User Group Not Working.

* zhex900 at gmail.com
Thu May 22 14:10:52 CEST 2014


Hi,

I trying to setup user group. However I cannot see radius using check or
reply items in the user group.

Please let me know what I am doing wrong.

FreeRADIUS Version 3.0.1

mods-enabled/sql
read_groups = yes

radcheck:
bob|Cleartext-Password|:=|bob

radusergroup:
bob|bobgroup|1

radgroupcheck:
1|bobgroup|Simultaneous-Use|:=|1

radgroupreply:
1|bobgroup|Session-Timeout|=|300
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140522/1c0c7add/attachment-0001.html>
-------------- next part --------------
radiusd: FreeRADIUS Version 3.0.1, for host x86_64-pc-linux-gnu, built on Apr 15 2014 at 14:04:23
Copyright (C) 1999-2014 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Starting - reading configuration files ...
including dictionary file /etc/freeradius/dictionary
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/proxy.conf
including configuration file /etc/freeradius/clients.conf
including files in directory /etc/freeradius/mods-enabled/
including configuration file /etc/freeradius/mods-enabled/eap
including configuration file /etc/freeradius/mods-enabled/always
including configuration file /etc/freeradius/mods-enabled/dynamic_clients
including configuration file /etc/freeradius/mods-enabled/detail.log
including configuration file /etc/freeradius/mods-enabled/detail
including configuration file /etc/freeradius/mods-enabled/sradutmp
including configuration file /etc/freeradius/mods-enabled/expiration
including configuration file /etc/freeradius/mods-enabled/preprocess
including configuration file /etc/freeradius/mods-enabled/logintime
including configuration file /etc/freeradius/mods-enabled/soh
including configuration file /etc/freeradius/mods-enabled/dhcp
including configuration file /etc/freeradius/mods-enabled/radutmp
including configuration file /etc/freeradius/mods-enabled/digest
including configuration file /etc/freeradius/mods-enabled/exec
including configuration file /etc/freeradius/mods-enabled/echo
including configuration file /etc/freeradius/mods-enabled/replicate
including configuration file /etc/freeradius/mods-enabled/cache_eap
including configuration file /etc/freeradius/mods-enabled/linelog
including configuration file /etc/freeradius/mods-enabled/utf8
including configuration file /etc/freeradius/mods-enabled/attr_filter
including configuration file /etc/freeradius/mods-enabled/chap
including configuration file /etc/freeradius/mods-enabled/realm
including configuration file /etc/freeradius/mods-enabled/passwd
including configuration file /etc/freeradius/mods-enabled/ntlm_auth
including configuration file /etc/freeradius/mods-enabled/sql
including configuration file /etc/freeradius/mods-config/sql/main/mysql/queries.conf
including configuration file /etc/freeradius/mods-enabled/sqlcounter
including configuration file /etc/freeradius/mods-enabled/pap
including configuration file /etc/freeradius/mods-enabled/perl
including configuration file /etc/freeradius/mods-enabled/files
including configuration file /etc/freeradius/mods-enabled/expr
including configuration file /etc/freeradius/mods-enabled/unix
including configuration file /etc/freeradius/mods-enabled/mschap
including files in directory /etc/freeradius/policy.d/
including configuration file /etc/freeradius/policy.d/eap
including configuration file /etc/freeradius/policy.d/cui
including configuration file /etc/freeradius/policy.d/operator-name
including configuration file /etc/freeradius/policy.d/dhcp
including configuration file /etc/freeradius/policy.d/control
including configuration file /etc/freeradius/policy.d/filter
including configuration file /etc/freeradius/policy.d/canonicalization
including configuration file /etc/freeradius/policy.d/accounting
including files in directory /etc/freeradius/sites-enabled/
including configuration file /etc/freeradius/sites-enabled/coa
including configuration file /etc/freeradius/sites-enabled/inner-tunnel
including configuration file /etc/freeradius/sites-enabled/default
main {
 security {
 	user = "freerad"
 	group = "freerad"
 	allow_core_dumps = no
 }
}
main {
	name = "freeradius"
	prefix = "/usr"
	localstatedir = "/var"
	sbindir = "/usr/sbin"
	logdir = "/var/log/freeradius"
	run_dir = "/var/run/freeradius"
	libdir = "/usr/lib/freeradius"
	radacctdir = "/var/log/freeradius/radacct"
	hostname_lookups = no
	max_request_time = 30
	cleanup_delay = 5
	max_requests = 1024
	pidfile = "/var/run/freeradius/freeradius.pid"
	checkrad = "/usr/sbin/checkrad"
	debug_level = 0
	proxy_requests = no
 log {
 	stripped_names = no
 	auth = no
 	auth_badpass = no
 	auth_goodpass = no
 	colourise = yes
 }
 security {
 	max_attributes = 200
 	reject_delay = 1
 	status_server = yes
 }
}
radiusd: #### Loading Realms and Home Servers ####
 proxy server {
 	retry_delay = 5
 	retry_count = 3
 	default_fallback = no
 	dead_time = 120
 	wake_all_if_all_dead = no
 }
 home_server localhost {
 	ipaddr = 127.0.0.1
 	port = 1812
 	type = "auth"
 	secret = "testing123"
 	response_window = 20
 	max_outstanding = 65536
 	zombie_period = 40
 	status_check = "status-server"
 	ping_interval = 30
 	check_interval = 30
 	num_answers_to_alive = 3
 	revive_interval = 120
 	status_check_timeout = 4
  coa {
  	irt = 2
  	mrt = 16
  	mrc = 5
  	mrd = 30
  }
  limit {
  	max_connections = 16
  	max_requests = 0
  	lifetime = 0
  	idle_timeout = 0
  }
 }
 home_server_pool my_auth_failover {
	type = fail-over
	home_server = localhost
 }
 realm example.com {
	auth_pool = my_auth_failover
 }
 realm LOCAL {
 }
radiusd: #### Loading Clients ####
 client localhost {
 	ipaddr = 127.0.0.1
 	require_message_authenticator = no
 	secret = "radius"
 	shortname = "localhost"
 	nas_type = "other"
 	proto = "*"
  limit {
  	max_connections = 16
  	lifetime = 0
  	idle_timeout = 30
  }
 }
 client 27.33.228.125 {
 	require_message_authenticator = no
 	secret = "radius"
 	shortname = "14kimberleyst"
 	nas_type = "mikrotik"
  limit {
  	max_connections = 16
  	lifetime = 0
  	idle_timeout = 30
  }
 }
 client 220.244.108.10 {
 	require_message_authenticator = no
 	secret = "radius"
 	shortname = "30cookst"
 	nas_type = "mikrotik_snmp"
  limit {
  	max_connections = 16
  	lifetime = 0
  	idle_timeout = 30
  }
 }
 client 10.1.1.22/24 {
 	require_message_authenticator = no
 	secret = "radius"
 	shortname = "MikroTik"
  limit {
  	max_connections = 16
  	lifetime = 0
  	idle_timeout = 30
  }
 }
 client 99hamilton.no-ip.biz {
 	require_message_authenticator = no
 	secret = "radius"
 	shortname = "99hamilton"
 	nas_type = "mikrotik"
  limit {
  	max_connections = 16
  	lifetime = 0
  	idle_timeout = 30
  }
 }
radiusd: #### Instantiating modules ####
 instantiate {
  # Loaded module rlm_sqlcounter
  # Instantiating module "monthlycounter" from file /etc/freeradius/mods-enabled/sqlcounter
  sqlcounter monthlycounter {
  	sql_module_instance = "sql"
  	key = "User-Name"
  	query = "SELECT IFNULL((sum(acctinputoctets)+sum(acctoutputoctets)),0) FROM `radacct` WHERE username='%{User-Name}' AND Month(acctstoptime) =(Month(NOW())) AND Year(acctstoptime) = Year(NOW());"
  	reset = "monthly"
  	counter_name = "Max-Monthly-Data-Quota"
  	check_name = "Monthly-Data-Quota"
  	reply_name = "Mikrotik-Recv-Limit"
  }
rlm_sqlcounter: Current Time: 1400760565 [2014-05-22 20:09:25], Next reset 1401552000 [2014-06-01 00:00:00]
rlm_sqlcounter: Current Time: 1400760565 [2014-05-22 20:09:25], Prev reset 1398873600 [2014-05-01 00:00:00]
 }
 modules {
  # Loaded module rlm_eap
  # Instantiating module "eap" from file /etc/freeradius/mods-enabled/eap
  eap {
  	default_eap_type = "md5"
  	timer_expire = 60
  	ignore_unknown_eap_types = no
  	mod_accounting_username_bug = no
  	max_sessions = 4096
  }
   # Linked to sub-module rlm_eap_md5
   # Linked to sub-module rlm_eap_leap
   # Linked to sub-module rlm_eap_gtc
   gtc {
   	challenge = "Password: "
   	auth_type = "PAP"
   }
   # Linked to sub-module rlm_eap_tls
   tls {
   	tls = "tls-common"
   }
   tls-config tls-common {
   	rsa_key_exchange = no
   	dh_key_exchange = yes
   	rsa_key_length = 512
   	dh_key_length = 512
   	verify_depth = 0
   	ca_path = "/etc/freeradius/certs"
   	pem_file_type = yes
   	private_key_file = "/etc/freeradius/certs/server.pem"
   	certificate_file = "/etc/freeradius/certs/server.pem"
   	ca_file = "/etc/freeradius/certs/ca.pem"
   	private_key_password = "whatever"
   	dh_file = "/etc/freeradius/certs/dh"
   	fragment_size = 1024
   	include_length = yes
   	check_crl = no
   	cipher_list = "DEFAULT"
   	ecdh_curve = "prime256v1"
    cache {
    	enable = yes
    	lifetime = 24
    	max_entries = 255
    }
    verify {
    }
    ocsp {
    	enable = no
    	override_cert_url = yes
    	url = "http://127.0.0.1/ocsp/"
    	use_nonce = yes
    	timeout = 0
    	softfail = yes
    }
   }
   # Linked to sub-module rlm_eap_ttls
   ttls {
   	tls = "tls-common"
   	default_eap_type = "md5"
   	copy_request_to_tunnel = no
   	use_tunneled_reply = yes
   	virtual_server = "inner-tunnel"
   	include_length = yes
   	require_client_cert = no
   }
Using cached TLS configuration from previous invocation
  # Loaded module rlm_always
  # Instantiating module "fail" from file /etc/freeradius/mods-enabled/always
  always fail {
  	rcode = "fail"
  	simulcount = 0
  	mpp = no
  }
  # Instantiating module "reject" from file /etc/freeradius/mods-enabled/always
  always reject {
  	rcode = "reject"
  	simulcount = 0
  	mpp = no
  }
  # Instantiating module "noop" from file /etc/freeradius/mods-enabled/always
  always noop {
  	rcode = "noop"
  	simulcount = 0
  	mpp = no
  }
  # Instantiating module "handled" from file /etc/freeradius/mods-enabled/always
  always handled {
  	rcode = "handled"
  	simulcount = 0
  	mpp = no
  }
  # Instantiating module "updated" from file /etc/freeradius/mods-enabled/always
  always updated {
  	rcode = "updated"
  	simulcount = 0
  	mpp = no
  }
  # Instantiating module "notfound" from file /etc/freeradius/mods-enabled/always
  always notfound {
  	rcode = "notfound"
  	simulcount = 0
  	mpp = no
  }
  # Instantiating module "ok" from file /etc/freeradius/mods-enabled/always
  always ok {
  	rcode = "ok"
  	simulcount = 0
  	mpp = no
  }
  # Loaded module rlm_dynamic_clients
  # Instantiating module "dynamic_clients" from file /etc/freeradius/mods-enabled/dynamic_clients
  # Loaded module rlm_detail
  # Instantiating module "auth_log" from file /etc/freeradius/mods-enabled/detail.log
  detail auth_log {
  	filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d"
  	header = "%t"
  	permissions = 384
  	dir_permissions = 493
  	locking = no
  	log_packet_header = no
  }
rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail output
  # Instantiating module "reply_log" from file /etc/freeradius/mods-enabled/detail.log
  detail reply_log {
  	filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d"
  	header = "%t"
  	permissions = 384
  	dir_permissions = 493
  	locking = no
  	log_packet_header = no
  }
  # Instantiating module "pre_proxy_log" from file /etc/freeradius/mods-enabled/detail.log
  detail pre_proxy_log {
  	filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/pre-proxy-detail-%Y%m%d"
  	header = "%t"
  	permissions = 384
  	dir_permissions = 493
  	locking = no
  	log_packet_header = no
  }
  # Instantiating module "post_proxy_log" from file /etc/freeradius/mods-enabled/detail.log
  detail post_proxy_log {
  	filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/post-proxy-detail-%Y%m%d"
  	header = "%t"
  	permissions = 384
  	dir_permissions = 493
  	locking = no
  	log_packet_header = no
  }
  # Instantiating module "detail" from file /etc/freeradius/mods-enabled/detail
  detail {
  	filename = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
  	header = "%t"
  	permissions = 384
  	dir_permissions = 493
  	locking = no
  	log_packet_header = no
  }
  # Loaded module rlm_radutmp
  # Instantiating module "sradutmp" from file /etc/freeradius/mods-enabled/sradutmp
  radutmp sradutmp {
  	filename = "/var/log/freeradius/sradutmp"
  	username = "%{User-Name}"
  	case_sensitive = yes
  	check_with_nas = yes
  	permissions = 420
  	caller_id = no
  }
  # Loaded module rlm_expiration
  # Instantiating module "expiration" from file /etc/freeradius/mods-enabled/expiration
  # Loaded module rlm_preprocess
  # Instantiating module "preprocess" from file /etc/freeradius/mods-enabled/preprocess
  preprocess {
  	huntgroups = "/etc/freeradius/mods-config/preprocess/huntgroups"
  	hints = "/etc/freeradius/mods-config/preprocess/hints"
  	with_ascend_hack = no
  	ascend_channels_per_line = 23
  	with_ntdomain_hack = no
  	with_specialix_jetstream_hack = no
  	with_cisco_vsa_hack = no
  	with_alvarion_vsa_hack = no
  }
reading pairlist file /etc/freeradius/mods-config/preprocess/huntgroups
reading pairlist file /etc/freeradius/mods-config/preprocess/hints
  # Loaded module rlm_logintime
  # Instantiating module "logintime" from file /etc/freeradius/mods-enabled/logintime
  logintime {
  	minimum_timeout = 60
  }
  # Loaded module rlm_soh
  # Instantiating module "soh" from file /etc/freeradius/mods-enabled/soh
  soh {
  	dhcp = yes
  }
  # Loaded module rlm_dhcp
  # Instantiating module "dhcp" from file /etc/freeradius/mods-enabled/dhcp
  # Instantiating module "radutmp" from file /etc/freeradius/mods-enabled/radutmp
  radutmp {
  	filename = "/var/log/freeradius/radutmp"
  	username = "%{User-Name}"
  	case_sensitive = yes
  	check_with_nas = yes
  	permissions = 384
  	caller_id = yes
  }
  # Loaded module rlm_digest
  # Instantiating module "digest" from file /etc/freeradius/mods-enabled/digest
  # Loaded module rlm_exec
  # Instantiating module "exec" from file /etc/freeradius/mods-enabled/exec
  exec {
  	wait = no
  	input_pairs = "request"
  	shell_escape = yes
  	timeout = 10
  }
  # Instantiating module "echo" from file /etc/freeradius/mods-enabled/echo
  exec echo {
  	wait = yes
  	program = "/bin/echo %{User-Name}"
  	input_pairs = "request"
  	output_pairs = "reply"
  	shell_escape = yes
  }
  # Loaded module rlm_replicate
  # Instantiating module "replicate" from file /etc/freeradius/mods-enabled/replicate
  # Loaded module rlm_cache
  # Instantiating module "cache_eap" from file /etc/freeradius/mods-enabled/cache_eap
  cache cache_eap {
  	key = "%{%{control:State}:-%{%{reply:State}:-%{State}}}"
  	ttl = 15
  	max_entries = 16384
  	epoch = 0
  	add_stats = no
  }
  # Loaded module rlm_linelog
  # Instantiating module "linelog" from file /etc/freeradius/mods-enabled/linelog
  linelog {
  	filename = "/var/log/freeradius/linelog"
  	permissions = 384
  	format = "This is a log message for %{User-Name}"
  	reference = "%{%{Packet-Type}:-format}"
  }
  # Loaded module rlm_utf8
  # Instantiating module "utf8" from file /etc/freeradius/mods-enabled/utf8
  # Loaded module rlm_attr_filter
  # Instantiating module "attr_filter.post-proxy" from file /etc/freeradius/mods-enabled/attr_filter
  attr_filter attr_filter.post-proxy {
  	filename = "/etc/freeradius/mods-config/attr_filter/post-proxy"
  	key = "%{Realm}"
  	relaxed = no
  }
reading pairlist file /etc/freeradius/mods-config/attr_filter/post-proxy
  # Instantiating module "attr_filter.pre-proxy" from file /etc/freeradius/mods-enabled/attr_filter
  attr_filter attr_filter.pre-proxy {
  	filename = "/etc/freeradius/mods-config/attr_filter/pre-proxy"
  	key = "%{Realm}"
  	relaxed = no
  }
reading pairlist file /etc/freeradius/mods-config/attr_filter/pre-proxy
  # Instantiating module "attr_filter.access_reject" from file /etc/freeradius/mods-enabled/attr_filter
  attr_filter attr_filter.access_reject {
  	filename = "/etc/freeradius/mods-config/attr_filter/access_reject"
  	key = "%{User-Name}"
  	relaxed = no
  }
reading pairlist file /etc/freeradius/mods-config/attr_filter/access_reject
  # Instantiating module "attr_filter.access_challenge" from file /etc/freeradius/mods-enabled/attr_filter
  attr_filter attr_filter.access_challenge {
  	filename = "/etc/freeradius/mods-config/attr_filter/access_challenge"
  	key = "%{User-Name}"
  	relaxed = no
  }
reading pairlist file /etc/freeradius/mods-config/attr_filter/access_challenge
  # Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/mods-enabled/attr_filter
  attr_filter attr_filter.accounting_response {
  	filename = "/etc/freeradius/mods-config/attr_filter/accounting_response"
  	key = "%{User-Name}"
  	relaxed = no
  }
reading pairlist file /etc/freeradius/mods-config/attr_filter/accounting_response
  # Loaded module rlm_chap
  # Instantiating module "chap" from file /etc/freeradius/mods-enabled/chap
  # Loaded module rlm_realm
  # Instantiating module "IPASS" from file /etc/freeradius/mods-enabled/realm
  realm IPASS {
  	format = "prefix"
  	delimiter = "/"
  	ignore_default = no
  	ignore_null = no
  }
  # Instantiating module "suffix" from file /etc/freeradius/mods-enabled/realm
  realm suffix {
  	format = "suffix"
  	delimiter = "@"
  	ignore_default = no
  	ignore_null = no
  }
  # Instantiating module "realmpercent" from file /etc/freeradius/mods-enabled/realm
  realm realmpercent {
  	format = "suffix"
  	delimiter = "%"
  	ignore_default = no
  	ignore_null = no
  }
  # Instantiating module "ntdomain" from file /etc/freeradius/mods-enabled/realm
  realm ntdomain {
  	format = "prefix"
  	delimiter = "\"
  	ignore_default = no
  	ignore_null = no
  }
  # Loaded module rlm_passwd
  # Instantiating module "etc_passwd" from file /etc/freeradius/mods-enabled/passwd
  passwd etc_passwd {
  	filename = "/etc/passwd"
  	format = "*User-Name:Crypt-Password:"
  	delimiter = ":"
  	ignore_nislike = no
  	ignore_empty = yes
  	allow_multiple_keys = no
  	hash_size = 100
  }
rlm_passwd: nfields: 3 keyfield 0(User-Name) listable: no
  # Instantiating module "ntlm_auth" from file /etc/freeradius/mods-enabled/ntlm_auth
  exec ntlm_auth {
  	wait = yes
  	program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN --username=%{mschap:User-Name} --password=%{User-Password}"
  	shell_escape = yes
  }
  # Loaded module rlm_sql
  # Instantiating module "sql" from file /etc/freeradius/mods-enabled/sql
  sql {
  	driver = "rlm_sql_mysql"
  	server = "localhost"
  	port = "3306"
  	login = "radius"
  	password = "fheman"
  	radius_db = "radius"
  	read_groups = yes
  	read_clients = yes
  	delete_stale_sessions = yes
  	sql_user_name = "%{User-Name}"
  	default_user_profile = ""
  	client_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"
  	authorize_check_query = "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id"
  	authorize_reply_query = "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id"
  	authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id"
  	authorize_group_reply_query = "SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id"
  	group_membership_query = "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority"
  	simul_count_query = "SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"
  	simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"
  	safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
  }
   accounting {
   	reference = "%{tolower:type.%{Acct-Status-Type}.query}"
   }
   post-auth {
   	reference = ".query"
   }
   mysql {
    tls {
    }
   }
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to database "radius"
rlm_sql (sql): Initialising connection pool
   pool {
   	start = 5
   	min = 4
   	max = 10
   	spare = 3
   	uses = 0
   	lifetime = 0
   	cleanup_delay = 5
   	idle_timeout = 60
   	spread = no
   }
rlm_sql (sql): Opening additional connection (0)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Opening additional connection (1)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Opening additional connection (2)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Opening additional connection (3)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Opening additional connection (4)
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql (sql): Processing generate_sql_clients
rlm_sql (sql) in generate_sql_clients: query is SELECT id, nasname, shortname, type, secret, server FROM nas
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'SELECT id, nasname, shortname, type, secret, server FROM nas'
rlm_sql (sql): Adding client 192.1 (adfa) to global clients list
rlm_sql (192.0.0.1): Client "adfa" (sql) added
rlm_sql (sql): Released connection (4)
  # Instantiating module "dailycounter" from file /etc/freeradius/mods-enabled/sqlcounter
  sqlcounter dailycounter {
  	sql_module_instance = "sql"
  	key = "User-Name"
  	query = "SELECT IFNULL(TIME_TO_SEC(TIMEDIFF(NOW(), MIN(AcctStartTime))),0) FROM `radacct` WHERE UserName='%{User-Name}' ORDER BY AcctStartTime LIMIT 1;"
  	reset = "daily"
  	counter_name = "Daily-Session-Time"
  	check_name = "Max-Daily-Session"
  	reply_name = "Session-Timeout"
  }
rlm_sqlcounter: Current Time: 1400760566 [2014-05-22 20:09:26], Next reset 1400774400 [2014-05-23 00:00:00]
rlm_sqlcounter: Current Time: 1400760566 [2014-05-22 20:09:26], Prev reset 1400688000 [2014-05-22 00:00:00]
  # Loaded module rlm_pap
  # Instantiating module "pap" from file /etc/freeradius/mods-enabled/pap
  pap {
  	auto_header = yes
  	normalise = yes
  }
  # Loaded module rlm_perl
  # Instantiating module "perl" from file /etc/freeradius/mods-enabled/perl
  perl {
  	filename = "/etc/freeradius/mods-config/perl/example.pl"
  	func_authorize = "authorize"
  	func_authenticate = "authenticate"
  	func_post_auth = "post_auth"
  	func_accounting = "accounting"
  	func_preacct = "preacct"
  	func_checksimul = "checksimul"
  	func_detach = "detach"
  	func_xlat = "xlat"
  	func_pre_proxy = "pre_proxy"
  	func_post_proxy = "post_proxy"
  	func_recv_coa = "recv_coa"
  	func_send_coa = "send_coa"
  }
  # Loaded module rlm_files
  # Instantiating module "files" from file /etc/freeradius/mods-enabled/files
  files {
  	filename = "/etc/freeradius/mods-config/files/authorize"
  	usersfile = "/etc/freeradius/mods-config/files/authorize"
  	acctusersfile = "/etc/freeradius/mods-config/files/accounting"
  	preproxy_usersfile = "/etc/freeradius/mods-config/files/pre-proxy"
  	compat = "no"
  }
reading pairlist file /etc/freeradius/mods-config/files/authorize
reading pairlist file /etc/freeradius/mods-config/files/authorize
reading pairlist file /etc/freeradius/mods-config/files/accounting
reading pairlist file /etc/freeradius/mods-config/files/pre-proxy
  # Loaded module rlm_expr
  # Instantiating module "expr" from file /etc/freeradius/mods-enabled/expr
  expr {
  	safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
  }
  # Loaded module rlm_unix
  # Instantiating module "unix" from file /etc/freeradius/mods-enabled/unix
  unix {
  	radwtmp = "/var/log/freeradius/radwtmp"
  }
  # Loaded module rlm_mschap
  # Instantiating module "mschap" from file /etc/freeradius/mods-enabled/mschap
  mschap {
  	use_mppe = yes
  	require_encryption = no
  	require_strong = no
  	with_ntdomain_hack = yes
   passchange {
   }
  	allow_retry = yes
  }
 } # modules
radiusd: #### Loading Virtual Servers ####
server { # from file /etc/freeradius/radiusd.conf
} # server
server coa { # from file /etc/freeradius/sites-enabled/coa
 # Loading recv-coa {...}
 # Loading send-coa {...}
} # server coa
server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
 # Loading authenticate {...}
 # Loading authorize {...}
WARNING: Ignoring "ldap" (see raddb/mods-available/README.rst)
 # Loading session {...}
 # Loading post-proxy {...}
 # Loading post-auth {...}
} # server inner-tunnel
server default { # from file /etc/freeradius/sites-enabled/default
 # Creating Auth-Type = digest
 # Loading authenticate {...}
 # Loading authorize {...}
 # Loading preacct {...}
 # Loading virtual module acct_unique
 # Loading accounting {...}
 # Loading session {...}
 # Loading post-proxy {...}
 # Loading post-auth {...}
 # Loading virtual module remove_reply_message_if_eap
 # Loading virtual module remove_reply_message_if_eap
} # server default
radiusd: #### Opening IP addresses and Ports ####
listen {
 	type = "coa"
 	server = "coa"
 	ipaddr = *
 	port = 3799
}
listen {
  	type = "auth"
  	ipaddr = 127.0.0.1
  	port = 18120
}
listen {
  	type = "auth"
  	ipaddr = *
  	port = 135
   limit {
   	max_connections = 16
   	lifetime = 0
   	idle_timeout = 30
   }
}
listen {
  	type = "acct"
  	ipaddr = *
  	port = 139
   limit {
   	max_connections = 16
   	lifetime = 0
   	idle_timeout = 30
   }
}
Listening on coa address * port 3799 as server coa
Listening on auth address 127.0.0.1 port 18120 as server inner-tunnel
Listening on auth address * port 135 as server default
Listening on acct address * port 139 as server default
Ready to process requests.
rad_recv: Access-Request packet from host 27.33.228.125 port 44994, id=185, length=208
	Service-Type = Framed-User
	Framed-MTU = 1400
	User-Name = 'bob'
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
	Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
	EAP-Message = 0x0200000801626f62
	Message-Authenticator = 0xa38ab6388cd8e705c5d68cda4f72c469
	NAS-Identifier = 'MikroTik'
	NAS-IP-Address = 27.33.228.125
(0) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(0)   authorize {
(0)   ? if (User-Name)
(0)   ? if (User-Name) -> TRUE
(0)   if (User-Name) {
(0) 	expand: "%{User-Name}" -> 'bob'
(0) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(0) SQL query affected no rows
rlm_sql (sql): Released connection (4)
rlm_sql (sql): Closing connection (0): Too many free connections (5 > 3)
rlm_sql_mysql: Socket destructor called, closing socket
(0) 	expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(0)   } # if (User-Name) = notfound
(0)   [preprocess] = ok
(0)   [chap] = noop
(0)   [mschap] = noop
(0) eap : EAP packet type response id 0 length 8
(0) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(0)   [eap] = ok
(0)  } #  authorize = ok
(0) Found Auth-Type = EAP
(0) # Executing group from file /etc/freeradius/sites-enabled/default
(0)   authenticate {
(0) eap : Peer sent Identity (1)
(0) eap : Calling eap_md5 to process EAP data
rlm_eap_md5: Issuing Challenge
(0) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e81bb6ebf
(0)   [eap] = handled
(0)  } #  authenticate = handled
Sending Access-Challenge of id 185 from 10.1.1.2 port 135 to 27.33.228.125 port 44994
	EAP-Message = 0x010100160410386b349f3aaaa37037c92729bc97dce3
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0x81ba6a5e81bb6ebfba73ebc70ca94f60
(0) Finished request 0.
Waking up in 0.3 seconds.
rad_recv: Access-Request packet from host 27.33.228.125 port 55150, id=186, length=224
	Service-Type = Framed-User
	Framed-MTU = 1400
	User-Name = 'bob'
	State = 0x81ba6a5e81bb6ebfba73ebc70ca94f60
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
	Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
	EAP-Message = 0x020100060315
	Message-Authenticator = 0xfb2ac4e3ab7aae1f8142af01fc0f5667
	NAS-Identifier = 'MikroTik'
	NAS-IP-Address = 27.33.228.125
(1) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(1)   authorize {
(1)   ? if (User-Name)
(1)   ? if (User-Name) -> TRUE
(1)   if (User-Name) {
(1) 	expand: "%{User-Name}" -> 'bob'
(1) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(1) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(1) 	expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(1)   } # if (User-Name) = notfound
(1)   [preprocess] = ok
(1)   [chap] = noop
(1)   [mschap] = noop
(1) eap : EAP packet type response id 1 length 6
(1) eap : No EAP Start, assuming it's an on-going EAP conversation
(1)   [eap] = updated
(1)   [files] = noop
(1) sql : 	expand: "%{User-Name}" -> 'bob'
(1) sql : SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
(1) sql : 	expand: "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bob' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bob' ORDER BY id'
(1) sql : User found in radcheck table
(1) sql : Check items matched
(1) sql : 	expand: "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bob' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bob' ORDER BY id'
(1) sql : User found in radreply table
(1) sql : 	expand: "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority" -> 'SELECT groupname FROM radusergroup WHERE username = 'bob' ORDER BY priority'
rlm_sql (sql): Executing query: 'SELECT groupname FROM radusergroup WHERE username = 'bob' ORDER BY priority'
rlm_sql (sql): Released connection (4)
(1)   [-sql] = ok
(1)   [expiration] = noop
(1)   [logintime] = noop
(1) WARNING: pap : Auth-Type already set.  Not setting to PAP
(1)   [pap] = noop
(1) monthlycounter : Entering module authorize code
(1) monthlycounter : Could not find Check item value pair
(1)   [monthlycounter] = noop
(1)  } #  authorize = updated
(1) Found Auth-Type = EAP
(1) # Executing group from file /etc/freeradius/sites-enabled/default
(1)   authenticate {
(1) eap : Expiring EAP session with state 0x81ba6a5e81bb6ebf
(1) eap : Finished EAP session with state 0x81ba6a5e81bb6ebf
(1) eap : Previous EAP request found for state 0x81ba6a5e81bb6ebf, released from the list
(1) eap : Peer sent NAK (3)
(1) eap : Found mutually acceptable type TTLS (21)
(1) eap : Calling eap_ttls to process EAP data
(1) eap_ttls : Flushing SSL sessions (of #0)
(1) eap_ttls : Initiate
(1) eap_ttls : Start returned 1
(1) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e80b87fbf
(1)   [eap] = handled
(1)  } #  authenticate = handled
Sending Access-Challenge of id 186 from 10.1.1.2 port 135 to 27.33.228.125 port 55150
	Mikrotik-Recv-Limit = 2097152
	EAP-Message = 0x010200061520
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0x81ba6a5e80b87fbfba73ebc70ca94f60
(1) Finished request 1.
Waking up in 0.2 seconds.
rad_recv: Access-Request packet from host 27.33.228.125 port 35287, id=187, length=422
	Service-Type = Framed-User
	Framed-MTU = 1400
	User-Name = 'bob'
	State = 0x81ba6a5e80b87fbfba73ebc70ca94f60
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
	Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
	EAP-Message = 0x020200cc150016030100c1010000bd0301537de904c5fdc558e4509d95842d969bf50fe0b6042f6944dd63c98342bf30fa000054c014c00ac022c02100390038c00fc0050035c012c008c01cc01b00160013c00dc003000ac013c009c01fc01e00330032c00ec004002fc011c007c00cc002000500040015001200090014001100080006000300ff01000040000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f00100011
	Message-Authenticator = 0xc8ae4cda15c77a21410197b95922c790
	NAS-Identifier = 'MikroTik'
	NAS-IP-Address = 27.33.228.125
(2) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(2)   authorize {
(2)   ? if (User-Name)
(2)   ? if (User-Name) -> TRUE
(2)   if (User-Name) {
(2) 	expand: "%{User-Name}" -> 'bob'
(2) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(2) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(2) 	expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(2)   } # if (User-Name) = notfound
(2)   [preprocess] = ok
(2)   [chap] = noop
(2)   [mschap] = noop
(2) eap : EAP packet type response id 2 length 204
(2) eap : Continuing tunnel setup.
(2)   [eap] = ok
(2)  } #  authorize = ok
(2) Found Auth-Type = EAP
(2) # Executing group from file /etc/freeradius/sites-enabled/default
(2)   authenticate {
(2) eap : Expiring EAP session with state 0x81ba6a5e80b87fbf
(2) eap : Finished EAP session with state 0x81ba6a5e80b87fbf
(2) eap : Previous EAP request found for state 0x81ba6a5e80b87fbf, released from the list
(2) eap : Peer sent TTLS (21)
(2) eap : EAP TTLS (21)
(2) eap : Calling eap_ttls to process EAP data
(2) eap_ttls : Authenticate
(2) eap_ttls : processing EAP-TLS
(2) eap_ttls : eaptls_verify returned 7 
(2) eap_ttls : Done initial handshake
(2) eap_ttls :     (other): before/accept initialization
(2) eap_ttls :     TLS_accept: before/accept initialization
(2) eap_ttls : <<< TLS 1.0 Handshake [length 00c1], ClientHello  
(2) eap_ttls :     TLS_accept: SSLv3 read client hello A
(2) eap_ttls : >>> TLS 1.0 Handshake [length 0059], ServerHello  
(2) eap_ttls :     TLS_accept: SSLv3 write server hello A
(2) eap_ttls : >>> TLS 1.0 Handshake [length 08d0], Certificate  
(2) eap_ttls :     TLS_accept: SSLv3 write certificate A
(2) eap_ttls : >>> TLS 1.0 Handshake [length 014b], ServerKeyExchange  
(2) eap_ttls :     TLS_accept: SSLv3 write key exchange A
(2) eap_ttls : >>> TLS 1.0 Handshake [length 0004], ServerHelloDone  
(2) eap_ttls :     TLS_accept: SSLv3 write server done A
(2) eap_ttls :     TLS_accept: SSLv3 flush data
(2) eap_ttls :     TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase 
In SSL Accept mode  
(2) eap_ttls : eaptls_process returned 13 
(2) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e83b97fbf
(2)   [eap] = handled
(2)  } #  authenticate = handled
Sending Access-Challenge of id 187 from 10.1.1.2 port 135 to 27.33.228.125 port 35287
	EAP-Message = 
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0x81ba6a5e83b97fbfba73ebc70ca94f60
(2) Finished request 2.
Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host 27.33.228.125 port 41903, id=188, length=224
	Service-Type = Framed-User
	Framed-MTU = 1400
	User-Name = 'bob'
	State = 0x81ba6a5e83b97fbfba73ebc70ca94f60
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
	Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
	EAP-Message = 0x020300061500
	Message-Authenticator = 0x5a45ccbbcad2a5b1a4e35bde5428bbec
	NAS-Identifier = 'MikroTik'
	NAS-IP-Address = 27.33.228.125
(3) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(3)   authorize {
(3)   ? if (User-Name)
(3)   ? if (User-Name) -> TRUE
(3)   if (User-Name) {
(3) 	expand: "%{User-Name}" -> 'bob'
(3) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(3) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(3) 	expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(3)   } # if (User-Name) = notfound
(3)   [preprocess] = ok
(3)   [chap] = noop
(3)   [mschap] = noop
(3) eap : EAP packet type response id 3 length 6
(3) eap : Continuing tunnel setup.
(3)   [eap] = ok
(3)  } #  authorize = ok
(3) Found Auth-Type = EAP
(3) # Executing group from file /etc/freeradius/sites-enabled/default
(3)   authenticate {
(3) eap : Expiring EAP session with state 0x81ba6a5e83b97fbf
(3) eap : Finished EAP session with state 0x81ba6a5e83b97fbf
(3) eap : Previous EAP request found for state 0x81ba6a5e83b97fbf, released from the list
(3) eap : Peer sent TTLS (21)
(3) eap : EAP TTLS (21)
(3) eap : Calling eap_ttls to process EAP data
(3) eap_ttls : Authenticate
(3) eap_ttls : processing EAP-TLS
(3) eap_ttls : Received TLS ACK
(3) eap_ttls : Received TLS ACK
(3) eap_ttls : ACK handshake fragment handler
(3) eap_ttls : eaptls_verify returned 1 
(3) eap_ttls : eaptls_process returned 13 
(3) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e82be7fbf
(3)   [eap] = handled
(3)  } #  authenticate = handled
Sending Access-Challenge of id 188 from 10.1.1.2 port 135 to 27.33.228.125 port 41903
	EAP-Message = 
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0x81ba6a5e82be7fbfba73ebc70ca94f60
(3) Finished request 3.
rad_recv: Access-Request packet from host 27.33.228.125 port 40030, id=189, length=224
	Service-Type = Framed-User
	Framed-MTU = 1400
	User-Name = 'bob'
	State = 0x81ba6a5e82be7fbfba73ebc70ca94f60
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
	Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
	EAP-Message = 0x020400061500
	Message-Authenticator = 0xf2d412699a5d16f9db569e1f576bd61d
	NAS-Identifier = 'MikroTik'
	NAS-IP-Address = 27.33.228.125
(4) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(4)   authorize {
(4)   ? if (User-Name)
(4)   ? if (User-Name) -> TRUE
(4)   if (User-Name) {
(4) 	expand: "%{User-Name}" -> 'bob'
(4) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(4) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(4) 	expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(4)   } # if (User-Name) = notfound
(4)   [preprocess] = ok
(4)   [chap] = noop
(4)   [mschap] = noop
(4) eap : EAP packet type response id 4 length 6
(4) eap : Continuing tunnel setup.
(4)   [eap] = ok
(4)  } #  authorize = ok
(4) Found Auth-Type = EAP
(4) # Executing group from file /etc/freeradius/sites-enabled/default
(4)   authenticate {
(4) eap : Expiring EAP session with state 0x81ba6a5e82be7fbf
(4) eap : Finished EAP session with state 0x81ba6a5e82be7fbf
(4) eap : Previous EAP request found for state 0x81ba6a5e82be7fbf, released from the list
(4) eap : Peer sent TTLS (21)
(4) eap : EAP TTLS (21)
(4) eap : Calling eap_ttls to process EAP data
(4) eap_ttls : Authenticate
(4) eap_ttls : processing EAP-TLS
(4) eap_ttls : Received TLS ACK
(4) eap_ttls : Received TLS ACK
(4) eap_ttls : ACK handshake fragment handler
(4) eap_ttls : eaptls_verify returned 1 
(4) eap_ttls : eaptls_process returned 13 
(4) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e85bf7fbf
(4)   [eap] = handled
(4)  } #  authenticate = handled
Sending Access-Challenge of id 189 from 10.1.1.2 port 135 to 27.33.228.125 port 40030
	EAP-Message = 
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0x81ba6a5e85bf7fbfba73ebc70ca94f60
(4) Finished request 4.
rad_recv: Access-Request packet from host 27.33.228.125 port 53992, id=190, length=358
	Service-Type = Framed-User
	Framed-MTU = 1400
	User-Name = 'bob'
	State = 0x81ba6a5e85bf7fbfba73ebc70ca94f60
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
	Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
	EAP-Message = 0x0205008c15001603010046100000424104309535fb07e2701a66c4ce6bc6895a5ae629aeff3e6a4a459b57d3da847ff7d2e7ff0a675586bd5c0f22a8cde2cb06d29476b8d95a3028528a636853ff1db052140301000101160301003002913ad92cb4936b9d161e38f7fb9eadaa2ee5608a240ad495666a8f90a750fbed5d89f5719d2d8fb6856a5e1d542e6b
	Message-Authenticator = 0x5869e26b8b33cb85f5fdc956d55aeaed
	NAS-Identifier = 'MikroTik'
	NAS-IP-Address = 27.33.228.125
(5) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(5)   authorize {
(5)   ? if (User-Name)
(5)   ? if (User-Name) -> TRUE
(5)   if (User-Name) {
(5) 	expand: "%{User-Name}" -> 'bob'
(5) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(5) SQL query affected no rows
rlm_sql (sql): Released connection (4)
rlm_sql (sql): Closing connection (1): Too many free connections (4 > 3)
rlm_sql_mysql: Socket destructor called, closing socket
(5) 	expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(5)   } # if (User-Name) = notfound
(5)   [preprocess] = ok
(5)   [chap] = noop
(5)   [mschap] = noop
(5) eap : EAP packet type response id 5 length 140
(5) eap : Continuing tunnel setup.
(5)   [eap] = ok
(5)  } #  authorize = ok
(5) Found Auth-Type = EAP
(5) # Executing group from file /etc/freeradius/sites-enabled/default
(5)   authenticate {
(5) eap : Expiring EAP session with state 0x81ba6a5e85bf7fbf
(5) eap : Finished EAP session with state 0x81ba6a5e85bf7fbf
(5) eap : Previous EAP request found for state 0x81ba6a5e85bf7fbf, released from the list
(5) eap : Peer sent TTLS (21)
(5) eap : EAP TTLS (21)
(5) eap : Calling eap_ttls to process EAP data
(5) eap_ttls : Authenticate
(5) eap_ttls : processing EAP-TLS
(5) eap_ttls : eaptls_verify returned 7 
(5) eap_ttls : Done initial handshake
(5) eap_ttls : <<< TLS 1.0 Handshake [length 0046], ClientKeyExchange  
(5) eap_ttls :     TLS_accept: SSLv3 read client key exchange A
(5) eap_ttls : <<< TLS 1.0 ChangeCipherSpec [length 0001]  
(5) eap_ttls : <<< TLS 1.0 Handshake [length 0010], Finished  
(5) eap_ttls :     TLS_accept: SSLv3 read finished A
(5) eap_ttls : >>> TLS 1.0 ChangeCipherSpec [length 0001]  
(5) eap_ttls :     TLS_accept: SSLv3 write change cipher spec A
(5) eap_ttls : >>> TLS 1.0 Handshake [length 0010], Finished  
(5) eap_ttls :     TLS_accept: SSLv3 write finished A
(5) eap_ttls :     TLS_accept: SSLv3 flush data
  SSL: adding session 7baa9025a99eba7e87a2af6a9333a1f09414b6a5afb49019e841afcf329d5a65 to cache
(5) eap_ttls :     (other): SSL negotiation finished successfully
SSL Connection Established 
(5) eap_ttls : eaptls_process returned 13 
(5) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e84bc7fbf
(5)   [eap] = handled
(5)  } #  authenticate = handled
Sending Access-Challenge of id 190 from 10.1.1.2 port 135 to 27.33.228.125 port 53992
	EAP-Message = 0x0106004515800000003b14030100010116030100308286b9eb3241f2ceedaf57e5e0d9352c9a41818de47fe3e583b5252798757eca3c13b3d30950cb5cb96d8fa19d33f8c5
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0x81ba6a5e84bc7fbfba73ebc70ca94f60
(5) Finished request 5.
rad_recv: Access-Request packet from host 27.33.228.125 port 52005, id=191, length=314
	Service-Type = Framed-User
	Framed-MTU = 1400
	User-Name = 'bob'
	State = 0x81ba6a5e84bc7fbfba73ebc70ca94f60
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
	Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
	EAP-Message = 0x020600601500170301002083576086deddfaca1b563c1c3f0876f9553109cc75d0a1f13a613435e6f3b7da170301003005a005115d0753845ca4f6596d0d094a1e35423a0985ff684ef4a49d3953c393a7ab417da2df7474972295365a0c69b4
	Message-Authenticator = 0xbed74c79231cae37271e75206659bb03
	NAS-Identifier = 'MikroTik'
	NAS-IP-Address = 27.33.228.125
(6) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(6)   authorize {
(6)   ? if (User-Name)
(6)   ? if (User-Name) -> TRUE
(6)   if (User-Name) {
(6) 	expand: "%{User-Name}" -> 'bob'
(6) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(6) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(6) 	expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(6)   } # if (User-Name) = notfound
(6)   [preprocess] = ok
(6)   [chap] = noop
(6)   [mschap] = noop
(6) eap : EAP packet type response id 6 length 96
(6) eap : Continuing tunnel setup.
(6)   [eap] = ok
(6)  } #  authorize = ok
(6) Found Auth-Type = EAP
(6) # Executing group from file /etc/freeradius/sites-enabled/default
(6)   authenticate {
(6) eap : Expiring EAP session with state 0x81ba6a5e84bc7fbf
(6) eap : Finished EAP session with state 0x81ba6a5e84bc7fbf
(6) eap : Previous EAP request found for state 0x81ba6a5e84bc7fbf, released from the list
(6) eap : Peer sent TTLS (21)
(6) eap : EAP TTLS (21)
(6) eap : Calling eap_ttls to process EAP data
(6) eap_ttls : Authenticate
(6) eap_ttls : processing EAP-TLS
(6) eap_ttls : eaptls_verify returned 7 
(6) eap_ttls : Done initial handshake
(6) eap_ttls : eaptls_process returned 7 
(6) eap_ttls : Session established.  Proceeding to decode tunneled attributes.
(6) eap_ttls : Got tunneled request
	EAP-Message = 0x0200000801626f62
(6) eap_ttls : Got tunneled identity of bob
(6) eap_ttls : Setting default EAP type for tunneled EAP session.
(6) eap_ttls : Sending tunneled request
	EAP-Message = 0x0200000801626f62
	User-Name = 'bob'
server inner-tunnel {
(6) # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
(6)   authorize {
(6)   [chap] = noop
(6)   [mschap] = noop
(6) suffix : No '@' in User-Name = "bob", looking up realm NULL
(6) suffix : No such realm "NULL"
(6)   [suffix] = noop
(6)   update control {
(6) 		Proxy-To-Realm := 'LOCAL'
(6)   } # update control = noop
(6) eap : EAP packet type response id 0 length 8
(6) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(6)   [eap] = ok
(6)  } #  authorize = ok
(6) Found Auth-Type = EAP
(6) # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
(6)   authenticate {
(6) eap : Peer sent Identity (1)
(6) eap : Calling eap_md5 to process EAP data
rlm_eap_md5: Issuing Challenge
(6) eap : New EAP session, adding 'State' attribute to reply 0x91c3310d91c235d5
(6)   [eap] = handled
(6)  } #  authenticate = handled
} # server inner-tunnel
(6) eap_ttls : Got tunneled reply code 11
	EAP-Message = 0x01010016041020c353d04d0d37820d08116da77ee9c8
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0x91c3310d91c235d51e9e39fe7055ddc3
(6) eap_ttls : Got tunneled Access-Challenge
(6) eap : New EAP session, adding 'State' attribute to reply 0x81ba6a5e87bd7fbf
(6)   [eap] = handled
(6)  } #  authenticate = handled
Sending Access-Challenge of id 191 from 10.1.1.2 port 135 to 27.33.228.125 port 52005
	EAP-Message = 0x0107004f1580000000451703010040e9ee198cd6ef3134ed9dd4fbcc65449820abdb26cd5ad04045540efefdaea4eadaa13888e5167ce712a48ecd565f827ec2835d4d69b33ab6411ceeaae13b142f
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0x81ba6a5e87bd7fbfba73ebc70ca94f60
(6) Finished request 6.
Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host 27.33.228.125 port 45471, id=192, length=330
	Service-Type = Framed-User
	Framed-MTU = 1400
	User-Name = 'bob'
	State = 0x81ba6a5e87bd7fbfba73ebc70ca94f60
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Calling-Station-Id = 'D0-22-BE-BA-2A-1E'
	Called-Station-Id = '02-0C-42-B7-A9-5E:HOME'
	EAP-Message = 0x0207007015001703010020945e0c05304ec2d9b78e1625adca3bbf681d5ff4c828a24d8f90b09abe2cf9cb1703010040f1ab59c3fbf2dd63cb79eba14cbbe7ac793e624459900409c75b50a237722e302e3d78ef0b8e9e51dae66bc5fd5a4f2858e848063f2f1cbc1b4b44cba37466d4
	Message-Authenticator = 0xf56870dbccbc928b277cfb6a6102c37d
	NAS-Identifier = 'MikroTik'
	NAS-IP-Address = 27.33.228.125
(7) # Executing section authorize from file /etc/freeradius/sites-enabled/default
(7)   authorize {
(7)   ? if (User-Name)
(7)   ? if (User-Name) -> TRUE
(7)   if (User-Name) {
(7) 	expand: "%{User-Name}" -> 'bob'
(7) SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='bob' and CallingStationId='D0-22-BE-BA-2A-1E' and AcctStopTime is null'
(7) SQL query affected no rows
rlm_sql (sql): Released connection (4)
(7) 	expand: "%{sql:UPDATE radacct set AcctStopTime=ADDDATE(AcctStartTime,INTERVAL AcctSessionTime SECOND), AcctTerminateCause='Clear-Stale Session' WHERE UserName='%{User-Name}' and CallingStationId='%{Calling-Station-Id}' and AcctStopTime is null}" -> ''
(7)   } # if (User-Name) = notfound
(7)   [preprocess] = ok
(7)   [chap] = noop
(7)   [mschap] = noop
(7) eap : EAP packet type response id 7 length 112
(7) eap : Continuing tunnel setup.
(7)   [eap] = ok
(7)  } #  authorize = ok
(7) Found Auth-Type = EAP
(7) # Executing group from file /etc/freeradius/sites-enabled/default
(7)   authenticate {
(7) eap : Expiring EAP session with state 0x91c3310d91c235d5
(7) eap : Finished EAP session with state 0x81ba6a5e87bd7fbf
(7) eap : Previous EAP request found for state 0x81ba6a5e87bd7fbf, released from the list
(7) eap : Peer sent TTLS (21)
(7) eap : EAP TTLS (21)
(7) eap : Calling eap_ttls to process EAP data
(7) eap_ttls : Authenticate
(7) eap_ttls : processing EAP-TLS
(7) eap_ttls : eaptls_verify returned 7 
(7) eap_ttls : Done initial handshake
(7) eap_ttls : eaptls_process returned 7 
(7) eap_ttls : Session established.  Proceeding to decode tunneled attributes.
(7) eap_ttls : Got tunneled request
	EAP-Message = 0x0201001604108fb92000173750bfa8c06171db316ce4
(7) eap_ttls : Sending tunneled request
	EAP-Message = 0x0201001604108fb92000173750bfa8c06171db316ce4
	User-Name = 'bob'
	State = 0x91c3310d91c235d51e9e39fe7055ddc3
server inner-tunnel {
(7) # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
(7)   authorize {
(7)   [chap] = noop
(7)   [mschap] = noop
(7) suffix : No '@' in User-Name = "bob", looking up realm NULL
(7) suffix : No such realm "NULL"
(7)   [suffix] = noop
(7)   update control {
(7) 		Proxy-To-Realm := 'LOCAL'
(7)   } # update control = noop
(7) eap : EAP packet type response id 1 length 22
(7) eap : No EAP Start, assuming it's an on-going EAP conversation
(7)   [eap] = updated
(7)   [files] = noop
(7) sql : 	expand: "%{User-Name}" -> 'bob'
(7) sql : SQL-User-Name set to 'bob'
rlm_sql (sql): Reserved connection (4)
(7) sql : 	expand: "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bob' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'bob' ORDER BY id'
(7) sql : User found in radcheck table
(7) sql : Check items matched
(7) sql : 	expand: "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bob' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'bob' ORDER BY id'
(7) sql : User found in radreply table
(7) sql : 	expand: "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority" -> 'SELECT groupname FROM radusergroup WHERE username = 'bob' ORDER BY priority'
rlm_sql (sql): Executing query: 'SELECT groupname FROM radusergroup WHERE username = 'bob' ORDER BY priority'
rlm_sql (sql): Released connection (4)
(7)   [-sql] = ok
(7)   [expiration] = noop
(7)   [logintime] = noop
(7) WARNING: pap : Auth-Type already set.  Not setting to PAP
(7)   [pap] = noop
(7)  } #  authorize = updated
(7) Found Auth-Type = EAP
(7) # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel
(7)   authenticate {
(7) eap : Expiring EAP session with state 0x91c3310d91c235d5
(7) eap : Finished EAP session with state 0x91c3310d91c235d5
(7) eap : Previous EAP request found for state 0x91c3310d91c235d5, released from the list
(7) eap : Peer sent MD5 (4)
(7) eap : EAP MD5 (4)
(7) eap : Calling eap_md5 to process EAP data
(7) eap : Freeing handler
(7)   [eap] = ok
(7)  } #  authenticate = ok
(7) # Executing section post-auth from file /etc/freeradius/sites-enabled/inner-tunnel
(7)   post-auth {
(7) sql : 	expand: ".query" -> '.query'
(7) sql : Using query template 'query'
rlm_sql (sql): Reserved connection (4)
(7) sql : 	expand: "%{User-Name}" -> 'bob'
(7) sql : SQL-User-Name set to 'bob'
(7) sql : 	expand: "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')" -> 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'bob', '', 'Access-Accept', '2014-05-22 20:09:41')'
rlm_sql (sql): Executing query: 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'bob', '', 'Access-Accept', '2014-05-22 20:09:41')'
rlm_sql (sql): Released connection (4)
(7)   [-sql] = ok
(7)  } #  post-auth = ok
} # server inner-tunnel
(7) eap_ttls : Got tunneled reply code 2
	Mikrotik-Recv-Limit = 2097152
	EAP-Message = 0x03010004
	Message-Authenticator = 0x00000000000000000000000000000000
	User-Name = 'bob'
(7) eap_ttls : Got tunneled Access-Accept
(7) eap_ttls : Saving session 7baa9025a99eba7e87a2af6a9333a1f09414b6a5afb49019e841afcf329d5a65 vps 0x14e9fc0 in the cache
(7) eap : Freeing handler
rlm_eap_ttls: Freeing handler for user bob
(7)   [eap] = ok
(7)  } #  authenticate = ok
(7) # Executing section post-auth from file /etc/freeradius/sites-enabled/default
(7)   post-auth {
(7) sql : 	expand: ".query" -> '.query'
(7) sql : Using query template 'query'
rlm_sql (sql): Reserved connection (4)
(7) sql : 	expand: "%{User-Name}" -> 'bob'
(7) sql : SQL-User-Name set to 'bob'
(7) sql : 	expand: "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')" -> 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'bob', '', 'Access-Accept', '2014-05-22 20:09:41')'
rlm_sql (sql): Executing query: 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'bob', '', 'Access-Accept', '2014-05-22 20:09:41')'
rlm_sql (sql): Released connection (4)
(7)   [-sql] = ok
(7)   [exec] = noop
(7)   remove_reply_message_if_eap remove_reply_message_if_eap {
(7)    ? if (reply:EAP-Message && reply:Reply-Message) 
(7)    ? if (reply:EAP-Message && reply:Reply-Message)  -> FALSE
(7)    else else {
(7)     [noop] = noop
(7)    } # else else = noop
(7)   } # remove_reply_message_if_eap remove_reply_message_if_eap = noop
(7)  } #  post-auth = ok
Sending Access-Accept of id 192 from 10.1.1.2 port 135 to 27.33.228.125 port 45471
	Mikrotik-Recv-Limit = 2097152
	Message-Authenticator = 0x00000000000000000000000000000000
	User-Name = 'bob'
	MS-MPPE-Recv-Key = 0xc394df7a88fe7b8afc3a868eea55c48693a0468edc98419da0152a1f80f504db
	MS-MPPE-Send-Key = 0xaf69e4399414cb5e73a1191cfd7711bed30f6c8eaa29f3a036e4bd151a000c81
	EAP-Message = 0x03070004
(7) Finished request 7.
Waking up in 0.1 seconds.
rad_recv: Accounting-Request packet from host 27.33.228.125 port 34350, id=193, length=149
	Service-Type = Framed-User
	NAS-Port-Id = 'wlan4'
	NAS-Port-Type = Wireless-802.11
	User-Name = 'bob'
	Acct-Session-Id = '8280001c'
	Acct-Multi-Session-Id = '02-0C-42-B7-A9-5E-D0-22-BE-BA-2A-1E-82-80-00-00-00-00-00-1A'
	Acct-Authentic = RADIUS
	Acct-Status-Type = Start
	NAS-Identifier = 'MikroTik'
	Acct-Delay-Time = 0
	NAS-IP-Address = 27.33.228.125
(8) # Executing section preacct from file /etc/freeradius/sites-enabled/default
(8)   preacct {
(8)   [preprocess] = ok
(8)   acct_unique acct_unique {
(8)    ? if ("%{string:Class}" =~ /ai:([0-9a-f]{32})/i) 
(8) 	expand: "%{string:Class}" -> ''
(8)    ? if ("%{string:Class}" =~ /ai:([0-9a-f]{32})/i)  -> FALSE
(8)    else else {
(8)     update request {
(8) 	expand: "%{md5:%{User-Name},%{Acct-Session-ID},%{NAS-IP-Address},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}" -> 'a563b97a0bf65fc39a0509c43bbdb79a'
(8) 		Acct-Unique-Session-Id := "a563b97a0bf65fc39a0509c43bbdb79a"
(8)     } # update request = noop
(8)    } # else else = noop
(8)   } # acct_unique acct_unique = noop
(8) suffix : No '@' in User-Name = "bob", looking up realm NULL
(8) suffix : No such realm "NULL"
(8)   [suffix] = noop
(8)   [files] = noop
(8)  } #  preacct = ok
(8) # Executing section accounting from file /etc/freeradius/sites-enabled/default
(8)   accounting {
(8) detail : 	expand: "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d" -> '/var/log/freeradius/radacct/27.33.228.125/detail-20140522'
(8) detail : /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/27.33.228.125/detail-20140522
(8) detail : 	expand: "%t" -> 'Thu May 22 20:09:41 2014'
(8)   [detail] = ok
(8) sql : 	expand: "%{tolower:type.%{Acct-Status-Type}.query}" -> 'type.start.query'
(8) sql : Using query template 'query'
rlm_sql (sql): Reserved connection (4)
(8) sql : 	expand: "%{User-Name}" -> 'bob'
(8) sql : SQL-User-Name set to 'bob'
(8) sql : 	expand: "INSERT INTO radacct (acctsessionid,		acctuniqueid,		username, realm,			nasipaddress,		nasportid, nasporttype,		acctstarttime,		acctupdatetime, acctstoptime,		acctsessiontime, 	acctauthentic, connectinfo_start,	connectinfo_stop, 	acctinputoctets, acctoutputoctets,	calledstationid, 	callingstationid, acctterminatecause,	servicetype,		framedprotocol, framedipaddress) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', FROM_UNIXTIME(%{integer:Event-Timestamp}), FROM_UNIXTIME(%{integer:Event-Timestamp}), NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}')" -> 'INSERT INTO radacct (acctsessionid,		acctuniqueid,		username, realm,			nasipaddress,		nasportid, nasporttype,		acctstarttime,		acctupdatetime, acctstoptime,		acctsessiontime, 	acctauthentic, connectinfo_start,	connectinfo_stop, 	acctinputoctets, acctoutputoctets,	calledstationid, 	callingstationid, acctterminatecause,	servicetype,		framedprotocol, framedipaddress) VALUES ('8280001c', 'a563b97a0bf65fc39a0509c43bbdb79a', 'bob', '', '27.33.228.125', '', 'Wireless-802.11', FROM_UNIXTIME(1400760581), FROM_UNIXTIME(1400760581), NULL, '0', 'RADIUS', '', '', '0', '0', '', '', '', 'Framed-User', '', '')'
rlm_sql (sql): Executing query: 'INSERT INTO radacct (acctsessionid,		acctuniqueid,		username, realm,			nasipaddress,	nasportid, nasporttype,		acctstarttime,		acctupdatetime, acctstoptime,		acctsessiontime, 	acctauthentic, connectinfo_start,	connectinfo_stop, 	acctinputoctets, acctoutputoctets,	calledstationid, 	callingstationid, acctterminatecause,	servicetype,		framedprotocol, framedipaddress) VALUES ('8280001c', 'a563b97a0bf65fc39a0509c43bbdb79a', 'bob', '', '27.33.228.125', '', 'Wireless-802.11', FROM_UNIXTIME(1400760581), FROM_UNIXTIME(1400760581), NULL, '0', 'RADIUS', '', '', '0', '0', '', '', '', 'Framed-User', '', '')'
rlm_sql (sql): Released connection (4)
(8)   [-sql] = ok
(8)   [exec] = noop
(8) attr_filter.accounting_response : 	expand: "%{User-Name}" -> 'bob'
(8) attr_filter.accounting_response : Matched entry DEFAULT at line 12
(8)   [attr_filter.accounting_response] = updated
(8)  } #  accounting = updated
Sending Accounting-Response of id 193 from 10.1.1.2 port 139 to 27.33.228.125 port 34350
(8) Finished request 8.
Waking up in 0.1 seconds.
Waking up in 0.1 seconds.
(8) Cleaning up request packet ID 193 with timestamp +15
Waking up in 3.9 seconds.
(0) Cleaning up request packet ID 185 with timestamp +14
(1) Cleaning up request packet ID 186 with timestamp +14
(2) Cleaning up request packet ID 187 with timestamp +14
(3) Cleaning up request packet ID 188 with timestamp +14
Waking up in 0.1 seconds.
(4) Cleaning up request packet ID 189 with timestamp +14
Waking up in 0.1 seconds.
(5) Cleaning up request packet ID 190 with timestamp +15
(6) Cleaning up request packet ID 191 with timestamp +15
(7) Cleaning up request packet ID 192 with timestamp +15
Ready to process requests.


More information about the Freeradius-Users mailing list