pppoe+mysql+Framed-IP-Address

Norbert Grochal norboro at celpol.pl
Sat Mar 18 00:00:25 CET 2006


>> but it still works with '==', why?
>
>  You didn't post debug logs showing it working.  I suspect it doesn't.



OK. Logs are here. User typed 'Jan Nowak' in Identity field, but in my 
database there is UserName='jnovak'.

This log was generated when I have '==' in radcheck table.

There are 9 Access-Request packets (always 9):



rad_recv: Access-Request packet from host 10.10.10.120:3072, id=172, 
length=185

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            Framed-MTU = 1400

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 0x02000013014d61726975737a20426f63687261

            Message-Authenticator = 0xe12c581fdff458cd955c5e8227772a94

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9453

  modcall[authorize]: module "preprocess" returns ok for request 9453

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9453

  modcall[authorize]: module "chap" returns noop for request 9453

  modcall[authorize]: module "mschap" returns noop for request 9453

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9453

  rlm_eap: EAP packet type response id 0 length 19

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9453

  modcall[authorize]: module "files" returns notfound for request 9453

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 4

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 4

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9453

modcall: leaving group authorize (returns updated) for request 9453

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9453

  rlm_eap: EAP Identity

  rlm_eap: processing type tls

  rlm_eap_tls: Initiate

  rlm_eap_tls: Start returned 1

  modcall[authenticate]: module "eap" returns handled for request 9453

modcall: leaving group authenticate (returns handled) for request 9453

Sending Access-Challenge of id 172 to 10.10.10.120 port 3072

            EAP-Message = 0x010100061920

            Message-Authenticator = 0x00000000000000000000000000000000

            State = 0xa5d902c4e64ab1f874fa7be83778e61e

Finished request 9453

Going to the next request

--- Walking the entire request list ---

Waking up in 3 seconds...

rad_recv: Access-Request packet from host 10.10.10.120:3072, id=173, 
length=284

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 
0x0201006a198000000060160301005b010000570301441b3c365de4870d0aa728036bbb3241beb94a4454df3e953c70b8543976c17800003000390038003500160013000a00330032002f0066000500040065006400630062006000150012000900140011000800030100

            State = 0xa5d902c4e64ab1f874fa7be83778e61e

            Message-Authenticator = 0xa2f42db50764094ad6cf90bd7b6c3484

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9454

  modcall[authorize]: module "preprocess" returns ok for request 9454

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9454

  modcall[authorize]: module "chap" returns noop for request 9454

  modcall[authorize]: module "mschap" returns noop for request 9454

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9454

  rlm_eap: EAP packet type response id 1 length 106

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9454

  modcall[authorize]: module "files" returns notfound for request 9454

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 3

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 3

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9454

modcall: leaving group authorize (returns updated) for request 9454

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9454

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/peap

  rlm_eap: processing type peap

  rlm_eap_peap: Authenticate

  rlm_eap_tls: processing TLS

rlm_eap_tls:  Length Included

  eaptls_verify returned 11

    (other): before/accept initialization

    TLS_accept: before/accept initialization

  rlm_eap_tls: <<< TLS 1.0 Handshake [length 005b], ClientHello

    TLS_accept: SSLv3 read client hello A

  rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello

    TLS_accept: SSLv3 write server hello A

  rlm_eap_tls: >>> TLS 1.0 Handshake [length 05c2], Certificate

    TLS_accept: SSLv3 write certificate A

  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone

    TLS_accept: SSLv3 write server done A

    TLS_accept: SSLv3 flush data

    TLS_accept:error in SSLv3 read client certificate A

In SSL Handshake Phase

In SSL Accept mode

  eaptls_process returned 13

  rlm_eap_peap: EAPTLS_HANDLED

  modcall[authenticate]: module "eap" returns handled for request 9454

modcall: leaving group authenticate (returns handled) for request 9454

Sending Access-Challenge of id 173 to 10.10.10.120 port 3072

            EAP-Message = 
0x0102040a19c00000061f160301004a020000460301441b3c8a09a768656cc8b18679ddde800cf69824f2ff21174a806fdf90524bae20705a153e92631a2faefae233c6f6ba484b654b4334523215e1c66bb00b8c112b00350016030105c20b0005be0005bb00027d30820279308201e2a003020102020106300d06092a864886f70d01010505003070310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c310f300d0603550403130643656c706f6c311d301b06092a864886f70d010901160e696e666f4063656c706f6c2e706c301e170d

            EAP-Message = 
0x3036303230383136303835365a170d3037303230383136303835365a307c310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c3119301706035504031310526f6f74206365727469666963617465311f301d06092a864886f70d0109011610726f6f74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100ebeb0db2d95e9d54a40db86f4fafa7aaa6a8e7a75181742c25d6c0f2117bb200f547fca9a00d338ad20d216471aff05550cb29e5e7c7b277856a4ec02893b332ca2520dde6cf

            EAP-Message = 
0x677f98d92fd5e2e8f66327d8f4a0d87a7439fcceb82bd0bf13a97bd750e51731af6353b6db2e1a9f7af0696846b7b3f56988886c64734e022a590203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101050500038181006f20918ccc91f8537e50000d363d8bbf338547236c25a5cd63bea4c988af28528d3facc091eba2a40b50f21ce46900983cc2c600c73e4e432ef2620b8afe0b790144b574c949a7edf263de59097ca5f2a31845920d001e3653a214b89362eee7892c80a33f9e207960a03ca0eb5f1eff01306ad6813c9967582c18a78bd715e8000338308203343082029da0030201020209

            EAP-Message = 
0x008508d88838ca3017300d06092a864886f70d01010505003070310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c310f300d0603550403130643656c706f6c311d301b06092a864886f70d010901160e696e666f4063656c706f6c2e706c301e170d3036303230383136303835355a170d3136303230383136303835355a3070310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c310f300d0603550403130643656c706f6c

            EAP-Message = 0x311d301b06092a864886f70d010901160e696e666f40

            Message-Authenticator = 0x00000000000000000000000000000000

            State = 0x39bc601df9e4a78007d463f02d64bc8b

Finished request 9454

Going to the next request

--- Walking the entire request list ---

Waking up in 1 seconds...

rad_recv: Access-Request packet from host 10.10.10.120:3072, id=174, 
length=184

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 0x020200061900

            State = 0x39bc601df9e4a78007d463f02d64bc8b

            Message-Authenticator = 0xbdde1e97a46552df02cc8539ef9b73f0

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9455

  modcall[authorize]: module "preprocess" returns ok for request 9455

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9455

  modcall[authorize]: module "chap" returns noop for request 9455

  modcall[authorize]: module "mschap" returns noop for request 9455

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9455

  rlm_eap: EAP packet type response id 2 length 6

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9455

  modcall[authorize]: module "files" returns notfound for request 9455

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 2

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 2

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9455

modcall: leaving group authorize (returns updated) for request 9455

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9455

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/peap

  rlm_eap: processing type peap

  rlm_eap_peap: Authenticate

  rlm_eap_tls: processing TLS

rlm_eap_tls: Received EAP-TLS ACK message

  rlm_eap_tls: ack handshake fragment handler

  eaptls_verify returned 1

  eaptls_process returned 13

  rlm_eap_peap: EAPTLS_HANDLED

  modcall[authenticate]: module "eap" returns handled for request 9455

modcall: leaving group authenticate (returns handled) for request 9455

Sending Access-Challenge of id 174 to 10.10.10.120 port 3072

            EAP-Message = 
0x01030225190063656c706f6c2e706c30819f300d06092a864886f70d010101050003818d0030818902818100c6a272deb4e88d4fd091d201eb153463f3bd9d8015ed90360716b033653057a27c3d3a8a840d1f726b5360507c9ab3cb5ff08b8315bee6dbc02e3434bafc38f793ee8d82b8c15ddcf2dfa78dcdf95704ceb8ce36ef2d0b0562ce7c88222b365ce3cfc40ad861f3ef02055c093c65d6812678adc00e089617f4189fe108f389d90203010001a381d53081d2301d0603551d0e041604145d45399694ebd5b9cdf7bd6b27a5b418f88413c13081a20603551d2304819a30819780145d45399694ebd5b9cdf7bd6b27a5b418f88413c1a174a4

            EAP-Message = 
0x723070310b300906035504061302504c310f300d0603550408130650756c617779310f300d0603550407130650756c617779310f300d060355040a130643656c706f6c310f300d0603550403130643656c706f6c311d301b06092a864886f70d010901160e696e666f4063656c706f6c2e706c8209008508d88838ca3017300c0603551d13040530030101ff300d06092a864886f70d01010505000381810012bc30f40f58289abe69e7374fe8ea10654d0aa787eb2bdc75a9cfc84a3f5c9952352891a0066825fafc39d5d08b17bf2c0a54abf532ae0d4792bfe6b6d4679ec7755f33e6684cff5493382a54fb9a6a1c37a43305d5e97d01c250110345

            EAP-Message = 
0x8f64217513a840d631791e07033eeda981df532b1763f5f87b9f317567435f6744ae16030100040e000000

            Message-Authenticator = 0x00000000000000000000000000000000

            State = 0x6c9fce16240772070594508206d342ea

Finished request 9455

Going to the next request

Cleaning up request 9453 ID 172 with timestamp 441b3c88

Waking up in 1 seconds...

rad_recv: Access-Request packet from host 10.10.10.120:3072, id=175, 
length=386

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 
0x020300d01980000000c6160301008610000082008034a4f389ddbdd9aced47fcfa2641368883f421cd3a27d949beb6f276a1ff80ed701ca6c162bb045d96c48500a396b932c9a339f9acb89e02114990de2158a146a04d8870701947b3a521c6079ea729b8bd0ea4d3f108e48d61303564d17c3a98ee44d1a0c214ec630fd613086980216ec4484a6709e88dd859f302c5cfe8b34c140301000101160301003059bee7596974bc04d86dff8874981c8a9ee9c293484236e3b9d27af08c941e529bd39298734f0e5bf6137f7f409a15e3

            State = 0x6c9fce16240772070594508206d342ea

            Message-Authenticator = 0x9992ae79a46b3e5e68ca932f3fac5102

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9456

  modcall[authorize]: module "preprocess" returns ok for request 9456

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9456

  modcall[authorize]: module "chap" returns noop for request 9456

  modcall[authorize]: module "mschap" returns noop for request 9456

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9456

  rlm_eap: EAP packet type response id 3 length 208

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9456

  modcall[authorize]: module "files" returns notfound for request 9456

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 1

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 1

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9456

modcall: leaving group authorize (returns updated) for request 9456

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9456

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/peap

  rlm_eap: processing type peap

  rlm_eap_peap: Authenticate

  rlm_eap_tls: processing TLS

rlm_eap_tls:  Length Included

  eaptls_verify returned 11

  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange

    TLS_accept: SSLv3 read client key exchange A

  rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]

  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished

    TLS_accept: SSLv3 read finished A

  rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]

    TLS_accept: SSLv3 write change cipher spec A

  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished

    TLS_accept: SSLv3 write finished A

    TLS_accept: SSLv3 flush data

    (other): SSL negotiation finished successfully

SSL Connection Established

  eaptls_process returned 13

  rlm_eap_peap: EAPTLS_HANDLED

  modcall[authenticate]: module "eap" returns handled for request 9456

modcall: leaving group authenticate (returns handled) for request 9456

Sending Access-Challenge of id 175 to 10.10.10.120 port 3072

            EAP-Message = 
0x0104004119001403010001011603010030a2f7faa3fbebc41632ed2e335484845b0b28e35e7079546689712be59f70f7eb6bb4a7b279b996c3246c1dec798cabef

            Message-Authenticator = 0x00000000000000000000000000000000

            State = 0xa636d37307db295290e7df7739d79677

Finished request 9456

Going to the next request

--- Walking the entire request list ---

Waking up in 2 seconds...

rad_recv: Access-Request packet from host 10.10.10.120:3072, id=176, 
length=184

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 0x020400061900

            State = 0xa636d37307db295290e7df7739d79677

            Message-Authenticator = 0xfceece1ee08078c131ae49f1db6449f9

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9457

  modcall[authorize]: module "preprocess" returns ok for request 9457

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9457

  modcall[authorize]: module "chap" returns noop for request 9457

  modcall[authorize]: module "mschap" returns noop for request 9457

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9457

  rlm_eap: EAP packet type response id 4 length 6

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9457

  modcall[authorize]: module "files" returns notfound for request 9457

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 0

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 0

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9457

modcall: leaving group authorize (returns updated) for request 9457

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9457

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/peap

  rlm_eap: processing type peap

  rlm_eap_peap: Authenticate

  rlm_eap_tls: processing TLS

rlm_eap_tls: Received EAP-TLS ACK message

  rlm_eap_tls: ack handshake is finished

  eaptls_verify returned 3

  eaptls_process returned 3

  rlm_eap_peap: EAPTLS_SUCCESS

  modcall[authenticate]: module "eap" returns handled for request 9457

modcall: leaving group authenticate (returns handled) for request 9457

Sending Access-Challenge of id 176 to 10.10.10.120 port 3072

            EAP-Message = 
0x0105005019001703010020bd830fbec3a1c307909e7422327b1aebff1cb58d781b4feaac2482a3f256fa4e1703010020ad704bf0795f035099a7a0538da3c0338afaaaf4fafd4362c4d448786e0ab514

            Message-Authenticator = 0x00000000000000000000000000000000

            State = 0xe7f4493ca439636cb18339943bbc97eb

Finished request 9457

Going to the next request

Waking up in 2 seconds...

rad_recv: Access-Request packet from host 10.10.10.120:3072, id=177, 
length=258

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 
0x0205005019001703010020d18e6483f879255c064ed23ac9a78ec7117545a359498d17c554bd3c304748eb17030100209b5f644be27b277f0b531d0b1acfa898620711d83364491306265248a4991fde

            State = 0xe7f4493ca439636cb18339943bbc97eb

            Message-Authenticator = 0x143e2a227b53ccee2c8d2c3d04e7cad2

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9458

  modcall[authorize]: module "preprocess" returns ok for request 9458

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9458

  modcall[authorize]: module "chap" returns noop for request 9458

  modcall[authorize]: module "mschap" returns noop for request 9458

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9458

  rlm_eap: EAP packet type response id 5 length 80

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9458

  modcall[authorize]: module "files" returns notfound for request 9458

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 4

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 4

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9458

modcall: leaving group authorize (returns updated) for request 9458

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9458

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/peap

  rlm_eap: processing type peap

  rlm_eap_peap: Authenticate

  rlm_eap_tls: processing TLS

  eaptls_verify returned 7

  rlm_eap_tls: Done initial handshake

  eaptls_process returned 7

  rlm_eap_peap: EAPTLS_OK

  rlm_eap_peap: Session established.  Decoding tunneled attributes.

  rlm_eap_peap: Identity - jnovak

  rlm_eap_peap: Tunneled data is valid.

  PEAP: Got tunneled identity of jnovak

  PEAP: Setting default EAP type for tunneled EAP session.

  PEAP: Setting User-Name to jnovak

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9458

  modcall[authorize]: module "preprocess" returns ok for request 9458

radius_xlat: 
'/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to /usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9458

  modcall[authorize]: module "chap" returns noop for request 9458

  modcall[authorize]: module "mschap" returns noop for request 9458

    rlm_realm: No '@' in User-Name = "jnovak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9458

  rlm_eap: EAP packet type response id 5 length 11

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9458

  modcall[authorize]: module "files" returns notfound for request 9458

radius_xlat:  'jnovak'

rlm_sql (sql): sql_set_user escaped user --> 'jnovak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'jnovak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 3

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'jnovak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radreply           WHERE Username = 'jnovak'           ORDER BY id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'jnovak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): Released sql socket id: 3

  modcall[authorize]: module "sql" returns ok for request 9458

modcall: leaving group authorize (returns updated) for request 9458

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9458

  rlm_eap: EAP Identity

  rlm_eap: processing type mschapv2

rlm_eap_mschapv2: Issuing Challenge

  modcall[authenticate]: module "eap" returns handled for request 9458

modcall: leaving group authenticate (returns handled) for request 9458

  PEAP: Got tunneled Access-Challenge

  modcall[authenticate]: module "eap" returns handled for request 9458

modcall: leaving group authenticate (returns handled) for request 9458

Sending Access-Challenge of id 177 to 10.10.10.120 port 3072

            EAP-Message = 
0x0106007019001703010020e967380a94e405afb2fbdc4c7650dcb48443811739fdd10472f403bd102b7b401703010040bd21e59a5e4278909348c2cb50bdbd896c9b1db1d01e74df01991c329c777e75c6200582537fc3a285ae96a1776cb44be3379b700519ddd3a2821c7665efe620

            Message-Authenticator = 0x00000000000000000000000000000000

            State = 0xa3a93732efb58f656e2869bdb474a4d9

Finished request 9458

Going to the next request

Waking up in 2 seconds...

rad_recv: Access-Request packet from host 10.10.10.120:3072, id=178, 
length=322

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 
0x02060090190017030100201033c32f606a99453db42109fe6b3f57d4f9b977c9dd2979e6784c310b5a93881703010060af38ac49655fa128a12d32cd747c742f0e8e14c9524b4410f9f4185fc178270a6fd43e218af569d971caee2e13a3e9453a6b3491dd337a2f84968f1839a9ad42e6504a131e49225c38e5bdf111fbe0c4318b054a87d16459ed4a5aa6ba12a25b

            State = 0xa3a93732efb58f656e2869bdb474a4d9

            Message-Authenticator = 0x8ab6955c72eacc390d4c71af6bdc5368

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9459

  modcall[authorize]: module "preprocess" returns ok for request 9459

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9459

  modcall[authorize]: module "chap" returns noop for request 9459

  modcall[authorize]: module "mschap" returns noop for request 9459

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9459

  rlm_eap: EAP packet type response id 6 length 144

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9459

  modcall[authorize]: module "files" returns notfound for request 9459

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 2

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 2

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9459

modcall: leaving group authorize (returns updated) for request 9459

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9459

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/peap

  rlm_eap: processing type peap

  rlm_eap_peap: Authenticate

  rlm_eap_tls: processing TLS

  eaptls_verify returned 7

  rlm_eap_tls: Done initial handshake

  eaptls_process returned 7

  rlm_eap_peap: EAPTLS_OK

  rlm_eap_peap: Session established.  Decoding tunneled attributes.

  rlm_eap_peap: EAP type mschapv2

  rlm_eap_peap: Tunneled data is valid.

  PEAP: Setting User-Name to jnovak

  PEAP: Adding old state with 5f c5

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9459

  modcall[authorize]: module "preprocess" returns ok for request 9459

radius_xlat: 
'/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to /usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9459

  modcall[authorize]: module "chap" returns noop for request 9459

  modcall[authorize]: module "mschap" returns noop for request 9459

    rlm_realm: No '@' in User-Name = "jnovak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9459

  rlm_eap: EAP packet type response id 6 length 65

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9459

  modcall[authorize]: module "files" returns notfound for request 9459

radius_xlat:  'jnovak'

rlm_sql (sql): sql_set_user escaped user --> 'jnovak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'jnovak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 1

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'jnovak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radreply           WHERE Username = 'jnovak'           ORDER BY id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'jnovak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): Released sql socket id: 1

  modcall[authorize]: module "sql" returns ok for request 9459

modcall: leaving group authorize (returns updated) for request 9459

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9459

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/mschapv2

  rlm_eap: processing type mschapv2

  Processing the authenticate section of radiusd.conf

modcall: entering group MS-CHAP for request 9459

  rlm_mschap: Told to do MS-CHAPv2 for jnovak with NT-Password

rlm_mschap: adding MS-CHAPv2 MPPE keys

  modcall[authenticate]: module "mschap" returns ok for request 9459

modcall: leaving group MS-CHAP (returns ok) for request 9459

MSCHAP Success

  modcall[authenticate]: module "eap" returns handled for request 9459

modcall: leaving group authenticate (returns handled) for request 9459

  PEAP: Got tunneled Access-Challenge

  modcall[authenticate]: module "eap" returns handled for request 9459

modcall: leaving group authenticate (returns handled) for request 9459

Sending Access-Challenge of id 178 to 10.10.10.120 port 3072

            EAP-Message = 
0x0107008019001703010020a31e64af966a0a07666b89cbf5f270dad3746fde5c04de489cc8dc007f4f5f2517030100506ee1aaf5fdd1035e28d1e17ec8dcd921408131bfad8ec38d169167cedaec28c2e5c9fbd12be70a414f4a46b0f285398e2964aa3da797824508984fb0c18cc28b155b4b27679a762ea7d7af18f6719974

            Message-Authenticator = 0x00000000000000000000000000000000

            State = 0xf088e70ad7f57009d357e9ec239d3945

Finished request 9459

Going to the next request

Waking up in 2 seconds...

rad_recv: Access-Request packet from host 10.10.10.120:3072, id=179, 
length=258

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 
0x020700501900170301002061953fd7cd6062ed3d060c2217bc6071397eebc0e9200c8f93e5d3e27f8f29001703010020e255fa52030a457dd6187954eb2088e85b15f5f9f7144422bf843a01230384c0

            State = 0xf088e70ad7f57009d357e9ec239d3945

            Message-Authenticator = 0x5f668992afa71ade1c7e536d70eeaea2

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9460

  modcall[authorize]: module "preprocess" returns ok for request 9460

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9460

  modcall[authorize]: module "chap" returns noop for request 9460

  modcall[authorize]: module "mschap" returns noop for request 9460

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9460

  rlm_eap: EAP packet type response id 7 length 80

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9460

  modcall[authorize]: module "files" returns notfound for request 9460

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 0

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 0

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9460

modcall: leaving group authorize (returns updated) for request 9460

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9460

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/peap

  rlm_eap: processing type peap

  rlm_eap_peap: Authenticate

  rlm_eap_tls: processing TLS

  eaptls_verify returned 7

  rlm_eap_tls: Done initial handshake

  eaptls_process returned 7

  rlm_eap_peap: EAPTLS_OK

  rlm_eap_peap: Session established.  Decoding tunneled attributes.

  rlm_eap_peap: EAP type mschapv2

  rlm_eap_peap: Tunneled data is valid.

  PEAP: Setting User-Name to jnovak

  PEAP: Adding old state with 09 60

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9460

  modcall[authorize]: module "preprocess" returns ok for request 9460

radius_xlat: 
'/usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to /usr/local/var/log/radius/radacct/127.0.0.1/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9460

  modcall[authorize]: module "chap" returns noop for request 9460

  modcall[authorize]: module "mschap" returns noop for request 9460

    rlm_realm: No '@' in User-Name = "jnovak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9460

  rlm_eap: EAP packet type response id 7 length 6

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9460

  modcall[authorize]: module "files" returns notfound for request 9460

radius_xlat:  'jnovak'

rlm_sql (sql): sql_set_user escaped user --> 'jnovak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'jnovak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 4

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'jnovak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radreply           WHERE Username = 'jnovak'           ORDER BY id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'jnovak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): Released sql socket id: 4

  modcall[authorize]: module "sql" returns ok for request 9460

modcall: leaving group authorize (returns updated) for request 9460

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9460

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/mschapv2

  rlm_eap: processing type mschapv2

  rlm_eap: Freeing handler

  modcall[authenticate]: module "eap" returns ok for request 9460

modcall: leaving group authenticate (returns ok) for request 9460

Login OK: [jnovak] (from client localhost port 0)

  Processing the post-auth section of radiusd.conf

modcall: entering group post-auth for request 9460

radius_xlat: 
'/usr/local/var/log/radius/radacct/127.0.0.1/reply-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d 
expands to /usr/local/var/log/radius/radacct/127.0.0.1/reply-detail-20060317

  modcall[post-auth]: module "reply_log" returns ok for request 9460

rlm_sql (sql): Processing sql_postauth

radius_xlat:  'jnovak'

rlm_sql (sql): sql_set_user escaped user --> 'jnovak'

radius_xlat:  'INSERT into radpostauth (id, user, pass, reply, date) values 
('', 'jnovak', 'Chap-Password', 'Access-Accept', NOW())'

rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, 
pass, reply, date) values ('', 'jnovak', 'Chap-Password', 'Access-Accept', 
NOW())

rlm_sql (sql): Reserving sql socket id: 3

rlm_sql (sql): Released sql socket id: 3

  modcall[post-auth]: module "sql" returns ok for request 9460

modcall: leaving group post-auth (returns ok) for request 9460

  PEAP: Tunneled authentication was successful.

  rlm_eap_peap: SUCCESS

  modcall[authenticate]: module "eap" returns handled for request 9460

modcall: leaving group authenticate (returns handled) for request 9460

Sending Access-Challenge of id 179 to 10.10.10.120 port 3072

            EAP-Message = 
0x01080050190017030100209c83d2e118a9b149ac39c2a1b263c8b4a8135d0ee2390aedcf6416b71e33fea917030100202f89b71f344177ad24aef14959db7b69018a121c9bd08c67cb091098cb59c188

            Message-Authenticator = 0x00000000000000000000000000000000

            State = 0x88b9cdb4c5e09b6fe10e056e00014195

Finished request 9460

Going to the next request

Waking up in 2 seconds...

rad_recv: Access-Request packet from host 10.10.10.120:3072, id=180, 
length=258

            User-Name = "Jan Nowak"

            NAS-IP-Address = 10.10.10.120

            NAS-Port = 0

            Called-Station-Id = "00304f410101"

            Calling-Station-Id = "000e2e740202"

            NAS-Identifier = "Realtek Access Point. 8181"

            NAS-Port-Type = Wireless-802.11

            Service-Type = Framed-User

            Connect-Info = "CONNECT 11Mbps 802.11b"

            EAP-Message = 
0x0208005019001703010020b2711c8c08afb24471bd7cc630f07c4a7cab2cac1a03058f3fddc42b92aec06f17030100203d4f99424afe7a9017d927100d6dd50d1a31ebb6870fc2044b28f27f02eade9f

            State = 0x88b9cdb4c5e09b6fe10e056e00014195

            Message-Authenticator = 0x197dad7442bbba1103bd14df6274f579

  Processing the authorize section of radiusd.conf

modcall: entering group authorize for request 9461

  modcall[authorize]: module "preprocess" returns ok for request 9461

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/auth-detail-20060317

  modcall[authorize]: module "auth_log" returns ok for request 9461

  modcall[authorize]: module "chap" returns noop for request 9461

  modcall[authorize]: module "mschap" returns noop for request 9461

    rlm_realm: No '@' in User-Name = "Jan Nowak", looking up realm NULL

    rlm_realm: No such realm "NULL"

  modcall[authorize]: module "suffix" returns noop for request 9461

  rlm_eap: EAP packet type response id 8 length 80

  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation

  modcall[authorize]: module "eap" returns updated for request 9461

  modcall[authorize]: module "files" returns notfound for request 9461

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'Jan Nowak'           ORDER BY id'

rlm_sql (sql): Reserving sql socket id: 2

rlm_sql (sql): User Jan Nowak not found in radcheck

radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op 
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'

radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op 
FROM radgroupreply,usergroup WHERE usergroup.Username = 'Jan Nowak' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'

rlm_sql (sql): User Jan Nowak not found in radgroupcheck

rlm_sql (sql): Released sql socket id: 2

rlm_sql (sql): User not found

  modcall[authorize]: module "sql" returns notfound for request 9461

modcall: leaving group authorize (returns updated) for request 9461

  rad_check_password:  Found Auth-Type EAP

auth: type "EAP"

  Processing the authenticate section of radiusd.conf

modcall: entering group authenticate for request 9461

  rlm_eap: Request found, released from the list

  rlm_eap: EAP/peap

  rlm_eap: processing type peap

  rlm_eap_peap: Authenticate

  rlm_eap_tls: processing TLS

  eaptls_verify returned 7

  rlm_eap_tls: Done initial handshake

  eaptls_process returned 7

  rlm_eap_peap: EAPTLS_OK

  rlm_eap_peap: Session established.  Decoding tunneled attributes.

  rlm_eap_peap: Received EAP-TLV response.

  rlm_eap_peap: Tunneled data is valid.

  rlm_eap_peap: Success

  rlm_eap: Freeing handler

  modcall[authenticate]: module "eap" returns ok for request 9461

modcall: leaving group authenticate (returns ok) for request 9461

Login OK: [Jan Nowak] (from client AP120 port 0 cli 000e2e740202)

  Processing the post-auth section of radiusd.conf

modcall: entering group post-auth for request 9461

radius_xlat: 
'/usr/local/var/log/radius/radacct/10.10.10.120/reply-detail-20060317'

rlm_detail: 
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d 
expands to 
/usr/local/var/log/radius/radacct/10.10.10.120/reply-detail-20060317

  modcall[post-auth]: module "reply_log" returns ok for request 9461

rlm_sql (sql): Processing sql_postauth

radius_xlat:  'Jan Nowak'

rlm_sql (sql): sql_set_user escaped user --> 'Jan Nowak'

radius_xlat:  'INSERT into radpostauth (id, user, pass, reply, date) values 
('', 'Jan Nowak', 'Chap-Password', 'Access-Accept', NOW())'

rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, 
pass, reply, date) values ('', 'Jan Nowak', 'Chap-Password', 
'Access-Accept', NOW())

rlm_sql (sql): Reserving sql socket id: 1

rlm_sql (sql): Released sql socket id: 1

  modcall[post-auth]: module "sql" returns ok for request 9461

modcall: leaving group post-auth (returns ok) for request 9461

Sending Access-Accept of id 180 to 10.10.10.120 port 3072

            MS-MPPE-Recv-Key = 
0xa72ae1fffa65dbe1b40c309e85f837da734fd1b6d5df0d2a72b264a3fe5d94c2

            MS-MPPE-Send-Key = 
0xa44af53fff0b5cfc14f228115a4ba667f15a535154e3a2ffb39a01cfb1fc2d54

            EAP-Message = 0x03080004

            Message-Authenticator = 0x00000000000000000000000000000000

            User-Name = "Jan Nowak"

Finished request 9461

Going to the next request

Waking up in 2 seconds...

--- Walking the entire request list ---

Cleaning up request 9454 ID 173 with timestamp 441b3c8a

Cleaning up request 9455 ID 174 with timestamp 441b3c8a

Waking up in 1 seconds...

--- Walking the entire request list ---

Cleaning up request 9456 ID 175 with timestamp 441b3c8b

Cleaning up request 9457 ID 176 with timestamp 441b3c8b

Cleaning up request 9458 ID 177 with timestamp 441b3c8b

Cleaning up request 9459 ID 178 with timestamp 441b3c8b

Cleaning up request 9460 ID 179 with timestamp 441b3c8b

Cleaning up request 9461 ID 180 with timestamp 441b3c8b

Nothing to do.  Sleeping until we see a request.



>  As for your original question about IP addresses, you put the IP
> into the radcheck table, not radreply.



Aha...... (!!!) So...:

insert into radreply (UserName,Attribute,op,Value) values 
('norbert','Framed-IP-Address',':=','xx.xx.16.124');



AND IT WORKS!!! :):):):):)

THANKS!!!!!!!!!!!!


Norbert






More information about the Freeradius-Users mailing list