Hm no, I don't use Mac Authentication.
Accounting request:
rad_recv: Accounting-Request packet from host 172.17.255.3:1646,
id=29, length=330
Acct-Session-Id = "0000003E"
Called-Station-Id = "0016.9cbb.ab30"
Calling-Station-Id = "001e.5280.15c6"
Cisco-AVPair = "ssid=GFS-Funknetz v2"
Cisco-AVPair = "vlan-id=0"
Cisco-AVPair = "nas-location=unspecified"
Cisco-AVPair = "auth-algo-type=unknown"
User-Name = "001e528015c6"
Cisco-AVPair = "connect-progress=Call Up"
Acct-Session-Time = 120
Acct-Input-Octets = 113832
Acct-Output-Octets = 61997
Acct-Input-Packets = 966
Acct-Output-Packets = 355
Acct-Terminate-Cause = Lost-Carrier
Cisco-AVPair = "disc-cause-ext=No Reason"
Acct-Status-Type = Stop
NAS-Port-Type = Wireless-802.11
Cisco-NAS-Port = "309"
NAS-Port = 309
Service-Type = Framed-User
NAS-IP-Address = 172.17.255.3
Acct-Delay-Time = 0
rad_lowerpair: User-Name now '001e528015c6'
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 0
modcall[preacct]: module "preprocess" returns noop for request 0
rlm_acct_unique: Hashing 'NAS-Port = 309,Client-IP-Address =
172.17.255.3,NAS-IP-Address = 172.17.255.3,Acct-Session-Id =
"0000003E",User-Name = "001e528015c6"'
rlm_acct_unique: Acct-Unique-Session-ID = "f0f4e2cd9d1af173".
modcall[preacct]: module "acct_unique" returns ok for request 0
rlm_realm: No '@' in User-Name = "001e528015c6", looking up
realm NULL
rlm_realm: No such realm "NULL"
modcall[preacct]: module "suffix" returns noop for request 0
modcall[preacct]: module "files" returns noop for request 0
modcall: leaving group preacct (returns ok) for request 0
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 0
radius_xlat: '/var/log/freeradius/radacct/172.17.255.3/
detail-20080204'
rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-
%Y%m%d expands to /var/log/freeradius/radacct/172.17.255.3/
detail-20080204
modcall[accounting]: module "detail" returns ok for request 0
radius_xlat: '001e528015c6'
rlm_sql (sql): sql_set_user escaped user --> '001e528015c6'
radius_xlat: 'UPDATE radacct SET AcctStopTime = '2008-02-04
16:39:11', AcctSessionTime = '120', AcctInputOctets = '113832',
AcctOutputOctets = '61997', AcctTerminat
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
modcall[accounting]: module "sql" returns ok for request 0
modcall[accounting]: module "unix" returns ok for request 0
radius_xlat: '/var/log/freeradius/radutmp'
radius_xlat: '001e528015c6'
modcall[accounting]: module "radutmp" returns ok for request 0
modcall: leaving group accounting (returns ok) for request 0
Sending Accounting-Response of id 29 to 172.17.255.3 port 1646
Finished request 0
Going to the next request
--- Walking the entire request list ---
bye
Julian
Am 04.02.2008 um 17:35 schrieb Arran Cudbard-Bell:
Julian Stöver wrote:
Hi,
oh yes, it's my mac ^^ I didn't recognized that.. So I have to
change my question to "Why is the mac adress saved in the 'radacct'
table?"
If your not doing mac-based authentication then I have no idea.
Could be a cisco thing, i've only got experience with HP ProCurve
access points.
One thing it's not is a problem with is FreeRadius, unless you've
been messing with the SQL queries. Or if you were sending the Mac-
Address back as the User-Name attribute in the Access Accept
packets... But thats not the default.
Mac OSX 10.4 / 10.5 sends the same inner/outer identity by default,
unless you've altered the config to send the mac-address as the
outer identity.
Could you post an Accounting Request packet ?
Thanks,
Arran
And you're right, I'm using an Apple airport client, but my access
points are Ciscos
bye
julian
Am 04.02.2008 um 17:12 schrieb Arran Cudbard-Bell:
Julian Stöver wrote:
Hi!
I worked my radacct problem today. I fixed the most problems, so
now I get all informations stored in my 'radacct'-table. But the
username is saved encrypted in the database, something like
'001e528015c6' for username 'julian'.
Hmmm you know that username looks an awful lot like a mac address.
Are you by any chance using either an apple airport as a base
station or an apple client ?
In the radius debug log i can read the name in cleartext. I'm
sorry, but I currently don't have the log, maybe you can help me
without the log, otherwise i'll send it to you tomorrow. I asked
google and the faq for this problem with no result...
bye
julian
Am 01.02.2008 um 17:20 schrieb Alan DeKok:
You need rather a lot more than that in an accounting request.
And
you don't need a password in an accounting request.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08 University Of Sussex,
Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
