proxy problems with 2.0.5
Pshem Kowalczyk
pshem.k at gmail.com
Mon Jun 9 08:42:23 CEST 2008
Hi,
Freeradius 2.0.4:
FreeRADIUS Version 2.0.4, for host i486-pc-linux-gnu, built on Apr 28
2008 at 04:41:52
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License.
Starting - reading configuration files ...
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/proxy.conf
including configuration file /etc/freeradius/proxy-generated.conf
including configuration file /etc/freeradius/clients.conf
including configuration file /etc/freeradius/sql-perhost.conf
including files in directory /etc/freeradius/sites-enabled/
including configuration file /etc/freeradius/sites-enabled/local_logger
including configuration file /etc/freeradius/sites-enabled/proxy
including configuration file /etc/freeradius/post-proxy.conf
including configuration file /etc/freeradius/post-proxy-ipcheck.conf
including configuration file /etc/freeradius/sites-enabled/sproxy
including configuration file /etc/freeradius/sites-enabled/backend
including configuration file /etc/freeradius/sites-enabled/remote_logger
including configuration file /etc/freeradius/sites-enabled/billing_logger
including dictionary file /etc/freeradius/dictionary
main {
prefix = "/usr"
localstatedir = "/var"
logdir = "/var/log/freeradius"
libdir = "/usr/lib/freeradius"
radacctdir = "/var/log/freeradius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
allow_core_dumps = yes
pidfile = "/var/run/freeradius/freeradius.pid"
user = "freerad"
group = "freerad"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = yes
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
client 10.119.10.20/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-slb1"
}
client 10.119.2.150/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-slb1-ext"
}
client 10.119.10.0/24 {
require_message_authenticator = no
secret = "secret"
shortname = "grafton-proxies"
}
client 10.119.10.241/32 {
require_message_authenticator = no
secret = "secret"
shortname = "radslb1"
}
client 10.119.10.242/32 {
require_message_authenticator = no
secret = "secret"
shortname = "radslb2"
}
client 10.119.10.243/32 {
require_message_authenticator = no
secret = "secret"
shortname = "radslb3"
}
client 10.119.10.244/32 {
require_message_authenticator = no
secret = "secret"
shortname = "radslb4"
}
client 10.119.2.43/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-lns3"
}
client 10.119.2.49/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-lns4"
}
client 10.119.255.242/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bba1"
}
client 10.119.255.90/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras1"
}
client 10.119.255.92/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras1"
}
client 10.119.2.180/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-testbras1"
}
client 10.119.255.91/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras2"
}
client 10.119.255.93/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras2"
}
client 10.119.255.244/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras3"
}
client 10.119.255.54/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bba2"
}
client 10.119.2.147/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-lns5"
}
client 10.176.0.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts1"
}
client 10.176.0.225/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts2"
}
client 10.176.0.226/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts3"
}
client 10.176.0.227/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts4"
}
client 10.176.0.228/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts5"
}
client 10.176.5.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mab-lts1"
}
client 10.176.4.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-ell-lts1"
}
client 10.176.3.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-glf-lts1"
}
client 10.176.2.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-oh-lts1"
}
client 10.176.1.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-pop-lts1"
}
client 10.176.1.225/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-pop-lts2"
}
client 10.176.1.226/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-pop-lts3"
}
client 10.119.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas1"
}
client 10.119.9.2/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas2"
}
client 10.119.9.3/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas3"
}
client 10.119.9.4/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas4"
}
client 10.119.9.5/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas5"
}
client 10.119.9.6/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas6"
}
client 10.119.9.7/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas7"
}
client 10.119.9.8/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas8"
}
client 10.119.9.9/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas9"
}
client 10.119.9.10/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas10"
}
client 10.119.9.11/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas11"
}
client 10.119.9.12/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas12"
}
client 10.119.9.13/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas13"
}
client 10.119.9.14/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas14"
}
client 10.119.9.15/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas15"
}
client 10.119.9.16/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas16"
}
client 10.119.9.17/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas17"
}
client 10.119.9.18/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas18"
}
client 10.119.9.64/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-diallns3"
}
client 10.119.9.66/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-diallns4"
}
client 10.203.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "chc-bcl-nas1"
}
client 10.203.9.2/32 {
require_message_authenticator = no
secret = "secret"
shortname = "chc-bcl-nas2"
}
client 10.204.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "dun-bcl-nas1"
}
client 10.205.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "ham-tcl-nas1"
}
client 10.205.9.2/32 {
require_message_authenticator = no
secret = "secret"
shortname = "ham-tcl-nas2"
}
client 10.206.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "inv-bcl-nas1"
}
client 10.207.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "nap-bcl-nas1"
}
client 10.208.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "npl-tcl-nas1"
}
client 10.209.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "pmr-tcl-nas1"
}
client 10.210.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "qtn-bcl-nas1"
}
client 10.211.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "rot-tcl-nas1"
}
client 10.212.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "tuo-tcl-nas1"
}
client 10.213.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "tga-bcl-nas1"
}
client 10.214.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "tim-bcl-nas1"
}
client 10.215.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "whn-bcl-nas1"
}
client 10.216.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "whk-bcl-nas1"
}
client 10.229.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "chc-bcl-nas1"
}
client 10.117.2.122/32 {
require_message_authenticator = no
secret = "testing123"
shortname = "test-bras-dslam"
}
client 127.0.0.1 {
require_message_authenticator = no
secret = "secret"
shortname = "localhost"
nastype = "other"
}
radiusd: #### Loading Realms and Home Servers ####
home_server remote_logger {
ipaddr = 10.119.10.63
port = 1822
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool remote_logger_pool {
type = fail-over
home_server = remote_logger
}
realm remote_acct {
acct_pool = remote_logger_pool
nostrip
}
home_server billing_logger1 {
ipaddr = 10.119.10.51
port = 1812
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server billing_logger2 {
ipaddr = 10.119.10.52
port = 1812
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server billing_logger3 {
ipaddr = 10.119.10.53
port = 1812
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server billing_logger4 {
ipaddr = 10.119.10.54
port = 1812
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool billing_logger_pool {
type = load-balance
home_server = billing_logger1
home_server = billing_logger2
home_server = billing_logger3
home_server = billing_logger4
}
realm billing_acct {
acct_pool = billing_logger_pool
nostrip
}
home_server hs07-auth {
ipaddr = 127.0.0.1
port = 1815
type = "auth"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp08-auth {
type = load-balance
home_server = hs07-auth
}
home_server hs07-acct {
ipaddr = 127.0.0.1
port = 1816
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp08-acct {
type = load-balance
home_server = hs07-acct
}
realm catch-all {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dial {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dial-globalroam {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dial-ipnet {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dsl {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dsl-pooled {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dsl-premium {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-pppoe-dsl {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-pppoe-dsl-pooled {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-wc {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
home_server hs01-auth {
ipaddr = w.v.110.1
port = 1812
type = "auth"
secret = "wignlpb!"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp02-auth {
type = fail-over
home_server = hs01-auth
home_server = hs01-auth
}
home_server hs01-acct {
ipaddr = w.v.110.1
port = 1813
type = "acct"
secret = "wignlpb!"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp02-acct {
type = fail-over
home_server = hs01-acct
home_server = hs01-acct
}
realm qkr-dial-callnz {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-callnz-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
home_server hs03-auth {
ipaddr = w.v.110.7
port = 1812
type = "auth"
secret = "ak41nrx"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp04-auth {
type = fail-over
home_server = hs03-auth
home_server = hs03-auth
}
home_server hs03-acct {
ipaddr = w.v.110.7
port = 1813
type = "acct"
secret = "ak41nrx"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp04-acct {
type = fail-over
home_server = hs03-acct
home_server = hs03-acct
}
realm qkr-dial-econs {
auth_pool = hsp04-auth
acct_pool = hsp04-acct
nostrip
}
realm qkr-dial-econs-ipnet {
auth_pool = hsp04-auth
acct_pool = hsp04-acct
nostrip
}
realm qkr-dial-eznet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-eznet-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-kwrec {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-kwrec-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-main {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-main-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-raglan {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-raglan-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-reconx {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-reconx-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-test {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-test2 {
auth_pool = hsp04-auth
acct_pool = hsp04-acct
nostrip
}
realm qkr-dial-thenet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-thenet-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-thnet2 {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-thnet2-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-vip {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-vip-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-vsurf {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-vsurf-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-webnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-webnet-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
home_server hs05-auth {
ipaddr = 127.0.0.1
port = 1818
type = "auth"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp06-auth {
type = fail-over
home_server = hs05-auth
}
home_server hs05-acct {
ipaddr = 127.0.0.1
port = 1819
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp06-acct {
type = fail-over
home_server = hs05-acct
}
realm quik-dial {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm quik-dial-ipnet {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm quik-dsl {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dial {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dial-ipnet {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dial-pccon {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dial-pccon-ipnet {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dsl {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-homepages {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_expr
Module: Instantiating expr
}
radiusd: #### Loading Virtual Servers ####
server local_logger {
modules {
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_sql
Module: Instantiating sql_localhost
sql sql_localhost {
driver = "rlm_sql_postgresql"
server = "127.0.0.1"
port = ""
login = "raduser"
password = "raduser"
radius_db = "radbackend"
read_groups = yes
sqltrace = no
sqltracefile = "/var/log/freeradius/sqltrace.sql"
readclients = no
deletestalesessions = yes
num_sql_socks = 200
sql_user_name = "%{User-Name}"
default_user_profile = ""
nas_query = "SELECT id, nasname, shortname, type, secret FROM nas"
authorize_check_query = "SELECT id, UserName, Attribute, Value, Op
FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id"
authorize_reply_query = "SELECT id, UserName, Attribute, Value, Op
FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id"
authorize_group_check_query = "SELECT id, GroupName, Attribute,
Value, op FROM radgroupcheck WHERE GroupName = '%{Sql-Group}'
ORDER BY id"
authorize_group_reply_query = "SELECT id, GroupName, Attribute,
Value, op FROM radgroupreply WHERE GroupName = '%{Sql-Group}'
ORDER BY id"
accounting_onoff_query = "DELETE FROM radsession WHERE nas_ip =
'%{NAS-IP-Address}' OR client_ip = '%{Client-IP-Address}'"
accounting_update_query = " UPDATE radsession
SET ip_address = NULLIF('%{Framed-IP-Address}', '')::inet,
keepalive = extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer, accounting_session_id =
'%{Acct-Session-Id}' WHERE session_id = substr
('%{SQL-User-Name}'::varchar || '-' || '%{Acct-Session-Id}'::varchar
|| '-' || host('%{NAS-IP-Address}'),0,250)"
accounting_update_query_alt = " INSERT INTO radsession
(session_id, accounting_session_id, ip_address, username, radiusrealm,
nas_ip, client_ip, device_name, calling_station_id, called_station_id,
keepalive, created) VALUES (substr
('%{SQL-User-Name}'::varchar || '-' || '%{Acct-Session-Id}'::varchar
|| '-' || host('%{NAS-IP-Address}'), 0, 250),
'%{Acct-Session-Id}', NULLIF('%{Framed-IP-Address}', '')::inet,
'%{SQL-User-Name}', '%{IHUG-Domain}', '%{NAS-IP-Address}',
'%{Client-IP-Address}', '%{NAS-Identifier}',
'%{Calling-Station-Id}', '%{Called-Station-Id}', extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer, extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer)"
accounting_start_query = " INSERT INTO radsession (session_id,
accounting_session_id, ip_address, username, radiusrealm, nas_ip,
client_ip, device_name, calling_station_id, called_station_id,
keepalive, created) VALUES (substr
('%{SQL-User-Name}'::varchar || '-' || '%{Acct-Session-Id}'::varchar
|| '-' || host('%{NAS-IP-Address}'), 0, 250),
'%{Acct-Session-Id}', NULLIF('%{Framed-IP-Address}', '')::inet,
'%{SQL-User-Name}', '%{IHUG-Domain}', '%{NAS-IP-Address}',
'%{Client-IP-Address}', '%{NAS-Identifier}',
'%{Calling-Station-Id}', '%{Called-Station-Id}', extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer, extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer)"
accounting_start_query_alt = " UPDATE radsession
SET ip_address = NULLIF('%{Framed-IP-Address}', '')::inet,
keepalive = extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer, accounting_session_id =
'%{Acct-Session-Id}' WHERE session_id = substr
('%{SQL-User-Name}'::varchar || '-' || '%{Acct-Session-Id}'::varchar
|| '-' || host('%{NAS-IP-Address}'),0,250)"
accounting_stop_query = " SELECT DELETE FROM
radsession WHERE session_id = substr ('%{SQL-User-Name}'::varchar ||
'-'::varchar || '%{Acct-Session-Id}'::varchar || '-'::varchar ||
'%{NAS-IP-Address}'::varchar,0,250)"
accounting_stop_query_alt = ""
group_membership_query = "SELECT GroupName FROM radusergroup WHERE
UserName='%{SQL-User-Name}' ORDER BY priority"
connect_failure_retry_delay = 20
simul_count_query = ""
simul_verify_query = ""
postauth_query = "INSERT INTO radpostauth (username, pass, reply,
authdate) VALUES ('%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', NOW())"
safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:
/"
}
rlm_sql (sql_localhost): Driver rlm_sql_postgresql (module
rlm_sql_postgresql) loaded and linked
rlm_sql (sql_localhost): Attempting to connect to raduser at 127.0.0.1:/radbackend
rlm_sql (sql_localhost): starting 0
rlm_sql (sql_localhost): Attempting to connect rlm_sql_postgresql #0
rlm_sql (sql_localhost): Connected new DB handle, #0
rlm_sql (sql_localhost): starting 1
{cut}
rlm_sql (sql_localhost): starting 199
rlm_sql (sql_localhost): Attempting to connect rlm_sql_postgresql #199
rlm_sql (sql_localhost): Connected new DB handle, #199
}
}
server proxy {
modules {
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating preprocess
preprocess {
huntgroups = "/etc/freeradius/huntgroups"
hints = "/etc/freeradius/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = yes
with_alvarion_vsa_hack = no
}
Module: Linked to module rlm_files
Module: Instantiating proxy_files
files proxy_files {
usersfile = "/etc/freeradius/proxy-users"
acctusersfile = "/etc/freeradius/proxy-users"
preproxy_usersfile = "/etc/freeradius/preproxy-users"
compat = "no"
}
Module: Checking preacct {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Linked to module rlm_attr_filter
Module: Instantiating attr_filter.strip-ip
attr_filter attr_filter.strip-ip {
attrsfile = "/etc/freeradius/attrs.strip-ip"
key = "%{Realm}"
}
Module: Instantiating attr_filter.post-proxy
attr_filter attr_filter.post-proxy {
attrsfile = "/etc/freeradius/attrs.post-proxy"
key = "%{Realm}"
}
Module: Checking post-auth {...} for more modules to load
}
}
server sproxy {
modules {
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_realm
Module: Instantiating suffix
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_attr_rewrite
Module: Instantiating removePccoIPNET
attr_rewrite removePccoIPNET {
attribute = "Called-Station-Id"
searchfor = "0870[34679]06600"
searchin = "packet"
replacewith = "pcco_ipnet"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformPccoToIhug
attr_rewrite transformPccoToIhug {
attribute = "User-Name"
searchfor = "@pcconnect.abc"
searchin = "packet"
replacewith = "_pcco at abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformPccoDialupToIhug
attr_rewrite transformPccoDialupToIhug {
attribute = "User-Name"
searchfor = "^([abcdefghijklmnopqrstuvwxyz0123456789-]+)$"
searchin = "packet"
replacewith = "%{1}_pcco"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating removeWaveIPNET
attr_rewrite removeWaveIPNET {
attribute = "Called-Station-Id"
searchfor = "0870[34679]06600"
searchin = "packet"
replacewith = "wave_ipnet"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformAtWaveToIhug
attr_rewrite transformAtWaveToIhug {
attribute = "User-Name"
searchfor = "@wave.abc"
searchin = "packet"
replacewith = "_wave"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveDslToIhug
attr_rewrite transformWaveDslToIhug {
attribute = "User-Name"
searchfor = "@dsl.wave.abc"
searchin = "packet"
replacewith = "_wave at adsl.abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveDslToIhug2
attr_rewrite transformWaveDslToIhug2 {
attribute = "User-Name"
searchfor = "@turbo.wave.abc"
searchin = "packet"
replacewith = "_wave at adsl.abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveDialupToIhug
attr_rewrite transformWaveDialupToIhug {
attribute = "User-Name"
searchfor = "^([-_abcdefghijklmnopqrstuvwxyz0123456789\.]+)$"
searchin = "packet"
replacewith = "%{1}_wave"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveDialupToIhug2
attr_rewrite transformWaveDialupToIhug2 {
attribute = "User-Name"
searchfor = "@wave.abc"
searchin = "packet"
replacewith = "_wave at abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveHomepagesToIhug
attr_rewrite transformWaveHomepagesToIhug {
attribute = "User-Name"
searchfor = "@homepages.wave.abc"
searchin = "packet"
replacewith = "_wave at homepages.abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating removeQuikIPNET
attr_rewrite removeQuikIPNET {
attribute = "Called-Station-Id"
searchfor = "0870[34679]02222"
searchin = "packet"
replacewith = "quik_ipnet"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformQuikDialupToIhug
attr_rewrite transformQuikDialupToIhug {
attribute = "User-Name"
searchfor = "^(\w+)$"
searchin = "packet"
replacewith = "%{1}_quik"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformQuikDslToIhug
attr_rewrite transformQuikDslToIhug {
attribute = "User-Name"
searchfor = "@bitstream.quik.abc"
searchin = "packet"
replacewith = "_quik at adsl.abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating sproxy_files
files sproxy_files {
usersfile = "/etc/freeradius/sproxy-users"
acctusersfile = "/etc/freeradius/sproxy-users"
compat = "no"
}
Module: Checking preacct {...} for more modules to load
}
}
server backend {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating chap
Module: Checking authorize {...} for more modules to load
Module: Instantiating trim_password
attr_rewrite trim_password {
attribute = "User-Password"
searchfor = "^([@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:/]{8})(.*)"
searchin = "packet"
replacewith = "%{1}"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating strip_domain
attr_rewrite strip_domain {
attribute = "User-Name"
searchfor = "@(.*)"
searchin = "packet"
replacewith = ""
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating acct_unique
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating detail_local
detail detail_local {
detailfile = "/var/log/freeradius/radacct/detail_local"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Instantiating detail_remote
detail detail_remote {
detailfile = "/var/log/freeradius/radacct/detail_remote"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Instantiating detail_billing
detail detail_billing {
detailfile = "/var/log/freeradius/radacct/detail_billing"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
}
}
server remote_logger {
modules {
Module: Checking preacct {...} for more modules to load
Module: Instantiating remote_files
files remote_files {
usersfile = "/etc/freeradius/remote_acct_proxy.conf"
acctusersfile = "/etc/freeradius/remote_acct_proxy.conf"
compat = "cistron"
}
[/etc/freeradius/remote_acct_proxy.conf]:1 Cistron compatibility
checks for entry DEFAULT ...
[/etc/freeradius/remote_acct_proxy.conf]:1 Cistron compatibility
checks for entry DEFAULT ...
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_always
Module: Instantiating ok
always ok {
rcode = "ok"
simulcount = 0
mpp = no
}
}
}
server billing_logger {
modules {
Module: Checking preacct {...} for more modules to load
Module: Instantiating billing_files
files billing_files {
usersfile = "/etc/freeradius/billing_acct_proxy.conf"
acctusersfile = "/etc/freeradius/billing_acct_proxy.conf"
compat = "cistron"
}
[/etc/freeradius/billing_acct_proxy.conf]:1 Cistron compatibility
checks for entry DEFAULT ...
[/etc/freeradius/billing_acct_proxy.conf]:1 Cistron compatibility
checks for entry DEFAULT ...
Module: Checking accounting {...} for more modules to load
}
}
server {
modules {
}
}
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "detail"
listen {
filename = "/var/log/freeradius/radacct/detail_local"
load_factor = 20
}
}
listen {
type = "acct"
ipaddr = *
port = 1822
}
listen {
type = "auth"
ipaddr = *
port = 1812
}
listen {
type = "acct"
ipaddr = *
port = 1813
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 1818
client 127.0.0.1 {
require_message_authenticator = no
secret = "secret"
nastype = "other"
}
}
listen {
type = "acct"
ipaddr = 127.0.0.1
port = 1819
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 1815
}
listen {
type = "acct"
ipaddr = 127.0.0.1
port = 1816
}
listen {
type = "detail"
listen {
filename = "/var/log/freeradius/radacct/detail_remote"
load_factor = 20
}
}
listen {
type = "detail"
listen {
filename = "/var/log/freeradius/radacct/detail_billing"
load_factor = 20
}
}
Listening on detail file /var/log/freeradius/radacct/detail_local as
server local_logger
Listening on accounting address * port 1822 as server local_logger
Listening on authentication address * port 1812 as server proxy
Listening on accounting address * port 1813 as server proxy
Listening on authentication address 127.0.0.1 port 1818 as server sproxy
Listening on accounting address 127.0.0.1 port 1819 as server sproxy
Listening on authentication address 127.0.0.1 port 1815 as server backend
Listening on accounting address 127.0.0.1 port 1816 as server backend
Listening on detail file /var/log/freeradius/radacct/detail_remote as
server remote_logger
Listening on detail file /var/log/freeradius/radacct/detail_billing as
server billing_logger
Listening on proxy address * port 1814
Polling for detail file /var/log/freeradius/radacct/detail_local
Polling for detail file /var/log/freeradius/radacct/detail_remote
Polling for detail file /var/log/freeradius/radacct/detail_billing
rad_recv: Access-Request packet from host 127.0.0.1 port 32843,
id=120, length=477
User-Name = "erikastrata at adsl.abc.xyz"
User-Password = "userpass"
NAS-Port = 134217728
NAS-IP-Address = 10.119.255.90
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "GigabitEthernet
12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21 to MAB-ETH51 port
2/2/1##pppoe 00:07:72:0d:bd:2b#"
NAS-Identifier = "akl-grafton-bras2"
NAS-Port-Type = Virtual
NAS-Port-Id = "slot=8;subslot=0;port=0;vlanid=0;"
Acct-Session-Id = "akl-gra080000000000004ebf9c118198"
Connect-Info = "1000000000"
Tunnel-Type:0 = L2TP
Tunnel-Client-Endpoint:0 = "10.176.1.224"
Tunnel-Server-Endpoint:0 = "10.119.255.92"
Tunnel-Client-Auth-Id:0 = "akl-pop-lts1"
Huawei-Startup-Stamp = 1210252897
Huawei-IPHost-Addr = "255.255.255.255 ff:ff:ff:ff:ff:ff"
Huawei-Connect-ID = 118198
Huawei-Version = "Huawei ME60"
Huawei-Product-ID = "ME60"
Huawei-Domain-Name = "ihug-ubs"
server proxy {
+- entering group authorize
++[preprocess] returns ok
expand: %{User-Name} -> erikastrata at adsl.abc.xyz
expand: %{User-Name} -> erikastrata at adsl.abc.xyz
expand: %{User-Name} -> erikastrata at adsl.abc.xyz
users: Matched entry DEFAULT at line 79
++[proxy_files] returns ok
} # server proxy
+- entering group pre-proxy
expand: %{control:Proxy-To-Realm} -> ihug-dsl-pooled
++[proxy-request] returns noop
Sending Access-Request of id 68 to 127.0.0.1 port 1815
User-Name = "erikastrata at adsl.abc.xyz"
User-Password = "userpass"
NAS-Port = 134217728
NAS-IP-Address = 10.119.255.90
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "GigabitEthernet
12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21 to MAB-ETH51 port
2/2/1##pppoe 00:07:72:0d:bd:2b#"
NAS-Identifier = "akl-grafton-bras2"
NAS-Port-Type = Virtual
NAS-Port-Id = "slot=8;subslot=0;port=0;vlanid=0;"
Acct-Session-Id = "akl-gra080000000000004ebf9c118198"
Connect-Info = "1000000000"
Tunnel-Type:0 = L2TP
Tunnel-Client-Endpoint:0 = "10.176.1.224"
Tunnel-Server-Endpoint:0 = "10.119.255.92"
Tunnel-Client-Auth-Id:0 = "akl-pop-lts1"
Huawei-Startup-Stamp = 1210252897
Huawei-IPHost-Addr = "255.255.255.255 ff:ff:ff:ff:ff:ff"
Huawei-Connect-ID = 118198
Huawei-Version = "Huawei ME60"
Huawei-Product-ID = "ME60"
Huawei-Domain-Name = "ihug-ubs"
Proxy-State = 0x313230
IHUG-Domain = "ihug-dsl-pooled"
Proxying request 0 to home server 127.0.0.1 port 1815
Sending Access-Request of id 68 to 127.0.0.1 port 1815
User-Name = "erikastrata at adsl.abc.xyz"
User-Password = "userpass"
NAS-Port = 134217728
NAS-IP-Address = 10.119.255.90
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "GigabitEthernet
12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21 to MAB-ETH51 port
2/2/1##pppoe 00:07:72:0d:bd:2b#"
NAS-Identifier = "akl-grafton-bras2"
NAS-Port-Type = Virtual
NAS-Port-Id = "slot=8;subslot=0;port=0;vlanid=0;"
Acct-Session-Id = "akl-gra080000000000004ebf9c118198"
Connect-Info = "1000000000"
Tunnel-Type:0 = L2TP
Tunnel-Client-Endpoint:0 = "10.176.1.224"
Tunnel-Server-Endpoint:0 = "10.119.255.92"
Tunnel-Client-Auth-Id:0 = "akl-pop-lts1"
Huawei-Startup-Stamp = 1210252897
Huawei-IPHost-Addr = "255.255.255.255 ff:ff:ff:ff:ff:ff"
Huawei-Connect-ID = 118198
Huawei-Version = "Huawei ME60"
Huawei-Product-ID = "ME60"
Huawei-Domain-Name = "ihug-ubs"
Proxy-State = 0x313230
IHUG-Domain = "ihug-dsl-pooled"
Going to the next request
Waking up in 0.6 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 1814, id=68, length=505
User-Name = "erikastrata at adsl.abc.xyz"
User-Password = "userpass"
NAS-Port = 134217728
NAS-IP-Address = 10.119.255.90
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "GigabitEthernet
12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21 to MAB-ETH51 port
2/2/1##pppoe 00:07:72:0d:bd:2b#"
NAS-Identifier = "akl-grafton-bras2"
NAS-Port-Type = Virtual
NAS-Port-Id = "slot=8;subslot=0;port=0;vlanid=0;"
Acct-Session-Id = "akl-gra080000000000004ebf9c118198"
Connect-Info = "1000000000"
Tunnel-Type:0 = L2TP
Tunnel-Client-Endpoint:0 = "10.176.1.224"
Tunnel-Server-Endpoint:0 = "10.119.255.92"
Tunnel-Client-Auth-Id:0 = "akl-pop-lts1"
Huawei-Startup-Stamp = 1210252897
Huawei-IPHost-Addr = "255.255.255.255 ff:ff:ff:ff:ff:ff"
Huawei-Connect-ID = 118198
Huawei-Version = "Huawei ME60"
Huawei-Product-ID = "ME60"
Huawei-Domain-Name = "ihug-ubs"
Proxy-State = 0x313230
IHUG-Domain = "ihug-dsl-pooled"
server backend {
+- entering group authorize
++[preprocess] returns ok
expand: ^([@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:/]{8})(.*)
-> ^([@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:/]{8})(.*)
trim_password: Does not match: User-Password = userpass
++[trim_password] returns ok
expand: @(.*) -> @(.*)
strip_domain: Changed value for attribute User-Name from
'erikastrata at adsl.abc.xyz' to 'erikastrata'
++[strip_domain] returns ok
++[chap] returns noop
expand: %{User-Name} -> erikastrata
rlm_sql (sql_localhost): sql_set_user escaped user --> 'erikastrata'
rlm_sql (sql_localhost): Reserving sql socket id: 199
expand: SELECT id, UserName, Attribute, Value, Op FROM radcheck
WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,
UserName, Attribute, Value, Op FROM radcheck WHERE Username =
'erikastrata' ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 5
rlm_sql (sql_localhost): User found in radcheck table
expand: SELECT id, UserName, Attribute, Value, Op FROM radreply
WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,
UserName, Attribute, Value, Op FROM radreply WHERE Username =
'erikastrata' ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 0 , fields = 5
expand: SELECT GroupName FROM radusergroup WHERE
UserName='%{SQL-User-Name}' ORDER BY priority -> SELECT GroupName FROM
radusergroup WHERE UserName='erikastrata' ORDER BY priority
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 3 , fields = 1
expand: SELECT id, GroupName, Attribute, Value, op FROM
radgroupcheck WHERE GroupName = '%{Sql-Group}' ORDER BY id ->
SELECT id, GroupName, Attribute, Value, op FROM radgroupcheck
WHERE GroupName = 'ADSL' ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 5
rlm_sql (sql_localhost): User found in group ADSL
expand: SELECT id, GroupName, Attribute, Value, op FROM
radgroupreply WHERE GroupName = '%{Sql-Group}' ORDER BY id ->
SELECT id, GroupName, Attribute, Value, op FROM radgroupreply
WHERE GroupName = 'ADSL' ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 2 , fields = 5
rlm_sql (sql_localhost): Released sql socket id: 199
++[sql_localhost] returns ok
++[pap] returns updated
rad_check_password: Found Auth-Type
auth: type "PAP"
+- entering group PAP
rlm_pap: login attempt with password "userpass"
rlm_pap: Using clear text password "userpass"
rlm_pap: User authenticated successfully
++[pap] returns ok
Login OK: [erikastrata/userpass] (from client localhost port 134217728
cli GigabitEthernet 12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21
to MAB-ETH51 port 2/2/1##pppoe 00:07:72:0d:bd:2b#)
} # server backend
Sending Access-Accept of id 68 to 127.0.0.1 port 1814
Framed-Protocol := PPP
Service-Type := Framed-User
Proxy-State = 0x313230
Finished request 1.
Going to the next request
Waking up in 0.6 seconds.
rad_recv: Access-Accept packet from host 127.0.0.1 port 1815, id=68, length=37
Framed-Protocol = PPP
Service-Type = Framed-User
Proxy-State = 0x313230
+- entering group post-proxy
++? if ("%{Packet-Type}" == Access-Request)
expand: %{Packet-Type} -> Access-Request
? Evaluating ("%{Packet-Type}" == Access-Request) -> TRUE
++? if ("%{Packet-Type}" == Access-Request) -> TRUE
++- entering if ("%{Packet-Type}" == Access-Request)
+++? if ("%{proxy-reply:Framed-IP-Address}" =~ /^10\.20.*$/)
expand: %{proxy-reply:Framed-IP-Address} ->
? Evaluating ("%{proxy-reply:Framed-IP-Address}" =~ /^10\.20.*$/) -> FALSE
+++? if ("%{proxy-reply:Framed-IP-Address}" =~ /^10\.20.*$/) -> FALSE
++- if ("%{Packet-Type}" == Access-Request) returns noop
++? if ("%{Packet-Type}" == Access-Request)
expand: %{Packet-Type} -> Access-Request
? Evaluating ("%{Packet-Type}" == Access-Request) -> TRUE
++? if ("%{Packet-Type}" == Access-Request) -> TRUE
++- entering if ("%{Packet-Type}" == Access-Request)
+++? if ("%{proxy-reply:IHUG-Speed-Down}")
expand: %{proxy-reply:IHUG-Speed-Down} ->
? Evaluating ("%{proxy-reply:IHUG-Speed-Down}") -> FALSE
+++? if ("%{proxy-reply:IHUG-Speed-Down}") -> FALSE
++- if ("%{Packet-Type}" == Access-Request) returns noop
++? if (("%{Packet-Type}" == Access-Request) &&
("%{proxy-reply:Framed-IP-Address}" ))
expand: %{Packet-Type} -> Access-Request
?? Evaluating ("%{Packet-Type}" == Access-Request) -> TRUE
expand: %{proxy-reply:Framed-IP-Address} ->
?? Evaluating ("%{proxy-reply:Framed-IP-Address}" ) -> FALSE
++? if (("%{Packet-Type}" == Access-Request) &&
("%{proxy-reply:Framed-IP-Address}" )) -> FALSE
expand: %{Realm} -> ihug-dsl-pooled
attr_filter: Matched entry DEFAULT at line 1
++[attr_filter.post-proxy] returns updated
server proxy {
+- entering group authorize
++[preprocess] returns ok
expand: %{User-Name} -> erikastrata at adsl.abc.xyz
expand: %{User-Name} -> erikastrata at adsl.abc.xyz
expand: %{User-Name} -> erikastrata at adsl.abc.xyz
users: Matched entry DEFAULT at line 79
++[proxy_files] returns ok
rad_check_password: Found Auth-Type
rad_check_password: Auth-Type = Accept, accepting the user
Login OK: [erikastrata at adsl.abc.xyz/userpass] (from client localhost
port 134217728 cli GigabitEthernet
12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21 to MAB-ETH51 port
2/2/1##pppoe 00:07:72:0d:bd:2b#)
+- entering group post-auth
++[proxy_files] returns noop
} # server proxy
Sending Access-Accept of id 120 to 127.0.0.1 port 32843
Framed-Protocol = PPP
Service-Type = Framed-User
Framed-Pool += "ihug-ubs-1"
Framed-Pool += "ihug-ubs-2"
Framed-Pool += "ihug-ubs-3"
Framed-Pool += "ihug-ubs-4"
Framed-Pool += "ihug-ubs-5"
Framed-Pool += "ihug-ubs-6"
Huawei-Primary-DNS += x.y.129.67
Huawei-Secondary-DNS += x.y.129.68
Finished request 0.
Going to the next request
Waking up in 0.6 seconds.
Polling for detail file /var/log/freeradius/radacct/detail_local
Polling for detail file /var/log/freeradius/radacct/detail_remote
Polling for detail file /var/log/freeradius/radacct/detail_billing
Waking up in 0.9 seconds.
Freeradius 2.0.5:
FreeRADIUS Version 2.0.5, for host i486-pc-linux-gnu, built on Jun 9
2008 at 11:56:15
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/proxy.conf
including configuration file /etc/freeradius/proxy-generated.conf
including configuration file /etc/freeradius/clients.conf
including configuration file /etc/freeradius/sql-perhost.conf
including files in directory /etc/freeradius/sites-enabled/
including configuration file /etc/freeradius/sites-enabled/local_logger
including configuration file /etc/freeradius/sites-enabled/remote_logger
including configuration file /etc/freeradius/sites-enabled/proxy
including configuration file /etc/freeradius/post-proxy.conf
including configuration file /etc/freeradius/post-proxy-ipcheck.conf
including configuration file /etc/freeradius/sites-enabled/sproxy
including configuration file /etc/freeradius/sites-enabled/billing_logger
including configuration file /etc/freeradius/sites-enabled/backend
group = freerad
user = freerad
including dictionary file /etc/freeradius/dictionary
main {
prefix = "/usr"
localstatedir = "/var"
logdir = "/var/log/freeradius"
libdir = "/usr/lib/freeradius"
radacctdir = "/var/log/freeradius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
allow_core_dumps = yes
pidfile = "/var/run/freeradius/freeradius.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = yes
auth_badpass = yes
auth_goodpass = yes
}
}
client 10.119.10.20/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-slb1"
}
client 10.119.2.150/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-slb1-ext"
}
client 10.119.10.0/24 {
require_message_authenticator = no
secret = "secret"
shortname = "grafton-proxies"
}
client 10.119.10.241/32 {
require_message_authenticator = no
secret = "secret"
shortname = "radslb1"
}
client 10.119.10.242/32 {
require_message_authenticator = no
secret = "secret"
shortname = "radslb2"
}
client 10.119.10.243/32 {
require_message_authenticator = no
secret = "secret"
shortname = "radslb3"
}
client 10.119.10.244/32 {
require_message_authenticator = no
secret = "secret"
shortname = "radslb4"
}
client 10.119.2.43/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-lns3"
}
client 10.119.2.49/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-lns4"
}
client 10.119.255.242/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bba1"
}
client 10.119.255.90/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras1"
}
client 10.119.255.92/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras1"
}
client 10.119.2.180/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-testbras1"
}
client 10.119.255.91/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras2"
}
client 10.119.255.93/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras2"
}
client 10.119.255.244/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bras3"
}
client 10.119.255.54/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-bba2"
}
client 10.119.2.147/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-lns5"
}
client 10.176.0.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts1"
}
client 10.176.0.225/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts2"
}
client 10.176.0.226/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts3"
}
client 10.176.0.227/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts4"
}
client 10.176.0.228/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mdr-lts5"
}
client 10.176.5.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-mab-lts1"
}
client 10.176.4.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-ell-lts1"
}
client 10.176.3.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-glf-lts1"
}
client 10.176.2.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-oh-lts1"
}
client 10.176.1.224/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-pop-lts1"
}
client 10.176.1.225/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-pop-lts2"
}
client 10.176.1.226/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-pop-lts3"
}
client 10.119.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas1"
}
client 10.119.9.2/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas2"
}
client 10.119.9.3/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas3"
}
client 10.119.9.4/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas4"
}
client 10.119.9.5/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas5"
}
client 10.119.9.6/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas6"
}
client 10.119.9.7/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas7"
}
client 10.119.9.8/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas8"
}
client 10.119.9.9/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas9"
}
client 10.119.9.10/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas10"
}
client 10.119.9.11/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas11"
}
client 10.119.9.12/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas12"
}
client 10.119.9.13/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas13"
}
client 10.119.9.14/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas14"
}
client 10.119.9.15/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas15"
}
client 10.119.9.16/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas16"
}
client 10.119.9.17/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas17"
}
client 10.119.9.18/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-nas18"
}
client 10.119.9.64/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-diallns3"
}
client 10.119.9.66/32 {
require_message_authenticator = no
secret = "secret"
shortname = "akl-grafton-diallns4"
}
client 10.203.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "chc-bcl-nas1"
}
client 10.203.9.2/32 {
require_message_authenticator = no
secret = "secret"
shortname = "chc-bcl-nas2"
}
client 10.204.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "dun-bcl-nas1"
}
client 10.205.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "ham-tcl-nas1"
}
client 10.205.9.2/32 {
require_message_authenticator = no
secret = "secret"
shortname = "ham-tcl-nas2"
}
client 10.206.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "inv-bcl-nas1"
}
client 10.207.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "nap-bcl-nas1"
}
client 10.208.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "npl-tcl-nas1"
}
client 10.209.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "pmr-tcl-nas1"
}
client 10.210.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "qtn-bcl-nas1"
}
client 10.211.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "rot-tcl-nas1"
}
client 10.212.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "tuo-tcl-nas1"
}
client 10.213.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "tga-bcl-nas1"
}
client 10.214.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "tim-bcl-nas1"
}
client 10.215.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "whn-bcl-nas1"
}
client 10.216.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "whk-bcl-nas1"
}
client 10.229.9.1/32 {
require_message_authenticator = no
secret = "secret"
shortname = "chc-bcl-nas1"
}
client 10.117.2.122/32 {
require_message_authenticator = no
secret = "testing123"
shortname = "test-bras-dslam"
}
client 127.0.0.1 {
require_message_authenticator = no
secret = "secret"
shortname = "localhost"
nastype = "other"
}
radiusd: #### Loading Realms and Home Servers ####
home_server remote_logger {
ipaddr = 10.119.10.64
port = 1822
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool remote_logger_pool {
type = fail-over
home_server = remote_logger
}
realm remote_acct {
acct_pool = remote_logger_pool
nostrip
}
home_server billing_logger1 {
ipaddr = 10.119.10.51
port = 1812
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server billing_logger2 {
ipaddr = 10.119.10.52
port = 1812
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server billing_logger3 {
ipaddr = 10.119.10.53
port = 1812
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server billing_logger4 {
ipaddr = 10.119.10.54
port = 1812
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool billing_logger_pool {
type = load-balance
home_server = billing_logger1
home_server = billing_logger2
home_server = billing_logger3
home_server = billing_logger4
}
realm billing_acct {
acct_pool = billing_logger_pool
nostrip
}
home_server hs07-auth {
ipaddr = 127.0.0.1
port = 1815
type = "auth"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp08-auth {
type = load-balance
home_server = hs07-auth
}
home_server hs07-acct {
ipaddr = 127.0.0.1
port = 1816
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp08-acct {
type = load-balance
home_server = hs07-acct
}
realm catch-all {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dial {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dial-globalroam {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dial-ipnet {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dsl {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dsl-pooled {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-dsl-premium {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-pppoe-dsl {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-pppoe-dsl-pooled {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
realm ihug-wc {
auth_pool = hsp08-auth
acct_pool = hsp08-acct
nostrip
}
home_server hs01-auth {
ipaddr = w.v.110.1
port = 1812
type = "auth"
secret = "wignlpb!"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp02-auth {
type = fail-over
home_server = hs01-auth
home_server = hs01-auth
}
home_server hs01-acct {
ipaddr = w.v.110.1
port = 1813
type = "acct"
secret = "wignlpb!"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp02-acct {
type = fail-over
home_server = hs01-acct
home_server = hs01-acct
}
realm qkr-dial-callnz {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-callnz-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
home_server hs03-auth {
ipaddr = w.v.110.7
port = 1812
type = "auth"
secret = "ak41nrx"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp04-auth {
type = fail-over
home_server = hs03-auth
home_server = hs03-auth
}
home_server hs03-acct {
ipaddr = w.v.110.7
port = 1813
type = "acct"
secret = "ak41nrx"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp04-acct {
type = fail-over
home_server = hs03-acct
home_server = hs03-acct
}
realm qkr-dial-econs {
auth_pool = hsp04-auth
acct_pool = hsp04-acct
nostrip
}
realm qkr-dial-econs-ipnet {
auth_pool = hsp04-auth
acct_pool = hsp04-acct
nostrip
}
realm qkr-dial-eznet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-eznet-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-kwrec {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-kwrec-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-main {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-main-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-raglan {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-raglan-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-reconx {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-reconx-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-test {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-test2 {
auth_pool = hsp04-auth
acct_pool = hsp04-acct
nostrip
}
realm qkr-dial-thenet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-thenet-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-thnet2 {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-thnet2-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-vip {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-vip-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-vsurf {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-vsurf-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-webnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
realm qkr-dial-webnet-ipnet {
auth_pool = hsp02-auth
acct_pool = hsp02-acct
nostrip
}
home_server hs05-auth {
ipaddr = 127.0.0.1
port = 1818
type = "auth"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp06-auth {
type = fail-over
home_server = hs05-auth
}
home_server hs05-acct {
ipaddr = 127.0.0.1
port = 1819
type = "acct"
secret = "secret"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool hsp06-acct {
type = fail-over
home_server = hs05-acct
}
realm quik-dial {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm quik-dial-ipnet {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm quik-dsl {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dial {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dial-ipnet {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dial-pccon {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dial-pccon-ipnet {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-dsl {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
realm wave-homepages {
auth_pool = hsp06-auth
acct_pool = hsp06-acct
nostrip
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_expr
Module: Instantiating expr
}
radiusd: #### Loading Virtual Servers ####
server local_logger {
modules {
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_sql
Module: Instantiating sql_localhost
sql sql_localhost {
driver = "rlm_sql_postgresql"
server = "127.0.0.1"
port = ""
login = "raduser"
password = "raduser"
radius_db = "radbackend"
read_groups = yes
sqltrace = no
sqltracefile = "/var/log/freeradius/sqltrace.sql"
readclients = no
deletestalesessions = yes
num_sql_socks = 200
sql_user_name = "%{User-Name}"
default_user_profile = ""
nas_query = "SELECT id, nasname, shortname, type, secret FROM nas"
authorize_check_query = "SELECT id, UserName, Attribute, Value, Op
FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id"
authorize_reply_query = "SELECT id, UserName, Attribute, Value, Op
FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id"
authorize_group_check_query = "SELECT id, GroupName, Attribute,
Value, op FROM radgroupcheck WHERE GroupName = '%{Sql-Group}'
ORDER BY id"
authorize_group_reply_query = "SELECT id, GroupName, Attribute,
Value, op FROM radgroupreply WHERE GroupName = '%{Sql-Group}'
ORDER BY id"
accounting_onoff_query = "DELETE FROM radsession WHERE nas_ip =
'%{NAS-IP-Address}' OR client_ip = '%{Client-IP-Address}'"
accounting_update_query = " UPDATE radsession
SET ip_address = NULLIF('%{Framed-IP-Address}', '')::inet,
keepalive = extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer, accounting_session_id =
'%{Acct-Session-Id}' WHERE session_id = substr
('%{SQL-User-Name}'::varchar || '-' || '%{Acct-Session-Id}'::varchar
|| '-' || host('%{NAS-IP-Address}'),0,250)"
accounting_update_query_alt = " INSERT INTO radsession
(session_id, accounting_session_id, ip_address, username, radiusrealm,
nas_ip, client_ip, device_name, calling_station_id, called_station_id,
keepalive, created) VALUES (substr
('%{SQL-User-Name}'::varchar || '-' || '%{Acct-Session-Id}'::varchar
|| '-' || host('%{NAS-IP-Address}'), 0, 250),
'%{Acct-Session-Id}', NULLIF('%{Framed-IP-Address}', '')::inet,
'%{SQL-User-Name}', '%{IHUG-Domain}', '%{NAS-IP-Address}',
'%{Client-IP-Address}', '%{NAS-Identifier}',
'%{Calling-Station-Id}', '%{Called-Station-Id}', extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer, extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer)"
accounting_start_query = " INSERT INTO radsession (session_id,
accounting_session_id, ip_address, username, radiusrealm, nas_ip,
client_ip, device_name, calling_station_id, called_station_id,
keepalive, created) VALUES (substr
('%{SQL-User-Name}'::varchar || '-' || '%{Acct-Session-Id}'::varchar
|| '-' || host('%{NAS-IP-Address}'), 0, 250),
'%{Acct-Session-Id}', NULLIF('%{Framed-IP-Address}', '')::inet,
'%{SQL-User-Name}', '%{IHUG-Domain}', '%{NAS-IP-Address}',
'%{Client-IP-Address}', '%{NAS-Identifier}',
'%{Calling-Station-Id}', '%{Called-Station-Id}', extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer, extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer)"
accounting_start_query_alt = " UPDATE radsession
SET ip_address = NULLIF('%{Framed-IP-Address}', '')::inet,
keepalive = extract(EPOCH from
CURRENT_TIMESTAMP(0))::integer, accounting_session_id =
'%{Acct-Session-Id}' WHERE session_id = substr
('%{SQL-User-Name}'::varchar || '-' || '%{Acct-Session-Id}'::varchar
|| '-' || host('%{NAS-IP-Address}'),0,250)"
accounting_stop_query = " SELECT DELETE FROM
radsession WHERE session_id = substr ('%{SQL-User-Name}'::varchar ||
'-'::varchar || '%{Acct-Session-Id}'::varchar || '-'::varchar ||
'%{NAS-IP-Address}'::varchar,0,250)"
accounting_stop_query_alt = ""
group_membership_query = "SELECT GroupName FROM radusergroup WHERE
UserName='%{SQL-User-Name}' ORDER BY priority"
connect_failure_retry_delay = 20
simul_count_query = ""
simul_verify_query = ""
postauth_query = "INSERT INTO radpostauth (username, pass, reply,
authdate) VALUES ('%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', NOW())"
safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:
/"
}
rlm_sql (sql_localhost): Driver rlm_sql_postgresql (module
rlm_sql_postgresql) loaded and linked
rlm_sql (sql_localhost): Attempting to connect to raduser at 127.0.0.1:/radbackend
rlm_sql (sql_localhost): starting 0
rlm_sql (sql_localhost): Attempting to connect rlm_sql_postgresql #0
rlm_sql (sql_localhost): Connected new DB handle, #0
rlm_sql (sql_localhost): starting 1
{cut}
rlm_sql (sql_localhost): starting 199
rlm_sql (sql_localhost): Attempting to connect rlm_sql_postgresql #199
rlm_sql (sql_localhost): Connected new DB handle, #199
}
}
server remote_logger {
modules {
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_files
Module: Instantiating remote_files
files remote_files {
usersfile = "/etc/freeradius/remote_acct_proxy.conf"
acctusersfile = "/etc/freeradius/remote_acct_proxy.conf"
compat = "cistron"
}
[/etc/freeradius/remote_acct_proxy.conf]:1 Cistron compatibility
checks for entry DEFAULT ...
[/etc/freeradius/remote_acct_proxy.conf]:1 Cistron compatibility
checks for entry DEFAULT ...
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_always
Module: Instantiating ok
always ok {
rcode = "ok"
simulcount = 0
mpp = no
}
}
}
server proxy {
modules {
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating preprocess
preprocess {
huntgroups = "/etc/freeradius/huntgroups"
hints = "/etc/freeradius/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = yes
with_alvarion_vsa_hack = no
}
Module: Instantiating proxy_files
files proxy_files {
usersfile = "/etc/freeradius/proxy-users"
acctusersfile = "/etc/freeradius/proxy-users"
preproxy_usersfile = "/etc/freeradius/preproxy-users"
compat = "no"
}
Module: Checking preacct {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Linked to module rlm_attr_filter
Module: Instantiating attr_filter.strip-ip
attr_filter attr_filter.strip-ip {
attrsfile = "/etc/freeradius/attrs.strip-ip"
key = "%{Realm}"
}
Module: Instantiating attr_filter.post-proxy
attr_filter attr_filter.post-proxy {
attrsfile = "/etc/freeradius/attrs.post-proxy"
key = "%{Realm}"
}
Module: Checking post-auth {...} for more modules to load
}
}
server sproxy {
modules {
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_realm
Module: Instantiating suffix
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_attr_rewrite
Module: Instantiating removePccoIPNET
attr_rewrite removePccoIPNET {
attribute = "Called-Station-Id"
searchfor = "0870[34679]06600"
searchin = "packet"
replacewith = "pcco_ipnet"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformPccoToIhug
attr_rewrite transformPccoToIhug {
attribute = "User-Name"
searchfor = "@pcconnect.abc"
searchin = "packet"
replacewith = "_pcco at abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformPccoDialupToIhug
attr_rewrite transformPccoDialupToIhug {
attribute = "User-Name"
searchfor = "^([abcdefghijklmnopqrstuvwxyz0123456789-]+)$"
searchin = "packet"
replacewith = "%{1}_pcco"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating removeWaveIPNET
attr_rewrite removeWaveIPNET {
attribute = "Called-Station-Id"
searchfor = "0870[34679]06600"
searchin = "packet"
replacewith = "wave_ipnet"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformAtWaveToIhug
attr_rewrite transformAtWaveToIhug {
attribute = "User-Name"
searchfor = "@wave.abc"
searchin = "packet"
replacewith = "_wave"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveDslToIhug
attr_rewrite transformWaveDslToIhug {
attribute = "User-Name"
searchfor = "@dsl.wave.abc"
searchin = "packet"
replacewith = "_wave at adsl.abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveDslToIhug2
attr_rewrite transformWaveDslToIhug2 {
attribute = "User-Name"
searchfor = "@turbo.wave.abc"
searchin = "packet"
replacewith = "_wave at adsl.abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveDialupToIhug
attr_rewrite transformWaveDialupToIhug {
attribute = "User-Name"
searchfor = "^([-_abcdefghijklmnopqrstuvwxyz0123456789\.]+)$"
searchin = "packet"
replacewith = "%{1}_wave"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveDialupToIhug2
attr_rewrite transformWaveDialupToIhug2 {
attribute = "User-Name"
searchfor = "@wave.abc"
searchin = "packet"
replacewith = "_wave at abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformWaveHomepagesToIhug
attr_rewrite transformWaveHomepagesToIhug {
attribute = "User-Name"
searchfor = "@homepages.wave.abc"
searchin = "packet"
replacewith = "_wave at homepages.abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating removeQuikIPNET
attr_rewrite removeQuikIPNET {
attribute = "Called-Station-Id"
searchfor = "0870[34679]02222"
searchin = "packet"
replacewith = "quik_ipnet"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformQuikDialupToIhug
attr_rewrite transformQuikDialupToIhug {
attribute = "User-Name"
searchfor = "^(\w+)$"
searchin = "packet"
replacewith = "%{1}_quik"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating transformQuikDslToIhug
attr_rewrite transformQuikDslToIhug {
attribute = "User-Name"
searchfor = "@bitstream.quik.abc"
searchin = "packet"
replacewith = "_quik at adsl.abc.xyz"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating sproxy_files
files sproxy_files {
usersfile = "/etc/freeradius/sproxy-users"
acctusersfile = "/etc/freeradius/sproxy-users"
compat = "no"
}
Module: Checking preacct {...} for more modules to load
}
}
server billing_logger {
modules {
Module: Checking preacct {...} for more modules to load
Module: Instantiating billing_files
files billing_files {
usersfile = "/etc/freeradius/billing_acct_proxy.conf"
acctusersfile = "/etc/freeradius/billing_acct_proxy.conf"
compat = "cistron"
}
[/etc/freeradius/billing_acct_proxy.conf]:1 Cistron compatibility
checks for entry DEFAULT ...
[/etc/freeradius/billing_acct_proxy.conf]:1 Cistron compatibility
checks for entry DEFAULT ...
Module: Checking accounting {...} for more modules to load
}
}
server backend {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating chap
Module: Checking authorize {...} for more modules to load
Module: Instantiating trim_password
attr_rewrite trim_password {
attribute = "User-Password"
searchfor = "^([@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:/]{8})(.*)"
searchin = "packet"
replacewith = "%{1}"
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Instantiating strip_domain
attr_rewrite strip_domain {
attribute = "User-Name"
searchfor = "@(.*)"
searchin = "packet"
replacewith = ""
append = no
ignore_case = yes
new_attribute = no
max_matches = 1
}
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating acct_unique
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating detail_local
detail detail_local {
detailfile = "/var/log/freeradius/radacct/detail_local"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Instantiating detail_remote
detail detail_remote {
detailfile = "/var/log/freeradius/radacct/detail_remote"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Instantiating detail_billing
detail detail_billing {
detailfile = "/var/log/freeradius/radacct/detail_billing"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
}
}
server {
modules {
}
}
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "detail"
listen {
filename = "/var/log/freeradius/radacct/detail_local"
load_factor = 20
}
}
listen {
type = "acct"
ipaddr = *
port = 1822
}
listen {
type = "detail"
listen {
filename = "/var/log/freeradius/radacct/detail_remote"
load_factor = 20
}
}
listen {
type = "auth"
ipaddr = *
port = 1812
}
listen {
type = "acct"
ipaddr = *
port = 1813
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 1818
client 127.0.0.1 {
require_message_authenticator = no
secret = "secret"
nastype = "other"
}
}
listen {
type = "acct"
ipaddr = 127.0.0.1
port = 1819
}
listen {
type = "detail"
listen {
filename = "/var/log/freeradius/radacct/detail_billing"
load_factor = 20
}
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 1815
}
listen {
type = "acct"
ipaddr = 127.0.0.1
port = 1816
}
Listening on detail file /var/log/freeradius/radacct/detail_local as
server local_logger
Listening on accounting address * port 1822 as server local_logger
Listening on detail file /var/log/freeradius/radacct/detail_remote as
server remote_logger
Listening on authentication address * port 1812 as server proxy
Listening on accounting address * port 1813 as server proxy
Listening on authentication address 127.0.0.1 port 1818 as server sproxy
Listening on accounting address 127.0.0.1 port 1819 as server sproxy
Listening on detail file /var/log/freeradius/radacct/detail_billing as
server billing_logger
Listening on authentication address 127.0.0.1 port 1815 as server backend
Listening on accounting address 127.0.0.1 port 1816 as server backend
Listening on proxy address * port 1814
Waking up in 0.9 seconds.
Polling for detail file /var/log/freeradius/radacct/detail_local
Polling for detail file /var/log/freeradius/radacct/detail_remote
rad_recv: Access-Request packet from host 127.0.0.1 port 1814, id=80, length=505
User-Name = "erikastrata at adsl.abc.xyz"
User-Password = "userpass"
NAS-Port = 134217728
NAS-IP-Address = 10.119.255.90
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "GigabitEthernet
12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21 to MAB-ETH51 port
2/2/1##pppoe 00:07:72:0d:bd:2b#"
NAS-Identifier = "akl-grafton-bras2"
NAS-Port-Type = Virtual
NAS-Port-Id = "slot=8;subslot=0;port=0;vlanid=0;"
Acct-Session-Id = "akl-gra080000000000004ebf9c118198"
Connect-Info = "1000000000"
Tunnel-Type:0 = L2TP
Tunnel-Client-Endpoint:0 = "10.176.1.224"
Tunnel-Server-Endpoint:0 = "10.119.255.92"
Tunnel-Client-Auth-Id:0 = "akl-pop-lts1"
Huawei-Startup-Stamp = 1210252897
Huawei-IPHost-Addr = "255.255.255.255 ff:ff:ff:ff:ff:ff"
Huawei-Connect-ID = 118198
Huawei-Version = "Huawei ME60"
Huawei-Product-ID = "ME60"
Huawei-Domain-Name = "ihug-ubs"
Proxy-State = 0x323135
IHUG-Domain = "ihug-dsl-pooled"
server backend {
+- entering group authorize
++[preprocess] returns ok
expand: ^([@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:/]{8})(.*)
-> ^([@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:/]{8})(.*)
trim_password: Does not match: User-Password = userpass
++[trim_password] returns ok
expand: @(.*) -> @(.*)
strip_domain: Changed value for attribute User-Name from
'erikastrata at adsl.abc.xyz' to 'erikastrata'
++[strip_domain] returns ok
++[chap] returns noop
expand: %{User-Name} -> erikastrata
rlm_sql (sql_localhost): sql_set_user escaped user --> 'erikastrata'
rlm_sql (sql_localhost): Reserving sql socket id: 199
expand: SELECT id, UserName, Attribute, Value, Op FROM radcheck
WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,
UserName, Attribute, Value, Op FROM radcheck WHERE Username =
'erikastrata' ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 5
rlm_sql (sql_localhost): User found in radcheck table
expand: SELECT id, UserName, Attribute, Value, Op FROM radreply
WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,
UserName, Attribute, Value, Op FROM radreply WHERE Username =
'erikastrata' ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 0 , fields = 5
expand: SELECT GroupName FROM radusergroup WHERE
UserName='%{SQL-User-Name}' ORDER BY priority -> SELECT GroupName FROM
radusergroup WHERE UserName='erikastrata' ORDER BY priority
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 3 , fields = 1
expand: SELECT id, GroupName, Attribute, Value, op FROM
radgroupcheck WHERE GroupName = '%{Sql-Group}' ORDER BY id ->
SELECT id, GroupName, Attribute, Value, op FROM radgroupcheck
WHERE GroupName = 'ADSL' ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 5
rlm_sql (sql_localhost): User found in group ADSL
expand: SELECT id, GroupName, Attribute, Value, op FROM
radgroupreply WHERE GroupName = '%{Sql-Group}' ORDER BY id ->
SELECT id, GroupName, Attribute, Value, op FROM radgroupreply
WHERE GroupName = 'ADSL' ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 2 , fields = 5
rlm_sql (sql_localhost): Released sql socket id: 199
++[sql_localhost] returns ok
++[pap] returns updated
rad_check_password: Found Auth-Type
auth: type "PAP"
+- entering group PAP
rlm_pap: login attempt with password "userpass"
rlm_pap: Using clear text password "userpass"
rlm_pap: User authenticated successfully
++[pap] returns ok
Login OK: [erikastrata/userpass] (from client localhost port 134217728
cli GigabitEthernet 12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21
to MAB-ETH51 port 2/2/1##pppoe 00:07:72:0d:bd:2b#)
} # server backend
Sending Access-Accept of id 80 to 127.0.0.1 port 1814
Framed-Protocol := PPP
Service-Type := Framed-User
Proxy-State = 0x323135
Finished request 3.
Going to the next request
Waking up in 0.7 seconds.
rad_recv: Access-Accept packet from host 127.0.0.1 port 1815, id=80, length=37
Framed-Protocol = PPP
Service-Type = Framed-User
Proxy-State = 0x323135
+- entering group post-proxy
++? if ("%{Packet-Type}" == Access-Request)
expand: %{Packet-Type} -> Access-Request
? Evaluating ("%{Packet-Type}" == Access-Request) -> TRUE
++? if ("%{Packet-Type}" == Access-Request) -> TRUE
++- entering if ("%{Packet-Type}" == Access-Request)
+++? if ("%{proxy-reply:Framed-IP-Address}" =~ /^10\.20.*$/)
expand: %{proxy-reply:Framed-IP-Address} ->
? Evaluating ("%{proxy-reply:Framed-IP-Address}" =~ /^10\.20.*$/) -> FALSE
+++? if ("%{proxy-reply:Framed-IP-Address}" =~ /^10\.20.*$/) -> FALSE
++- if ("%{Packet-Type}" == Access-Request) returns noop
++? if ("%{Packet-Type}" == Access-Request)
expand: %{Packet-Type} -> Access-Request
? Evaluating ("%{Packet-Type}" == Access-Request) -> TRUE
++? if ("%{Packet-Type}" == Access-Request) -> TRUE
++- entering if ("%{Packet-Type}" == Access-Request)
+++? if ("%{proxy-reply:IHUG-Speed-Down}")
expand: %{proxy-reply:IHUG-Speed-Down} ->
? Evaluating ("%{proxy-reply:IHUG-Speed-Down}") -> FALSE
+++? if ("%{proxy-reply:IHUG-Speed-Down}") -> FALSE
++- if ("%{Packet-Type}" == Access-Request) returns noop
++? if (("%{Packet-Type}" == Access-Request) &&
("%{proxy-reply:Framed-IP-Address}" ))
expand: %{Packet-Type} -> Access-Request
?? Evaluating ("%{Packet-Type}" == Access-Request) -> TRUE
expand: %{proxy-reply:Framed-IP-Address} ->
?? Evaluating ("%{proxy-reply:Framed-IP-Address}" ) -> FALSE
++? if (("%{Packet-Type}" == Access-Request) &&
("%{proxy-reply:Framed-IP-Address}" )) -> FALSE
expand: %{Realm} -> ihug-dsl-pooled
attr_filter: Matched entry DEFAULT at line 1
++[attr_filter.post-proxy] returns updated
server proxy {
rad_check_password: Found Auth-Type
rad_check_password: Auth-Type = Accept, accepting the user
Login OK: [erikastrata at adsl.abc.xyz/userpass] (from client localhost
port 134217728 cli GigabitEthernet
12/0.160124:16-124#587211994#INFA290660:MAB-RAN-21 to MAB-ETH51 port
2/2/1##pppoe 00:07:72:0d:bd:2b#)
+- entering group post-auth
++[proxy_files] returns noop
} # server proxy
Sending Access-Accept of id 215 to 127.0.0.1 port 32862
Framed-Protocol = PPP
Service-Type = Framed-User
Finished request 2.
Going to the next request
Waking up in 0.7 seconds.
Polling for detail file /var/log/freeradius/radacct/detail_local
Polling for detail file /var/log/freeradius/radacct/detail_remote
Waking up in 0.9 seconds.
Polling for detail file /var/log/freeradius/radacct/detail_local
Polling for detail file /var/log/freeradius/radacct/detail_remote
Waking up in 0.9 seconds.
kind regards
Pshem
More information about the Freeradius-Users
mailing list