Logging Packet-Type of reply packets from inner-tunnel
Bob Franklin
rcf34 at cam.ac.uk
Mon Mar 8 19:38:51 CET 2010
Hello,
I'm trying to log aspects of the reply packet returned to the NAS at
various stages during authentication using an inner tunnel, in particular
the Packet-Type. This is on FreeRADIUS 2.1.6.
My problem is that I can't find a way to retrieve this information in the
middle of the inner tunnel sequence -- if the request is proxied, I can
run a log module instance in 'post-proxy' to log
%{proxy-reply:Packet-Type} and see things like 'Access-Challenge',
'Access-Reject', etc.
However, I can't seem to do this with locally-handled packets -- I have
'post-auth' which runs for 'Access-Accept' and (optionally, through
'Post-Auth-Type REJECT'), 'Access-Reject'. But I would like to be able to
log the intermediate 'Access-Challenge' packets.
Putting %{reply:Packet-Type} at the end of the 'authorize' section doesn't
work (I just get '0').
Is this something I can do? If so, I'm sure I'm missing something obvious
- can someone please point me in the right direction? I would prefer to
do the logging from inside the inner tunnel virtual server to have access
to the inner tunnel attributes in the logging.
Thanks in advance,
- Bob
--
Bob Franklin <rcf34 at cam.ac.uk> +44 1223 748479
Network Division, University of Cambridge Computing Service
More information about the Freeradius-Users
mailing list