SQL insert on TLs failure
Dean Goldhill
dgoldhill at netutils.com
Wed Dec 3 11:00:52 CET 2014
Thanks very much. Works perfectly.
-----Original Message-----
From: freeradius-users-bounces+dgoldhill=netutils.com at lists.freeradius.org [mailto:freeradius-users-bounces+dgoldhill=netutils.com at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: 01 December 2014 18:32
To: FreeRadius users mailing list
Subject: Re: SQL insert on TLs failure
On Dec 1, 2014, at 7:22 AM, Dean Goldhill <dgoldhill at netutils.com> wrote:
> I want to write a record to the MySQL database when a client sends a TLS close notification.
> So when a laptop is not properly configured to trust our CA, the client sends a TLS close notification.
> And in the log we see something like: "Auth: Login incorrect (TLS Alert read:warning:close notify):"
The "TLS Alert..." message is contained in the Module-Failure-Message attribute.
> I know why this is happening, but I just want to write an entry to the database so we have a record of which users are failing because of this reason.
> Is it possible to do this?
Yes. Configure "sql" in the "Post-Auth-Type Reject" section. Then, edit the "postauth_query" (2.x) to include %{Module-Failure-Message}
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list