Login access-request results to syslog
Angel L. Mateo
amateo at um.es
Mon May 23 12:48:44 CEST 2011
Hello,
I'm trying to configure my freeradius server (version 2.1.8 running in
a ubuntu 10.04 server) to log access request results to syslog. My
configuration is:
authorize {
...
sistemas_syslog
...
}
accounting {
...
sistemas_syslog
...
}
post-auth {
...
sistemas_syslog
Post-Auth-Type REJECT {
...
sistemas_syslog
}
Post-Auth-Type ACCEPT {
...
sistemas_syslog
}
}
And I also have:
linelog sistemas_syslog {
filename = syslog
format = "This is a Application log message for %{User-Name}
(%{Packet-Type})"
reference = "%{%{Packet-Type}:-format}"
Access-Request = "Application Requested access: %{User-Name}"
Access-Reject = "Application Rejected access: %{User-Name}"
Access-Challenge = "Application Sent challenge: %{User-Name}"
Access-Accept = "Application Accepted access: %{User-Name}"
}
But all logs I have are:
May 23 12:44:33 vulpes21 freeradius: Application Requested access:
XXXXXXXXXXXX
May 23 12:44:33 vulpes21 freeradius: Application Requested access:
XXXXXXXXXXXX
(yes, it is sent twice). In debug mode I get:
rad_recv: Access-Request packet from host 155.54.67.15 port 52081, id=1,
length=71
Calling-Station-Id = "XXXXXXXXXXXXXXXXXx"
User-Name = "XXXXXXXXXXXXXXXXXXXX"
User-Password = "XXXXXXXXXXXXX"
Service-Type = Login-User
server sistemas {
+- entering group authorize {...}
[sistemas_log] expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/sistemas_log-%Y%m%d ->
/var/log/freeradius/radacct/155.54.67.15/sistemas_log-20110523
[sistemas_log]
/var/log/freeradius/radacct/%{Client-IP-Address}/sistemas_log-%Y%m%d
expands to /var/log/freeradius/radacct/155.54.67.15/sistemas_log-20110523
[sistemas_log] expand: %t -> Mon May 23 12:44:33 2011
++[sistemas_log] returns ok
[sistemas_syslog] expand: %{Packet-Type} -> Access-Request
[sistemas_syslog] expand: %{%{Packet-Type}:-format} -> Access-Request
[sistemas_syslog] expand: Application Requested access: %{User-Name} ->
Application Requested access: XXXXXXXXXXXX
++[sistemas_syslog] returns ok
[suffix] Looking up realm "um.es" for User-Name = "XXXXXXXXXXXX"
[suffix] Found realm "um.es"
[suffix] Adding Stripped-User-Name = "amateo"
[suffix] Adding Realm = "um.es"
[suffix] Authentication realm is LOCAL.
++[suffix] returns ok
[files_sistemas] users: Matched entry DEFAULT at line 15
[files_sistemas] expand: %{User-Name} -> XXXXXXXXXXXX
++[files_sistemas] returns ok
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = LDAP
+- entering group LDAP {...}
[ldap-email] login attempt by "amateo" with password "XXXXXXXXXXXXXX"
<The rest of LDAP debug messages>
++[ldap-email] returns ok
Login OK: [XXXXXXXXXXXX] (from client monitor port 0 cli PORTALREDES)
+- entering group post-auth {...}
[sistemas_log] expand:
/var/log/freeradius/radacct/%{Client-IP-Address}/sistemas_log-%Y%m%d ->
/var/log/freeradius/radacct/155.54.67.15/sistemas_log-20110523
[sistemas_log]
/var/log/freeradius/radacct/%{Client-IP-Address}/sistemas_log-%Y%m%d
expands to /var/log/freeradius/radacct/155.54.67.15/sistemas_log-20110523
[sistemas_log] expand: %t -> Mon May 23 12:44:33 2011
++[sistemas_log] returns ok
[sistemas_syslog] expand: %{Packet-Type} -> Access-Request
[sistemas_syslog] expand: %{%{Packet-Type}:-format} -> Access-Request
[sistemas_syslog] expand: Application Requested access: %{User-Name} ->
Application Requested access: XXXXXXXXXXXX
++[sistemas_syslog] returns ok
} # server sistemas
Sending Access-Accept of id 1 to 155.54.67.15 port 52081
User-Name = "XXXXXXXXXXXX"
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
All I want is to log in syslog if the access-request is accepted or
rejected for any reason.
Any help?
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información _o)
y las Comunicaciones Aplicadas (ATICA) / \\
http://www.um.es/atica _(___V
Tfo: 868887590
Fax: 868888337
More information about the Freeradius-Users
mailing list