User Group Not Working.
*
zhex900 at gmail.com
Thu May 22 14:10:52 CEST 2014
Hi,
I trying to setup user group. However I cannot see radius using check or
reply items in the user group.
Please let me know what I am doing wrong.
FreeRADIUS Version 3.0.1
mods-enabled/sql
read_groups = yes
radcheck:
bob|Cleartext-Password|:=|bob
radusergroup:
bob|bobgroup|1
radgroupcheck:
1|bobgroup|Simultaneous-Use|:=|1
radgroupreply:
1|bobgroup|Session-Timeout|=|300
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140522/1c0c7add/attachment-0001.html>
-------------- next part --------------
radiusd: FreeRADIUS Version 3.0.1, for host x86_64-pc-linux-gnu, built on Apr 15 2014 at 14:04:23
Copyright (C) 1999-2014 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Starting - reading configuration files ...
including dictionary file /etc/freeradius/dictionary
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/proxy.conf
including configuration file /etc/freeradius/clients.conf
including files in directory /etc/freeradius/mods-enabled/
including configuration file /etc/freeradius/mods-enabled/eap
including configuration file /etc/freeradius/mods-enabled/always
including configuration file /etc/freeradius/mods-enabled/dynamic_clients
including configuration file /etc/freeradius/mods-enabled/detail.log
including configuration file /etc/freeradius/mods-enabled/detail
including configuration file /etc/freeradius/mods-enabled/sradutmp
including configuration file /etc/freeradius/mods-enabled/expiration
including configuration file /etc/freeradius/mods-enabled/preprocess
including configuration file /etc/freeradius/mods-enabled/logintime
including configuration file /etc/freeradius/mods-enabled/soh
including configuration file /etc/freeradius/mods-enabled/dhcp
including configuration file /etc/freeradius/mods-enabled/radutmp
including configuration file /etc/freeradius/mods-enabled/digest
including configuration file /etc/freeradius/mods-enabled/exec
including configuration file /etc/freeradius/mods-enabled/echo
including configuration file /etc/freeradius/mods-enabled/replicate
including configuration file /etc/freeradius/mods-enabled/cache_eap
including configuration file /etc/freeradius/mods-enabled/linelog
including configuration file /etc/freeradius/mods-enabled/utf8
including configuration file /etc/freeradius/mods-enabled/attr_filter
including configuration file /etc/freeradius/mods-enabled/chap
including configuration file /etc/freeradius/mods-enabled/realm
including configuration file /etc/freeradius/mods-enabled/passwd
including configuration file /etc/freeradius/mods-enabled/ntlm_auth
including configuration file /etc/freeradius/mods-enabled/sql
including configuration file /etc/freeradius/mods-config/sql/main/mysql/queries.conf
including configuration file /etc/freeradius/mods-enabled/sqlcounter
including configuration file /etc/freeradius/mods-enabled/pap
including configuration file /etc/freeradius/mods-enabled/perl
including configuration file /etc/freeradius/mods-enabled/files
including configuration file /etc/freeradius/mods-enabled/expr
including configuration file /etc/freeradius/mods-enabled/unix
including configuration file /etc/freeradius/mods-enabled/mschap
including files in directory /etc/freeradius/policy.d/
including configuration file /etc/freeradius/policy.d/eap
including configuration file /etc/freeradius/policy.d/cui
including configuration file /etc/freeradius/policy.d/operator-name
including configuration file /etc/freeradius/policy.d/dhcp
including configuration file /etc/freeradius/policy.d/control
including configuration file /etc/freeradius/policy.d/filter
including configuration file /etc/freeradius/policy.d/canonicalization
including configuration file /etc/freeradius/policy.d/accounting
including files in directory /etc/freeradius/sites-enabled/
including configuration file /etc/freeradius/sites-enabled/coa
including configuration file /etc/freeradius/sites-enabled/inner-tunnel
including configuration file /etc/freeradius/sites-enabled/default
main {
security {
user = "freerad"
group = "freerad"
allow_core_dumps = no
}
}
main {
name = "freeradius"
prefix = "/usr"
localstatedir = "/var"
sbindir = "/usr/sbin"
logdir = "/var/log/freeradius"
run_dir = "/var/run/freeradius"
libdir = "/usr/lib/freeradius"
radacctdir = "/var/log/freeradius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/freeradius/freeradius.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = no
log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
colourise = yes
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
revive_interval = 120
status_check_timeout = 4
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
limit {
max_connections = 16
max_requests = 0
lifetime = 0
idle_timeout = 0
}
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: #### Loading Clients ####
client localhost {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "radius"
shortname = "localhost"
nas_type = "other"
proto = "*"
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
client 27.33.228.125 {
require_message_authenticator = no
secret = "radius"
shortname = "14kimberleyst"
nas_type = "mikrotik"
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
client 220.244.108.10 {
require_message_authenticator = no
secret = "radius"
shortname = "30cookst"
nas_type = "mikrotik_snmp"
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
client 10.1.1.22/24 {
require_message_authenticator = no
secret = "radius"
shortname = "MikroTik"
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
client 99hamilton.no-ip.biz {
require_message_authenticator = no
secret = "radius"
shortname = "99hamilton"
nas_type = "mikrotik"
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
radiusd: #### Instantiating modules ####
instantiate {
# Loaded module rlm_sqlcounter
# Instantiating module "monthlycounter" from file /etc/freeradius/mods-enabled/sqlcounter
sqlcounter monthlycounter {
sql_module_instance = "sql"
key = "User-Name"
query = "SELECT IFNULL((sum(acctinputoctets)+sum(acctoutputoctets)),0) FROM `radacct` WHERE username='%{User-Name}' AND Month(acctstoptime) =(Month(NOW())) AND Year(acctstoptime) = Year(NOW());"
reset = "monthly"
counter_name = "Max-Monthly-Data-Quota"
check_name = "Monthly-Data-Quota"
reply_name = "Mikrotik-Recv-Limit"
}
rlm_sqlcounter: Current Time: 1400760565 [2014-05-22 20:09:25], Next reset 1401552000 [2014-06-01 00:00:00]
rlm_sqlcounter: Current Time: 1400760565 [2014-05-22 20:09:25], Prev reset 1398873600 [2014-05-01 00:00:00]
}
modules {
# Loaded module rlm_eap
# Instantiating module "eap" from file /etc/freeradius/mods-enabled/eap
eap {
default_eap_type = "md5"
timer_expire = 60
ignore_unknown_eap_types = no
mod_accounting_username_bug = no
max_sessions = 4096
}
# Linked to sub-module rlm_eap_md5
# Linked to sub-module rlm_eap_leap
# Linked to sub-module rlm_eap_gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
# Linked to sub-module rlm_eap_tls
tls {
tls = "tls-common"
}
tls-config tls-common {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
ca_path = "/etc/freeradius/certs"
pem_file_type = yes
private_key_file = "/etc/freeradius/certs/server.pem"
certificate_file = "/etc/freeradius/certs/server.pem"
ca_file = "/etc/freeradius/certs/ca.pem"
private_key_password = "whatever"
dh_file = "/etc/freeradius/certs/dh"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
ecdh_curve = "prime256v1"
cache {
enable = yes
lifetime = 24
max_entries = 255
}
verify {
}
ocsp {
enable = no
override_cert_url = yes
url = "http://127.0.0.1/ocsp/"
use_nonce = yes
timeout = 0
softfail = yes
}
}
# Linked to sub-module rlm_eap_ttls
ttls {
tls = "tls-common"
default_eap_type = "md5"
copy_request_to_tunnel = no
use_tunneled_reply = yes
virtual_server = "inner-tunnel"
include_length = yes
require_client_cert = no
}
Using cached TLS configuration from previous invocation
# Loaded module rlm_always
# Instantiating module "fail" from file /etc/freeradius/mods-enabled/always
always fail {
rcode = "fail"
simulcount = 0
mpp = no
}
# Instantiating module "reject" from file /etc/freeradius/mods-enabled/always
always reject {
rcode = "reject"
simulcount = 0
mpp = no
}
# Instantiating module "noop" from file /etc/freeradius/mods-enabled/always
always noop {
rcode = "noop"
simulcount = 0
mpp = no
}
# Instantiating module "handled" from file /etc/freeradius/mods-enabled/always
always handled {
rcode = "handled"
simulcount = 0
mpp = no
}
# Instantiating module "updated" from file /etc/freeradius/mods-enabled/always
always updated {
rcode = "updated"
simulcount = 0
mpp = no
}
# Instantiating module "notfound" from file /etc/freeradius/mods-enabled/always
always notfound {
rcode = "notfound"
simulcount = 0
mpp = no
}
# Instantiating module "ok" from file /etc/freeradius/mods-enabled/always
always ok {
rcode = "ok"
simulcount = 0
mpp = no
}
# Loaded module rlm_dynamic_clients
# Instantiating module "dynamic_clients" from file /etc/freeradius/mods-enabled/dynamic_clients
# Loaded module rlm_detail
# Instantiating module "auth_log" from file /etc/freeradius/mods-enabled/detail.log
detail auth_log {
filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail output
# Instantiating module "reply_log" from file /etc/freeradius/mods-enabled/detail.log
detail reply_log {
filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Instantiating module "pre_proxy_log" from file /etc/freeradius/mods-enabled/detail.log
detail pre_proxy_log {
filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/pre-proxy-detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Instantiating module "post_proxy_log" from file /etc/freeradius/mods-enabled/detail.log
detail post_proxy_log {
filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/post-proxy-detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Instantiating module "detail" from file /etc/freeradius/mods-enabled/detail
detail {
filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
header = "%t"
permissions = 384
dir_permissions = 493
locking = no
log_packet_header = no
}
# Loaded module rlm_radutmp
# Instantiating module "sradutmp" from file /etc/freeradius/mods-enabled/sradutmp
radutmp sradutmp {
filename = "/var/log/freeradius/sradutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
permissions = 420
caller_id = no
}
# Loaded module rlm_expiration
# Instantiating module "expiration" from file /etc/freeradius/mods-enabled/expiration
# Loaded module rlm_preprocess
# Instantiating module "preprocess" from file /etc/freeradius/mods-enabled/preprocess
preprocess {
huntgroups = "/etc/freeradius/mods-config/preprocess/huntgroups"
hints = "/etc/freeradius/mods-config/preprocess/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
reading pairlist file /etc/freeradius/mods-config/preprocess/huntgroups
reading pairlist file /etc/freeradius/mods-config/preprocess/hints
# Loaded module rlm_logintime
# Instantiating module "logintime" from file /etc/freeradius/mods-enabled/logintime
logintime {
minimum_timeout = 60
}
# Loaded module rlm_soh
# Instantiating module "soh" from file /etc/freeradius/mods-enabled/soh
soh {
dhcp = yes
}
# Loaded module rlm_dhcp
# Instantiating module "dhcp" from file /etc/freeradius/mods-enabled/dhcp
# Instantiating module "radutmp" from file /etc/freeradius/mods-enabled/radutmp
radutmp {
filename = "/var/log/freeradius/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
permissions = 384
caller_id = yes
}
# Loaded module rlm_digest
# Instantiating module "digest" from file /etc/freeradius/mods-enabled/digest
# Loaded module rlm_exec
# Instantiating module "exec" from file /etc/freeradius/mods-enabled/exec
exec {
wait = no
input_pairs = "request"
shell_escape = yes
timeout = 10
}
# Instantiating module "echo" from file /etc/freeradius/mods-enabled/echo
exec echo {
wait = yes
program = "/bin/echo %{User-Name}"
input_pairs = "request"
output_pairs = "reply"
shell_escape = yes
}
# Loaded module rlm_replicate
# Instantiating module "replicate" from file /etc/freeradius/mods-enabled/replicate
# Loaded module rlm_cache
# Instantiating module "cache_eap" from file /etc/freeradius/mods-enabled/cache_eap
cache cache_eap {
key = "%{%{control:State}:-%{%{reply:State}:-%{State}}}"
ttl = 15
max_entries = 16384
epoch = 0
add_stats = no
}
# Loaded module rlm_linelog
# Instantiating module "linelog" from file /etc/freeradius/mods-enabled/linelog
linelog {
filename = "/var/log/freeradius/linelog"
permissions = 384
format = "This is a log message for %{User-Name}"
reference = "%{%{Packet-Type}:-format}"
}
# Loaded module rlm_utf8
# Instantiating module "utf8" from file /etc/freeradius/mods-enabled/utf8
# Loaded module rlm_attr_filter
# Instantiating module "attr_filter.post-proxy" from file /etc/freeradius/mods-enabled/attr_filter
attr_filter attr_filter.post-proxy {
filename = "/etc/freeradius/mods-config/attr_filter/post-proxy"
key = "%{Realm}"
relaxed = no
}
reading pairlist file /etc/freeradius/mods-config/attr_filter/post-proxy
# Instantiating module "attr_filter.pre-proxy" from file /etc/freeradius/mods-enabled/attr_filter
attr_filter attr_filter.pre-proxy {
filename = "/etc/freeradius/mods-config/attr_filter/pre-proxy"
key = "%{Realm}"
relaxed = no
}
reading pairlist file /etc/freeradius/mods-config/attr_filter/pre-proxy
# Instantiating module "attr_filter.access_reject" from file /etc/freeradius/mods-enabled/attr_filter
attr_filter attr_filter.access_reject {
filename = "/etc/freeradius/mods-config/attr_filter/access_reject"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /etc/freeradius/mods-config/attr_filter/access_reject
# Instantiating module "attr_filter.access_challenge" from file /etc/freeradius/mods-enabled/attr_filter
attr_filter attr_filter.access_challenge {
filename = "/etc/freeradius/mods-config/attr_filter/access_challenge"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /etc/freeradius/mods-config/attr_filter/access_challenge
# Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/mods-enabled/attr_filter
attr_filter attr_filter.accounting_response {
filename = "/etc/freeradius/mods-config/attr_filter/accounting_response"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /etc/freeradius/mods-config/attr_filter/accounting_response
# Loaded module rlm_chap
# Instantiating module "chap" from file /etc/freeradius/mods-enabled/chap
# Loaded module rlm_realm
# Instantiating module "IPASS" from file /etc/freeradius/mods-enabled/realm
realm IPASS {
format = "prefix"
delimiter = "/"
ignore_default = no
ignore_null = no
}
# Instantiating module "suffix" from file /etc/freeradius/mods-enabled/realm
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
# Instantiating module "realmpercent" from file /etc/freeradius/mods-enabled/realm
realm realmpercent {
format = "suffix"
delimiter = "%"
ignore_default = no
ignore_null = no
}
# Instantiating module "ntdomain" from file /etc/freeradius/mods-enabled/realm
realm ntdomain {
format = "prefix"
delimiter = "\"
ignore_default = no
ignore_null = no
}
# Loaded module rlm_passwd
# Instantiating module "etc_passwd" from file /etc/freeradius/mods-enabled/passwd
passwd etc_passwd {
filename = "/etc/passwd"
format = "*User-Name:Crypt-Password:"
delimiter = ":"
ignore_nislike = no
ignore_empty = yes
allow_multiple_keys = no
hash_size = 100
}
rlm_passwd: nfields: 3 keyfield 0(User-Name) listable: no
# Instantiating module "ntlm_auth" from file /etc/freeradius/mods-enabled/ntlm_auth
exec ntlm_auth {
wait = yes
program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN --username=%{mschap:User-Name} --password=%{User-Password}"
shell_escape = yes
}
# Loaded module rlm_sql
# Instantiating module "sql" from file /etc/freeradius/mods-enabled/sql
sql {
driver = "rlm_sql_mysql"
server = "localhost"
port = "3306"
login = "radius"
password = "fheman"
radius_db = "radius"
read_groups = yes
read_clients = yes
delete_stale_sessions = yes
sql_user_name = "%{User-Name}"
default_user_profile = ""
client_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"
authorize_check_query = "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id"
authorize_reply_query = "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id"
authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id"
authorize_group_reply_query = "SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id"
group_membership_query = "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority"
simul_count_query = "SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"
simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"
safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
}
accounting {
reference = "%{tolower:type.%{Acct-Status-Type}.query}"
}
post-auth {
reference = ".query"
}
mysql {
tls {
}
}
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to database "radius"
rlm_sql (sql): Initialising connection pool
pool {
start = 5
min = 4
max = 10
spare = 3
uses = 0
lifetime = 0
cleanup_delay = 5
idle_timeout = 60
spread = no
}
rlm_sql (sql): Opening additional connection (0)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Opening additional connection (1)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Opening additional connection (2)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Opening additional connection (3)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Opening additional connection (4)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Processing generate_sql_clients
rlm_sql (sql) in generate_sql_clients: query is SELECT id, nasname, shortname, type, secret, server FROM nas
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'SELECT id, nasname, shortname, type, secret, server FROM nas'
rlm_sql (sql): Adding client 192.1 (adfa) to global clients list
rlm_sql (192.0.0.1): Client "adfa" (sql) added
rlm_sql (sql): Released connection (4)
# Instantiating module "dailycounter" from file /etc/freeradius/mods-enabled/sqlcounter
sqlcounter dailycounter {
sql_module_instance = "sql"
key = "User-Name"
query = "SELECT IFNULL(TIME_TO_SEC(TIMEDIFF(NOW(), MIN(AcctStartTime))),0) FROM `radacct` WHERE UserName='%{User-Name}' ORDER BY AcctStartTime LIMIT 1;"
reset = "daily"
counter_name = "Daily-Session-Time"
check_name = "Max-Daily-Session"
reply_name = "Session-Timeout"
}
rlm_sqlcounter: Current Time: 1400760566 [2014-05-22 20:09:26], Next reset 1400774400 [2014-05-23 00:00:00]
rlm_sqlcounter: Current Time: 1400760566 [2014-05-22 20:09:26], Prev reset 1400688000 [2014-05-22 00:00:00]
# Loaded module rlm_pap
# Instantiating module "pap" from file /etc/freeradius/mods-enabled/pap
pap {
auto_header = yes
normalise = yes
}
# Loaded module rlm_perl
# Instantiating module "perl" from file /etc/freeradius/mods-enabled/perl
perl {
filename = "/etc/freeradius/mods-config/perl/example.pl"
func_authorize = "authorize"
func_authenticate = "authenticate"
func_post_auth = "post_auth"
func_accounting = "accounting"
func_preacct = "preacct"
func_checksimul = "checksimul"
func_detach = "detach"
func_xlat = "xlat"
func_pre_proxy = "pre_proxy"
func_post_proxy = "post_proxy"
func_recv_coa = "recv_coa"
func_send_coa = "send_coa"
}
# Loaded module rlm_files
# Instantiating module "files" from file /etc/freeradius/mods-enabled/files
files {
filename = "/etc/freeradius/mods-config/files/authorize"
usersfile = "/etc/freeradius/mods-config/files/authorize"
acctusersfile = "/etc/freeradius/mods-config/files/accounting"
preproxy_usersfile = "/etc/freeradius/mods-config/files/pre-proxy"
compat = "no"
}
reading pairlist file /etc/freeradius/mods-config/files/authorize
reading pairlist file /etc/freeradius/mods-config/files/authorize
reading pairlist file /etc/freeradius/mods-config/files/accounting
reading pairlist file /etc/freeradius/mods-config/files/pre-proxy
# Loaded module rlm_expr
# Instantiating module "expr" from file /etc/freeradius/mods-enabled/expr
expr {
safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
}
# Loaded module rlm_unix
# Instantiating module "unix" from file /etc/freeradius/mods-enabled/unix
unix {
radwtmp = "/var/log/freeradius/radwtmp"
}
# Loaded module rlm_mschap
# Instantiating module "mschap" from file /etc/freeradius/mods-enabled/mschap
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = yes
passchange {
}
allow_retry = yes
}
} # modules
radiusd: #### Loading Virtual Servers ####
server { # from file /etc/freeradius/radiusd.conf
} # server
server coa { # from file /etc/freeradius/sites-enabled/coa
# Loading recv-coa {...}
# Loading send-coa {...}
} # server coa
server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
# Loading authenticate {...}
# Loading authorize {...}
WARNING: Ignoring "ldap" (see raddb/mods-available/README.rst)
# Loading session {...}
# Loading post-proxy {...}
# Loading post-auth {...}
} # server inner-tunnel
server default { # from file /etc/freeradius/sites-enabled/default
# Creating Auth-Type = digest
# Loading authenticate {...}
# Loading authorize {...}
# Loading preacct {...}
# Loading virtual module acct_unique
# Loading accounting {...}
# Loading session {...}
# Loading post-proxy {...}
# Loading post-auth {...}
# Loading virtual module remove_reply_message_if_eap
# Loading virtual module remove_reply_message_if_eap
} # server default
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "coa"
server = "coa"
ipaddr = *
port = 3799
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 18120
}
listen {
type = "auth"
ipaddr = *
port = 135
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
listen {
type = "acct"
ipaddr = *
port = 139
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
Listening on coa address * port 3799 as server coa
Listening on auth address 127.0.0.1 port 18120 as server inner-tunnel
Listening on auth address * port 135 as server default
Listening on acct address * port 139 as server default
Ready to process requests.
rad_recv: Access-Request packet from host 27.33.228.125 port 44994, id=185, length=208
Service-Type = Framed-User
Framed-MTU = 1400
User-Name = 'bob'
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
EAP-Message = 0x0200000801626f62
Message-Authenticator = 0xa38ab6388cd8e705c5d68cda4f72c469
NAS-Identifier = 'MikroTik'
NAS-IP-Address = 27.33.228.125
(0) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(0) authorize {
(0) ? if (User-Name)
(0) ? if (User-Name) -> TRUE
(0) if (User-Name) {
(0) expand: "%{User-Name}" -> 'bob'
(0) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(0) SQL query affected no rows
rlm_sql (sql): Released connection (4)
rlm_sql (sql): Closing connection (0): Too many free connections (5 > 3)
rlm_sql_mysql: Socket destructor called, closing socket
(0) expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(0) } # if (User-Name) = notfound
(0) [preprocess] = ok
(0) [chap] = noop
(0) [mschap] = noop
(0) eap : EAP packet type response id 0 length 8
(0) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(0) [eap] = ok
(0) } # authorize = ok
(0) Found Auth-Type = EAP
(0) # Executing group from file /etc/freeradius/sites-enabled/default
(0) authenticate {
(0) eap : Peer sent Identity (1)
(0) eap : Calling eap_md5 to process EAP data
rlm_eap_md5: Issuing Challenge
(0) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e81bb6ebf
(0) [eap] = handled
(0) } # authenticate = handled
Sending Access-Challenge of id 185 from 10.1.1.2 port 135 to 27.33.228.125 port 44994
EAP-Message = 0x010100160410386b349f3aaaa37037c92729bc97dce3
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x81ba6a5e81bb6ebfba73ebc70ca94f60
(0) Finished request 0.
Waking up in 0.3 seconds.
rad_recv: Access-Request packet from host 27.33.228.125 port 55150, id=186, length=224
Service-Type = Framed-User
Framed-MTU = 1400
User-Name = 'bob'
State = 0x81ba6a5e81bb6ebfba73ebc70ca94f60
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
EAP-Message = 0x020100060315
Message-Authenticator = 0xfb2ac4e3ab7aae1f8142af01fc0f5667
NAS-Identifier = 'MikroTik'
NAS-IP-Address = 27.33.228.125
(1) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(1) authorize {
(1) ? if (User-Name)
(1) ? if (User-Name) -> TRUE
(1) if (User-Name) {
(1) expand: "%{User-Name}" -> 'bob'
(1) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(1) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(1) expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(1) } # if (User-Name) = notfound
(1) [preprocess] = ok
(1) [chap] = noop
(1) [mschap] = noop
(1) eap : EAP packet type response id 1 length 6
(1) eap : No EAP Start, assuming it's an on-going EAP conversation
(1) [eap] = updated
(1) [files] = noop
(1) sql : expand: "%{User-Name}" -> 'bob'
(1) sql : SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
(1) sql : expand: "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bob' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bob' ORDER BY id'
(1) sql : User found in radcheck table
(1) sql : Check items matched
(1) sql : expand: "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bob' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bob' ORDER BY id'
(1) sql : User found in radreply table
(1) sql : expand: "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority" -> 'SELECT groupname FROM radusergroup WHERE username = 'bob' ORDER BY priority'
rlm_sql (sql): Executing query: 'SELECT groupname FROM radusergroup WHERE username = 'bob' ORDER BY priority'
rlm_sql (sql): Released connection (4)
(1) [-sql] = ok
(1) [expiration] = noop
(1) [logintime] = noop
(1) WARNING: pap : Auth-Type already set. Not setting to PAP
(1) [pap] = noop
(1) monthlycounter : Entering module authorize code
(1) monthlycounter : Could not find Check item value pair
(1) [monthlycounter] = noop
(1) } # authorize = updated
(1) Found Auth-Type = EAP
(1) # Executing group from file /etc/freeradius/sites-enabled/default
(1) authenticate {
(1) eap : Expiring EAP session with state 0x81ba6a5e81bb6ebf
(1) eap : Finished EAP session with state 0x81ba6a5e81bb6ebf
(1) eap : Previous EAP request found for state 0x81ba6a5e81bb6ebf, released from the list
(1) eap : Peer sent NAK (3)
(1) eap : Found mutually acceptable type TTLS (21)
(1) eap : Calling eap_ttls to process EAP data
(1) eap_ttls : Flushing SSL sessions (of #0)
(1) eap_ttls : Initiate
(1) eap_ttls : Start returned 1
(1) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e80b87fbf
(1) [eap] = handled
(1) } # authenticate = handled
Sending Access-Challenge of id 186 from 10.1.1.2 port 135 to 27.33.228.125 port 55150
Mikrotik-Recv-Limit = 2097152
EAP-Message = 0x010200061520
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x81ba6a5e80b87fbfba73ebc70ca94f60
(1) Finished request 1.
Waking up in 0.2 seconds.
rad_recv: Access-Request packet from host 27.33.228.125 port 35287, id=187, length=422
Service-Type = Framed-User
Framed-MTU = 1400
User-Name = 'bob'
State = 0x81ba6a5e80b87fbfba73ebc70ca94f60
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
EAP-Message = 0x020200cc150016030100c1010000bd0301537de904c5fdc558e4509d95842d969bf50fe0b6042f6944dd63c98342bf30fa000054c014c00ac022c02100390038c00fc0050035c012c008c01cc01b00160013c00dc003000ac013c009c01fc01e00330032c00ec004002fc011c007c00cc002000500040015001200090014001100080006000300ff01000040000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f00100011
Message-Authenticator = 0xc8ae4cda15c77a21410197b95922c790
NAS-Identifier = 'MikroTik'
NAS-IP-Address = 27.33.228.125
(2) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(2) authorize {
(2) ? if (User-Name)
(2) ? if (User-Name) -> TRUE
(2) if (User-Name) {
(2) expand: "%{User-Name}" -> 'bob'
(2) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(2) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(2) expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(2) } # if (User-Name) = notfound
(2) [preprocess] = ok
(2) [chap] = noop
(2) [mschap] = noop
(2) eap : EAP packet type response id 2 length 204
(2) eap : Continuing tunnel setup.
(2) [eap] = ok
(2) } # authorize = ok
(2) Found Auth-Type = EAP
(2) # Executing group from file /etc/freeradius/sites-enabled/default
(2) authenticate {
(2) eap : Expiring EAP session with state 0x81ba6a5e80b87fbf
(2) eap : Finished EAP session with state 0x81ba6a5e80b87fbf
(2) eap : Previous EAP request found for state 0x81ba6a5e80b87fbf, released from the list
(2) eap : Peer sent TTLS (21)
(2) eap : EAP TTLS (21)
(2) eap : Calling eap_ttls to process EAP data
(2) eap_ttls : Authenticate
(2) eap_ttls : processing EAP-TLS
(2) eap_ttls : eaptls_verify returned 7
(2) eap_ttls : Done initial handshake
(2) eap_ttls : (other): before/accept initialization
(2) eap_ttls : TLS_accept: before/accept initialization
(2) eap_ttls : <<< TLS 1.0 Handshake [length 00c1], ClientHello
(2) eap_ttls : TLS_accept: SSLv3 read client hello A
(2) eap_ttls : >>> TLS 1.0 Handshake [length 0059], ServerHello
(2) eap_ttls : TLS_accept: SSLv3 write server hello A
(2) eap_ttls : >>> TLS 1.0 Handshake [length 08d0], Certificate
(2) eap_ttls : TLS_accept: SSLv3 write certificate A
(2) eap_ttls : >>> TLS 1.0 Handshake [length 014b], ServerKeyExchange
(2) eap_ttls : TLS_accept: SSLv3 write key exchange A
(2) eap_ttls : >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
(2) eap_ttls : TLS_accept: SSLv3 write server done A
(2) eap_ttls : TLS_accept: SSLv3 flush data
(2) eap_ttls : TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
(2) eap_ttls : eaptls_process returned 13
(2) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e83b97fbf
(2) [eap] = handled
(2) } # authenticate = handled
Sending Access-Challenge of id 187 from 10.1.1.2 port 135 to 27.33.228.125 port 35287
EAP-Message =
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x81ba6a5e83b97fbfba73ebc70ca94f60
(2) Finished request 2.
Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host 27.33.228.125 port 41903, id=188, length=224
Service-Type = Framed-User
Framed-MTU = 1400
User-Name = 'bob'
State = 0x81ba6a5e83b97fbfba73ebc70ca94f60
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
EAP-Message = 0x020300061500
Message-Authenticator = 0x5a45ccbbcad2a5b1a4e35bde5428bbec
NAS-Identifier = 'MikroTik'
NAS-IP-Address = 27.33.228.125
(3) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(3) authorize {
(3) ? if (User-Name)
(3) ? if (User-Name) -> TRUE
(3) if (User-Name) {
(3) expand: "%{User-Name}" -> 'bob'
(3) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(3) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(3) expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(3) } # if (User-Name) = notfound
(3) [preprocess] = ok
(3) [chap] = noop
(3) [mschap] = noop
(3) eap : EAP packet type response id 3 length 6
(3) eap : Continuing tunnel setup.
(3) [eap] = ok
(3) } # authorize = ok
(3) Found Auth-Type = EAP
(3) # Executing group from file /etc/freeradius/sites-enabled/default
(3) authenticate {
(3) eap : Expiring EAP session with state 0x81ba6a5e83b97fbf
(3) eap : Finished EAP session with state 0x81ba6a5e83b97fbf
(3) eap : Previous EAP request found for state 0x81ba6a5e83b97fbf, released from the list
(3) eap : Peer sent TTLS (21)
(3) eap : EAP TTLS (21)
(3) eap : Calling eap_ttls to process EAP data
(3) eap_ttls : Authenticate
(3) eap_ttls : processing EAP-TLS
(3) eap_ttls : Received TLS ACK
(3) eap_ttls : Received TLS ACK
(3) eap_ttls : ACK handshake fragment handler
(3) eap_ttls : eaptls_verify returned 1
(3) eap_ttls : eaptls_process returned 13
(3) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e82be7fbf
(3) [eap] = handled
(3) } # authenticate = handled
Sending Access-Challenge of id 188 from 10.1.1.2 port 135 to 27.33.228.125 port 41903
EAP-Message =
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x81ba6a5e82be7fbfba73ebc70ca94f60
(3) Finished request 3.
rad_recv: Access-Request packet from host 27.33.228.125 port 40030, id=189, length=224
Service-Type = Framed-User
Framed-MTU = 1400
User-Name = 'bob'
State = 0x81ba6a5e82be7fbfba73ebc70ca94f60
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
EAP-Message = 0x020400061500
Message-Authenticator = 0xf2d412699a5d16f9db569e1f576bd61d
NAS-Identifier = 'MikroTik'
NAS-IP-Address = 27.33.228.125
(4) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(4) authorize {
(4) ? if (User-Name)
(4) ? if (User-Name) -> TRUE
(4) if (User-Name) {
(4) expand: "%{User-Name}" -> 'bob'
(4) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(4) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(4) expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(4) } # if (User-Name) = notfound
(4) [preprocess] = ok
(4) [chap] = noop
(4) [mschap] = noop
(4) eap : EAP packet type response id 4 length 6
(4) eap : Continuing tunnel setup.
(4) [eap] = ok
(4) } # authorize = ok
(4) Found Auth-Type = EAP
(4) # Executing group from file /etc/freeradius/sites-enabled/default
(4) authenticate {
(4) eap : Expiring EAP session with state 0x81ba6a5e82be7fbf
(4) eap : Finished EAP session with state 0x81ba6a5e82be7fbf
(4) eap : Previous EAP request found for state 0x81ba6a5e82be7fbf, released from the list
(4) eap : Peer sent TTLS (21)
(4) eap : EAP TTLS (21)
(4) eap : Calling eap_ttls to process EAP data
(4) eap_ttls : Authenticate
(4) eap_ttls : processing EAP-TLS
(4) eap_ttls : Received TLS ACK
(4) eap_ttls : Received TLS ACK
(4) eap_ttls : ACK handshake fragment handler
(4) eap_ttls : eaptls_verify returned 1
(4) eap_ttls : eaptls_process returned 13
(4) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e85bf7fbf
(4) [eap] = handled
(4) } # authenticate = handled
Sending Access-Challenge of id 189 from 10.1.1.2 port 135 to 27.33.228.125 port 40030
EAP-Message =
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x81ba6a5e85bf7fbfba73ebc70ca94f60
(4) Finished request 4.
rad_recv: Access-Request packet from host 27.33.228.125 port 53992, id=190, length=358
Service-Type = Framed-User
Framed-MTU = 1400
User-Name = 'bob'
State = 0x81ba6a5e85bf7fbfba73ebc70ca94f60
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
EAP-Message = 0x0205008c15001603010046100000424104309535fb07e2701a66c4ce6bc6895a5ae629aeff3e6a4a459b57d3da847ff7d2e7ff0a675586bd5c0f22a8cde2cb06d29476b8d95a3028528a636853ff1db052140301000101160301003002913ad92cb4936b9d161e38f7fb9eadaa2ee5608a240ad495666a8f90a750fbed5d89f5719d2d8fb6856a5e1d542e6b
Message-Authenticator = 0x5869e26b8b33cb85f5fdc956d55aeaed
NAS-Identifier = 'MikroTik'
NAS-IP-Address = 27.33.228.125
(5) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(5) authorize {
(5) ? if (User-Name)
(5) ? if (User-Name) -> TRUE
(5) if (User-Name) {
(5) expand: "%{User-Name}" -> 'bob'
(5) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(5) SQL query affected no rows
rlm_sql (sql): Released connection (4)
rlm_sql (sql): Closing connection (1): Too many free connections (4 > 3)
rlm_sql_mysql: Socket destructor called, closing socket
(5) expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(5) } # if (User-Name) = notfound
(5) [preprocess] = ok
(5) [chap] = noop
(5) [mschap] = noop
(5) eap : EAP packet type response id 5 length 140
(5) eap : Continuing tunnel setup.
(5) [eap] = ok
(5) } # authorize = ok
(5) Found Auth-Type = EAP
(5) # Executing group from file /etc/freeradius/sites-enabled/default
(5) authenticate {
(5) eap : Expiring EAP session with state 0x81ba6a5e85bf7fbf
(5) eap : Finished EAP session with state 0x81ba6a5e85bf7fbf
(5) eap : Previous EAP request found for state 0x81ba6a5e85bf7fbf, released from the list
(5) eap : Peer sent TTLS (21)
(5) eap : EAP TTLS (21)
(5) eap : Calling eap_ttls to process EAP data
(5) eap_ttls : Authenticate
(5) eap_ttls : processing EAP-TLS
(5) eap_ttls : eaptls_verify returned 7
(5) eap_ttls : Done initial handshake
(5) eap_ttls : <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange
(5) eap_ttls : TLS_accept: SSLv3 read client key exchange A
(5) eap_ttls : <<< TLS 1.0 ChangeCipherSpec [length 0001]
(5) eap_ttls : <<< TLS 1.0 Handshake [length 0010], Finished
(5) eap_ttls : TLS_accept: SSLv3 read finished A
(5) eap_ttls : >>> TLS 1.0 ChangeCipherSpec [length 0001]
(5) eap_ttls : TLS_accept: SSLv3 write change cipher spec A
(5) eap_ttls : >>> TLS 1.0 Handshake [length 0010], Finished
(5) eap_ttls : TLS_accept: SSLv3 write finished A
(5) eap_ttls : TLS_accept: SSLv3 flush data
SSL: adding session 7baa9025a99eba7e87a2af6a9333a1f09414b6a5afb49019e841afcf329d5a65 to cache
(5) eap_ttls : (other): SSL negotiation finished successfully
SSL Connection Established
(5) eap_ttls : eaptls_process returned 13
(5) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e84bc7fbf
(5) [eap] = handled
(5) } # authenticate = handled
Sending Access-Challenge of id 190 from 10.1.1.2 port 135 to 27.33.228.125 port 53992
EAP-Message = 0x0106004515800000003b14030100010116030100308286b9eb3241f2ceedaf57e5e0d9352c9a41818de47fe3e583b5252798757eca3c13b3d30950cb5cb96d8fa19d33f8c5
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x81ba6a5e84bc7fbfba73ebc70ca94f60
(5) Finished request 5.
rad_recv: Access-Request packet from host 27.33.228.125 port 52005, id=191, length=314
Service-Type = Framed-User
Framed-MTU = 1400
User-Name = 'bob'
State = 0x81ba6a5e84bc7fbfba73ebc70ca94f60
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
EAP-Message = 0x020600601500170301002083576086deddfaca1b563c1c3f0876f9553109cc75d0a1f13a613435e6f3b7da170301003005a005115d0753845ca4f6596d0d094a1e35423a0985ff684ef4a49d3953c393a7ab417da2df7474972295365a0c69b4
Message-Authenticator = 0xbed74c79231cae37271e75206659bb03
NAS-Identifier = 'MikroTik'
NAS-IP-Address = 27.33.228.125
(6) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(6) authorize {
(6) ? if (User-Name)
(6) ? if (User-Name) -> TRUE
(6) if (User-Name) {
(6) expand: "%{User-Name}" -> 'bob'
(6) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(6) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(6) expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(6) } # if (User-Name) = notfound
(6) [preprocess] = ok
(6) [chap] = noop
(6) [mschap] = noop
(6) eap : EAP packet type response id 6 length 96
(6) eap : Continuing tunnel setup.
(6) [eap] = ok
(6) } # authorize = ok
(6) Found Auth-Type = EAP
(6) # Executing group from file /etc/freeradius/sites-enabled/default
(6) authenticate {
(6) eap : Expiring EAP session with state 0x81ba6a5e84bc7fbf
(6) eap : Finished EAP session with state 0x81ba6a5e84bc7fbf
(6) eap : Previous EAP request found for state 0x81ba6a5e84bc7fbf, released from the list
(6) eap : Peer sent TTLS (21)
(6) eap : EAP TTLS (21)
(6) eap : Calling eap_ttls to process EAP data
(6) eap_ttls : Authenticate
(6) eap_ttls : processing EAP-TLS
(6) eap_ttls : eaptls_verify returned 7
(6) eap_ttls : Done initial handshake
(6) eap_ttls : eaptls_process returned 7
(6) eap_ttls : Session established. Proceeding to decode tunneled attributes.
(6) eap_ttls : Got tunneled request
EAP-Message = 0x0200000801626f62
(6) eap_ttls : Got tunneled identity of bob
(6) eap_ttls : Setting default EAP type for tunneled EAP session.
(6) eap_ttls : Sending tunneled request
EAP-Message = 0x0200000801626f62
User-Name = 'bob'
server inner-tunnel {
(6) # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
(6) authorize {
(6) [chap] = noop
(6) [mschap] = noop
(6) suffix : No '@' in User-Name = "bob", looking up realm NULL
(6) suffix : No such realm "NULL"
(6) [suffix] = noop
(6) update control {
(6) Proxy-To-Realm := 'LOCAL'
(6) } # update control = noop
(6) eap : EAP packet type response id 0 length 8
(6) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(6) [eap] = ok
(6) } # authorize = ok
(6) Found Auth-Type = EAP
(6) # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
(6) authenticate {
(6) eap : Peer sent Identity (1)
(6) eap : Calling eap_md5 to process EAP data
rlm_eap_md5: Issuing Challenge
(6) eap : New EAP session, adding 'State' attribute to reply 0x91c3310d91c235d5
(6) [eap] = handled
(6) } # authenticate = handled
} # server inner-tunnel
(6) eap_ttls : Got tunneled reply code 11
EAP-Message = 0x01010016041020c353d04d0d37820d08116da77ee9c8
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x91c3310d91c235d51e9e39fe7055ddc3
(6) eap_ttls : Got tunneled Access-Challenge
(6) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e87bd7fbf
(6) [eap] = handled
(6) } # authenticate = handled
Sending Access-Challenge of id 191 from 10.1.1.2 port 135 to 27.33.228.125 port 52005
EAP-Message = 0x0107004f1580000000451703010040e9ee198cd6ef3134ed9dd4fbcc65449820abdb26cd5ad04045540efefdaea4eadaa13888e5167ce712a48ecd565f827ec2835d4d69b33ab6411ceeaae13b142f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x81ba6a5e87bd7fbfba73ebc70ca94f60
(6) Finished request 6.
Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host 27.33.228.125 port 45471, id=192, length=330
Service-Type = Framed-User
Framed-MTU = 1400
User-Name = 'bob'
State = 0x81ba6a5e87bd7fbfba73ebc70ca94f60
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
EAP-Message = 0x0207007015001703010020945e0c05304ec2d9b78e1625adca3bbf681d5ff4c828a24d8f90b09abe2cf9cb1703010040f1ab59c3fbf2dd63cb79eba14cbbe7ac793e624459900409c75b50a237722e302e3d78ef0b8e9e51dae66bc5fd5a4f2858e848063f2f1cbc1b4b44cba37466d4
Message-Authenticator = 0xf56870dbccbc928b277cfb6a6102c37d
NAS-Identifier = 'MikroTik'
NAS-IP-Address = 27.33.228.125
(7) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(7) authorize {
(7) ? if (User-Name)
(7) ? if (User-Name) -> TRUE
(7) if (User-Name) {
(7) expand: "%{User-Name}" -> 'bob'
(7) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(7) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(7) expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(7) } # if (User-Name) = notfound
(7) [preprocess] = ok
(7) [chap] = noop
(7) [mschap] = noop
(7) eap : EAP packet type response id 7 length 112
(7) eap : Continuing tunnel setup.
(7) [eap] = ok
(7) } # authorize = ok
(7) Found Auth-Type = EAP
(7) # Executing group from file /etc/freeradius/sites-enabled/default
(7) authenticate {
(7) eap : Expiring EAP session with state 0x91c3310d91c235d5
(7) eap : Finished EAP session with state 0x81ba6a5e87bd7fbf
(7) eap : Previous EAP request found for state 0x81ba6a5e87bd7fbf, released from the list
(7) eap : Peer sent TTLS (21)
(7) eap : EAP TTLS (21)
(7) eap : Calling eap_ttls to process EAP data
(7) eap_ttls : Authenticate
(7) eap_ttls : processing EAP-TLS
(7) eap_ttls : eaptls_verify returned 7
(7) eap_ttls : Done initial handshake
(7) eap_ttls : eaptls_process returned 7
(7) eap_ttls : Session established. Proceeding to decode tunneled attributes.
(7) eap_ttls : Got tunneled request
EAP-Message = 0x0201001604108fb92000173750bfa8c06171db316ce4
(7) eap_ttls : Sending tunneled request
EAP-Message = 0x0201001604108fb92000173750bfa8c06171db316ce4
User-Name = 'bob'
State = 0x91c3310d91c235d51e9e39fe7055ddc3
server inner-tunnel {
(7) # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
(7) authorize {
(7) [chap] = noop
(7) [mschap] = noop
(7) suffix : No '@' in User-Name = "bob", looking up realm NULL
(7) suffix : No such realm "NULL"
(7) [suffix] = noop
(7) update control {
(7) Proxy-To-Realm := 'LOCAL'
(7) } # update control = noop
(7) eap : EAP packet type response id 1 length 22
(7) eap : No EAP Start, assuming it's an on-going EAP conversation
(7) [eap] = updated
(7) [files] = noop
(7) sql : expand: "%{User-Name}" -> 'bob'
(7) sql : SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
(7) sql : expand: "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bob' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bob' ORDER BY id'
(7) sql : User found in radcheck table
(7) sql : Check items matched
(7) sql : expand: "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bob' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bob' ORDER BY id'
(7) sql : User found in radreply table
(7) sql : expand: "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority" -> 'SELECT groupname FROM radusergroup WHERE username = 'bob' ORDER BY priority'
rlm_sql (sql): Executing query: 'SELECT groupname FROM radusergroup WHERE username = 'bob' ORDER BY priority'
rlm_sql (sql): Released connection (4)
(7) [-sql] = ok
(7) [expiration] = noop
(7) [logintime] = noop
(7) WARNING: pap : Auth-Type already set. Not setting to PAP
(7) [pap] = noop
(7) } # authorize = updated
(7) Found Auth-Type = EAP
(7) # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
(7) authenticate {
(7) eap : Expiring EAP session with state 0x91c3310d91c235d5
(7) eap : Finished EAP session with state 0x91c3310d91c235d5
(7) eap : Previous EAP request found for state 0x91c3310d91c235d5, released from the list
(7) eap : Peer sent MD5 (4)
(7) eap : EAP MD5 (4)
(7) eap : Calling eap_md5 to process EAP data
(7) eap : Freeing handler
(7) [eap] = ok
(7) } # authenticate = ok
(7) # Executing section post-auth from file /etc/freeradius/sites-enabled/inner-tunnel
(7) post-auth {
(7) sql : expand: ".query" -> '.query'
(7) sql : Using query template 'query'
rlm_sql (sql): Reserved connection (4)
(7) sql : expand: "%{User-Name}" -> 'bob'
(7) sql : SQL-User-Name set to 'bob'
(7) sql : expand: "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')" -> 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'bob', '', 'Access-Accept', '2014-05-22 20:09:41')'
rlm_sql (sql): Executing query: 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'bob', '', 'Access-Accept', '2014-05-22 20:09:41')'
rlm_sql (sql): Released connection (4)
(7) [-sql] = ok
(7) } # post-auth = ok
} # server inner-tunnel
(7) eap_ttls : Got tunneled reply code 2
Mikrotik-Recv-Limit = 2097152
EAP-Message = 0x03010004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = 'bob'
(7) eap_ttls : Got tunneled Access-Accept
(7) eap_ttls : Saving session 7baa9025a99eba7e87a2af6a9333a1f09414b6a5afb49019e841afcf329d5a65 vps 0x14e9fc0 in the cache
(7) eap : Freeing handler
rlm_eap_ttls: Freeing handler for user bob
(7) [eap] = ok
(7) } # authenticate = ok
(7) # Executing section post-auth from file /etc/freeradius/sites-enabled/default
(7) post-auth {
(7) sql : expand: ".query" -> '.query'
(7) sql : Using query template 'query'
rlm_sql (sql): Reserved connection (4)
(7) sql : expand: "%{User-Name}" -> 'bob'
(7) sql : SQL-User-Name set to 'bob'
(7) sql : expand: "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')" -> 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'bob', '', 'Access-Accept', '2014-05-22 20:09:41')'
rlm_sql (sql): Executing query: 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'bob', '', 'Access-Accept', '2014-05-22 20:09:41')'
rlm_sql (sql): Released connection (4)
(7) [-sql] = ok
(7) [exec] = noop
(7) remove_reply_message_if_eap remove_reply_message_if_eap {
(7) ? if (reply:EAP-Message && reply:Reply-Message)
(7) ? if (reply:EAP-Message && reply:Reply-Message) -> FALSE
(7) else else {
(7) [noop] = noop
(7) } # else else = noop
(7) } # remove_reply_message_if_eap remove_reply_message_if_eap = noop
(7) } # post-auth = ok
Sending Access-Accept of id 192 from 10.1.1.2 port 135 to 27.33.228.125 port 45471
Mikrotik-Recv-Limit = 2097152
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = 'bob'
MS-MPPE-Recv-Key = 0xc394df7a88fe7b8afc3a868eea55c48693a0468edc98419da0152a1f80f504db
MS-MPPE-Send-Key = 0xaf69e4399414cb5e73a1191cfd7711bed30f6c8eaa29f3a036e4bd151a000c81
EAP-Message = 0x03070004
(7) Finished request 7.
Waking up in 0.1 seconds.
rad_recv: Accounting-Request packet from host 27.33.228.125 port 34350, id=193, length=149
Service-Type = Framed-User
NAS-Port-Id = 'wlan4'
NAS-Port-Type = Wireless-802.11
User-Name = 'bob'
Acct-Session-Id = '8280001c'
Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
Acct-Authentic = RADIUS
Acct-Status-Type = Start
NAS-Identifier = 'MikroTik'
Acct-Delay-Time = 0
NAS-IP-Address = 27.33.228.125
(8) # Executing section preacct from file /etc/freeradius/sites-enabled/default
(8) preacct {
(8) [preprocess] = ok
(8) acct_unique acct_unique {
(8) ? if ("%{string:Class}" =~ /ai:([0-9a-f]{32})/i)
(8) expand: "%{string:Class}" -> ''
(8) ? if ("%{string:Class}" =~ /ai:([0-9a-f]{32})/i) -> FALSE
(8) else else {
(8) update request {
(8) expand: "%{md5:%{User-Name},%{Acct-Session-ID},%{NAS-IP-Address},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}" -> 'a563b97a0bf65fc39a0509c43bbdb79a'
(8) Acct-Unique-Session-Id := "a563b97a0bf65fc39a0509c43bbdb79a"
(8) } # update request = noop
(8) } # else else = noop
(8) } # acct_unique acct_unique = noop
(8) suffix : No '@' in User-Name = "bob", looking up realm NULL
(8) suffix : No such realm "NULL"
(8) [suffix] = noop
(8) [files] = noop
(8) } # preacct = ok
(8) # Executing section accounting from file /etc/freeradius/sites-enabled/default
(8) accounting {
(8) detail : expand: "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d" -> '/var/log/freeradius/radacct/27.33.228.125/detail-20140522'
(8) detail : /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/27.33.228.125/detail-20140522
(8) detail : expand: "%t" -> 'Thu May 22 20:09:41 2014'
(8) [detail] = ok
(8) sql : expand: "%{tolower:type.%{Acct-Status-Type}.query}" -> 'type.start.query'
(8) sql : Using query template 'query'
rlm_sql (sql): Reserved connection (4)
(8) sql : expand: "%{User-Name}" -> 'bob'
(8) sql : SQL-User-Name set to 'bob'
(8) sql : expand: "INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctupdatetime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', FROM_UNIXTIME(%{integer:Event-Timestamp}), FROM_UNIXTIME(%{integer:Event-Timestamp}), NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}')" -> 'INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctupdatetime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress) VALUES ('8280001c', 'a563b97a0bf65fc39a0509c43bbdb79a', 'bob', '', '27.33.228.125', '', 'Wireless-802.11', FROM_UNIXTIME(1400760581), FROM_UNIXTIME(1400760581), NULL, '0', 'RADIUS', '', '', '0', '0', '', '', '', 'Framed-User', '', '')'
rlm_sql (sql): Executing query: 'INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctupdatetime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress) VALUES ('8280001c', 'a563b97a0bf65fc39a0509c43bbdb79a', 'bob', '', '27.33.228.125', '', 'Wireless-802.11', FROM_UNIXTIME(1400760581), FROM_UNIXTIME(1400760581), NULL, '0', 'RADIUS', '', '', '0', '0', '', '', '', 'Framed-User', '', '')'
rlm_sql (sql): Released connection (4)
(8) [-sql] = ok
(8) [exec] = noop
(8) attr_filter.accounting_response : expand: "%{User-Name}" -> 'bob'
(8) attr_filter.accounting_response : Matched entry DEFAULT at line 12
(8) [attr_filter.accounting_response] = updated
(8) } # accounting = updated
Sending Accounting-Response of id 193 from 10.1.1.2 port 139 to 27.33.228.125 port 34350
(8) Finished request 8.
Waking up in 0.1 seconds.
Waking up in 0.1 seconds.
(8) Cleaning up request packet ID 193 with timestamp +15
Waking up in 3.9 seconds.
(0) Cleaning up request packet ID 185 with timestamp +14
(1) Cleaning up request packet ID 186 with timestamp +14
(2) Cleaning up request packet ID 187 with timestamp +14
(3) Cleaning up request packet ID 188 with timestamp +14
Waking up in 0.1 seconds.
(4) Cleaning up request packet ID 189 with timestamp +14
Waking up in 0.1 seconds.
(5) Cleaning up request packet ID 190 with timestamp +15
(6) Cleaning up request packet ID 191 with timestamp +15
(7) Cleaning up request packet ID 192 with timestamp +15
Ready to process requests.
More information about the Freeradius-Users
mailing list