radius.log behaviour change v1 -> v2
stefan.winter at restena.lu
Fri Apr 11 14:01:26 CEST 2008
following up on myself:
> Wed Dec 5 21:11:11 2007 : Auth: Login OK: [stefan.winter at restena.lu] (from
> client localhost port 0)
> Wed Dec 5 21:11:11 2007 : Auth: Login OK: [@restena.lu] (from client
> radius-1 port 1 cli 00-13-ce-c2-b1-86)
> v2 format is: both are logged as coming from real client, like:
> Thu Mar 27 11:00:00 2008 : Auth: Login incorrect: [x.y at uni.lu] (from client
> WLC-Walferdange2 port 0)
> Thu Mar 27 11:00:00 2008 : Auth: Login incorrect: [x.y at uni.lu] (from
> client WLC-Walferdange2 port 29 cli 00-1C-BF-73-E6-0A)
> That makes parsing the log file more difficult, if the number of
> authentications happening is to be taken out of the radius.log file. If a
> NAS doesn't send Calling-Station-Id, the two are almost not correlatable,
> except for the timestamp and a possibly different port (both seem whacky
> ways of doing it).
> Was this change advertantly? Can I get the old behaviour back? Or at least,
> add "-inner" to the client name for inner requests?
Digging through the code, I noticed that there should already be a
notification by adding "via TLS tunnel" at the end of the log line, the code
in question in auth_name() in auth.c being a ternary op:
(request->packet->src_port == 0) ? " via TLS tunnel" : "");
This log line never manifested in my setups so far. I don't fully understand
the inner tunneling code in ttls and peap, I can only say that there was no
obvious place where packet->src_port is set to 0 when crafting the inner
request. I wonder under what circumstances this ternary is supposed to
evaluate to "via TLS tunnel"... Can someone shed some light on this?
Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de
Ingenieur Forschung & Entwicklung
6, rue Richard Coudenhove-Kalergi
E-Mail: stefan.winter at restena.lu Tel.: +352 424409-1
http://www.restena.lu Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 194 bytes
Desc: This is a digitally signed message part.
More information about the Freeradius-Devel