radpostauth sql logging of bad passwords

Guy Fraser guy at incentre.net
Mon Apr 27 22:07:13 CEST 2009


On 2009-Apr-27, at 12:44, Ivan Kalik wrote:

>>
>> On 2009-Apr-27, at 11:27, Alan DeKok wrote:
>>
>>> Guy Fraser wrote:
>>>> I am obviously missing something.
>
> Ahem, did you read what sql_log does?
>

Yes it says :

               modules {
                 ...
                 sql_log {
                   path = "${radacctdir}/sql-relay"
                   acct_table = "radacct"
                   postauth_table = "radpostauth"
                   sql_user_name = "%{%{User-Name}:-DEFAULT}"

                   Start = "INSERT INTO ${acct_table} ..."
                   Stop = "UPDATE ${acct_table} SET ..."
                   Alive = "UPDATE ${acct_table} SET ..."

                   Post-Auth = "INSERT INTO ${postauth_table} ..."
                 }
                 ...
               }

               accounting {
                 ...
                 sql_log
                 ...
               }

               post-auth {
                 ...
                 sql_log
                 ...
               }

And that my friend does not help me.

>>>>
>>>> I tried commenting out that section and it did not work I then
>>>> changed
>>>> it to :
>>>
>>> So... what happens?
>>
>> As far as I could tell nothing changed when I commented out the  
>> REJECT
>> section :
>>
>> post-auth {
>> 	reply_log
>> 	sql
>> 	sql_log
>> 	exec
>> #	Post-Auth-Type REJECT {
>> #		attr_filter.access_reject
>> #	}
>> }
>
> Leave reject filter alone.
>
>>
>> And I still do not get any failed authentications when I use :
>>
>> post-auth {
>> 	reply_log
>> 	sql
>> 	sql_log
>> 	exec
>> 	Post-Auth-Type REJECT {
>> 		sql_log
>> 	}
>> }
>
>
> List sql instead of sql_log. And put the filter back.
>

Are you saying this will work ?

post-auth {
	reply_log
	sql
	sql_log
	exec
	Post-Auth-Type REJECT {
		attr_filter.access_reject
		sql
	}
}

I have put it in an restarted the server.


> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-- 
Guy Fraser
Network Administrator
The Internet Centre
1-888-450-6787
(780)450-6787




More information about the Freeradius-Users mailing list