Linelog and get rid of No Failure Reason
TS
h33927318 at gmail.com
Thu Aug 3 06:05:10 UTC 2023
Hello,
I am trying to consolidate logs and have only one log file with all needed
data in it.
This setup with Freeradius 3.2.3 with OpenLDAP 2.5.15.
We are using EAP + MSCHAPv2, LDAP contains an attribute with NT Password.
I am trying to get rid of "No Failure Reason" value of
"reply:Reply-Message" variable in cases where:
1. user not found in LDAP
2. user's password is incorrect
3. user has Phase1 (EAP/TLS/...) or Phase2 (MSCHAPv2/GTC/...) misconfigured.
I have pretty default configuration with small changes.
I know I should modify Reply-Message but in which file and within which
section(s)?
Snippet from my custom linelog:
reference = "inner_auth_log.%{%{reply:Packet-Type}:-format}"
inner_auth_log {
Access-Accept = "%d.%m.%Y@%H:%G|RESULT=OK
|USER=%{User-Name}|WIFI_AP_IP=%{NAS-IP-Address}|CLIENT_MAC_ADDR=%{%{Calling-Station-Id}:-Unknown
Caller Id}"
Access-Reject =
"%d.%m.%Y@%H:%G|RESULT=ERR|USER=%{User-Name}|WIFI_AP_IP=%{NAS-IP-Address}|CLIENT_MAC_ADDR=%{%{Calling-Station-Id}:-Unknown
Caller Id}|MSG=%{%{reply:Reply-Message}:-No Failure Reason}"
}
More information about the Freeradius-Users
mailing list