Is there any way to get the freeradius 2.1 server to log requests coming from unknown clients? As far as I can tell, these are just silently discarded. I have read through all the comments on the log section in radiusd.conf but I don't see anything about this. Is there anywhere else where the logging capabilities are more fully documented that I just haven't been able to find? Thanks, --Greg
This is deliberately not logged as DoS prevention measure. Such requests will be reported only in debug mode. Search for "Ignoring request" in listen.c. Ivan Kalik Kalik Informatika ISP Dana 11/9/2008, "Greg Woods" <woods@ucar.edu> piše:
Is there any way to get the freeradius 2.1 server to log requests coming from unknown clients? As far as I can tell, these are just silently discarded. I have read through all the comments on the log section in radiusd.conf but I don't see anything about this. Is there anywhere else where the logging capabilities are more fully documented that I just haven't been able to find?
Thanks, --Greg
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Greg Woods wrote:
Is there any way to get the freeradius 2.1 server to log requests coming from unknown clients? As far as I can tell, these are just silently discarded.
Yes. Attackers can send packets much more quickly than the server can log them. Logging "unknown client" could quickly overload the server. You can edit the code to log more messages. But do this only if you don't have any untrusted users on your network. Alan DeKok.
participants (3)
-
Alan DeKok -
Greg Woods -
tnt@kalik.net