Chris van Meerendonk wrote: > On Mon, 2003-08-18 at 05:30, Adam Carmichael wrote: > > > I'm currently running FreeRADIUS 0.9.0 on several *BSD boxes with > > MySQL4 for logging accounting and retrieving authentication > > information. I am interested in knowing how to log authentication > > attempts and even possibly why an attempt failled. > > I'm using a simple script that reads radius.log and put that in a > mysql table that can be accessed by our helpdesk by using a simple > php-interface to help people with their dialin problems. Maybe you > can do something with it.
The situation isn't so easy when you have multiple freeradius servers, and in that case you want to store authentication attempts in a database rather than a flat file. For different reasons I need also logging connexion requests and I already thought a little about it. I'm considering writing a patch for this problem, and I would like advice from the developpers to do it the efficiently. Please correct me if the following doesn't make sense. The extension should be made in module rlm_sql because here you have all you need to connect the database and make a request (and the administrator may store the authcheck_table, the acct_table and the authentication attempts in the same db). Then in sql.conf you should add four lines with auth_badpass_table, auth_goodpass_table, auth_badpass_query, auth_goodpass_query (or something like that). We know in authentication whether the password is valid, so you have to enter module rlm_sql at this time. It requires to add a function rlm_sql_authenticate() to manage it... If I get something working from this idea I'll submit the patch in the mailing list later. -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
