is there a way to identify the very first ACCESS-REQUEST

Michael Hocke mh103 at nyu.edu
Mon May 22 21:32:00 CEST 2017


> On May 22, 2017, at 2:20 PM, Matthew Newton <matthew at newtoncomputing.co.uk> wrote:
> 
> On Mon, May 22, 2017 at 01:04:59PM -0400, Michael Hocke wrote:
>> I want to improve our logging and want to keep track of
>> authentication attempts that do not complete. I was thinking of
>> logging the very first ACCESS-REQUEST and then later on the
>> result. Is there a good way to identify the very first
>> ACCESS-REQUEST from the client with unlang? Maybe by checking
>> the contents of the session-state list or some such? Any ideas?
> 
> I look to see if it's an EAP identity. Which works OK if you're
> doing EAP.
> 
>  if (&EAP-Message =~ /^0x02......01/) {
>    detail
>  }
>  eap

That looks good. I’ll give it a try. Follow-up question: is there a way to get a hold of the request number from within unlang? I don’t think I see it anywhere in the source code but I want to ask anyway. If not, is this something planned for a future release or is there a better way to correlate different log lines to the same request?

Thanks again!

- Michael




More information about the Freeradius-Users mailing list