Getting remote proxy details in unlang
Mark Donnelly
mark at painless-security.com
Tue Mar 1 18:28:56 UTC 2022
Alan:
Thank you! That worked like a charm.
Cheers,
--Mark Donnelly
Painless Security
On Mon, Feb 28, 2022 at 4:38 PM Alan DeKok <aland at deployingradius.com>
wrote:
> On Feb 28, 2022, at 3:41 PM, Mark Donnelly <mark at painless-security.com>
> wrote:
> > I have a setup where I'm working with multiple partners for
> > authentication. I have the proxying set up, and authentication is
> working
> > great.
>
> That's good.
>
> > The next step is that we want to do some reporting based on various
> > factors, including which partner receives the proxied requests. The way
> I
> > currently have it structured, this corresponds to a home_server_pool (but
> > could be open to change if needed). I've spent a good part of yesterday
> > looking for what I can write in Unlang to give me that information, but I
> > can't figure out if it's exposed via any variable, list, or attribute.
> >
> > Does FreeRADIUS expose the home_server or home_server_pool of a proxy
> > request anyplace where I could incorporate it into an expression to throw
> > into a filename or log line?
>
> You can log:
>
> %{proxy-request:Packet-Dst-IP-Address}
>
> This is the destination IP that the proxied packet is sent to.
>
> %{home_server:foo}
>
> This logs the "foo" item in the home server. i.e.
>
> home_server stuff {
> ipaddr = ...
> port = ...
> secret = ...
>
> foo = "Magic extra stuff I want to log"
> }
>
> The configuration files are actually a generic key-value store. :)
>
> %{home_server_pool:foo}
>
> This logs the "foo" item in the home server pool. i.e.
>
> home_server_pool pool1 {
> type = ...
> home_server = a
> home_server = b
>
> foo = "Magic extra stuff I want to log"
> }
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list