log failed logins
Alan DeKok
aland at deployingradius.com
Wed Jan 24 08:14:58 CET 2007
Cory Robson wrote:
> Does anyone have a list of attributes I can log on failed attempts and the
> structure for the SQL statement.
No, because the list of attributes depends on what the NAS sends, and
on your local configuration.
Some modules add Module-Message, but not all do.
> Eg %{reply:Reply-Message} quite often gives me "=5Cr=5CnYou are already
> logged in - access denied=5Cr=5Cn=5Cn" whereas I obviously only need the
> statement you are already logged in.
>
> I assume that an attribute followed by :- means to place what follows in the
> event of no data provided.
Yes. See doc/variables.txt
> Looking for lots of clarification here.
>
>
> postauth_query = "INSERT into ${postauth_table} (id, user, pass, reply,
> date, callingid) values ('', '%{User-Name}',
> '%{User-Password:-Chap-Password}', '%{reply:Reply-Message}', NOW(),
> '%{Calling-Station-Id}')"
Failed authentications are logged to radius.log. See rad_authlog() in
src/main/auth.c for what it logs, and what may be available.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list