Logging based on port request came in on

Walt Reynolds waltr at umich.edu
Fri Mar 2 12:56:35 CET 2007


> Date: Wed, 28 Feb 2007 19:35:48 +0000
> From: Phil Mayers <p.mayers at imperial.ac.uk>
> Subject: Re: Logging based on port request came in on
> To: FreeRadius users mailing list
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <45E5D994.2070801 at imperial.ac.uk>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> 
> Walt Reynolds wrote:
>> Hello,
>>
>> I have freeradius 1.1.2 set up to listen on both ports 1812/1813 and 
>> 1645/1646.  This is simply to separate user and admin login.  What I 
>> would like to do is to add logging based on the port.  I could add  
>> %{NAS-Port-Type} to the Detail such as:
>>
>> detailfile = ${radacctdir}/%{NAS-Port-Type}/auth-detail-%Y%m%d
>>
>> The problem with doing this as it uses the string "Wireless-802.11" or 
>> "Virtual".  I would instead like to use the port the request came in on 
> 
> NAS-Port-Type is, as you've discovered, the port type of the session 
> being authenticated/accounted
> 
>> (1812 or 1645) or even modify that string value.  I tried to add the 
>> string %(request:Packet-Dst-Port) (from the 
>> dictionary.freeradius.internal) in the detailfile, but comes back blank.
> 

Since it is in this dictionary, is there something I would have to do

> You'll need a sufficiently recent version of the server for that to 
> work, and IIRC the "preprocess" module needs to be run (you should 
> always run it)

Well, I am using 1.1..2 version of Freeradius.  I also am preprocessing, 
though I am not sure that would be needed here.  As this is a variable 
defined in the dictionary file, I was under the impression that I could 
use it.

Either way, here is the section from the config:

         preprocess {
                 huntgroups = ${confdir}/huntgroups
                 hints = ${confdir}/hints
                 with_cisco_vsa_hack = yes
         }

I had added this to the hints files as well, but did not seem do anything:


> 
>> Am I misreading this in some way.  I assume that internally freeradius 
>> knows what port the request came in on.
> 
> What version are you running?
> 
> 

1.1.2



-- 
Walt Reynolds
Principle Systems Security Development Engineer
Information Technology Central Services
University of Michigan
(734) 615-9438




More information about the Freeradius-Users mailing list