Re: Logging for Assets and Customers

[Alan DeKok]

Christian Rahl wrote:
 I would like this information to be added to the radius mysql in a
 separate table. This information would include MAC address, last IP, and
 if possible the last NAS IP.  All I really need to know is how to get a
 script to run with the radius so that it requests that information, or
 just pulls that information from the connection.
 
 Any ideas on how to do this would be extremely helpful.

  See the sql module.  You can run the post-auth queries to log
anything you want.  Just look at the packet to see what's in it, and
edit the SQL queries to log that information into your custom schema.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Logging for Assets and Customers

[Stefan Winter]

 Hi,

first, there is no such thing as requesting that information - a 
RADIUS client sends a request, and it sends attributes as configured on 
the client. There is no previous negotiation phase where the server 
would tell give me this piece of info.


However, there is some opportunity to harvest info from incoming 
requests. You can do, for example:


client foo {
...
asset_type = expensive-service
...
}

client bar {
...
asset_type = dirtcheap-service
...
}

client baz
...
asset_type = dirtcheap-service
...
}

and then modify the SQL queries to log %{client:asset_type} . On 
run-time, the content of this variable will expand to either 
expensive-service or dirtcheap-service, depending from which client IP 
address the request came in. Re MAC-Address: this is in the attribute 
Calling-Station-Id (*iff* the client sends that attribute).


You're up for a bit more trouble if you have multiple different services 
coming in from the same IP address. In this case your fate relies on the 
abilitiy to instruct the respective RADIUS client software to include 
some identification. But that's really up to the client then.


Greetings,

Stefan Winter

Am 18.08.2010 02:08, schrieb Christian Rahl:
I am trying to have the ability to log all logins with very specific 
information so that we can track customer and asset access.


I would like this information to be added to the radius mysql in a 
separate table. This information would include MAC address, last IP, 
and if possible the last NAS IP.  All I really need to know is how to 
get a script to run with the radius so that it requests that 
information, or just pulls that information from the connection.


Any ideas on how to do this would be extremely helpful.

Thank you,
Christian
RIT Applied Networking and System Admin

Rochester Institute of Technology
Email: rahl.christ...@gmail.com mailto:rahl.christ...@gmail.com


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la 
Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Logging for Assets and Customers

[Christian Rahl]

I am trying to have the ability to log all logins with very specific
information so that we can track customer and asset access.

I would like this information to be added to the radius mysql in a separate
table. This information would include MAC address, last IP, and if possible
the last NAS IP.  All I really need to know is how to get a script to run
with the radius so that it requests that information, or just pulls that
information from the connection.

Any ideas on how to do this would be extremely helpful.

Thank you,
Christian
RIT Applied Networking and System Admin

Rochester Institute of Technology
Email: rahl.christ...@gmail.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html