SQL Auth Logging

Kev Pearce email.me at kevp.com
Mon Jun 2 18:38:34 CEST 2014

Hi all,


I'm sure this has been asked many times before but I can't seem to find an
answer to it.


Is it possible to log to an SQL server when an unknown client attempts to
authenticate against a virtual server and also to log then a good client
tries but with an incorrect secret?


I've got good and bad auth attempts logging to SQL nicely with (to my own
postauth_table) and a bit of decoration in my UI:


postauth_query = "INSERT INTO ${postauth_table} \

                  (src_ip_address, nas_ip_address, dest_port, username,
password, \

                  reply, reason, auth_timestamp) \

                  VALUES \

                  ('%{Packet-Src-IP-Address}', \

                  '%{NAS-IP-Address}', \

                  '%{Packet-Dst-Port}', \

                  '%{User-Name}', \

                  '%{%{User-Password}:-%{Chap-Password}}', \

                  '%{reply:Packet-Type}', \

                  '%{Module-Failure-Message}', \



I'm trying to do this so the users of my web interface can spot incorrectly
configured clients/client entries.

I'm not just trying to trouble shoot just one particular client.

I'm trying to create a fully web interfaced system to manage and
troubleshoot FreeRADIUS clients and users,


Great product by the way, keep it up,






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140602/9ba2f332/attachment.html>

More information about the Freeradius-Users mailing list