At Mon, 15 Dec 2003 12:57:24 +0000,
James Green wrote:
ZORBADELOS KONSTANTINOS wrote:
You said you used radiusd -x and not radiusd -X (case is important).
Please send the output you receive from radiusd -X. See the rlm_sql
and radius_xlat messages. Perhaps something is wrong with the
configuration of queries.
Hello again.
Right, we've just had our NAS configured to the same spec that the exising (non-test) one is which logs things fine.
Yet we still don't see anything in our database on the test number. Here's the debug output - I hope someone can point the finger...
rad_recv: Access-Request packet from host 81.20.32.130:2048, id=40, length=317
Attr-172818433 = 0x202449643a2041707469732e76696e666f2020496d6167654e616d653d6665706d64202056657273696f6e3d332e362e32703220204275696c644e756d6265723d3332383420204275696c64446174653d31322f31392f3230303020204275696c6454696d653d31363a33313a333820204d616368696e653d4255494c4430332020557365723d4275696c642020546172676574426f6172643d736363202054617267657450726f636573736f723d50504336303320204272616e63683d7033363220204578702024
NAS-IP-Address = 81.20.32.130
User-Name = "[EMAIL PROTECTED]"
CHAP-Password = 0x017095d941e007b1ca52c6ee6137cf8d65
Called-Station-Id = "08714719098"
Calling-Station-Id = "1493660030"
NAS-Port = 17236748
NAS-Port-Type = Async
Framed-Protocol = PPP
Service-Type = Framed-User
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
radius_xlat: '/var/log/radiusd/radacct/81.20.32.130/auth-detail-20031215'
rlm_detail: /var/log/radiusd/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radiusd/radacct/81.20.32.130/auth-detail-20031215
modcall[authorize]: module "auth_log" returns ok for request 3
rlm_chap: Setting 'Auth-Type := CHAP'
modcall[authorize]: module "chap" returns ok for request 3
modcall[authorize]: module "eap" returns noop for request 3
rlm_realm: Looking up realm "wapmob" for User-Name = "[EMAIL PROTECTED]"
rlm_realm: Found realm "wapmob"
rlm_realm: Adding Stripped-User-Name = "james"
rlm_realm: Proxying request from user james to realm wapmob
rlm_realm: Adding Realm = "wapmob"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 3
radius_xlat: '[EMAIL PROTECTED]'
rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '[EMAIL PROTECTED]' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '[EMAIL PROTECTED]' ORDER BY id
rlm_sql (sql): User [EMAIL PROTECTED] not found in radcheck
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): User [EMAIL PROTECTED] not found in radgroupcheck
rlm_sql (sql): User not found
rlm_sql (sql): Released sql socket id: 1
modcall[authorize]: module "sql" returns notfound for request 3
users: Matched DEFAULT at 152
users: Matched DEFAULT at 159
modcall[authorize]: module "files" returns ok for request 3
modcall[authorize]: module "mschap" returns noop for request 3
modcall: group authorize returns ok for request 3
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied CHAP-Password matches local User-Password
Login OK: [james/<CHAP-Password>] (from client intelliplus port 17236748 cli 1493660030)
modcall: entering group post-auth for request 3
radius_xlat: '/var/log/radiusd/radacct/81.20.32.130/reply-detail-20031215'
rlm_detail: /var/log/radiusd/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to /var/log/radiusd/radacct/81.20.32.130/reply-detail-20031215
modcall[post-auth]: module "reply_log" returns ok for request 3
modcall: group post-auth returns ok for request 3
Sending Access-Accept of id 40 to 81.20.32.130:2048
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 81.20.32.130:2048, id=24, length=414
Acct-Status-Type = Start
NAS-IP-Address = 81.20.32.130
Attr-172818433 = 0x202449643a2041707469732e76696e666f2020496d6167654e616d653d6665706d64202056657273696f6e3d332e362e32703220204275696c644e756d6265723d3332383420204275696c64446174653d31322f31392f3230303020204275696c6454696d653d31363a33313a333820204d616368696e653d4255494c4430332020557365723d4275696c642020546172676574426f6172643d736363202054617267657450726f636573736f723d50504336303320204272616e63683d7033363220204578702024
Attr-172818435 = 0x3030303030303030303030303030303030303030
Service-Type = Framed-User
NAS-Port = 17236748
NAS-Port-Type = Async
Called-Station-Id = "08714719098"
Calling-Station-Id = "1493660030"
Acct-Delay-Time = 0
Framed-IP-Address = 81.20.34.3
User-Name = "[EMAIL PROTECTED]"
Framed-Protocol = PPP
Acct-Session-Id = "0004A016"
Acct-Authentic = RADIUS
Acct-Link-Count = 1
Login-IP-Host = 0.0.0.0
Login-Service = PortMaster
Login-TCP-Port = 0
X-Ascend-Modem-PortNo = 33816835
X-Ascend-Modem-SlotNo = 3
X-Ascend-Data-Rate = 28800
X-Ascend-Xmit-Rate = 46667
X-Ascend-PreSession-Time = 28
modcall: entering group preacct for request 4
modcall[preacct]: module "preprocess" returns noop for request 4
rlm_realm: Looking up realm "wapmob" for User-Name = "[EMAIL PROTECTED]"
rlm_realm: Found realm "wapmob"
rlm_realm: Adding Stripped-User-Name = "james"
rlm_realm: Proxying request from user james to realm wapmob
rlm_realm: Adding Realm = "wapmob"
rlm_realm: Accounting realm is LOCAL.
modcall[preacct]: module "suffix" returns noop for request 4
modcall[preacct]: module "files" returns noop for request 4
modcall: group preacct returns noop for request 4
modcall: entering group accounting for request 4
rlm_acct_unique: WARNING: Attribute NAS-Port-Id was not found in request, unique ID MAY be inconsistent
rlm_acct_unique: Hashing ',Client-IP-Address = 81.20.32.130,NAS-IP-Address = 81.20.32.130,Acct-Session-Id = "0004A016",User-Name = "[EMAIL PROTECTED]"'
rlm_acct_unique: Acct-Unique-Session-ID = "dcc42abb991b40c2".
modcall[accounting]: module "acct_unique" returns ok for request 4
radius_xlat: '[EMAIL PROTECTED]'
rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]'
radius_xlat: ''
radius_xlat: '/var/log/radius/sqltrace.sql'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql (sql): Released sql socket id: 0
modcall[accounting]: module "sql" returns ok for request 4
radius_xlat: '/var/log/radiusd/radacct/81.20.32.130/detail-20031215'
rlm_detail: /var/log/radiusd/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radiusd/radacct/81.20.32.130/detail-20031215
modcall[accounting]: module "detail" returns ok for request 4
modcall[accounting]: module "unix" returns ok for request 4
radius_xlat: '/var/log/radiusd/radutmp'
radius_xlat: '[EMAIL PROTECTED]'
modcall[accounting]: module "radutmp" returns ok for request 4
modcall: group accounting returns ok for request 4
Sending Accounting-Response of id 24 to 81.20.32.130:2048
Finished request 4
Going to the next request
Please bear in mind that authentication and authorisation is done using flat files, accounting is done in a database. The latter doesn't work.
Thanks,
James
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
