Log IP address (Calling-Station-Id?) of failed authentication attempts

Matt Hite lists at beatmixed.com
Sun May 9 07:54:55 CEST 2010


Hello.

I would like to log the client IP of failed & successful
authentications to my RADIUS-enabled switches. Right now
failed/success show up like this:

radiusd[13877]: Login incorrect: [xyzzy] (from client SW-2745-C1.sv4 port 0)
radiusd[13877]: Login OK: [plugh] (from client SW-2745-C1.sv4 port 0)

It looks like I can possibly enable auth_badpass and auth_goodpass in
radiusd.conf and then set:

msg_goodpass = "%{Calling-Station-Id}"
msg_badpass = "%{Calling-Station-Id}"

Is this going about it the right way?

Also, I really don't want the failed passwords to get logged. (I don't
want to see my colleagues plain-text passwords.) If I do use the
aforementioned technique, am I also going to see passwords? I'm
guessing yes.

Thanks for your help and insight.

-M



More information about the Freeradius-Users mailing list