EAP logging

Alan DeKok aland at deployingradius.com
Thu Aug 29 15:19:53 CEST 2013


Andrej wrote:
> This brings me back to my earlier question: what values are available
> where, and when,
> via which mechanism?

  This was asked and answered.  I suggest reading responses to your
messages.

  Asking what "values" are available is wrong.  There are no magic
"values" in the server.  There are just attributes in a packet.  If you
want to know what attributes are available, look at the debug output.

  That REALLY is it.  It's not hard.  It's not rocket science.  There's
no magic.

> I think I still don't fully understand how modules hang together, how
> I pass information
> from e.g. an EAP request into line-log,

  Read doc/aaa.rst

  You don't "passd" information into a module.  The incoming packet (and
associated data) is given to the module.  The module then decides what
to do.

> sites-enabled/eap-inner-tunnel, how
> I tell f_ticks (or linelog, or any other modules for that matter)
> which values I'd like to work
> with.

  Have you tried reading the debug output?  It's *telling you* what it's
doing.

  The f_ticks module is telling you what it's doing.  Have you tried
reading the default configuration for the "linelog" module?  It has LOTS
of documentation describing how it works.

  Ask *specific* questions about what's confusing you.

> I would like f_ticks to write out a single line into syslog that
> contains the inner and outer
> identity of an authentication request, the station ID and MAC address.

  So... do you see that data in the debug output?  If so, read "man
unlang" for how to reference attributes.  See the default "linelog"
configuration for how the module works.  Put the two together, and
you'll have it.

> Can anyone point me at a walk-through or how-to?  I've now spent days
> flicking from one wiki-page to
> the next, and reading mailing list archives w/o find anything that
> helps me understand.

  There are NO examples which document exactly what you're trying to do.
 Most deployments are unique.  Creating documentation for every possible
deployment is impossible.

  It sounds like you're not understanding basic concepts, and reading
random web pages, looking for a magic solution.  This isn't the best
approach.

  Read doc/aaa.rst.  Read "man unlang".  Read the debug output.  Read
the default "linelog"configuration.

  Alan DeKok.


More information about the Freeradius-Users mailing list