Someone gave me the idea to use fifo ( named pipe ) in place of radius.log
file. I didn't use that. Instead i've modified the radius source in auth.c
file
Now my radiusd logs the authentication requests to radius.log file and sql
server.
Although, its in testing phase but still its working fine.
Modify
file: auth.c function: static int rad_authlog(const char *msg,
REQUEST *request, int goodpass)
...........
...........
..........
} else {
radlog(L_AUTH, "%s: [%s%s%s] (%s)",
msg,
clean_username,
mainconfig.log_auth_badpass ? "/" : "",
mainconfig.log_auth_badpass ? clean_password
: "",
auth_name(buf, sizeof(buf), request, 1));
}
/* New Code Starts here */
pid=fork();
if (pid<0)
radlog(L_ERR, "Cannot fork to execute external process
(/tmp/b.out) for Authentication logs");
if (pid==0) {
/*execl("/tmp/b.out","/tmp/b.out",msg,clean_username,clean_password,auth_nam
e(buf,sizeof(buf),request,1),(goodpass ?
"CORRECT" : "INCORRECT"),0);*/
execl("/tmp/b.out","/tmp/b.out",msg,clean_username,clean_password,auth_name(
buf,sizeof(buf),request,1),0);
radlog(L_ERR, "execl fialed to execute external process
(/tmp/b.out) for Authentication logs");
exit(1);
}
/* Ends here */
return 0;
}
...............
..............
now recompile radius and install
and /tmp/b.out is used to actually log entries in my local Postgresql
server (i'm not using password for my sql server ;-) )
#!/bin/bash
user=$2
passwd=$3
phone=`echo $4 | awk ' BEGIN { FS = "cli " } { print $2}'`
auth=$1
psql -U postgres -d radius -c "insert into authlog
("username","password","callingstationid","authentication")
values('$user','$pass
wd','$phone','$auth');"
sql table for authentaion log is as :
CREATE TABLE "authlog" (
"timestamp" timestamp DEFAULT "timestamp"('now'::text),
"username" varchar(30),
"password" varchar(30),
"callingstationid" varchar(30),
"authentication" varchar(20)
);
Best of luck
-Ali
----- Original Message -----
From: "Brian Kolaci" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 27, 2002 8:45 PM
Subject: SQL auth
>
> Hi,
>
> I just converted from cistron to freeradius. I'm using the
> SQL module to log accounting records. Is there a simple
> way to have the sql module log authentication requests and
> whether they were successful or not? I would like the same
> features that are logged in the radius.log file (username,
> good/bad password, nas, date) but have it go to a single
> SQL server instead of having to merge radius.log files
> from multiple machines and then parse it.
>
> Thanks,
>
> Brian
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
