Monitoring Tool for Freeradius
Hello, is there any monitoring tool for freeradius or another possibility to see how many people are logged in and to do some other stuff? like the monitoring tool for openvpn? Would be nice if there's something avaible! bye! julian
Julian Stöver wrote:
Hello, is there any monitoring tool for freeradius or another possibility to see how many people are logged in and to do some other stuff? like the monitoring tool for openvpn? Would be nice if there's something avaible!
No one is "logged in" to RADIUS. They are logged in to a NAS, and the NAS informs the RADIUS server (usually) that the user is logged in. The RADIUS server puts this information into a database such as SQL, which can then be qeuried. Or, you can use the "radwho" command, if you've enabled logging to a file in "radwtmp". Alan DeKok.
Hi, I'm using the sql backend so i decided for getting the informations from the database. But freeradius doesn't put any data into the 'radacct' table? Something is wrong there... The file /var/log/ freeradius/radutmp also no exists. freeradius -X:
[....] Module: Instantiated sql (sql) Module: Loaded Acct-Unique-Session-Id acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" Module: Instantiated acct_unique (acct_unique) Module: Loaded files files: usersfile = "/etc/freeradius/users" files: acctusersfile = "/etc/freeradius/acct_users" files: preproxy_usersfile = "/etc/freeradius/preproxy_users" files: compat = "no" Module: Instantiated files (files) Module: Loaded detail detail: detailfile = "/var/log/freeradius/radacct/%{Client-IP- Address}/detail-%Y%m%d" detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = "/var/log/freeradius/radutmp" radutmp: username = "%{User-Name}" radutmp: case_sensitive = yes radutmp: check_with_nas = yes radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:32780, id=232, length=46 User-Name = "julian" User-Password = "blabla" rad_lowerpair: User-Name now 'julian' rad_lowerpair: User-Password now 'blabla' Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "julian", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 radius_xlat: 'julian' rlm_sql (sql): sql_set_user escaped user --> 'julian' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'julian' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 radius_xlat: 'SELECT radgroupcheck .id ,radgroupcheck .GroupName ,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'julian' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'julian' ORDER BY id' radius_xlat: 'SELECT radgroupreply .id ,radgroupreply .GroupName ,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'julian' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 auth: type Local auth: user supplied User-Password matches local User-Password Login OK: [julian] (from client local_access port 0) Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 0 rlm_sql (sql): Processing sql_postauth radius_xlat: 'julian' rlm_sql (sql): sql_set_user escaped user --> 'julian' radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values ('', 'julian', 'blabla', 'Access-Accept', NOW())' rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, pass, reply, date) values ('', 'julian', 'blabla', 'Access- Accept', NOW()) rlm_sql (sql): Reserving sql socket id: 2 rlm_sql (sql): Released sql socket id: 2 modcall[post-auth]: module "sql" returns ok for request 0 modcall: leaving group post-auth (returns ok) for request 0 Sending Access-Accept of id 232 to 127.0.0.1 port 32780 Framed-IP-Address := 172.17.8.1 Framed-Protocol := PPP Framed-Compression := Van-Jacobson-TCP-IP Framed-MTU := 1500
sql.conf
sql { driver = "rlm_sql_mysql"
# Connect info server = "172.19.1.2" login = "user" password = "9L2xWq"
# Database table configuration radius_db = "user"
acct_table1 = "radacct" acct_table2 = "radacct"
# Allow for storing data after authentication postauth_table = "radpostauth"
authcheck_table = "radcheck" authreply_table = "radreply"
groupcheck_table = "radgroupcheck" groupreply_table = "radgroupreply"
usergroup_table = "usergroup"
# Table to keep radius client info nas_table = "nas"
# Remove stale session if checkrad does not see a double login deletestalesessions = yes
# Print all SQL statements when in debug mode (-x) sqltrace = no sqltracefile = ${logdir}/sqltrace.sql
# number of sql connections to make to server num_sql_socks = 5
connect_failure_retry_delay = 60
#safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.- _: /"
sql_user_name = "%{User-Name}"
# default the default_user_profile is not set #default_user_profile = "DEFAULT" #query_on_not_found = no
# authorize_check_query = "SELECT id, UserName, Attribute, Value, op \ # FROM ${authcheck_table} \ # WHERE Username = BINARY '%{SQL-User-Name}' \ # ORDER BY id" # authorize_reply_query = "SELECT id, UserName, Attribute, Value, op \ # FROM ${authreply_table} \ # WHERE Username = BINARY '%{SQL-User-Name}' \ # ORDER BY id"
# The default queries are case insensitive. (for compatibility with # older versions of FreeRADIUS) authorize_check_query = "SELECT id, UserName, Attribute, Value, op \ FROM ${authcheck_table} \ WHERE Username = '%{SQL-User-Name}' \ ORDER BY id" authorize_reply_query = "SELECT id, UserName, Attribute, Value, op \ FROM ${authreply_table} \ WHERE Username = '%{SQL-User-Name}' \ ORDER BY id"
# Use these for case sensitive usernames. # authorize_group_check_query = "SELECT ${groupcheck_table}.id,$ {groupcheck_table}.GroupName,${groupcheck_table}.Attribute,$ {groupcheck_table}.Value,${groupcheck_table}.op FROM $ {groupcheck_table},${usergroup_table} WHERE $ {usergroup_table}.Username = BINARY '%{SQL-User-Name}' AND $ {usergroup_table}.GroupName = ${groupcheck_table}.GroupName ORDER BY ${groupcheck_table}.id" # authorize_group_reply_query = "SELECT ${groupreply_table}.id,$ {groupreply_table}.GroupName,${groupreply_table}.Attribute,$ {groupreply_table}.Value,${groupreply_table}.op FROM $ {groupreply_table},${usergroup_table} WHERE $ {usergroup_table}.Username = BINARY '%{SQL-User-Name}' AND $ {usergroup_table}.GroupName = ${groupreply_table}.GroupName ORDER BY ${groupreply_table}.id"
authorize_group_check_query = "SELECT ${groupcheck_table}.id,$ {groupcheck_table}.GroupName,${groupcheck_table}.Attribute,$ {groupcheck_table}.Value,${groupcheck_table}.op FROM $ {groupcheck_table},${usergroup_table} WHERE $ {usergroup_table}.Username = '%{SQL-User-Name}' AND $ {usergroup_table}.GroupName = ${groupcheck_table}.GroupName ORDER BY ${groupcheck_table}.id" authorize_group_reply_query = "SELECT ${groupreply_table}.id,$ {groupreply_table}.GroupName,${groupreply_table}.Attribute,$ {groupreply_table}.Value,${groupreply_table}.op FROM $ {groupreply_table},${usergroup_table} WHERE $ {usergroup_table}.Username = '%{SQL-User-Name}' AND $ {usergroup_table}.GroupName = ${groupreply_table}.GroupName ORDER BY ${groupreply_table}.id"
####################################################################### # Accounting Queries
#######################################################################
####################################################################### accounting_onoff_query = "UPDATE ${acct_table1} SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate- Cause}', AcctStopDelay = '%{Acct-Delay-Time}' WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP- Address}' AND AcctStartTime <= '%S'"
accounting_update_query = "UPDATE ${acct_table1} \ SET FramedIPAddress = '%{Framed-IP-Address}', \ AcctSessionTime = '%{Acct-Session-Time}', \ AcctInputOctets = '%{Acct-Input-Octets}', \ AcctOutputOctets = '%{Acct-Output-Octets}' \ WHERE AcctSessionId = '%{Acct-Session-Id}' \ AND UserName = '%{SQL-User-Name}' \ AND NASIPAddress= '%{NAS-IP-Address}'"
accounting_update_query_alt = "INSERT into ${acct_table1} (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay) values('%{Acct-Session-Id}', '% {Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP- Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S',INTERVAL (%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0}) SECOND), '%{Acct- Session-Time}', '%{Acct-Authentic}', '', '%{Acct-Input-Octets}', '% {Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station- Id}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP- Address}', '0')"
accounting_start_query = "INSERT into ${acct_table1} (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('%{Acct- Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '% {Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service- Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay- Time}', '0')"
accounting_start_query_alt = "UPDATE ${acct_table1} SET AcctStartTime = '%S', AcctStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct- Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '% {NAS-IP-Address}'"
accounting_stop_query = "UPDATE ${acct_table2} SET AcctStopTime = '%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets = '% {Acct-Input-Octets}', AcctOutputOctets = '%{Acct-Output-Octets}', AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay = '% {Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User- Name}' AND NASIPAddress = '%{NAS-IP-Address}'"
accounting_stop_query_alt = "INSERT into ${acct_table2} (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('%{Acct- Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '% {Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{Acct-Session-Time:-0} + %{Acct-Delay- Time:-0}) SECOND), '%S', '%{Acct-Session-Time}', '%{Acct- Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}', '%{Acct- Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '% {Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}', '% {Framed-IP-Address}', '0', '%{Acct-Delay-Time}')"
# Uncomment simul_count_query to enable simultaneous use checking # simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0" simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress, NASPortId, FramedIPAddress, CallingStationId, FramedProtocol FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
####################################################################### # Group Membership Queries
####################################################################### group_membership_query = "SELECT GroupName FROM ${usergroup_table} WHERE UserName='%{SQL-User-Name}'"
####################################################################### # Authentication Logging Queries
#######################################################################
postauth_query = "INSERT into ${postauth_table} (id, user, pass, reply, date) values ('', '%{User-Name}', '%{User-Password:-Chap- Password}', '%{reply:Packet-Type}', NOW())"
readclients = yes }
Bye Julian Am 01.02.2008 um 07:53 schrieb Alan DeKok:
Julian Stöver wrote:
Hello, is there any monitoring tool for freeradius or another possibility to see how many people are logged in and to do some other stuff? like the monitoring tool for openvpn? Would be nice if there's something avaible!
No one is "logged in" to RADIUS. They are logged in to a NAS, and the NAS informs the RADIUS server (usually) that the user is logged in.
The RADIUS server puts this information into a database such as SQL, which can then be qeuried. Or, you can use the "radwho" command, if you've enabled logging to a file in "radwtmp".
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius WIKI - SQL Howto On Feb 1, 2008 3:46 PM, Julian Stöver <julian_st@gmx.de> wrote:
Hi, I'm using the sql backend so i decided for getting the informations from the database. But freeradius doesn't put any data into the 'radacct' table? Something is wrong there... The file /var/log/ freeradius/radutmp also no exists.
freeradius -X:
[....]
..
Yes, I read it twice, but with no answer bye julian Am 01.02.2008 um 15:56 schrieb Marinko Tarlac:
freeradius WIKI - SQL Howto
On Feb 1, 2008 3:46 PM, Julian Stöver <julian_st@gmx.de> wrote: Hi, I'm using the sql backend so i decided for getting the informations from the database. But freeradius doesn't put any data into the 'radacct' table? Something is wrong there... The file /var/log/ freeradius/radutmp also no exists.
freeradius -X:
[....]
.. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Julian Stöver wrote:
Hi, I'm using the sql backend so i decided for getting the informations from the database. But freeradius doesn't put any data into the 'radacct' table? Something is wrong there... The file /var/log/freeradius/radutmp also no exists.
This is in the FAQ. Is the server receiving accounting packets?
freeradius -X: ...
rad_recv: Access-Request packet from host 127.0.0.1:32780, id=232,
Nope. That doesn't help. Alan DeKok.
I just tried radtest and radclient, with no result, but I think i found my fault. I used the authentication port for accounting. Now I tried it with the accounting port, with this result: # echo "User-Name = julian,Password=blabla" | /usr/bin/radclient localhost:1813 acct somesecret # radclient: no response from server for ID 39 radiusd -X:
Cleaning up request 24 ID 46 with timestamp 47a35841 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 127.0.0.1:32780, id=46, length=46 User-Name = "julian" User-Password = "\266\266q\037"\231\246\222\0047>\027\357v\233\334" rad_lowerpair: User-Name now 'julian' rad_lowerpair: User-Password now '¶¶q?"?Š??7>?ïv?Ü' Processing the preacct section of radiusd.conf modcall: entering group preacct for request 25 modcall[preacct]: module "preprocess" returns noop for request 25 rlm_acct_unique: WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent rlm_acct_unique: WARNING: Attribute Acct-Session-Id was not found in request, unique ID MAY be inconsistent rlm_acct_unique: Hashing ',Client-IP-Address = 127.0.0.1,NAS-IP- Address = 127.0.0.1,,User-Name = "julian"' rlm_acct_unique: Acct-Unique-Session-ID = "de9b5588c70f985c". modcall[preacct]: module "acct_unique" returns ok for request 25 rlm_realm: No '@' in User-Name = "julian", looking up realm NULL rlm_realm: No such realm "NULL" modcall[preacct]: module "suffix" returns noop for request 25 modcall[preacct]: module "files" returns noop for request 25 modcall: leaving group preacct (returns ok) for request 25 Processing the accounting section of radiusd.conf modcall: entering group accounting for request 25 radius_xlat: '/var/log/freeradius/radacct/127.0.0.1/detail-20080201' rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/detail- %Y%m%d expands to /var/log/freeradius/radacct/127.0.0.1/ detail-20080201 modcall[accounting]: module "detail" returns ok for request 25 radius_xlat: 'packet has no accounting status type. [user 'julian', nas '127.0.0.1']' rlm_sql (sql) in sql_accounting: packet has no accounting status type. [user 'julian', nas '127.0.0.1'] modcall[accounting]: module "sql" returns invalid for request 25 modcall: leaving group accounting (returns invalid) for request 25 Finished request 25 Going to the next request --- Walking the entire request list --- Cleaning up request 25 ID 46 with timestamp 47a35844 Nothing to do. Sleeping until we see a request.
Bye Julian Am 01.02.2008 um 16:27 schrieb Ivan Kalik:
rad_recv: Access-Request packet from host 127.0.0.1:32780, id=232, length=46 .. Sending Access-Accept of id 232 to 127.0.0.1 port 32780
And where is the accounting request that should come right after it? Did NAS send one?
Ivan Kalik Kalik Informatika ISP
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
radtest is an authetication testing tool. It doesn't do accounting. Send a request from a NAS. You sent an access request with radclient to the accounting port. To no surprise it did not respond. You have to send an accounting packet to the accounting port. Ivan Kalik Kalik Informatika ISP Dana 1/2/2008, "Julian Stöver" <julian_st@gmx.de> piše:
I just tried radtest and radclient, with no result, but I think i found my fault. I used the authentication port for accounting. Now I tried it with the accounting port, with this result:
# echo "User-Name = julian,Password=blabla" | /usr/bin/radclient localhost:1813 acct somesecret # radclient: no response from server for ID 39
radiusd -X:
Cleaning up request 24 ID 46 with timestamp 47a35841 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 127.0.0.1:32780, id=46, length=46 User-Name = "julian" User-Password = "\266\266q\037"\231\246\222\0047>\027\357v\233\334" rad_lowerpair: User-Name now 'julian' rad_lowerpair: User-Password now 'śśq?"???7>?ďv?Ü' Processing the preacct section of radiusd.conf modcall: entering group preacct for request 25 modcall[preacct]: module "preprocess" returns noop for request 25 rlm_acct_unique: WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent rlm_acct_unique: WARNING: Attribute Acct-Session-Id was not found in request, unique ID MAY be inconsistent rlm_acct_unique: Hashing ',Client-IP-Address = 127.0.0.1,NAS-IP- Address = 127.0.0.1,,User-Name = "julian"' rlm_acct_unique: Acct-Unique-Session-ID = "de9b5588c70f985c". modcall[preacct]: module "acct_unique" returns ok for request 25 rlm_realm: No '@' in User-Name = "julian", looking up realm NULL rlm_realm: No such realm "NULL" modcall[preacct]: module "suffix" returns noop for request 25 modcall[preacct]: module "files" returns noop for request 25 modcall: leaving group preacct (returns ok) for request 25 Processing the accounting section of radiusd.conf modcall: entering group accounting for request 25 radius_xlat: '/var/log/freeradius/radacct/127.0.0.1/detail-20080201' rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/detail- %Y%m%d expands to /var/log/freeradius/radacct/127.0.0.1/ detail-20080201 modcall[accounting]: module "detail" returns ok for request 25 radius_xlat: 'packet has no accounting status type. [user 'julian', nas '127.0.0.1']' rlm_sql (sql) in sql_accounting: packet has no accounting status type. [user 'julian', nas '127.0.0.1'] modcall[accounting]: module "sql" returns invalid for request 25 modcall: leaving group accounting (returns invalid) for request 25 Finished request 25 Going to the next request --- Walking the entire request list --- Cleaning up request 25 ID 46 with timestamp 47a35844 Nothing to do. Sleeping until we see a request.
Bye Julian
Am 01.02.2008 um 16:27 schrieb Ivan Kalik:
rad_recv: Access-Request packet from host 127.0.0.1:32780, id=232, length=46 .. Sending Access-Accept of id 232 to 127.0.0.1 port 32780
And where is the accounting request that should come right after it? Did NAS send one?
Ivan Kalik Kalik Informatika ISP
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hmm.. Okay I'll try it on monday! Thank you all for your help. Have a nice weekend! bye Julian Am 01.02.2008 um 16:59 schrieb Ivan Kalik:
radtest is an authetication testing tool. It doesn't do accounting. Send a request from a NAS.
You sent an access request with radclient to the accounting port. To no surprise it did not respond. You have to send an accounting packet to the accounting port.
Ivan Kalik Kalik Informatika ISP
Dana 1/2/2008, "Julian Stöver" <julian_st@gmx.de> piše:
I just tried radtest and radclient, with no result, but I think i found my fault. I used the authentication port for accounting. Now I tried it with the accounting port, with this result:
# echo "User-Name = julian,Password=blabla" | /usr/bin/radclient localhost:1813 acct somesecret # radclient: no response from server for ID 39
radiusd -X:
Cleaning up request 24 ID 46 with timestamp 47a35841 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 127.0.0.1:32780, id=46, length=46 User-Name = "julian" User-Password = "\266\266q\037"\231\246\222\0047>\027\357v\233\334" rad_lowerpair: User-Name now 'julian' rad_lowerpair: User-Password now 'śśq?"???7>?ďv?Ü' Processing the preacct section of radiusd.conf modcall: entering group preacct for request 25 modcall[preacct]: module "preprocess" returns noop for request 25 rlm_acct_unique: WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent rlm_acct_unique: WARNING: Attribute Acct-Session-Id was not found in request, unique ID MAY be inconsistent rlm_acct_unique: Hashing ',Client-IP-Address = 127.0.0.1,NAS-IP- Address = 127.0.0.1,,User-Name = "julian"' rlm_acct_unique: Acct-Unique-Session-ID = "de9b5588c70f985c". modcall[preacct]: module "acct_unique" returns ok for request 25 rlm_realm: No '@' in User-Name = "julian", looking up realm NULL rlm_realm: No such realm "NULL" modcall[preacct]: module "suffix" returns noop for request 25 modcall[preacct]: module "files" returns noop for request 25 modcall: leaving group preacct (returns ok) for request 25 Processing the accounting section of radiusd.conf modcall: entering group accounting for request 25 radius_xlat: '/var/log/freeradius/radacct/127.0.0.1/ detail-20080201' rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/detail- %Y%m%d expands to /var/log/freeradius/radacct/127.0.0.1/ detail-20080201 modcall[accounting]: module "detail" returns ok for request 25 radius_xlat: 'packet has no accounting status type. [user 'julian', nas '127.0.0.1']' rlm_sql (sql) in sql_accounting: packet has no accounting status type. [user 'julian', nas '127.0.0.1'] modcall[accounting]: module "sql" returns invalid for request 25 modcall: leaving group accounting (returns invalid) for request 25 Finished request 25 Going to the next request --- Walking the entire request list --- Cleaning up request 25 ID 46 with timestamp 47a35844 Nothing to do. Sleeping until we see a request.
Bye Julian
Am 01.02.2008 um 16:27 schrieb Ivan Kalik:
rad_recv: Access-Request packet from host 127.0.0.1:32780, id=232, length=46 .. Sending Access-Accept of id 232 to 127.0.0.1 port 32780
And where is the accounting request that should come right after it? Did NAS send one?
Ivan Kalik Kalik Informatika ISP
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Julian Stöver wrote:
I just tried radtest and radclient, with no result, but I think i found my fault. I used the authentication port for accounting. Now I tried it with the accounting port, with this result:
# echo "User-Name = julian,Password=blabla" | /usr/bin/radclient localhost:1813 acct somesecret
You need rather a lot more than that in an accounting request. And you don't need a password in an accounting request. Alan DeKok.
Hi! I worked my radacct problem today. I fixed the most problems, so now I get all informations stored in my 'radacct'-table. But the username is saved encrypted in the database, something like '001e528015c6' for username 'julian'. In the radius debug log i can read the name in cleartext. I'm sorry, but I currently don't have the log, maybe you can help me without the log, otherwise i'll send it to you tomorrow. I asked google and the faq for this problem with no result... bye julian Am 01.02.2008 um 17:20 schrieb Alan DeKok:
You need rather a lot more than that in an accounting request. And you don't need a password in an accounting request.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Julian Stöver wrote:
Hi! I worked my radacct problem today. I fixed the most problems, so now I get all informations stored in my 'radacct'-table. But the username is saved encrypted in the database, something like '001e528015c6' for username 'julian'. Hmmm you know that username looks an awful lot like a mac address. Are you by any chance using either an apple airport as a base station or an apple client ? In the radius debug log i can read the name in cleartext. I'm sorry, but I currently don't have the log, maybe you can help me without the log, otherwise i'll send it to you tomorrow. I asked google and the faq for this problem with no result...
bye julian
Am 01.02.2008 um 17:20 schrieb Alan DeKok:
You need rather a lot more than that in an accounting request. And you don't need a password in an accounting request.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
Hi, oh yes, it's my mac ^^ I didn't recognized that.. So I have to change my question to "Why is the mac adress saved in the 'radacct' table?" And you're right, I'm using an Apple airport client, but my access points are Ciscos bye julian Am 04.02.2008 um 17:12 schrieb Arran Cudbard-Bell:
Julian Stöver wrote:
Hi! I worked my radacct problem today. I fixed the most problems, so now I get all informations stored in my 'radacct'-table. But the username is saved encrypted in the database, something like '001e528015c6' for username 'julian'. Hmmm you know that username looks an awful lot like a mac address. Are you by any chance using either an apple airport as a base station or an apple client ? In the radius debug log i can read the name in cleartext. I'm sorry, but I currently don't have the log, maybe you can help me without the log, otherwise i'll send it to you tomorrow. I asked google and the faq for this problem with no result...
bye julian
Am 01.02.2008 um 17:20 schrieb Alan DeKok:
You need rather a lot more than that in an accounting request. And you don't need a password in an accounting request.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Julian Stöver wrote:
Hi, oh yes, it's my mac ^^ I didn't recognized that.. So I have to change my question to "Why is the mac adress saved in the 'radacct' table?"
Because that's what the NAS sends in an accounting packet. There is very little that is magic in RADIUS. The NAS puts anything it wants (pretty much) into an accounting request, and FreeRADIUS logs it. Alan DeKok.
Alan DeKok wrote:
Julian Stöver wrote:
Hi, oh yes, it's my mac ^^ I didn't recognized that.. So I have to change my question to "Why is the mac adress saved in the 'radacct' table?"
Because that's what the NAS sends in an accounting packet.
There is very little that is magic in RADIUS. The NAS puts anything it wants (pretty much) into an accounting request, and FreeRADIUS logs it.
rad_recv: Accounting-Request packet from host 172.17.255.3:1646, id=29, length=330 Acct-Session-Id = "0000003E" Called-Station-Id = "0016.9cbb.ab30" Calling-Station-Id = "001e.5280.15c6" Cisco-AVPair = "ssid=GFS-Funknetz v2" Cisco-AVPair = "vlan-id=0" Cisco-AVPair = "nas-location=unspecified" Cisco-AVPair = "auth-algo-type=unknown" User-Name = "001e528015c6" See ^ It'll be a setting somewhere on the NAS.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Julian Stöver wrote:
Hi, oh yes, it's my mac ^^ I didn't recognized that.. So I have to change my question to "Why is the mac adress saved in the 'radacct' table?"
If your not doing mac-based authentication then I have no idea. Could be a cisco thing, i've only got experience with HP ProCurve access points. One thing it's not is a problem with is FreeRadius, unless you've been messing with the SQL queries. Or if you were sending the Mac-Address back as the User-Name attribute in the Access Accept packets... But thats not the default. Mac OSX 10.4 / 10.5 sends the same inner/outer identity by default, unless you've altered the config to send the mac-address as the outer identity. Could you post an Accounting Request packet ? Thanks, Arran
And you're right, I'm using an Apple airport client, but my access points are Ciscos
bye julian
Am 04.02.2008 um 17:12 schrieb Arran Cudbard-Bell:
Julian Stöver wrote:
Hi! I worked my radacct problem today. I fixed the most problems, so now I get all informations stored in my 'radacct'-table. But the username is saved encrypted in the database, something like '001e528015c6' for username 'julian'. Hmmm you know that username looks an awful lot like a mac address. Are you by any chance using either an apple airport as a base station or an apple client ? In the radius debug log i can read the name in cleartext. I'm sorry, but I currently don't have the log, maybe you can help me without the log, otherwise i'll send it to you tomorrow. I asked google and the faq for this problem with no result...
bye julian
Am 01.02.2008 um 17:20 schrieb Alan DeKok:
You need rather a lot more than that in an accounting request. And you don't need a password in an accounting request.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
Hm no, I don't use Mac Authentication. Accounting request:
rad_recv: Accounting-Request packet from host 172.17.255.3:1646, id=29, length=330 Acct-Session-Id = "0000003E" Called-Station-Id = "0016.9cbb.ab30" Calling-Station-Id = "001e.5280.15c6" Cisco-AVPair = "ssid=GFS-Funknetz v2" Cisco-AVPair = "vlan-id=0" Cisco-AVPair = "nas-location=unspecified" Cisco-AVPair = "auth-algo-type=unknown" User-Name = "001e528015c6" Cisco-AVPair = "connect-progress=Call Up" Acct-Session-Time = 120 Acct-Input-Octets = 113832 Acct-Output-Octets = 61997 Acct-Input-Packets = 966 Acct-Output-Packets = 355 Acct-Terminate-Cause = Lost-Carrier Cisco-AVPair = "disc-cause-ext=No Reason" Acct-Status-Type = Stop NAS-Port-Type = Wireless-802.11 Cisco-NAS-Port = "309" NAS-Port = 309 Service-Type = Framed-User NAS-IP-Address = 172.17.255.3 Acct-Delay-Time = 0 rad_lowerpair: User-Name now '001e528015c6' Processing the preacct section of radiusd.conf modcall: entering group preacct for request 0 modcall[preacct]: module "preprocess" returns noop for request 0 rlm_acct_unique: Hashing 'NAS-Port = 309,Client-IP-Address = 172.17.255.3,NAS-IP-Address = 172.17.255.3,Acct-Session-Id = "0000003E",User-Name = "001e528015c6"' rlm_acct_unique: Acct-Unique-Session-ID = "f0f4e2cd9d1af173". modcall[preacct]: module "acct_unique" returns ok for request 0 rlm_realm: No '@' in User-Name = "001e528015c6", looking up realm NULL rlm_realm: No such realm "NULL" modcall[preacct]: module "suffix" returns noop for request 0 modcall[preacct]: module "files" returns noop for request 0 modcall: leaving group preacct (returns ok) for request 0 Processing the accounting section of radiusd.conf modcall: entering group accounting for request 0 radius_xlat: '/var/log/freeradius/radacct/172.17.255.3/ detail-20080204' rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/detail- %Y%m%d expands to /var/log/freeradius/radacct/172.17.255.3/ detail-20080204 modcall[accounting]: module "detail" returns ok for request 0 radius_xlat: '001e528015c6' rlm_sql (sql): sql_set_user escaped user --> '001e528015c6' radius_xlat: 'UPDATE radacct SET AcctStopTime = '2008-02-04 16:39:11', AcctSessionTime = '120', AcctInputOctets = '113832', AcctOutputOctets = '61997', AcctTerminat rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): Released sql socket id: 3 modcall[accounting]: module "sql" returns ok for request 0 modcall[accounting]: module "unix" returns ok for request 0 radius_xlat: '/var/log/freeradius/radutmp' radius_xlat: '001e528015c6' modcall[accounting]: module "radutmp" returns ok for request 0 modcall: leaving group accounting (returns ok) for request 0 Sending Accounting-Response of id 29 to 172.17.255.3 port 1646 Finished request 0 Going to the next request --- Walking the entire request list ---
bye Julian Am 04.02.2008 um 17:35 schrieb Arran Cudbard-Bell:
Julian Stöver wrote:
Hi, oh yes, it's my mac ^^ I didn't recognized that.. So I have to change my question to "Why is the mac adress saved in the 'radacct' table?"
If your not doing mac-based authentication then I have no idea. Could be a cisco thing, i've only got experience with HP ProCurve access points.
One thing it's not is a problem with is FreeRadius, unless you've been messing with the SQL queries. Or if you were sending the Mac- Address back as the User-Name attribute in the Access Accept packets... But thats not the default.
Mac OSX 10.4 / 10.5 sends the same inner/outer identity by default, unless you've altered the config to send the mac-address as the outer identity.
Could you post an Accounting Request packet ?
Thanks, Arran
And you're right, I'm using an Apple airport client, but my access points are Ciscos
bye julian
Am 04.02.2008 um 17:12 schrieb Arran Cudbard-Bell:
Julian Stöver wrote:
Hi! I worked my radacct problem today. I fixed the most problems, so now I get all informations stored in my 'radacct'-table. But the username is saved encrypted in the database, something like '001e528015c6' for username 'julian'. Hmmm you know that username looks an awful lot like a mac address. Are you by any chance using either an apple airport as a base station or an apple client ? In the radius debug log i can read the name in cleartext. I'm sorry, but I currently don't have the log, maybe you can help me without the log, otherwise i'll send it to you tomorrow. I asked google and the faq for this problem with no result...
bye julian
Am 01.02.2008 um 17:20 schrieb Alan DeKok:
You need rather a lot more than that in an accounting request. And you don't need a password in an accounting request.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Julian Stöver wrote:
Hm no, I don't use Mac Authentication.
The AP is informing you of activities related to MAC addresses:
Accounting request:
rad_recv: Accounting-Request packet from host 172.17.255.3:1646, id=29, length=330 ... User-Name = "001e528015c6"
That looks like a MAC address to me. ...
Acct-Terminate-Cause = Lost-Carrier
i.e. the user walked away from the AP, or turned their computer off. Again, this is all generated by the NAS. If you don't want this data, tell the NAS to stop sending it, OR tell FreeRADIUs to stop logging it. Alan DeKok.
Hi, ok, I will search some cisco documentation for that! but if someone knows a solution i woult be thankful for a solution (to log usernames from cisco 1360AG in radacct). thank you all for helping me bye julian Am 04.02.2008 um 18:36 schrieb Alan DeKok:
Julian Stöver wrote:
Hm no, I don't use Mac Authentication.
The AP is informing you of activities related to MAC addresses:
Accounting request:
rad_recv: Accounting-Request packet from host 172.17.255.3:1646, id=29, length=330 ... User-Name = "001e528015c6"
That looks like a MAC address to me.
...
Acct-Terminate-Cause = Lost-Carrier
i.e. the user walked away from the AP, or turned their computer off.
Again, this is all generated by the NAS. If you don't want this data, tell the NAS to stop sending it, OR tell FreeRADIUs to stop logging it.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi, to finish this topic, here's the solution: The Cisco Aironet 1130AG with the firmware<12.4.3 with WPAv2 encryption sends the client mac address instead of the client username. This is solved with the current version 12.4.3 and with the current beta release 12.4.10b. If you don't want to upgrade your firmware, you've to disable WPAv2 encryption. bye julian Am 04.02.2008 um 18:43 schrieb Julian Stöver:
Hi, ok, I will search some cisco documentation for that! but if someone knows a solution i woult be thankful for a solution (to log usernames from cisco 1360AG in radacct).
thank you all for helping me
bye julian
Am 04.02.2008 um 18:36 schrieb Alan DeKok:
Julian Stöver wrote:
Hm no, I don't use Mac Authentication.
The AP is informing you of activities related to MAC addresses:
Accounting request:
rad_recv: Accounting-Request packet from host 172.17.255.3:1646, id=29, length=330 ... User-Name = "001e528015c6"
That looks like a MAC address to me.
...
Acct-Terminate-Cause = Lost-Carrier
i.e. the user walked away from the AP, or turned their computer off.
Again, this is all generated by the NAS. If you don't want this data, tell the NAS to stop sending it, OR tell FreeRADIUs to stop logging it.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi I had use daloradius and you can monitor how many users are online etc On 01/02/2008, Julian Stöver <julian_st@gmx.de> wrote:
Hello, is there any monitoring tool for freeradius or another possibility to see how many people are logged in and to do some other stuff? like the monitoring tool for openvpn? Would be nice if there's something avaible!
bye! julian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Devinder
Devinder Singh wrote:
Hi
I had use daloradius and you can monitor how many users are online etc
It's guessing from the number of 'open' sessions in your accounting database (those without a stop time), if something goes wibble on the NAS or infrastructure between the NAS and server, and a user disconnects in that period (and maximum retries are hit, all hosts exhausted etc) then the Accounting Stop packet will be discarded by the switch and that session will never be recorded as closing. Any good administration tool should include tools to query the standard dot1x MIB and to periodically go round and check all 'open' sessions by polling the NAS's and ammend the information in the database appropriately. Isn't there even a tool / script included in the FR distro that does this ?
On 01/02/2008, *Julian Stöver* <julian_st@gmx.de <mailto:julian_st@gmx.de>> wrote:
Hello, is there any monitoring tool for freeradius or another possibility to see how many people are logged in and to do some other stuff? like the monitoring tool for openvpn? Would be nice if there's something avaible!
bye! julian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Devinder ------------------------------------------------------------------------
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
We have a wireless network and sometimes when link between two points is down, radius updates are not received and session stays opened. I solved this problem with additional field in radacct table and I place time stamp inside that field on every update. If there is no update in 5 minutes (i can define interval), script closes connection. This will solve your problems with opened connections. But what if user still stays connected after link is back and his session is closed? Answer: Traffic won't be recorded because user don't have opened connection (session with AcctStopTime = '0000-00-00 00:00:00') So there are no ideal solutions :) On Feb 1, 2008 1:53 PM, Arran Cudbard-Bell <A.Cudbard-Bell@sussex.ac.uk> wrote:
Devinder Singh wrote:
Hi
I had use daloradius and you can monitor how many users are online etc
It's guessing from the number of 'open' sessions in your accounting database (those without a stop time), if something goes wibble on the NAS or infrastructure between the NAS and server, and a user disconnects in that period (and maximum retries are hit, all hosts exhausted etc) then the Accounting Stop packet will be discarded by the switch and that session will never be recorded as closing.
Any good administration tool should include tools to query the standard dot1x MIB and to periodically go round and check all 'open' sessions by polling the NAS's and ammend the information in the database appropriately. Isn't there even a tool / script included in the FR distro that does this ?
On 01/02/2008, *Julian Stöver* <julian_st@gmx.de <mailto:julian_st@gmx.de>> wrote:
Hello, is there any monitoring tool for freeradius or another possibility
to
see how many people are logged in and to do some other stuff? like
the
monitoring tool for openvpn? Would be nice if there's something avaible!
bye! julian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Devinder ------------------------------------------------------------------------
- List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Marinko Tarlac wrote:
We have a wireless network and sometimes when link between two points is down, radius updates are not received and session stays opened. I solved this problem with additional field in radacct table and I place time stamp inside that field on every update. If there is no update in 5 minutes (i can define interval), script closes connection. Not every NAS supports sending periodic accounting updates. This will solve your problems with opened connections. But what if user still stays connected after link is back and his session is closed? Answer: Traffic won't be recorded because user don't have opened connection (session with AcctStopTime = '0000-00-00 00:00:00')
Or you update your SQL queries to reopen the session when additional data is collected ... The only reliable solution is to Poll the NAS everything else is just guessing.
On Feb 1, 2008 1:53 PM, Arran Cudbard-Bell <A.Cudbard-Bell@sussex.ac.uk <mailto:A.Cudbard-Bell@sussex.ac.uk>> wrote:
Devinder Singh wrote: > > Hi > > I had use daloradius and you can monitor how many users are online etc It's guessing from the number of 'open' sessions in your accounting database (those without a stop time), if something goes wibble on the NAS or infrastructure between the NAS and server, and a user disconnects in that period (and maximum retries are hit, all hosts exhausted etc) then the Accounting Stop packet will be discarded by the switch and that session will never be recorded as closing.
Any good administration tool should include tools to query the standard dot1x MIB and to periodically go round and check all 'open' sessions by polling the NAS's and ammend the information in the database appropriately. Isn't there even a tool / script included in the FR distro that does this ? > > On 01/02/2008, *Julian Stöver* <julian_st@gmx.de <mailto:julian_st@gmx.de> > <mailto:julian_st@gmx.de <mailto:julian_st@gmx.de>>> wrote: > > Hello, > is there any monitoring tool for freeradius or another possibility to > see how many people are logged in and to do some other stuff? like the > monitoring tool for openvpn? Would be nice if there's something > avaible! > > bye! > julian > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > > > -- > Devinder > ------------------------------------------------------------------------ > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Arran Cudbard-Bell (A.Cudbard-Bell@sussex.ac.uk <mailto:A.Cudbard-Bell@sussex.ac.uk>) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
------------------------------------------------------------------------
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hey Julian, On Feb 1, 2008 2:56 AM, Julian Stöver <julian_st@gmx.de> wrote:
Hello, is there any monitoring tool for freeradius or another possibility to see how many people are logged in and to do some other stuff? like the monitoring tool for openvpn? Would be nice if there's something avaible!
daloRADIUS has reporting, accounting and graphs pages which provide useful information like last connections, online users, etc. You can read more on http://daloradius.wiki.sourceforge.net/Features But really if you have any specific request for something else that you had on your mind I'd be very happy to work on it. Don't hesitate to email me. Regards, Liran Tal.
participants (7)
-
Alan DeKok -
Arran Cudbard-Bell -
Devinder Singh -
Ivan Kalik -
Julian Stöver -
Liran Tal -
Marinko Tarlac