Correlating request and accept/reject log?

jm+freeradiususer at jm+freeradiususer at
Fri Mar 31 17:17:18 CEST 2017

> If you know better than me, why are you asking questions on this list?

I'm sorry I did not realize there was a "new %n" and an "old %n" (duh). I
also didn't realize that there is a difference between a "request number"
and a "request ID". Well, now I do.

Please don't panic :)

> It requires you to read the documentation.

Ok, let me rephrase my query in a neutral manner. These are the
documentations that I am currently aware of:
* The comments in the config files (as they are included with our distro,
sometimes also a search at to be on the safe side)
* Searching the mailing list may also prove fruitful
* + unfinished docs at the bottom of

Would there be any other resources that you would add to the list?
BTW concerning the last two resources I mentioned, I'm not really sure if
it's official and/or up-to-date (well it should be since they are

> linelog

Thank you. I couldn't find anything appropriate at Well I could just
have looked in /etc/raddb/mods-available.

> And no, I'm not going to spoon-feed you to say how to add %n to the
linelog messages.  It should be pretty clear from the examples.

It is indeed.

> The virtual server doesn't have a "log" section.

Correct, I of course meant the main config in radiusd.conf :-[ But I guess
you know what I meant.

Let me provide an example how things are sometimes not clear, maybe you
can explain how you would have reasoned in this case in order to find the

As far as logging to SQL is concerned it is indeed not very difficult.
Here is what I did:
1) I installed the freeradius-server-mysql package (depends on your
distro, if you compile from source you probably have it out-of-the-box)
2) I then enabled the mysql module, so far so good
3) I inserted "sql" into the post-auth section of the virtual server (and
also the "Post-Auth REJECT" sub-section)
4) To start easily, I decided to have FreeRadius write the SQL queries to
a file, to that end I uncommented "logfile = ${logdir}/sqllog.sql" in
However, nothing got logged. It turned out you need to uncomment the
"logfile" entry in the post-auth{} section of

1) How did I find that out? Well, I saw
/etc/raddb/mods-config/sql/main/mysql/queries.conf being included at the
bottom of /etc/raddb/mods-enabled/sql. So I went there and saw that it
contained a post-auth{} section with a commented "logfile" entry that I
uncommented. At that point, I was guessing. That's why I'm asking how I
would have been supposed to find that solution.
2) I guess "logfile" from /etc/raddb/mods-enabled/sql then is only used
when not using rlm_sql_null? Indeed, it makes sense that you don't write
to disk twice, but c'mon ;-)

Please have mercy with the people that didn't actually code this software :)


More information about the Freeradius-Users mailing list