mark.dennehy at gmail.com
Thu Jan 22 18:00:07 CET 2009
On Thu, Jan 22, 2009 at 4:47 PM, Alan DeKok <aland at deployingradius.com>wrote:
> Mark Dennehy wrote:
> > 1) Can a radius accounting session get the Start message from one host
> > and the Stop message from another?
> It's not forbidden (surprisingly enough). But it's certainly
> unexpected, and happens very rarely (i.e. never) in real systems.
So long as it's not forbidden by the RFC or freeradius, I don't mind being
thought of as not a "real" system! :)
> > 2) I've got wireshark showing incoming radius messages on a box here;
> > but freeradius -X isn't showing them being spotted;
> Then they're not showing up on the socket freeradius is using.
> There's likely a firewall in the way, or SELinux.
SELinux isn't present, and wireshark is actually running on the box in
question, so they're past the firewall at this stage. What I'm seeing from
Frame 15 (144 bytes on wire, 144 bytes captured)
Linux cooked capture
Internet Protocol, Src: 220.127.116.11 (18.104.22.168), Dst: 22.214.171.124
User Datagram Protocol, Src Port: 36592 (36592), Dst Port: radius-acct
Source port: 36592 (36592)
Destination port: radius-acct (1813)
Checksum: 0xbb58 [correct]
Code: Accounting-Request (4)
Packet identifier: 0xe7 (231)
Attribute Value Pairs
AVP: l=6 t=Acct-Status-Type(40): Stop(2)
AVP: l=12 t=NAS-Identifier(32): metachilli
AVP: l=6 t=NAS-IP-Address(4): 127.0.0.1
AVP: l=14 t=User-Name(1): qw2 at metakall
AVP: l=18 t=Acct-Session-Id(44): 4978936900000000
AVP: l=6 t=Acct-Terminate-Cause(49): Lost-Carrier(2)
AVP: l=6 t=NAS-Port(5): 1813
AVP: l=6 t=Acct-Delay-Time(41): 0
AVP: l=6 t=NAS-IP-Address(4): 126.96.36.199
But freeradius -X doesn't even hiccup. There's no acknowlegement from it at
all that this arrived.
> It logs nearly everything in debugging mode, including all packets
> it's discarding.
(Because I know what my luck is like :D )
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Devel