SQL Logging
Kristoffer Milligan
kristoffer at nextnet.no
Fri Jan 28 09:55:16 CET 2011
Hello again,
I'm still fighting my little battle in copying attributes from the inner
to the outer tunnel etc. I have now gotten as far that logging
access-accepts is working as I want, but I'm now struggling logging
access-rejects. Here's my SQL from dialup.conf:
postauth_query = "INSERT INTO ${postauth_table} \
(username, pass, reply, authdate)
VALUES \
('%{reply:SQL-User-Name}',
'%{reply:Packet-Type}', \
'%{reply:Calling-Station-Id}', '%S');"
From a rejected session, I get this:
Fri Jan 28 09:48:05 2011 : Info: (5) [ttls] Got tunneled reply code 3
Filter-Id = "OBFUSCATED"
SQL-User-Name = "OBFUSCATED"
Calling-Station-Id = "OBFUSCATED"
MS-CHAP-Error = "\226E=691 R=1"
....
Fri Jan 28 09:48:05 2011 : Info: (5) +- entering group REJECT {...}
Fri Jan 28 09:48:05 2011 : Info: (5) [sql] expand:
%{Stripped-User-Name} -> {am=1}OBFUSCATED
Fri Jan 28 09:48:05 2011 : Info: (5) [sql] expand:
%{%{Stripped-User-Name}:-%{%{User-Name}:-DEFAULT}} -> {am=1}OBFUSCATED
Fri Jan 28 09:48:05 2011 : Info: (5) [sql] sql_set_user escaped user -->
'{am=1}OBFUSCATED'
Fri Jan 28 09:48:05 2011 : Info: (5) [sql] expand: INSERT INTO
radpostauth (username, pass, reply,
authdate) VALUES
('%{reply:SQL-User-Name}', '%{reply:Packet-Type}',
'%{reply:Calling-Station-Id}', '%S'); -> INSERT INTO
radpostauth (username, pass, reply,
authdate) VALUES ('',
'Access-Reject', '', '2011-01-28 09:48:05');
Fri Jan 28 09:48:05 2011 : Debug: rlm_sql (sql) in sql_postauth: query
is INSERT INTO radpostauth (username,
pass, reply, authdate) VALUES ('',
'Access-Reject', '', '2011-01-28 09:48:05');
From an accepted session, everything works fine and the SQL-User-Name
and Calling-Station-Id are logged as expected. How come the attributes
are empty, even though they are in the reply, only when an access-reject
is given?
- Kristoffer
More information about the Freeradius-Users
mailing list