Lockout by IP number?
Ann Cantelow
cantelow at csd.net
Thu Sep 28 00:06:50 UTC 2023
Hello,
I am looking to implement a lockout for excessive login tries. I have been following advice offered at https://wiki.freeradius.org/guide/lockout , and thank you very much for that. Is there a variable like '%{User-Name}' for IP number? I would like to do a lockout based on IP number as well as User-Name. I see the IP is listed in the radius log, but I haven't been able to find an attribute that I figure will give this information. I've looked in the dictionary files, but maybe I've somehow missed it.
My radius version is 2.1.12 on RHEL6, and client nastype is cisco. Radius upgrade to version 3 is planned.
Radius log example lines showing ip numbers:
...
Wed Sep 27 11:29:13 2023 : Auth: Login incorrect: [edc] (from client [clientname] port 212271104 cli 62.122.184.231)
Wed Sep 27 11:29:14 2023 : Auth: Login incorrect: [edc] (from client [clientname] port 86839296 cli 62.122.184.231)
Wed Sep 27 11:29:16 2023 : Auth: Login incorrect: [qazwsx] (from client [clientname] port 241688576 cli 62.122.184.231)
Wed Sep 27 11:29:17 2023 : Auth: Login incorrect: [qazwsx] (from client [clientname] port 166244352 cli 62.122.184.231)
...
Many thanks,
Ann Cantelow
More information about the Freeradius-Users
mailing list