Getting remote proxy details in unlang

[Alan DeKok]

On Feb 28, 2022, at 3:41 PM, Mark Donnelly <mark at painless-security.com> wrote:
> I have a setup where I'm working with multiple partners for
> authentication.  I have the proxying set up, and authentication is working
> great.

  That's good.

> The next step is that we want to do some reporting based on various
> factors, including which partner receives the proxied requests.  The way I
> currently have it structured, this corresponds to a home_server_pool (but
> could be open to change if needed).  I've spent a good part of yesterday
> looking for what I can write in Unlang to give me that information, but I
> can't figure out if it's exposed via any variable, list, or attribute.
> 
> Does FreeRADIUS expose the home_server or home_server_pool of a proxy
> request anyplace where I could incorporate it into an expression to throw
> into a filename or log line?

  You can log:

 %{proxy-request:Packet-Dst-IP-Address}

  This is the destination IP that the proxied packet is sent to.

%{home_server:foo}

  This logs the "foo" item in the home server.  i.e.

home_server stuff {
	ipaddr = ...
	port = ...
	secret = ...

	foo = "Magic extra stuff I want to log"
}

  The configuration files are actually a generic key-value store.  :)

%{home_server_pool:foo}

   This logs the "foo" item in the home server pool.  i.e.

home_server_pool pool1 {
	type = ...
	home_server = a
	home_server = b

	foo = "Magic extra stuff I want to log"
}

  Alan DeKok.