Operator-Name not being logged
Stefan Winter
stefan.winter at restena.lu
Fri Apr 2 10:54:49 CEST 2010
Hi,
I'm using the RFC5580 attribute Operator-Name (126, string).
I can add it to a request in pre-proxy in another instance of FreeRADIUS
just fine. When it hits my home server, it is in the packet, tcpdump below:
10:10:30.740209 IP (tos 0x0, ttl 62, id 59188, offset 0, flags [none],
proto UDP (17), length 301) radius-1.restena.lu.tdp-suite >
eomund.restena.lu..radius: [udp sum ok] RADIUS, length: 273
Access Request (1), id: 0x49, Authenticator:
8bd04809586e7b658c1a8d87ac2fd9a3
Username Attribute (1), length: 32, Value: availability-test at education.lu
0x0000: 6176 6169 6c61 6269 6c69 7479 2d74 6573
0x0010: 7440 6564 7563 6174 696f 6e2e 6c75
NAS IP Address Attribute (4), length: 6, Value: localhost
0x0000: 7f00 0001
Calling Station Attribute (31), length: 19, Value: 70-6F-6C-69-73-68
0x0000: 3730 2d36 462d 3643 2d36 392d 3733 2d36
0x0010: 38
Framed MTU Attribute (12), length: 6, Value: 1400
0x0000: 0000 0578
NAS Port Type Attribute (61), length: 6, Value: Wireless - IEEE 802.11
0x0000: 0000 0013
Connect Info Attribute (77), length: 27, Value: rad_eap_test + eapol_test
0x0000: 7261 645f 6561 705f 7465 7374 202b 2065
0x0010: 6170 6f6c 5f74 6573 74
EAP Message Attribute (79), length: 82, Value: ..
0x0000: 0209 0050 1900 1703 0100 20c9 44f9 b283
0x0010: 8415 96a8 aa08 f2ed 9842 19ae 1eb0 a3d4
0x0020: 1229 06fd fa3d c7cc 7d51 9117 0301 0020
0x0030: 42e8 5df5 0f82 6a70 dd6f 8004 00db d140
0x0040: 652c 9a27 2feb 3753 7c42 4128 01a5 e19a
State Attribute (24), length: 18, Value: .zD!.s]Qx.|..6..
0x0000: 907a 4421 9873 5d51 7813 7c13 0a36 d29b
Message Authentication Attribute (80), length: 18, Value: ...nQ..V..�e..>.
0x0000: 0ebc 136e 51e4 f656 0e9d 8065 bbd7 3e02
Vendor Specific Attribute (26), length: 18, Value: Vendor: Unknown (23735)
Vendor Attribute: 2, Length: 10, Value: eduroam-lu
0x0000: 0000 5cb7 020c 6564 7572 6f61 6d2d 6c75
Proxy State Attribute (33), length: 5, Value: 124
0x0000: 3132 34
Unassigned Attribute (89), length: 3, Value:
0x0000: 00
Unknown Attribute (126), length: 13, Value:
0x0000: 3172 6573 7465 6e61 2e6c 75
But my auth_log stanza logs most of the packet content, but *not* the
Operator-Name attribute. Same for the -X output in rad_recv.
Then again, it can be processed by the server, because I use it in a
xlat later:
expand:
%{config:cui_hash_key}%{request:User-Name}%{outer.request:Operator-Name}
-> stefan.winter at education.lu0x3172657374656e612e6c75
expand:
%{md5:%{config:cui_hash_key}%{request:User-Name}%{outer.request:Operator-Name}}
-> c1cc0e5a16f04777a9b15a85c2738f21
+++++[outer.reply] returns noop
(I know, the tcpdump doesn't correspond to *this* xlat, captured at
different times, but the behaviour is consistent and reproducible)
As you can see, the string content which was in tcpdump is also expanded
in xlat. But somewhat strangely... 126 is defined as string in
dictionary.rfc5580; so xlat should decode it to "1restena.lu". Instead
it displays the hexdump.
I wonder if there is something "special" about 126 - maybe because it
was previously assigned/hijacked by Ascend? I'm talking about FreeRADIUS
2.1.8 here
Greetings,
Stefan Winter
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100402/46825306/attachment.pgp>
More information about the Freeradius-Users
mailing list