So what 'rest of the documentation' should I look at. I guess I am not seeing how I should know that the "auth_log" is a variant of the "detail" module. I am hoping i can get a better understanding of the documentations so I would not have to ask questions in the future. So for this example I saw the following: 1. Note in changelog about suppress 2. Section under 'detail' in radiusd.conf file with supress option commented out. So I now understand that I should be able to suppress information from any of the detail sections by adding an additional suppress line under that module subsection. Is this something that I should have understood to start with or is there documentation that I did not see and should read? ===================== Date: Fri, 23 Jun 2006 11:11:21 -0400 From: "Alan DeKok" <aland@nitros9.org> Subject: Re: Freeradius-Users Digest, Vol 14, Issue 95 To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <20060623151121.6DF4216E49@mail.nitros9.org> Walter Reynolds <waltr@umich.edu> wrote:
Now the question is what example config file had the suppress stanza under the detail auth_log section as well? Mine just listed it under the detail section so I did not know I needed to put it in both places.
The rest of the documentation explains how the modules are set up. The "auth_log" module is a variant of the "detail" module. Nothing is different except the name, and the options you put into it's configuration. Alan DeKok. ======================
Date: Thu, 22 Jun 2006 20:15:54 +0100 From: A.L.M.Buxey@lboro.ac.uk Subject: Re: So how do you suppress To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Message-ID: <20060622191554.GC23362@lboro.ac.uk> Content-Type: text/plain; charset=us-ascii
Hi,
So how do I actually suppress the user password from the detail log based on this? Looking at the rlm_detail file and I might as well be looking at a foreign language.
you can, for example, do somthing like this in radiusd.conf
# Write a detailed log of all accounting records received. # detail { # Note that we do NOT use NAS-IP-Address here, as # that attribute MAY BE from the originating NAS, and # blah blah blah detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
detailperm = 0600 suppress { User-Password }
}
detail auth_log { detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y% m%d
detailperm = 0600 suppress { User-Password }
}
its SO much easier if you read the example config files that come with the new release as they often contain HOW to use a feature/option/argument :-)
alan
-- Walter Reynolds University of Michigan
Walter Reynolds <waltr@umich.edu> wrote:
So what 'rest of the documentation' should I look at. I guess I am not seeing how I should know that the "auth_log" is a variant of the "detail" module.
The comments at the start of the "modules" section in radiusd.conf explain this. It event points to examples further on that demonstrate what it's talking about.
So I now understand that I should be able to suppress information from any of the detail sections by adding an additional suppress line under that module subsection.
Is this something that I should have understood to start with or is there documentation that I did not see and should read?
Yes. It's been documented in the server for many years. Many configurations and examples included in the default conf files demonstrate this. See "detail", "radutmp", "always", for starters. Alan DeKok.
participants (2)
-
Alan DeKok -
Walter Reynolds