Unauthorized logins

Michael Chernyakhovsky Wed, 22 Aug 2001 20:23:43 -0700
Hi!

How I can trap unauthorized access?
I want to write to syslog something like
"Autorization failed for user 'username'"

I mean to Exec-Program for all failed authorizations.
I try such config
========================================================
DEFAULT Auth-Type := System
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Fall-Through = Yes,
        Exec-Program-Wait = "/usr/local/bin/radauth"

DEFAULT Framed-Protocol == PPP
        Idle-Timeout = 65535,
        Framed-MTU = 576,
        Framed-Protocol = PPP,
        Framed-Compression = Van-Jacobson-TCP-IP,
        Fall-Through = Yes

### This default for unauthorized users.
DEFAULT Auth-Type == Reject
        Exec-Program="/usr/local/bin/radfault",
        Fall-Through = No
========================================================
But Radius says:

========================================================
rad_recv: Access-Request packet from host x.x.x.x:1740, id=249, length=162
        User-Name = "mmike"
        Password = "\010\215B\375\032\332\013>\361\324\246\233-\003\370\r"
        NAS-IP-Address = x.x.x.x
        NAS-Port = 20109
        NAS-Port-Type = Async
        Service-Type = Login-User
        Calling-Station-Id = "00000000"
        Ascend-Calling-Id-Type-Of-Num = Unknown
        Ascend-Calling-Id-Number-Plan = ISDN-Telephony
        Ascend-Calling-Id-Presentatn = Allowed
        Ascend-Calling-Id-Screening = User-Not-Screened
        Acct-Session-Id = "367234457"
        Ascend-Data-Rate = 33600
        Ascend-Xmit-Rate = 31200
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "suffix" returns ok
    users: Matched DEFAULT at 232
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
  rad_check_password:  Found auth-type System
auth: type "System"
modcall: entering group authenticate
  HASH:  user mmike found in hashtable bucket 35731
  modcall[authenticate]: module "unix" returns reject
modcall: group authenticate returns reject
auth: Failed to validate the user.
Sending Access-Reject of id 249 to x.x.x.x:1740
========================================================

radfault is not calling :(


How I can do

Thanks!

Michael.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Unauthorized logins

Reply via email to
