Dear Jorge thank you for guidance, Here is my debug output on a failed authentication attempt. (0) pap: Login attempt with password (0) pap: Comparing with "known-good" SSHA2-512-Password (0) pap: ERROR: SSHA2-512 digest does not match "known good" digest (0) pap: Passwords don't match (0) [pap] = reject (0) } # Auth-Type PAP = reject (0) Failed to authenticate the user (0) Using Post-Auth-Type Reject (0) # Executing group from file /opt/radius/bin/freeradius/etc/raddb/sites-enabled/default (0) Post-Auth-Type REJECT { (0) sql: EXPAND .query (0) sql: --> .query (0) sql: Using query template 'query' rlm_sql (sql): Reserved connection (3) (0) sql: EXPAND %{User-Name} (0) sql: --> user (0) sql: SQL-User-Name set to 'user' (0) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '*****', '%{reply:Packet-Type}', '%S') (0) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'user', '*****', 'Access-Reject', '2020-09-10 09:45:58') (0) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'user', '*****', 'Access-Reject', '2020-09-10 09:45:58') (0) sql: SQL query returned: success (0) sql: 1 record(s) updated rlm_sql (sql): Released connection (3) (0) [sql] = ok (0) log_postreject: EXPAND User '%{User-Name}' authentication request rejected by Radius! (0) log_postreject: --> User 'user' authentication request rejected by Radius! (0) [log_postreject] = ok (0) attr_filter.access_reject: EXPAND %{User-Name} (0) attr_filter.access_reject: --> user (0) attr_filter.access_reject: Matched entry DEFAULT at line 11 (0) [attr_filter.access_reject] = updated (0) [eap] = noop (0) policy remove_reply_message_if_eap { (0) if (&reply:EAP-Message && &reply:Reply-Message) { (0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE (0) else { (0) [noop] = noop (0) } # else = noop (0) } # policy remove_reply_message_if_eap = noop (0) } # Post-Auth-Type REJECT = updated (0) Login incorrect (Failed retrieving values required to evaluate condition): [user] (from client client10 port 1812) (0) Delaying response for 1.000000 seconds Waking up in 0.3 seconds. Waking up in 0.6 seconds. (0) Sending delayed response (0) Sent Access-Reject Id 217 from 192.168.17.164:1812 to 192.168.17.164:49999 length 20 Waking up in 3.9 seconds. (0) Cleaning up request packet ID 217 with timestamp +15 Ready to process requests Jorge Pereira <jpereira@freeradius.org>, 9 Eyl 2020 Çar, 20:01 tarihinde şunu yazdı:
First of all.
Read the mailing list https://wiki.freeradius.org/guide/Users-Mailing-List <https://wiki.freeradius.org/guide/Users-Mailing-List> guidance, and then about how to share the debug output https://wiki.freeradius.org/guide/radiusd-X < https://wiki.freeradius.org/guide/radiusd-X> -- Jorge Pereira jpereira@freeradius.org
On 9 Sep 2020, at 03:25, Yiğit YAŞAR <y.yasar92@gmail.com> wrote:
Hi all,
I have some issue with the linelog module.
My "linelog" configuration as in below;
*linelog {filename = syslogescape_filenames = nopermissions = 0600syslog_facility = daemonsyslog_severity = infoformat = "This is a log message for %{User-Name}"reference = "messages.%{%{reply:Packet-Type}:-default}"}linelog log_postauth {filename = syslogsyslog_facility = authprivsyslog_severity = infoformat = "User '%{User-Name}' authenticated via Radius"}linelog log_postreject {filename = syslogsyslog_facility = authprivsyslog_severity = warningformat = "User '%{User-Name}' authentication request rejected by Radius!"}*
Also in "default" configuration file is like ;
*post-auth {log_postauthlog_postrejectif (session-state:User-Name && reply:User-Name && request:User-Name && (reply:User-Name == request:User-Name)) {update reply {&User-Name !* ANY}}update {&reply: += &session-state:}-sqlexecremove_reply_message_if_eapPost-Auth-Type REJECT
{-sqllog_postrejectattr_filter.access_rejecteapremove_reply_message_if_eap}Post-Auth-Type
ACCEPT {log_postauth}Post-Auth-Type Challenge {}}*
Problem is, when linelog sends log message with warning or higher severity, log message sending twice.There is no problem with info or lower severity level, they sending once.
What could be the problem, do you have any idea?
Thanks in advance Yigit - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html