Missing error messages in detail log reply files
Matthew Newton
mcn at freeradius.org
Tue Jan 8 14:03:18 CET 2019
On Tue, 2019-01-08 at 13:39 +0100, Fekete Tamás wrote:
> The problem, is that detail log doesn't show any information about
> why the
> request was rejected.
> And we can not set up detail log to make this information appear in
> the
> reply-detail log.
The detail log is logging the reply, which doesn't contain any reasons
in it, which is why you don't see anything in the log.
The errors are put in the Module-Failure-Message attribute. There are
many ways of logging what you want, but one way is to copy this to the
reply list before you log it. That attribute is internal only, so it
won't get sent back to the client anyway.
Something like
update reply {
&Module-Failure-Message := &control:Module-Failure-Message
}
reply_log
You'll likely start to get clear-text passwords and other private
information in your logs, though, which may not be desired.
--
Matthew
More information about the Freeradius-Users
mailing list