FR 2.1.9 Frequent SegFault, didn't happen with FR 2.1.8
James J J Hooper
jjj.hooper at bristol.ac.uk
Wed Jun 9 18:56:56 CEST 2010
Hi Alan, All,
Since upgrading to 2.1.9, FR is segfaulting frequently (every 20 minutes
with load, every ~8 hours with less load).
Attached -X at startup, and the last 100 lines before segfault.
If someone can explain how to drive GDB (or any other method to track this
down), I'm happy to try it.
Thanks,
James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bristol.ac.uk http://www.jamesjj.net
--
-------------- next part --------------
FreeRADIUS Version 2.1.9, for host i686-pc-linux-gnu, built on May 26 2010 at 14:38:55
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/ubextestpasswd
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/eduroamalieneap-bris-ca
including configuration file /usr/local/etc/raddb/modules/eduroamlocaleap-bris-ca
including configuration file /usr/local/etc/raddb/modules/files-bristol-research-net
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/always-handled
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/eduroamubexeap
including configuration file /usr/local/etc/raddb/modules/logsql
including configuration file /usr/local/etc/raddb/modules/vpimschap
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/eduroamlocaleap
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/detail-bsql
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/eduroamubexmschap
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/modules/eduroamlocalmschap
including configuration file /usr/local/etc/raddb/modules/nomadicvpnmschap
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/eduroamalieneap
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/files-uob-gear
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/vpieap
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/uobroammschap
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/eduroamalienmschap
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/uobdetailsslog
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/uobroameap
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/uobgear
including configuration file /usr/local/etc/raddb/sites-enabled/regex-test-svr
including configuration file /usr/local/etc/raddb/sites-enabled/uobroam-bsql
including configuration file /usr/local/etc/raddb/sites-enabled/nomadicvpn
including configuration file /usr/local/etc/raddb/sites-enabled/vpi
including configuration file /usr/local/etc/raddb/sites-enabled/nomadicvpn-bsql
including configuration file /usr/local/etc/raddb/sites-enabled/vpi-inner
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamalien-inner
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamlocal-inner
including configuration file /usr/local/etc/raddb/sites-enabled/uobroam-inner
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamalien
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamlocal-bsql
including configuration file /usr/local/etc/raddb/sites-enabled/bristolresearchnet
including configuration file /usr/local/etc/raddb/sites-enabled/status
including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
including configuration file /usr/local/etc/raddb/sites-enabled/uobroam
including configuration file /usr/local/etc/raddb/sites-enabled/eduroamlocal
main {
user = "radiusd"
group = "radiusd"
allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
prefix = "/usr/local"
localstatedir = "/usr/local/var"
logdir = "/var/log/radius"
libdir = "/usr/local/lib"
radacctdir = "/var/log/radius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 4
max_requests = 1048576
pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = yes
auth_badpass = no
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
realm LOCAL {
}
realm bris.ac.uk {
}
realm bristol.ac.uk {
}
home_server jrs0 {
ipaddr = X.Y.Z.185
port = 1812
type = "auth+acct"
secret = "XXX"
response_window = 10
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
historic_average_window = 10000
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
home_server jrs1 {
ipaddr = X.Y.Z.233
port = 1812
type = "auth+acct"
secret = "XXX"
response_window = 10
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
historic_average_window = 10000
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
home_server jrs2 {
ipaddr = X.Y.Z.249
port = 1812
type = "auth+acct"
secret = "XXX"
response_window = 10
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 300
status_check_timeout = 4
historic_average_window = 10000
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
home_server_pool jrs {
type = fail-over
home_server = jrs0
home_server = jrs1
home_server = jrs2
}
realm jrs {
pool = jrs
}
radiusd: #### Loading Clients ####
client JamesJJ {
ipaddr = X.Y.Z.191
require_message_authenticator = no
secret = "XXX"
}
client rhubarb-65 {
ipaddr = pptpdnsnode1.nomadic IP address [X.Y.Z.65]
require_message_authenticator = no
secret = "XXX"
}
client rhubarb-91 {
ipaddr = rhubarb IP address [X.Y.Z.91]
require_message_authenticator = no
secret = "XXX"
}
client custard-66 {
ipaddr = pptpdnsnode2.nomadic IP address [X.Y.Z.66]
require_message_authenticator = no
secret = "XXX"
}
client custard-92 {
ipaddr = custard IP address [X.Y.Z.92]
require_message_authenticator = no
secret = "XXX"
}
client gilbert {
ipaddr = gilbert IP address [X.Y.Z.154]
require_message_authenticator = no
secret = "XXX"
}
client sullivan {
ipaddr = sullivan IP address [X.Y.Z.153]
require_message_authenticator = no
secret = "XXX"
}
client roaming0.ja.net {
ipaddr = roaming0.ja.net IP address [X.Y.Z.185]
require_message_authenticator = no
secret = "XXX"
virtual_server = "eduroamalien"
}
client roaming1.ja.net {
ipaddr = roaming1.ja.net IP address [X.Y.Z.233]
require_message_authenticator = no
secret = "XXX"
virtual_server = "eduroamalien"
}
client roaming2.ja.net {
ipaddr = roaming2.ja.net IP address [X.Y.Z.249]
require_message_authenticator = no
secret = "XXX"
virtual_server = "eduroamalien"
}
client WISM1 {
ipaddr = X.Y.Z.201
require_message_authenticator = no
secret = "XXX"
}
client WISM2 {
ipaddr = X.Y.Z.202
require_message_authenticator = no
secret = "XXX"
}
client WISM3 {
ipaddr = X.Y.Z.203
require_message_authenticator = no
secret = "XXX"
}
client WISM4 {
ipaddr = X.Y.Z.204
require_message_authenticator = no
secret = "XXX"
}
client WISM5 {
ipaddr = X.Y.Z.205
require_message_authenticator = no
secret = "XXX"
}
client WISM6 {
ipaddr = X.Y.Z.206
require_message_authenticator = no
secret = "XXX"
}
client WISM7 {
ipaddr = X.Y.Z.207
require_message_authenticator = no
secret = "XXX"
}
client WISM8 {
ipaddr = X.Y.Z.208
require_message_authenticator = no
secret = "XXX"
}
client WISM9 {
ipaddr = X.Y.Z.209
require_message_authenticator = no
secret = "XXX"
}
client WISM10 {
ipaddr = X.Y.Z.210
require_message_authenticator = no
secret = "XXX"
}
client WISM11 {
ipaddr = X.Y.Z.211
require_message_authenticator = no
secret = "XXX"
}
client WISM12 {
ipaddr = X.Y.Z.212
require_message_authenticator = no
secret = "XXX"
}
client pptpnode1 {
ipaddr = X.Y.Z.67
require_message_authenticator = no
secret = "XXX"
virtual_server = "nomadicvpn"
}
client pptpnode2 {
ipaddr = X.Y.Z.68
require_message_authenticator = no
secret = "XXX"
virtual_server = "nomadicvpn"
}
client pptpnode3 {
ipaddr = X.Y.Z.69
require_message_authenticator = no
secret = "XXX"
virtual_server = "nomadicvpn"
}
client pptpnode4 {
ipaddr = X.Y.Z.70
require_message_authenticator = no
secret = "XXX"
virtual_server = "nomadicvpn"
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_exec
Module: Instantiating exec
exec {
wait = no
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating expr
Module: Linked to module rlm_expiration
Module: Instantiating expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating logintime
logintime {
reply-message = "You are calling outside your allowed timespan "
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server uobgear {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_always
Module: Instantiating reject
always reject {
rcode = "reject"
simulcount = 0
mpp = no
}
Module: Linked to module rlm_preprocess
Module: Instantiating preprocess
preprocess {
huntgroups = "/usr/local/etc/raddb/huntgroups"
hints = "/usr/local/etc/raddb/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
Module: Linked to module rlm_files
Module: Instantiating files-uob-gear
files files-uob-gear {
usersfile = "/usr/local/etc/raddb/users-uobgear"
acctusersfile = "/usr/local/etc/raddb/acct_users-uobgear"
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users-uobgear"
compat = "no"
}
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating acct_unique
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
}
Module: Instantiating files-bristol-research-net
files files-bristol-research-net {
usersfile = "/usr/local/etc/raddb/users-bristolresearchnet"
acctusersfile = "/usr/local/etc/raddb/acct_users-bristolresearchnet"
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users-bristolresearchnet"
compat = "no"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating detail
detail {
detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/detail-%Y%m%d.log"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_attr_filter
Module: Instantiating attr_filter.accounting_response
attr_filter attr_filter.accounting_response {
attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
key = "%{User-Name}"
}
Module: Checking post-auth {...} for more modules to load
Module: Instantiating reply_log
detail reply_log {
detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/reply-detail-%Y%m%d.log"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Instantiating attr_filter.access_reject
attr_filter attr_filter.access_reject {
attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
key = "%{User-Name}"
}
} # modules
} # server
server regex-test-svr {
modules {
Module: Checking authorize {...} for more modules to load
Module: Instantiating auth_log
detail auth_log {
detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/auth-detail-%Y%m%d.log"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_realm
Module: Instantiating suffix
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Instantiating echo
exec echo {
wait = yes
program = "/bin/echo %{User-Name}"
input_pairs = "request"
output_pairs = "reply"
shell_escape = yes
}
Module: Checking preacct {...} for more modules to load
Module: Instantiating files
files {
usersfile = "/usr/local/etc/raddb/users"
acctusersfile = "/usr/local/etc/raddb/acct_users"
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
compat = "no"
}
} # modules
} # server
server uobroam-bsql {
modules {
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_sql
Module: Instantiating logsql
sql logsql {
driver = "rlm_sql_mysql"
server = "satsuma.nomadic-core"
port = "3306"
login = "radiusloguser"
password = "XXX"
radius_db = "radiuslog"
read_groups = yes
sqltrace = no
sqltracefile = "/var/log/radius/sqltrace.sql"
readclients = no
deletestalesessions = yes
num_sql_socks = 3
lifetime = 0
max_queries = 0
sql_user_name = "%{%{Stripped-User-Name}:-%{User-Name}}"
default_user_profile = ""
nas_query = "SELECT id, nasname, shortname, type, secret FROM nas"
authorize_check_query = "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id"
authorize_reply_query = "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id"
authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id"
authorize_group_reply_query = "SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id"
accounting_onoff_query = " UPDATE radacct SET acctstoptime = unix_timestamp('%S'), acctsessiontime = unix_timestamp('%S') - unix_timestamp(acctstarttime), acctterminatecause = '%{Acct-Terminate-Cause}', radiusip = 'X.Y.Z.92', acctstopdelay = %{%{Acct-Delay-Time}:-0} WHERE acctstoptime IS NULL AND nasipaddress = '%{NAS-IP-Address}' AND acctstarttime <= unix_timestamp('%S')"
accounting_update_query = " UPDATE radacct SET framedipaddress = '%{Framed-IP-Address}', acctsessiontime = unix_timestamp('%{Acct-Session-Time}'), acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'"
accounting_update_query_alt = ""
accounting_start_query = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, nasidentifier, tunnelprivategroupid, mschapdomain, acctstartdelay, acctstopdelay, servicename, radiusip) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', unix_timestamp('%S'), NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{NAS-Identifier}', '%{Tunnel-Private-Group-Id}', '%{MS-CHAP-Domain}', '%{%{Acct-Delay-Time}:-0}', '0', '%{Virtual-Server}', 'X.Y.Z.92')"
accounting_start_query_alt = ""
accounting_stop_query = " UPDATE radacct SET acctstoptime = unix_timestamp('%S'), acctsessiontime = '%{Acct-Session-Time}', acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_stop = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'"
accounting_stop_query_alt = ""
group_membership_query = "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority"
connect_failure_retry_delay = 20
simul_count_query = ""
simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"
postauth_query = "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')"
safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
}
rlm_sql (logsql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (logsql): Attempting to connect to radiusloguser at satsuma.nomadic-core:3306/radiuslog
rlm_sql (logsql): starting 0
rlm_sql (logsql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (logsql): Connected new DB handle, #0
rlm_sql (logsql): starting 1
rlm_sql (logsql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (logsql): Connected new DB handle, #1
rlm_sql (logsql): starting 2
rlm_sql (logsql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (logsql): Connected new DB handle, #2
Module: Instantiating ok
always ok {
rcode = "ok"
simulcount = 0
mpp = no
}
} # modules
} # server
server nomadicvpn {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_mschap
Module: Instantiating nomadicvpnmschap
mschap nomadicvpnmschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = yes
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{nomadicvpnmschap:User-Name} --challenge=%{nomadicvpnmschap:Challenge} --nt-response=%{nomadicvpnmschap:NT-Response} --require-membership-of=%{NN-Homeservice-Name}"
}
Module: Checking authorize {...} for more modules to load
Module: Instantiating ss-log
detail ss-log {
detailfile = "/var/log/radius/radacct/ss-log-detail-%Y%m%d.log"
header = "%t,%{Packet-Src-IP-Address},%{Packet-Dst-Port}"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Instantiating detail-bsql
detail detail-bsql {
detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}-bsql/detail-bsql.log"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Checking pre-proxy {...} for more modules to load
Module: Instantiating pre_proxy_log
detail pre_proxy_log {
detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-DEFAULT}/pre-proxy-detail-%Y%m%d.log"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Checking post-proxy {...} for more modules to load
Module: Instantiating post_proxy_log
detail post_proxy_log {
detailfile = "/var/log/radius/radacct/%{%{Virtual-Server}:-DEFAULT}/post-proxy-detail-%Y%m%d.log"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server vpi {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_eap
Module: Instantiating vpieap
eap vpieap {
default_eap_type = "ttls"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/vpi/vpi.wireless.key"
certificate_file = "/usr/local/etc/raddb/certs/vpi/vpi.wireless-cert.pem"
CA_file = "/usr/local/etc/raddb/certs/vpi/ca-vpi.wireless.pem"
dh_file = "/usr/local/etc/raddb/certs/vpi/dh"
random_file = "/usr/local/etc/raddb/certs/vpi/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
cache {
enable = yes
lifetime = 24
max_entries = 10000
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
virtual_server = "vpi-inner"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
virtual_server = "vpi-inner"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Instantiating attr_filter.access_accept
attr_filter attr_filter.access_accept {
attrsfile = "/usr/local/etc/raddb/attrs.access_accept"
key = "%{User-Name}"
}
} # modules
} # server
server nomadicvpn-bsql {
modules {
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
} # modules
} # server
server vpi-inner {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Instantiating vpimschap
mschap vpimschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = yes
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{vpimschap:User-Name}} --challenge=%{vpimschap:Challenge} --nt-response=%{vpimschap:NT-Response}"
}
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server eduroamalien-inner {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Instantiating eduroamalienmschap
mschap eduroamalienmschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = yes
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{eduroamalienmschap:User-Name}} --challenge=%{eduroamalienmschap:Challenge} --nt-response=%{eduroamalienmschap:NT-Response} --require-membership-of=S-1-5-21-1117850145-1682116191-196506527-48263"
}
Module: Instantiating eduroamalieneap
eap eduroamalieneap {
default_eap_type = "peap"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/server.key"
certificate_file = "/usr/local/etc/raddb/certs/server.pem"
CA_file = "/usr/local/etc/raddb/certs/ca.pem"
dh_file = "/usr/local/etc/raddb/certs/dh"
random_file = "/usr/local/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
cache {
enable = yes
lifetime = 24
max_entries = 1000
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
virtual_server = "eduroamalien-inner"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
virtual_server = "eduroamalien-inner"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Instantiating eduroamalieneap-bris-ca
eap eduroamalieneap-bris-ca {
default_eap_type = "peap"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/eduroam.wireless/eduroam.wireless.key"
certificate_file = "/usr/local/etc/raddb/certs/eduroam.wireless/eduroam.wireless-combined.pem"
dh_file = "/usr/local/etc/raddb/certs/eduroam.wireless/dh"
random_file = "/usr/local/etc/raddb/certs/eduroam.wireless/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
cache {
enable = yes
lifetime = 24
max_entries = 1000
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
virtual_server = "eduroamalien-inner"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
virtual_server = "eduroamalien-inner"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server eduroamlocal-inner {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Instantiating eduroamlocalmschap
mschap eduroamlocalmschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = yes
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{eduroamlocalmschap:User-Name}} --challenge=%{eduroamlocalmschap:Challenge} --nt-response=%{eduroamlocalmschap:NT-Response} --require-membership-of=S-1-5-21-1117850145-1682116191-196506527-48263"
}
Module: Instantiating eduroamlocaleap
eap eduroamlocaleap {
default_eap_type = "peap"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/server.key"
certificate_file = "/usr/local/etc/raddb/certs/server.pem"
CA_file = "/usr/local/etc/raddb/certs/ca.pem"
dh_file = "/usr/local/etc/raddb/certs/dh"
random_file = "/usr/local/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
cache {
enable = yes
lifetime = 24
max_entries = 20000
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
virtual_server = "eduroamlocal-inner"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
virtual_server = "eduroamlocal-inner"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Instantiating eduroamlocaleap-bris-ca
eap eduroamlocaleap-bris-ca {
default_eap_type = "peap"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/eduroam.wireless/eduroam.wireless.key"
certificate_file = "/usr/local/etc/raddb/certs/eduroam.wireless/eduroam.wireless-combined.pem"
dh_file = "/usr/local/etc/raddb/certs/eduroam.wireless/dh"
random_file = "/usr/local/etc/raddb/certs/eduroam.wireless/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
cache {
enable = yes
lifetime = 24
max_entries = 20000
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
virtual_server = "eduroamlocal-inner"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
virtual_server = "eduroamlocal-inner"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Instantiating attr_filter.pre-proxy
attr_filter attr_filter.pre-proxy {
attrsfile = "/usr/local/etc/raddb/attrs.pre-proxy"
key = "%{Realm}"
}
Module: Checking post-proxy {...} for more modules to load
Module: Instantiating attr_filter.post-proxy
attr_filter attr_filter.post-proxy {
attrsfile = "/usr/local/etc/raddb/attrs"
key = "%{Realm}"
}
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server uobroam-inner {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Instantiating uobroammschap
mschap uobroammschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = yes
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{uobroammschap:User-Name}} --challenge=%{uobroammschap:Challenge} --nt-response=%{uobroammschap:NT-Response} --require-membership-of=S-1-5-21-1117850145-1682116191-196506527-48263"
}
Module: Instantiating uobroameap
eap uobroameap {
default_eap_type = "peap"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/server.key"
certificate_file = "/usr/local/etc/raddb/certs/server.pem"
CA_file = "/usr/local/etc/raddb/certs/ca.pem"
dh_file = "/usr/local/etc/raddb/certs/dh"
random_file = "/usr/local/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
cache {
enable = yes
lifetime = 24
max_entries = 10000
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
virtual_server = "uobroam-inner"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
virtual_server = "uobroam-inner"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server eduroamalien {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Instantiating attr_filter.access_challenge
attr_filter attr_filter.access_challenge {
attrsfile = "/usr/local/etc/raddb/attrs.access_challenge"
key = "%{User-Name}"
}
Module: Instantiating handled
always handled {
rcode = "handled"
simulcount = 0
mpp = no
}
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server eduroamlocal-bsql {
modules {
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
} # modules
} # server
server bristolresearchnet {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server status {
modules {
Module: Checking authorize {...} for more modules to load
} # modules
} # server
server uobroam {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server eduroamlocal {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Checking pre-proxy {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
server {
modules {
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "control"
listen {
socket = "/usr/local/var/run/radiusd/radiusd.sock"
}
}
listen {
type = "auth"
ipaddr = X.Y.Z.92
port = 16010
}
listen {
type = "acct"
ipaddr = X.Y.Z.92
port = 16011
}
listen {
type = "auth"
ipaddr = X.Y.Z.1
port = 9999
client localhost {
ipaddr = X.Y.Z.1
require_message_authenticator = no
secret = "XXX"
}
}
listen {
type = "detail"
listen {
filename = "/var/log/radius/radacct/uobroam-bsql/detail-bsql.log"
load_factor = 10
poll_interval = 10
retry_interval = 30
}
}
listen {
type = "auth"
ipaddr = X.Y.Z.92
port = 16003
}
listen {
type = "acct"
ipaddr = X.Y.Z.92
port = 16004
}
listen {
type = "auth"
ipaddr = X.Y.Z.92
port = 16020
}
listen {
type = "acct"
ipaddr = X.Y.Z.92
port = 16021
}
listen {
type = "detail"
listen {
filename = "/var/log/radius/radacct/nomadicvpn-bsql/detail-bsql.log"
load_factor = 10
poll_interval = 10
retry_interval = 30
}
}
listen {
type = "auth"
ipaddr = X.Y.Z.92
port = 1812
}
listen {
type = "acct"
ipaddr = X.Y.Z.92
port = 1813
}
listen {
type = "detail"
listen {
filename = "/var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log"
load_factor = 10
poll_interval = 10
retry_interval = 30
}
}
listen {
type = "auth"
ipaddr = X.Y.Z.92
port = 16014
}
listen {
type = "acct"
ipaddr = X.Y.Z.92
port = 16015
}
listen {
type = "status"
ipaddr = X.Y.Z.1
port = 18120
client localhost {
ipaddr = X.Y.Z.1
require_message_authenticator = no
secret = "XXX"
}
client gilbert {
ipaddr = X.Y.Z.154
require_message_authenticator = no
secret = "XXX"
}
client sullivan {
ipaddr = X.Y.Z.153
require_message_authenticator = no
secret = "XXX"
}
client apricot {
ipaddr = X.Y.Z.97
require_message_authenticator = no
secret = "XXX"
}
}
listen {
type = "status"
ipaddr = X.Y.Z.92
port = 18120
}
listen {
type = "auth"
ipaddr = X.Y.Z.92
port = 16000
}
listen {
type = "acct"
ipaddr = X.Y.Z.92
port = 16001
}
listen {
type = "auth"
ipaddr = X.Y.Z.92
port = 16006
}
listen {
type = "acct"
ipaddr = X.Y.Z.92
port = 16007
}
Listening on command file /usr/local/var/run/radiusd/radiusd.sock
Listening on authentication address X.Y.Z.92 port 16010 as server uobgear
Listening on accounting address X.Y.Z.92 port 16011 as server uobgear
Listening on authentication address X.Y.Z.1 port 9999 as server regex-test-svr
Listening on detail file /var/log/radius/radacct/uobroam-bsql/detail-bsql.log as server uobroam-bsql
Detail listener /var/log/radius/radacct/uobroam-bsql/detail-bsql.log state unopened signalled 0 waiting 10.000000 sec
Listening on authentication address X.Y.Z.92 port 16003 as server nomadicvpn
Listening on accounting address X.Y.Z.92 port 16004 as server nomadicvpn
Listening on authentication address X.Y.Z.92 port 16020 as server vpi
Listening on accounting address X.Y.Z.92 port 16021 as server vpi
Listening on detail file /var/log/radius/radacct/nomadicvpn-bsql/detail-bsql.log as server nomadicvpn-bsql
Detail listener /var/log/radius/radacct/nomadicvpn-bsql/detail-bsql.log state unopened signalled 0 waiting 10.000000 sec
Listening on authentication address X.Y.Z.92 port 1812 as server eduroamalien
Listening on accounting address X.Y.Z.92 port 1813 as server eduroamalien
Listening on detail file /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log as server eduroamlocal-bsql
Detail listener /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log state unopened signalled 0 waiting 10.000000 sec
Listening on authentication address X.Y.Z.92 port 16014 as server bristolresearchnet
Listening on accounting address X.Y.Z.92 port 16015 as server bristolresearchnet
Listening on status address X.Y.Z.1 port 18120 as server status
Listening on status address X.Y.Z.92 port 18120 as server status
Listening on authentication address X.Y.Z.92 port 16000 as server uobroam
Listening on accounting address X.Y.Z.92 port 16001 as server uobroam
Listening on authentication address X.Y.Z.92 port 16006 as server eduroamlocal
Listening on accounting address X.Y.Z.92 port 16007 as server eduroamlocal
Listening on proxy address X.Y.Z.92 port 16012
Waking up in 9.9 seconds.
rad_recv: Access-Request packet from host X.Y.Z.203 port 32770, id=112, length=186
User-Name = "OpenSuse 11.2"
Calling-Station-Id = "00-1E-65-B7-80-02"
Called-Station-Id = "00-23-33-A3-D3-D0:UoB-Roam"
NAS-Port = 29
NAS-IP-Address = X.Y.Z.203
NAS-Identifier = "wism3"
Airespace-Wlan-Id = 2
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "449"
EAP-Message = 0x02010012014f70656e537573652031312e32
Message-Authenticator = 0x48a9c7fb1666550219dcaff02c2d69f6
server uobroam {
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand: %{Virtual-Server} -> uobroam
[auth_log] expand: /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/auth-detail-%Y%m%d.log -> /var/log/radius/radacct/uobroam/auth-detail-20100607.log
[auth_log] /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/auth-detail-%Y%m%d.log expands to /var/log/radius/radacct/uobroam/auth-detail-20100607.log
[auth_log] expand: %t -> Mon Jun 7 10:46:29 2010
++[auth_log] returns ok
++? if (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i)
? Evaluating (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i) -> TRUE
++? if (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i) -> TRUE
++- entering if (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i) {...}
+++? if (User-Name !~ /^[_\\ \\\\\\$\\.[:alnum:]-]*(@bris\\.ac\\.uk|@bristol\\.ac\\.uk)?$/i)
? Evaluating (User-Name !~ /^[_\\ \\\\\\$\\.[:alnum:]-]*(@bris\\.ac\\.uk|@bristol\\.ac\\.uk)?$/i) -> FALSE
+++? if (User-Name !~ /^[_\\ \\\\\\$\\.[:alnum:]-]*(@bris\\.ac\\.uk|@bristol\\.ac\\.uk)?$/i) -> FALSE
++- if (User-Name !~ /^host\\\/.+\\.bris(tol)?\\.ac\\.uk$/i) returns ok
[uobroameap] EAP packet type response id 1 length 18
-------------- next part --------------
Acct-Status-Type = Start
Calling-Station-Id = "d4-9a-20-9e-cd-c5"
Called-Station-Id = "00-19-30-fb-bd-c0"
Acct-Unique-Session-Id = "6c91a548f2eb560c"
Stripped-User-Name = "A"
Realm = "bris.ac.uk"
Packet-Original-Timestamp = "Jun 7 2010 11:35:19 UTC"
Acct-Delay-Time = 1
server eduroamlocal-bsql {
+- entering group preacct {...}
++[preprocess] returns ok
++[acct_unique] returns noop
+- entering group accounting {...}
++? if (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/)
? Evaluating (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/) -> TRUE
++? if (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/) -> TRUE
++- entering if (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/) {...}
expand: %{1} -> A
expand: %{2} -> bris.ac.uk
+++[request] returns noop
++- if (User-Name =~ /\\\\?([^@\\\\]*)@?([-[:alnum:].]+\\.[-[:alnum:].]+)?$/) returns noop
++? if (User-Name =~ /^([^@\\\\]+)\\\\+[^@\\\\]+/)
? Evaluating (User-Name =~ /^([^@\\\\]+)\\\\+[^@\\\\]+/) -> FALSE
++? if (User-Name =~ /^([^@\\\\]+)\\\\+[^@\\\\]+/) -> FALSE
[logsql] expand: %{Stripped-User-Name} -> A
[logsql] expand: %{%{Stripped-User-Name}:-%{User-Name}} -> A
[logsql] sql_set_user escaped user --> 'A'
[logsql] expand: %{Acct-Delay-Time} -> 1
[logsql] expand: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, nasidentifier, tunnelprivategroupid, mschapdomain, acctstartdelay, acctstopdelay, servicename, radiusip) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', unix_timestamp('%S'), NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '
rlm_sql (logsql): Reserving sql socket id: 2
rlm_sql (logsql): Released sql socket id: 2
++[logsql] returns ok
++? if (noop)
? Evaluating (noop) -> FALSE
++? if (noop) -> FALSE
} # server eduroamlocal-bsql
Finished request 26505.
Cleaning up request 26505 ID 7207 with timestamp +2931
Going to the next request
Detail listener /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log state replied signalled 0 waiting 0.048159 sec
Cleaning up request 26416 ID 97 with timestamp +2927
Cleaning up request 26417 ID 160 with timestamp +2927
Detail - unlinking /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log.work
Detail listener /var/log/radius/radacct/eduroamlocal-bsql/detail-bsql.log state unopened signalled 0 waiting 10.012545 sec
Cleaning up request 26418 ID 98 with timestamp +2927
Cleaning up request 26419 ID 161 with timestamp +2927
rad_recv: Accounting-Request packet from host 172.17.107.208 port 32770, id=28, length=166
User-Name = "B"
NAS-Port = 29
NAS-IP-Address = 172.17.107.208
Framed-IP-Address = 172.21.97.41
NAS-Identifier = "wism8"
Airespace-Wlan-Id = 2
Acct-Session-Id = "4c0cd978/00:1d:e0:98:92:03/27101"
Acct-Authentic = RADIUS
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "504"
Acct-Status-Type = Start
Calling-Station-Id = "00-1d-e0-98-92-03"
Called-Station-Id = "00-1e-f7-d7-06-40"
server uobroam {
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing 'NAS-Port = 29,Client-IP-Address = 172.17.107.208,NAS-IP-Address = 172.17.107.208,Acct-Session-Id = "4c0cd978/00:1d:e0:98:92:03/27101",User-Name = "B"'
[acct_unique] Acct-Unique-Session-ID = "67468389b00deb11".
++[acct_unique] returns ok
++[files] returns noop
+- entering group accounting {...}
[detail] expand: %{Virtual-Server} -> uobroam
[detail] expand: /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/detail-%Y%m%d.log -> /var/log/radius/radacct/uobroam/detail-20100607.log
[detail] /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}/detail-%Y%m%d.log expands to /var/log/radius/radacct/uobroam/detail-20100607.log
[detail] expand: %t -> Mon Jun 7 11:35:20 2010
++[detail] returns ok
[detail-bsql] expand: %{Virtual-Server} -> uobroam
[detail-bsql] expand: /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}-bsql/detail-bsql.log -> /var/log/radius/radacct/uobroam-bsql/detail-bsql.log
[detail-bsql] /var/log/radius/radacct/%{%{Virtual-Server}:-UNKNOWN}-bsql/detail-bsql.log expands to /var/log/radius/radacct/uobroam-bsql/detail-bsql.log
[detail-bsql] expand: %t -> Mon Jun 7 11:35:20 2010
++[detail-bsql] returns ok
[attr_filter.accounting_response] expand: %{User-Name} -> B
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
} # server uobroam
Sending Accounting-Response of id 28 to 172.17.107.208 port 32770
Finished request 26506.
Cleaning up request 26506 ID 28 with timestamp +2931
Going to the next request
Cleaning up request 26421 ID 182 with timestamp +2927
Cleaning up request 26423 ID 162 with timestamp +2927
Marking home server 194.82.174.185 port 1812 as zombie (it looks like it is dead).
Sending Status-Server of id 142 to 194.82.174.185 port 1812
Message-Authenticator := 0x00000000000000000000000000000000
NAS-Identifier := "Status Check. Are you alive?"
Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host 172.17.107.203 port 32770, id=235, length=378
Discarding duplicate request from client WISM3 port 32770 - ID: 235 due to unfinished request 26270
Waking up in 0.1 seconds.
Cleaning up request 26424 ID 163 with timestamp +2927
Cleaning up request 26425 ID 183 with timestamp +2928
rad_recv: Access-Accept packet from host 194.82.174.185 port 1812, id=142, length=840
More information about the Freeradius-Users
mailing list