Logging
Matthew Newton
mcn4 at leicester.ac.uk
Fri Dec 18 16:22:32 CET 2015
On Fri, Dec 18, 2015 at 04:21:19PM +0200, Süleyman Düzdaban wrote:
> I have two linelog instances for access ("linelog") and accounting
> ("log_accounting"). I put the "linelog" in innert-tunnel's post-auth
> section instead of default for Access-Accept and Access-Reject with
> inner identity and it seems like that:/
OK
> As shown above, i can get the inner user identities but also i get
> multiple "Accept" lines for the same user after first login (15:26:58)
> although there is no attempt by the user for login.
> I see the same thing in the accounting log file too:
Well that looks like the user is connecting and disconnecting
several times, looking at "Connect" and "Disconnect".
> Why do i get that much lines even when there is no login-logout attempt
> by the user?
Sure about that? FreeRADIUS doesn't just randomly write log lines
when it gets bored...
I would start freeradius, e.g.
radiusd -X > /tmp/log
connect just that device and watch the logs for this to occur,
then kill off freeradius and look at the full debug output.
That will tell you what is actually happening. If you're still not
sure, send the full debug output here.
> There is another issue with accounting. I can get the inner user name
> sometimes (As shown above both files look like okay) but sometimes I can't.
...
> (13337) Received Accounting-Request Id 62 from 80.251.40.40:54942 to
> 80.251.40.8:1813 length 364
> (13337) Acct-Multi-Session-Id =
> "00-03-52-A6-A3-70-8C-00-6D-07-3B-9A-56-72-D1-E3-00-0E-DF-CA"
...
> (13337) User-Name = "16395905204 at realm-is-here"
...
> Above lines look like okay but then (at 17:26:20):
>
> (16180) Received Access-Request Id 135 from 80.251.40.40:54942 to
> 80.251.40.8:1812 length 368
...
> (16180) User-Name = "anonymous at realm-is-here"
...
Run in debug mode, look at the previous Access-Accept for that
session. The NAS should send the User-Name from the Access-Accept
in the accounting packet.
If it doesn't, there's not a lot you can do. Fix the NAS to send
the right information.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list