 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:56:42 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:56:42 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:56:42 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:56:42 2010 : Debug: [peap] Length Included
Mon Jan 11 14:56:42 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:56:42 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 14:56:42 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 14:56:42 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 14:56:42 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 14:56:42 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 14:56:42 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 14:56:42 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:56:42 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read finished A
Mon Jan 11 14:56:42 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:56:42 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:56:42 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:56:42 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=226, length=0
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:56:42 2010 : Debug: 	EAP-Message = 0x010300701900160301002a0200002603014b4b3c2a292e8f91ad7ab7dbfa076b20ec5efa1f12ad642e952a44419f8c8c550000390114030100010116030100302b18d32b5ca7e51e8562f2ce83e46dabc6ba8f5608df87bdeaca3340bbb092a611d4dfd40e1b735f804d94a2e40196e0
Mon Jan 11 14:56:42 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:56:42 2010 : Debug: 	State = 0x0d41ddd80c42c41ff5537079bda2eb78
Mon Jan 11 14:56:42 2010 : Debug: Finished request 3115229.
Mon Jan 11 14:56:42 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=227, length=263
Mon Jan 11 14:56:42 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:56:42 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:56:42 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:56:42 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:56:42 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:56:42 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:56:42 2010 : Debug: 	EAP-Message = 0x020300411900140301000101160301003017fe8e224a9db43c3800e6c7f39c376a6078ffef0116d2507002c82cb99df2ccc6cee6937ce300b18542e2ad4c0b51e2
Mon Jan 11 14:56:42 2010 : Debug: 	State = 0x0d41ddd80c42c41ff5537079bda2eb78
Mon Jan 11 14:56:42 2010 : Debug: 	Message-Authenticator = 0xf1368c8345116a8ba199db213bd1494d
Mon Jan 11 14:56:42 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:56:42 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:42 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++ ... skipping else for request 3115230: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++ ... skipping else for request 3115230: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++ ... skipping else for request 3115230: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:56:42 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:56:42 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++ ... skipping else for request 3115230: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++ ... skipping else for request 3115230: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:56:42 2010 : Debug: sql_xlat
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:42 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:56:42 2010 : Debug: sql_xlat finished
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:56:42 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:56:42 2010
Mon Jan 11 14:56:42 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:56:42 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:56:42 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:56:42 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:56:42 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:56:42 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:56:42 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:56:42 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:56:42 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:56:42 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:56:42 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:56:42 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:56:42 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:56:42 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [eap] EAP packet type response id 3 length 65
Mon Jan 11 14:56:42 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:56:42 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:56:42 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:56:42 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:56:42 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:56:42 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:56:42 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:56:42 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:56:42 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:56:42 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:56:42 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 14:56:42 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 14:56:42 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 14:56:42 2010 : Debug: [peap] Skipping Phase2 because of session resumption.
Mon Jan 11 14:56:42 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 14:56:42 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:56:42 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=227, length=0
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:56:42 2010 : Debug: 	EAP-Message = 0x0104003b1900170301003035f7f93a11f457a05fa3f84cbb19d41f7dcaac1284097fd9b34e9e88159a2f88b3731b6feae2b7ba21f300414197cc27
Mon Jan 11 14:56:42 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:56:42 2010 : Debug: 	State = 0x0d41ddd80f45c41ff5537079bda2eb78
Mon Jan 11 14:56:42 2010 : Debug: Finished request 3115230.
Mon Jan 11 14:56:42 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=228, length=294
Mon Jan 11 14:56:42 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:56:42 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:56:42 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:56:42 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:56:42 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:56:42 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:56:42 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:56:42 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:56:42 2010 : Debug: 	EAP-Message = 0x0204006019001703010020625e92fb007a27918461e3fa01031d678d7cefd328d9139a31cb71f93bb3865b170301003038dbf1ee8a3e6ebb000137ffbbd084203e88bf0ea4f1d11777814c2d57acc5db69c01db339ef52db9ecdad3157106c48
Mon Jan 11 14:56:42 2010 : Debug: 	State = 0x0d41ddd80f45c41ff5537079bda2eb78
Mon Jan 11 14:56:42 2010 : Debug: 	Message-Authenticator = 0xaa905fb1aaf6c1dc9d9a2ed6d80e9d7d
Mon Jan 11 14:56:42 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:56:42 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:42 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++ ... skipping else for request 3115231: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++ ... skipping else for request 3115231: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++ ... skipping else for request 3115231: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:56:42 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:56:42 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++ ... skipping else for request 3115231: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++ ... skipping else for request 3115231: Preceding "if" was taken
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:56:42 2010 : Debug: sql_xlat
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:42 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:56:42 2010 : Debug: sql_xlat finished
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:56:42 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:56:42 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:56:42 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:56:42 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:56:42 2010
Mon Jan 11 14:56:42 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:56:42 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:56:42 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:56:42 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:56:42 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:56:42 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:56:42 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:56:42 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:56:42 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:56:42 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:56:42 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:56:42 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:56:42 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:56:42 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:56:42 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:56:42 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:56:42 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:56:42 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:56:42 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:56:42 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:56:42 2010 : Debug: [eap] EAP packet type response id 4 length 96
Mon Jan 11 14:56:42 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:56:42 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:56:42 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:56:42 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:56:42 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:56:42 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:56:42 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:56:42 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:56:42 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:56:42 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:56:42 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:56:42 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:56:42 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:56:42 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 14:56:42 2010 : Debug: [peap] Success
Mon Jan 11 14:56:42 2010 : Debug: [peap] WARNING: No information in cached session!
Mon Jan 11 14:56:42 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:56:42 2010 : Debug: ++[eap] returns reject
Mon Jan 11 14:56:42 2010 : Debug: Failed to authenticate the user.
Mon Jan 11 14:56:42 2010 : Debug: 	expand: Bad Password -> Bad Password
Mon Jan 11 14:56:42 2010 : Debug: Using Post-Auth-Type Reject
Mon Jan 11 14:56:42 2010 : Debug: +- entering group REJECT {...}
Mon Jan 11 14:56:42 2010 : Debug: [attr_filter.access_reject] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: ++[attr_filter.access_reject] returns updated
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:56:42 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 14:56:42 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Reject', '2010-01-11 14:56:42', '')
Mon Jan 11 14:56:42 2010 : Debug: ++[sql] returns ok
Mon Jan 11 14:56:42 2010 : Debug: Delaying reject of request 3115231 for 1 seconds
Mon Jan 11 14:56:43 2010 : Debug: Sending delayed reject for request 3115231
Mon Jan 11 14:56:43 2010 : Debug: Sending Access-Reject packet to host 10.10.246.234 port 32768, id=228, length=0
Mon Jan 11 14:56:43 2010 : Debug: 	EAP-Message = 0x04040004
Mon Jan 11 14:56:43 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:56:47 2010 : Debug: Cleaning up request 3115228 ID 225 with timestamp +512221
Mon Jan 11 14:56:47 2010 : Debug: Cleaning up request 3115229 ID 226 with timestamp +512221
Mon Jan 11 14:56:47 2010 : Debug: Cleaning up request 3115230 ID 227 with timestamp +512221
Mon Jan 11 14:56:48 2010 : Debug: Cleaning up request 3115231 ID 228 with timestamp +512221
Mon Jan 11 14:57:16 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=35, length=205
Mon Jan 11 14:57:16 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:16 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:16 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:16 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:16 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:16 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:16 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:16 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:16 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:16 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:16 2010 : Debug: 	EAP-Message = 0x0201001901353534363934407377616e7365612e61632e756b
Mon Jan 11 14:57:16 2010 : Debug: 	Message-Authenticator = 0xc59a7c8098d27b1a59288d2681a8ce9e
Mon Jan 11 14:57:16 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:16 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:16 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++++ ... skipping else for request 3115613: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++ ... skipping else for request 3115613: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++ ... skipping else for request 3115613: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:16 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:16 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++ ... skipping else for request 3115613: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:16 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++ ... skipping else for request 3115613: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:16 2010 : Debug: sql_xlat
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:16 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:16 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:16 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:16 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:16 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:16 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:16 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:16 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:16 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:16 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:16 2010
Mon Jan 11 14:57:16 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:16 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:16 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:16 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:16 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:16 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:16 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:16 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:16 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:16 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:16 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:16 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:16 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:16 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:16 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:16 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:16 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:16 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:16 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:16 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:16 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:16 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:16 2010 : Debug: [eap] EAP packet type response id 1 length 25
Mon Jan 11 14:57:16 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:57:16 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:57:16 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:16 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:16 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:57:16 2010 : Debug: [eap] processing type tls
Mon Jan 11 14:57:16 2010 : Debug: [tls] Initiate
Mon Jan 11 14:57:16 2010 : Debug: [tls] Start returned 1
Mon Jan 11 14:57:16 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:16 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=35, length=0
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:16 2010 : Debug: 	EAP-Message = 0x010200061920
Mon Jan 11 14:57:16 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:16 2010 : Debug: 	State = 0x45e5311a45e728c07247837058d21100
Mon Jan 11 14:57:16 2010 : Debug: Finished request 3115613.
Mon Jan 11 14:57:16 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=36, length=313
Mon Jan 11 14:57:16 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:16 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:16 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:16 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:16 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:16 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:16 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:16 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:16 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:16 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:16 2010 : Debug: 	EAP-Message = 0x0202007319800000006916030100640100006003014b4b3b5a0e6888eca61fd25b198ec9809b96948e8d0cdaefbd3cf5d79233892900003200390038003500880087008400160013000a00330032002f0045004400410005000400150012000900140011000800060003020100000400230000
Mon Jan 11 14:57:16 2010 : Debug: 	State = 0x45e5311a45e728c07247837058d21100
Mon Jan 11 14:57:16 2010 : Debug: 	Message-Authenticator = 0xf9ae0cd93d830329f7108dd2a6668b2d
Mon Jan 11 14:57:16 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:16 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:16 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++++ ... skipping else for request 3115614: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++ ... skipping else for request 3115614: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++ ... skipping else for request 3115614: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:16 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:16 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++ ... skipping else for request 3115614: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:16 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++ ... skipping else for request 3115614: Preceding "if" was taken
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:16 2010 : Debug: sql_xlat
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:16 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:16 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:16 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:16 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:16 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:16 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:16 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:16 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:16 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:16 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:16 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:16 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:16 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:16 2010
Mon Jan 11 14:57:16 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:16 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:16 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:16 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:16 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:16 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:16 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:16 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:16 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:16 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:16 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:16 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:16 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:16 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:16 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:16 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:16 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:16 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:16 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:16 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:16 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:16 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:16 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:16 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:16 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:16 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:16 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:16 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:16 2010 : Debug: [eap] EAP packet type response id 2 length 115
Mon Jan 11 14:57:16 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:16 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:16 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:16 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:16 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:16 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:16 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:16 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:16 2010 : Debug: [peap] Length Included
Mon Jan 11 14:57:16 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:57:16 2010 : Debug: [peap]     (other): before/accept initialization

Mon Jan 11 14:57:16 2010 : Debug: [peap]     TLS_accept: before/accept initialization

Mon Jan 11 14:57:16 2010 : Debug: [peap]     TLS_accept: SSLv3 read client hello A

Mon Jan 11 14:57:16 2010 : Debug: [peap]     TLS_accept: SSLv3 write server hello A

Mon Jan 11 14:57:16 2010 : Debug: [peap]     TLS_accept: SSLv3 write certificate A

Mon Jan 11 14:57:16 2010 : Debug: [peap]     TLS_accept: SSLv3 write key exchange A

Mon Jan 11 14:57:16 2010 : Debug: [peap]     TLS_accept: SSLv3 write server done A

Mon Jan 11 14:57:16 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:57:16 2010 : Debug: [peap]     TLS_accept: Need to read more data: SSLv3 read client certificate A
Mon Jan 11 14:57:16 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:57:16 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:57:16 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:16 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=36, length=0
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:16 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:16 2010 : Debug: 	EAP-Message = 0x0103040019c000000b1916030100300200002c03014b4b3c4c3605fabeaf5bf71af1120cca8e8ffe696fdd36a29f1cc22d6be456b00000390100040023000016030108c40b0008c00008bd0004713082046d30820355a003020102020b0100000000011eff3e0688300d06092a864886f70d0101050500305f310b300906035504061302424531133011060355040a130a4379626572747275737431173015060355040b130e456475636174696f6e616c20434131223020060355040313194379626572747275737420456475636174696f6e616c204341301e170d3039303132323135353634365a170d3132303132323135353634365a308194310b
Mon Jan 11 14:57:16 2010 : Debug: 	EAP-Message = 0x3009060355040613024742310e300c0603550408130557616c65733110300e060355040713075377616e736561311b3019060355040a13125377616e73656120556e6976657273697479311b301906035504031312726164617574682e7377616e2e61632e756b3129302706092a864886f70d010901161a702e772e6d61747468657773407377616e7365612e61632e756b30820122300d06092a864886f70d01010105000382010f003082010a0282010100bd23254279d1afe451a4b5cb064f178fd933268aa28ad565dcefa51573644f07553e14d51614885b1613138d1dc64bd85ae73a84293f98b8886ffed75fbea0a313c8745a35b9435389b4
Mon Jan 11 14:57:16 2010 : Debug: 	EAP-Message = 0x8e7a96a7e2efa3355f3828fbc159633555611f7c4f02cf01702626fb66ddf5e0fa94ed9f3b6bac1cf4c9b0ef4b93b8a3f89fdf711cff875c50981306197a43934d5a79fda691d0d0f68e78aa451e887b4bbab905f718dd7184db73acb7a3d94f32b91250fa0aebd0e242a5fd44d0fbc3651f7af2e79c9e59fc019d81ef94268f7519979c0a22530f0a57684e78038fd7b9fce3197bc167ed86aba278eef4f3de4a3be032d7297ba1754732d266ec697f8173664898a90203010001a381f33081f0300e0603551d0f0101ff0404030205a0301f0603551d230418301680146565a33dd73b11a30a072537c9424a5b767750e1301d0603551d0e04160414
Mon Jan 11 14:57:16 2010 : Debug: 	EAP-Message = 0x30072f05699503ba553c1f4a9fcd22fb29f3c5d3303a0603551d1f04333031302fa02da02b8629687474703a2f2f63726c2e676c6f62616c7369676e2e6e65742f656475636174696f6e616c2e63726c304f06082b0601050507010104433041303f06082b060105050730028633687474703a2f2f7365637572652e676c6f62616c7369676e2e6e65742f6361636572742f656475636174696f6e616c2e637274301106096086480186f84201010404030206c0300d06092a864886f70d01010505000382010100638ef22ec52088cf11d282ae772839a7737ada87c29245cd9b6a0b910598a449da9355d776fb52e1f5d7466d6bbaf2c64349f3a477
Mon Jan 11 14:57:16 2010 : Debug: 	EAP-Message = 0xae09ae3994d591302f968b35
Mon Jan 11 14:57:16 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:16 2010 : Debug: 	State = 0x45e5311a44e628c07247837058d21100
Mon Jan 11 14:57:16 2010 : Debug: Finished request 3115614.
Mon Jan 11 14:57:17 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=37, length=204
Mon Jan 11 14:57:17 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:17 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:17 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:17 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:17 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:17 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x020300061900
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a44e628c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x199fb4be215b3a3226276334dffb30d5
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115615: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115615: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115615: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115615: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115615: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 3 length 6
Mon Jan 11 14:57:17 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:17 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:17 2010 : Debug: [peap] Received TLS ACK
Mon Jan 11 14:57:17 2010 : Debug: [peap] ACK handshake fragment handler
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_verify returned 1

Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:57:17 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=37, length=0
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x010403fc19404c1d731c414818499351208d609cecb34f96e016e74ead4b9a57d584823536c69839b9836bac68d0bbf50e1697b66d4a2c226b520208a30b9699e3a908e501572960b1674641aa32bac6457e096d64011addf03e64393514f7d33fb9e63fe7dca2ff31a9cf0451a7ced15be993d7355af0479830f3a3643ca1c66feff2adfca34d7e16172d9eb37ee53dac51fbfdede2b8e73238866faee668600cea1790630e2f550905cb3579a4be819a45a997088733ebb065be2b1c72463848938fdeb300044630820442308203aba0030201020204040003fb300d06092a864886f70d01010505003075310b300906035504061302555331183016
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x060355040a130f47544520436f72706f726174696f6e31273025060355040b131e475445204379626572547275737420536f6c7574696f6e732c20496e632e312330210603550403131a475445204379626572547275737420476c6f62616c20526f6f74301e170d3036303331343230333030305a170d3133303331343233353930305a305f310b300906035504061302424531133011060355040a130a4379626572747275737431173015060355040b130e456475636174696f6e616c20434131223020060355040313194379626572747275737420456475636174696f6e616c20434130820122300d06092a864886f70d01010105000382010f00
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x3082010a02820101009522a1101d4a46606e05919bdf83c2ed12b25a7cf8abe1f8505c282c7e7e003893b08b4af1c24c3c102c3cefb0eca1692fb9fccc08146b8d4f18f383d2faa9370820aa5caa8060a2d5a52200cf5ae5b497dfba1ebe5c8e171966fdaf9f7c7b89b20e24d8c7ab63c495328d48e663597d04b833a8bdd75d64bc63b5f74d28fdf90672315cba459465a3d2b458ec3b615844a32f62b39b80b482fdd5c7cc5125e5953f472f307bacc8786ee2e16d27eb3dcc0182e835778dab58bb55d1d5a481568d1cd014b1b006dea09122f3f0a8341747c6e03ef60c5aac7e504bcde1696e06fc067e6a4db49599a0595c3566ecd949d417e060
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0xb05da5d71ae22a6e66f2af1d0203010001a382016f3082016b30450603551d1f043e303c303aa038a0368634687474703a2f2f7777772e7075626c69632d74727573742e636f6d2f6367692d62696e2f43524c2f323031382f6364702e63726c301d0603551d0e041604146565a33dd73b11a30a072537c9424a5b767750e130530603551d20044c304a304806092b06010401b13e0100303b303906082b06010505070201162d687474703a2f2f7777772e7075626c69632d74727573742e636f6d2f4350532f4f6d6e69526f6f742e68746d6c3081890603551d23048181307fa179a4773075310b300906035504061302555331183016060355040a
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x130f47544520436f
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a47e128c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: Finished request 3115615.
Mon Jan 11 14:57:17 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=38, length=204
Mon Jan 11 14:57:17 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:17 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:17 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:17 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:17 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:17 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x020400061900
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a47e128c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x5ec5b5f1c23b580c459b09de48a03add
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115616: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115616: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115616: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115616: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115616: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 4 length 6
Mon Jan 11 14:57:17 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:17 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:17 2010 : Debug: [peap] Received TLS ACK
Mon Jan 11 14:57:17 2010 : Debug: [peap] ACK handshake fragment handler
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_verify returned 1

Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:57:17 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=38, length=0
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x01050333190072706f726174696f6e31273025060355040b131e475445204379626572547275737420536f6c7574696f6e732c20496e632e312330210603550403131a475445204379626572547275737420476c6f62616c20526f6f74820201a5300e0603551d0f0101ff04040302010630120603551d130101ff040830060101ff020100300d06092a864886f70d01010505000381810043b345835471c41fdcb23c6b4ebf26f24ef2ad9a5bfa863788e8146c4118425fef653eeb0377a0b79e757a517cbb155bb8af91a0349253ed7f2a4984acb9804bb5c7b22322fbebd8fb6ec93cf3d2d1bbbec91cff6d01db69800e99a5ea9e7b97988fb7cf22
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x9cb3b85de5a9331774c697370fb4e926825f610b3f1e3d64e92b9b160301020d0c0002090080cef85ff6a1e8ed6e7dc7d84beb0430d5d1c1d529059571fa07bab2e72f39e9a1abf2c3230f8e16698e888961dd7f5c75c01a37e680f9d204d0f066ad96c77167abd82814178b9be1513c226cf6bf2b5387b0a3034f1298af4221f1bc420e833b35b73b47ebec3c64f25b8c398abb13ef3714bce74700d5ef825609a8ea1a224b00010200806d4be299e3e26b4ab2429cc9f066b64888c6812b01745846ffd85c3673edbd17e0b4f6b4e69e2b5f1779715a9d3a0cdf7bcbcd0d726db32ae7b2cc02e095a7d104ffc958c73580b9659ef352b11883e79a90
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0xb6950ccf341b0ec5c437a23d673d76784b15c034677d1ddf00ddc14c8eea744df406f88af5c39c01ca6b4bb567b401009a236176399c9a487d2a6d4fa3b78c9ad54fd7fdae4503d331987256b9d753f097d7cec01b3c6e9be2d6ea4a921c8a30b5888b0caaf21f25b42fcea412769c7064f8000950c7e3f7d5593939ae659a108284d4ae5a396ffdbb4c346510c74569dc20463712eb0ffda8ab3e1faae05e4a7941d9dedaace0b5157a5b3a7ab123a70d49758eb757ae10875832dc764ea30ecac8b20da5e94c621c86200de7fb0ac9249ec53a8df8bd492dddfe22f76817709f6c2689c8faf6fe043bb00cbf25ce94ce45623e3fc30139830f5a6c2a
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0xe5ba03efabc79478b4f7f9c24b2203c13a6a236035498b2653ad4cace2c8dec82e008137db2f6014d13002ea91c3ace2e0df0916030100040e000000
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a46e028c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: Finished request 3115616.
Mon Jan 11 14:57:17 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=39, length=406
Mon Jan 11 14:57:17 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:17 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:17 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:17 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:17 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:17 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x020500d01980000000c6160301008610000082008020e12854328beec2af9d1254c1a57de3ecc5aa6f42dae7ba03a726cab2798556a9830904beb5756e2f507b5d1304dc9dee2e213b55ac318da13b36992e3cadffbb754cf16a48f977e3c826637e26adedfe39b3d4c12196fc83691f42bee52547978cce89f9c3a0393e55d10727f7a4d410da6dfcee7c48e3dcf60f8321e4f24e1403010001011603010030a4f41ff46311c7c4866c3bb46005151e591d79cb23cd4208e3d79ff28776c4961b7156f53097b582d0a8ad771ed6e8ba
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a46e028c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x6e105f66c823a0fb0a06a0bb51e94a89
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115617: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115617: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115617: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115617: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115617: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 5 length 208
Mon Jan 11 14:57:17 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:17 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:17 2010 : Debug: [peap] Length Included
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_verify returned 11

Mon Jan 11 14:57:17 2010 : Debug: [peap]     TLS_accept: SSLv3 read client key exchange A

Mon Jan 11 14:57:17 2010 : Debug: [peap]     TLS_accept: SSLv3 read finished A

Mon Jan 11 14:57:17 2010 : Debug: [peap]     TLS_accept: unknown state

Mon Jan 11 14:57:17 2010 : Debug: [peap]     TLS_accept: SSLv3 write change cipher spec A

Mon Jan 11 14:57:17 2010 : Debug: [peap]     TLS_accept: SSLv3 write finished A

Mon Jan 11 14:57:17 2010 : Debug: [peap]     TLS_accept: SSLv3 flush data

Mon Jan 11 14:57:17 2010 : Debug: [peap]     (other): SSL negotiation finished successfully

Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_process returned 13

Mon Jan 11 14:57:17 2010 : Debug: [peap] EAPTLS_HANDLED
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=39, length=0
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x01060100190016030100ba040000b60000000000b0621c624559876427913ed02221efeb37285b10fb49e45b3f7ea82b14b1527888fd9d1602dca6e3aa0ec0d6be1408616bb3a98c950fea40d36b661ac9194ec24129bfa770cd2b01ce4bcd0803b4b49cda565f72e499240296e741126d61972b09df28492e358f3e0e65c41183ee47b6a25ae1710851b79d350f25a0cd3c4b1c0f7f5dd4739d3be37d86c7e5b988f39ad64ea2e112077619b7ab0e0a507f9082f979c203ca226fa7f2b792a2991875b72a1403010001011603010030a9c20faf7c4adf351940dae35c8b521f018e472a2d0b34554dfffffaa980b573b6d33c00de10867f58866927cd
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x502fc4
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a41e328c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: Finished request 3115617.
Mon Jan 11 14:57:17 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=40, length=204
Mon Jan 11 14:57:17 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:17 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:17 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:17 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:17 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:17 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x020600061900
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a41e328c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x6d04aefd75a1cb8ca62580bb2162b532
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115618: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115618: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115618: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115618: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115618: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 6 length 6
Mon Jan 11 14:57:17 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:17 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:17 2010 : Debug: [peap] Received TLS ACK
Mon Jan 11 14:57:17 2010 : Debug: [peap] ACK handshake is finished
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_verify returned 3

Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_process returned 3

Mon Jan 11 14:57:17 2010 : Debug: [peap] EAPTLS_SUCCESS
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=40, length=0
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x0107002b190017030100204936959a80f7982a7770a0397fc7e6a346218a0e966d093017d766e45fdfe3d1
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a40e228c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: Finished request 3115618.
Mon Jan 11 14:57:17 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=41, length=294
Mon Jan 11 14:57:17 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:17 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:17 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:17 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:17 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:17 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x02070060190017030100200988e4de78c6e90b1007a29f18b049e4503aebd86e1197de359de4cb14d371691703010030674b2a5d78f731f4be64d46304bb46aa54fbf52b85cdf6fe8505f75eee56447b64eb625df449584404d0dcb2bce0ea43
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a40e228c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0xbfe9d718bb91c73bfe43c0738f855ce5
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 7 length 96
Mon Jan 11 14:57:17 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:17 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:57:17 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:57:17 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:57:17 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:57:17 2010 : Debug: [peap] Identity - 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115619: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[unix] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 7 length 25
Mon Jan 11 14:57:17 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] Found existing Auth-Type, not changing it.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP Identity
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type mschapv2
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: [peap] Got tunneled Access-Challenge
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=41, length=0
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x0108005b190017030100508487482e7c9d078a21ed6be25868365eeb412ea64cfed3307f572ea1b1ea94ebcc52e644f3a95df5fd2f2f79268aaa1d9a8f0e47c17615598934f0ecbd3d819193f35d68dca145c3bb3caa44f4da2ccd
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a43ed28c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: Finished request 3115619.
Mon Jan 11 14:57:17 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=42, length=342
Mon Jan 11 14:57:17 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:17 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:17 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:17 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:17 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:17 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x0208009019001703010020188b4b5887b290ad57575b1d9665c6ea7ca3bcbdd67007e6df07b3356055ad43170301006036e3a10bd6e5501802b02239990ec64c5a8aa739adbc5b5b231e59601bcb98a501d4442f9b0d5d29ab35dc7034c11a5e148dbde64b6103c2d0fbe54c87274bd189c2f346bd03e5e74de4ba2383093cd64a6d136b439ed0255b5fbef057078604
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a43ed28c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x7746d6b0827c18a3f3bf63de8cf1d00e
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 8 length 144
Mon Jan 11 14:57:17 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:17 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:57:17 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:57:17 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:57:17 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:57:17 2010 : Debug: [peap] EAP type mschapv2
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115620: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[unix] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 8 length 79
Mon Jan 11 14:57:17 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] Found existing Auth-Type, not changing it.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/mschapv2
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type mschapv2
Mon Jan 11 14:57:17 2010 : Debug: [mschapv2] +- entering group MS-CHAP {...}
Mon Jan 11 14:57:17 2010 : Debug: [mschap] Told to do MS-CHAPv2 for 524292@swansea.ac.uk with NT-Password
Mon Jan 11 14:57:17 2010 : Debug: [mschap] adding MS-CHAPv2 MPPE keys
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: [peap] Got tunneled Access-Challenge
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=42, length=0
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x0109005b190017030100508240d88cf26939441cb6c2d9d1561a30cf15c561185baf13b5baa33d5705adf03fee737b62362065c71e5069d7d4fc31df6fd9fdce6d6e85e077be6cd2bc4b2ff35a2ef844ccd06a6916a57062bf38ff
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a42ec28c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: Finished request 3115620.
Mon Jan 11 14:57:17 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=43, length=278
Mon Jan 11 14:57:17 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:17 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:17 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:17 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:17 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:17 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x0209005019001703010020fb7f227031d10eb1a8139218bf241876b8d555db78898ee9e0803204bf7d00021703010020e11d8cc4e15bc421907d0397679513d7db337ff2155c87d75c521e72a72781a8
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a42ec28c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0xd31aa81e4f551dce6ba50c180e8a3594
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 9 length 80
Mon Jan 11 14:57:17 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:17 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:57:17 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:57:17 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:57:17 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:57:17 2010 : Debug: [peap] EAP type mschapv2
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115621: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[unix] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 9 length 6
Mon Jan 11 14:57:17 2010 : Debug: [eap] No EAP Start, assuming it's an on-going EAP conversation
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns updated
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] Found existing Auth-Type, not changing it.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/mschapv2
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type mschapv2
Mon Jan 11 14:57:17 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: +- entering group post-auth {...}
Mon Jan 11 14:57:17 2010 : Debug: [reply_log] 	expand: /usr/local/var/log/radius/radacct/reply-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/reply-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [reply_log] /usr/local/var/log/radius/radacct/reply-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/reply-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [reply_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[reply_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: ++[sql.authorize] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [peap] Tunneled authentication was successful.
Mon Jan 11 14:57:17 2010 : Debug: [peap] SUCCESS
Mon Jan 11 14:57:17 2010 : Debug: [peap] Saving tunneled attributes for later
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns handled
Mon Jan 11 14:57:17 2010 : Debug: Sending Access-Challenge packet to host 10.10.246.234 port 32768, id=43, length=0
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x010a003b1900170301003096a26ced6cee4395575777a022994227fc66eb08e9c1e15fb80a9b5d9146d05d444ed5fd50cdf0c81c5b0eae9bdb997a
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a4def28c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: Finished request 3115621.
Mon Jan 11 14:57:17 2010 : Debug: Received Access-Request packet from host 10.10.246.234 port 32768, id=44, length=294
Mon Jan 11 14:57:17 2010 : Debug: 	User-Name = "524292@swansea.ac.uk"
Mon Jan 11 14:57:17 2010 : Debug: 	Calling-Station-Id = "00-1F-1F-24-4E-64"
Mon Jan 11 14:57:17 2010 : Debug: 	Called-Station-Id = "00-22-90-99-9E-70:eduroam"
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port = 29
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-IP-Address = 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Identifier = "Slot4-Port1"
Mon Jan 11 14:57:17 2010 : Debug: 	Airespace-Wlan-Id = 1
Mon Jan 11 14:57:17 2010 : Debug: 	Service-Type = Framed-User
Mon Jan 11 14:57:17 2010 : Debug: 	Framed-MTU = 1300
Mon Jan 11 14:57:17 2010 : Debug: 	NAS-Port-Type = Wireless-802.11
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:0 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:0 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:0 = "654"
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x020a006019001703010020affee1ee1a63c63b88dfa7c6301d2c153bd1c3aeeb8572608d3beca55484f3b2170301003011627c8e8593fdd7862a6289f564f43a3a4ecd8b20761569ed3483d2ed881e8e56458bd3ee5485a973668e55cbec69ad
Mon Jan 11 14:57:17 2010 : Debug: 	State = 0x45e5311a4def28c07247837058d21100
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x19a1cb489c4cc07c79058dee4bd35f6b
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authorize {...}
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{3}") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{3}") {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++? if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- if (User-Name =~ /([a-z0-9_\.\-]+)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++ ... skipping else for request 3115622: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{3}") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115622: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{User-Name}" =~ /^([^@]*)(@([-[:alnum:].]+))?$/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115622: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^137\.44\./) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /^10\.10\.246\./) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Domain} -> swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++- entering switch %{Stripped-User-Domain} {...}
Mon Jan 11 14:57:17 2010 : Debug: ++++- entering case swansea.ac.uk {...}
Mon Jan 11 14:57:17 2010 : Debug: +++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++++- case swansea.ac.uk returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- switch %{Stripped-User-Domain} returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++- if (("%{NAS-IP-Address}" =~ /^137\.44\./) || ("%{NAS-IP-Address}" =~ /^10\.10\.246\./)) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++ ... skipping else for request 3115622: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{User-Name}" =~ /^([^@]*)@(swan|swansea|abertawe)\.ac\.uk/i) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++ ... skipping else for request 3115622: Preceding "if" was taken
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{Realm}" =~ /local/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{Realm}" =~ /local/) {...}
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: 	expand: SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}'; -> SELECT userprofile FROM usergroup WHERE email = '524292' OR username = '524292';
Mon Jan 11 14:57:17 2010 : Debug: sql_xlat finished
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{sql:SELECT userprofile FROM usergroup WHERE email = '%{control:Tmp-String-1}' OR username = '%{control:Tmp-String-1}';} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{Realm}" =~ /local/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-1} -> 524292|local|student
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++? if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: +++- entering if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{1} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++++[request] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{2} -> local
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{3} -> student
Mon Jan 11 14:57:17 2010 : Debug: ++++[control] returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++- if ("%{control:Tmp-String-1}" =~ /(.*)\\|(.*)\\|(.*)/) returns notfound
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/)))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{NAS-IP-Address} -> 10.10.246.234
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/)
Mon Jan 11 14:57:17 2010 : Debug: ??? Skipping ("%{control:Tmp-String-2}" =~ /banned|virus/)
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{NAS-IP-Address}" =~ /137.44.47.2[0-9]+[0-9]+/) && (("%{NAS-Identifier}" !~ /%{control:Tmp-String-3}/) || ("%{control:Tmp-String-2}" =~ /banned|virus/))) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/))
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating ("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ?? Evaluating (control:Tmp-String-2 =~ /bryn/) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: +++? if (("%{User-Name}" =~ /^([^@]*)@swansea\.ac\.uk/i) && (control:Tmp-String-2 =~ /bryn/)) -> FALSE
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns notfound
Mon Jan 11 14:57:17 2010 : Debug: ++[preprocess] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [auth_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[auth_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[chap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[mschap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [suffix] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[suffix] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [ntdomain] Request already proxied.  Ignoring.
Mon Jan 11 14:57:17 2010 : Debug: ++[ntdomain] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs")
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{Realm}" != "jrs") -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{Realm}" != "jrs") {...}
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: +++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: +++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{Realm}" != "jrs") returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/)
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-2} -> local
Mon Jan 11 14:57:17 2010 : Debug: ? Evaluating ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++? if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) -> TRUE
Mon Jan 11 14:57:17 2010 : Debug: ++- entering if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) {...}
Mon Jan 11 14:57:17 2010 : Debug: [ldap] performing user authorization for 524292
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: (cn=%{Stripped-User-Name}) -> (cn=524292)
Mon Jan 11 14:57:17 2010 : Debug: [ldap] 	expand: o=swanuni -> o=swanuni
Mon Jan 11 14:57:17 2010 : Debug: [ldap] Added the eDirectory password password-removed in check items as Cleartext-Password
Mon Jan 11 14:57:17 2010 : Debug: [ldap] No default NMAS login sequence
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for check items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] looking for reply items in directory...
Mon Jan 11 14:57:17 2010 : Debug: [ldap] user 524292 authorized to use remote access
Mon Jan 11 14:57:17 2010 : Debug: +++[ldap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++- if ("%{control:Tmp-String-2}" =~ /local|virus|banned/) returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[expiration] returns noop
Mon Jan 11 14:57:17 2010 : Debug: ++[logintime] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [pap] No clear-text password in the request.  Not performing PAP.
Mon Jan 11 14:57:17 2010 : Debug: ++[pap] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP packet type response id 10 length 96
Mon Jan 11 14:57:17 2010 : Debug: [eap] Continuing tunnel setup.
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: Found Auth-Type = EAP
Mon Jan 11 14:57:17 2010 : Debug: +- entering group authenticate {...}
Mon Jan 11 14:57:17 2010 : Debug: [eap] Request found, released from the list
Mon Jan 11 14:57:17 2010 : Debug: [eap] EAP/peap
Mon Jan 11 14:57:17 2010 : Debug: [eap] processing type peap
Mon Jan 11 14:57:17 2010 : Debug: [peap] processing EAP-TLS
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_verify returned 7

Mon Jan 11 14:57:17 2010 : Debug: [peap] Done initial handshake
Mon Jan 11 14:57:17 2010 : Debug: [peap] eaptls_process returned 7

Mon Jan 11 14:57:17 2010 : Debug: [peap] EAPTLS_OK
Mon Jan 11 14:57:17 2010 : Debug: [peap] Session established.  Decoding tunneled attributes.
Mon Jan 11 14:57:17 2010 : Debug: [peap] Received EAP-TLV response.
Mon Jan 11 14:57:17 2010 : Debug: [peap] Success
Mon Jan 11 14:57:17 2010 : Debug: [peap] Using saved attributes from the original Access-Accept
Mon Jan 11 14:57:17 2010 : Debug: [peap] Saving response in the cache
Mon Jan 11 14:57:17 2010 : Debug: [eap] Freeing handler
Mon Jan 11 14:57:17 2010 : Debug: ++[eap] returns ok
Mon Jan 11 14:57:17 2010 : Debug: +- entering group post-auth {...}
Mon Jan 11 14:57:17 2010 : Debug: [reply_log] 	expand: /usr/local/var/log/radius/radacct/reply-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/reply-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [reply_log] /usr/local/var/log/radius/radacct/reply-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/reply-detail-20100111
Mon Jan 11 14:57:17 2010 : Debug: [reply_log] 	expand: %t -> Mon Jan 11 14:57:17 2010
Mon Jan 11 14:57:17 2010 : Debug: ++[reply_log] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292@swansea.ac.uk'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Password} -> 
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	... expanding second conditional
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{Chap-Password} -> 
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S', '%{reply:Reply-Message}') -> INSERT INTO radpostauth                           (username, pass, reply, authdate, reason)                           VALUES (                           '524292@swansea.ac.uk',                           '',                           'Access-Accept', '2010-01-11 14:57:17', '')
Mon Jan 11 14:57:17 2010 : Debug: ++[sql] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{User-Name} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ++[control] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{Stripped-User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: ++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: %{User-Name} -> 524292
Mon Jan 11 14:57:17 2010 : Debug: [sql] sql_set_user escaped user --> '524292'
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '524292'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM usergroup           WHERE username = '524292'           ORDER BY priority
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: [sql] User found in group Dot1xStudent-80-local
Mon Jan 11 14:57:17 2010 : Debug: [sql] 	expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'Dot1xStudent-80-local'           ORDER BY id
Mon Jan 11 14:57:17 2010 : Debug: ++[sql.authorize] returns ok
Mon Jan 11 14:57:17 2010 : Debug: 	expand: %{control:Tmp-String-4} -> 524292@swansea.ac.uk
Mon Jan 11 14:57:17 2010 : Debug: ++[request] returns ok
Mon Jan 11 14:57:17 2010 : Debug: ++[exec] returns noop
Mon Jan 11 14:57:17 2010 : Debug: [attr_filter.post-auth] 	expand: %{Realm} -> local
Mon Jan 11 14:57:17 2010 : Debug: ++[attr_filter.post-auth] returns updated
Mon Jan 11 14:57:17 2010 : Debug: Sending Access-Accept packet to host 10.10.246.234 port 32768, id=44, length=0
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Private-Group-Id:1 = "80"
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Type:1 = VLAN
Mon Jan 11 14:57:17 2010 : Debug: 	Tunnel-Medium-Type:1 = IEEE-802
Mon Jan 11 14:57:17 2010 : Debug: 	MS-MPPE-Recv-Key = 0x55f34af372305f809579b89679897dcf37ded886b520df07eb7b5683c15cdde9
Mon Jan 11 14:57:17 2010 : Debug: 	MS-MPPE-Send-Key = 0x97d75a2b6fac650f6ffc008e58b6b7a910878ed4fae01c1ea6bc2fd2e73234ac
Mon Jan 11 14:57:17 2010 : Debug: 	EAP-Message = 0x030a0004
Mon Jan 11 14:57:17 2010 : Debug: 	Message-Authenticator = 0x00000000000000000000000000000000
Mon Jan 11 14:57:17 2010 : Debug: Finished request 3115622.
Mon Jan 11 14:57:21 2010 : Debug: Cleaning up request 3115613 ID 35 with timestamp +512255
Mon Jan 11 14:57:21 2010 : Debug: Cleaning up request 3115614 ID 36 with timestamp +512255
Mon Jan 11 14:57:22 2010 : Debug: Cleaning up request 3115615 ID 37 with timestamp +512256
Mon Jan 11 14:57:22 2010 : Debug: Cleaning up request 3115616 ID 38 with timestamp +512256
Mon Jan 11 14:57:22 2010 : Debug: Cleaning up request 3115617 ID 39 with timestamp +512256
Mon Jan 11 14:57:22 2010 : Debug: Cleaning up request 3115618 ID 40 with timestamp +512256
Mon Jan 11 14:57:22 2010 : Debug: Cleaning up request 3115619 ID 41 with timestamp +512256
Mon Jan 11 14:57:22 2010 : Debug: Cleaning up request 3115620 ID 42 with timestamp +512256
Mon Jan 11 14:57:22 2010 : Debug: Cleaning up request 3115621 ID 43 with timestamp +512256
Mon Jan 11 14:57:22 2010 : Debug: Cleaning up request 3115622 ID 44 with timestamp +512256
