RADIUS sniffer

Joe Maimon jmaimon at ttec.com
Thu Jan 19 19:29:08 CET 2006

Nicolas Baradakis wrote:

> When debugging a problem in prod environment, it's not possible to
> restart FreeRADIUS in debug mode, so we have to use a sniffer to
> display the RADIUS traffic on the network. However, general purpose
> sniffers like tcpdump or ethereal can only decode a few RADIUS
> attribute, while FreeRADIUS has thousands of attributes in its
> dictionaries.
> That's why I wrote a simple sniffer based on the libradius of
> FreeRADIUS. It prints the RADIUS packets exactly like running
> "radiusd -X". It can also filter the packets based on any RADIUS
> attributes: the sniffer accepts the same strings as the "users" file
> to match a packet. I think it's a very useful RADIUS debug tool.

Since now you can go and replay the request to another radius server 
running on say port 11812

> As it's easier to build the sniffer in the FreeRADIUS source tree,
> I've made a patch against CVS head. It is available here:
> 	     http://nbk.perso.cegetel.net/radsniff.patch
> If people would be interested, it can be added to the CVS tree (pending
> Alan's approval).

More information about the Freeradius-Devel mailing list