Packet tracing web interface

Brian Candler B.Candler at
Mon Mar 14 11:16:07 CET 2011

On Sat, Mar 12, 2011 at 11:08:27PM +0000, Phil Mayers wrote:
> On 03/12/2011 01:02 PM, Brian Candler wrote:
> >I'd like to build a "packet tracer" web interface for freeradius: that is,
> >somewhere where you can paste in a set of AV pairs (perhaps caught from
> >radsniff), and you get back the AV responses plus all the decision-making
> >logic that took place.  Basically what freeradius -X shows.
> >
> Have you seen
> radmin

I can't see how radmin would help here. Is it possible to use it to inject a
test packet?  I can't see how, in which case I need to use radclient anyway.

radmin can turn debugging on and off, but I'd probably run a separate
instance of radiusd for the web test interface - otherwise lots of live
debugging traffic would get intermingled with it.  Hence I could leave
debugging turned on permanently.

I'm thinking about this design:

          post AV pairs
browser ------------------> web app
                             * lock
                             * radclient ---- req ----> radiusd -X
                                         <--- reply ---
                             * gen HTML  <------------- [debug file]
          HTML page          * unlock

If I run radiusd -X as a child from another process I can capture its output
without writing it to a file.



More information about the Freeradius-Users mailing list