mac authentication, log rejected device in radius.log

Matthew Newton mcn4 at leicester.ac.uk
Fri Oct 18 20:22:48 CEST 2013


On Fri, Oct 18, 2013 at 11:23:54AM -0400, John Douglass wrote:
> I use a modified module for syslog based off "exec" for this type of
> thing (on a UNIX system):
> 
> exec syslog-portauth {
>     wait = no
> 
>     program = "/usr/bin/logger -p local3.info -t portauth switch
> %{NAS-IP-Address} port %{NAS-Port-Id} %{NAS-Port}  - User
> %{sql_start2: select determineUserFromMac('%{User-Name}')} on MAC
> %{User-Name} assigned to %{reply:Tunnel-Private-Group-Id}"
...

You should be able to do that with linelog, which will save
forking a new process each time.

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list