raddump RADIUS packet analyzer

Jonathan Moore Thu, 23 Sep 2004 13:53:20 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folks,

I'd like to announce the availability of the raddump RADIUS packet analyzer which may be useful for debugging your RADIUS infrastructure. Please see the project homepage at https://sourceforge.net/projects/raddump/ for more details.

It is GPL'ed and available as:
http://prdownloads.sourceforge.net/raddump/raddump-0.2.1.tar.gz?download

What is raddump? From the man page:

       raddump(1)  interprets  captured  RADIUS  packets to print
       details about them, including a timestamp, packet lengths,
       RADIUS  packet  type,  source  and  destination  hosts and
       ports, and included attribute names and values. It is pri-
       marily  useful in conjunction with packet capture programs
       such as tcpdump(1) or snoop(1M), and can be used either on
       a  saved file or in a pipeline to monitor ongoing communi-
       cations.

       raddump(1) currently understands packet  traces  that  are
       RFC  1761-compliant  (e.g.  those produced by snoop v2) as
       well as those that are stored in the libpcap format  (e.g.
       those  produced by tcpdump). raddump(1) is able to distin-
       guish these file formats on the fly, so it is  not  neces-
       sary to indicate which type of trace you are feeding it.

Example output: [fred: ~/src/raddump]$ ./raddump -vs < snoopv2.pkts Looks like a(n) RFC 1761 (snoop v2) packet trace 10:07:58.916467 radius DUMBLEDORE:60818 > knockknock:1645 Access-Request 32 User-Name = YYYYYY User-Password = <16 bytes> NAS-IP-Address = 128.91.254.254 10:08:00.089439 radius knockknock:1645 > DUMBLEDORE:60818 Access-Accept 16 Vendor-Specific = PennID = XXXXXXXX

You may find this useful for debugging your RADIUS server by monitoring traffic in real time, or for doing offline examination of a problematic session. For example, we have already found it useful here at UPenn to be able to say: "do a tcpdump while you try to hit our RADIUS server and then send us the saved packets."

The current version should build on Solaris, Mac OS X, and Linux.

Cheers,
Jon Moore

- --
Jon Moore
ISC Networking & Telecommunications
University of Pennsylvania
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)

iD8DBQFBUzeHx8TaElR3qMMRArd6AKCpIu6+N1jGnTcFf2l6Yci5s8Qa1ACfZ8a2
rFwfopt7zddEhB3HkIsHOWs=
=8I2O
-----END PGP SIGNATURE-----

- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

raddump RADIUS packet analyzer

Reply via email to