is there a way to identify the very first ACCESS-REQUEST
Michael Hocke
mh103 at nyu.edu
Mon May 22 21:32:00 CEST 2017
> On May 22, 2017, at 2:20 PM, Matthew Newton <matthew at newtoncomputing.co.uk> wrote:
>
> On Mon, May 22, 2017 at 01:04:59PM -0400, Michael Hocke wrote:
>> I want to improve our logging and want to keep track of
>> authentication attempts that do not complete. I was thinking of
>> logging the very first ACCESS-REQUEST and then later on the
>> result. Is there a good way to identify the very first
>> ACCESS-REQUEST from the client with unlang? Maybe by checking
>> the contents of the session-state list or some such? Any ideas?
>
> I look to see if it's an EAP identity. Which works OK if you're
> doing EAP.
>
> if (&EAP-Message =~ /^0x02......01/) {
> detail
> }
> eap
That looks good. I’ll give it a try. Follow-up question: is there a way to get a hold of the request number from within unlang? I don’t think I see it anywhere in the source code but I want to ask anyway. If not, is this something planned for a future release or is there a better way to correlate different log lines to the same request?
Thanks again!
- Michael
More information about the Freeradius-Users
mailing list