On 2/4/09 19:32, deveshgade wrote:
I want to maintain a log of the username,ip address and the mac address of the client connecting to my FreeRADIUS-2.1.1 server in a wireless network. I am using dhcpd, from which the mac address of client can be obtained.I wanted to know if anyone has written a script to map radius logs to the dhcpd logs so that one would be able to compare the username,ip address and mac address of the client. Based on comparison of the above values,access to the wifi network would be granted to the user. Can anyone give me a sample or an real shell script or php script for the same??
The best way to do this is to modify the sql schema for the post-auth or radacct table, and insert a Framed-IP-Address field, then have something tail the dhcpd logs parsing the entries and inserting IP addresses for relevant records.
I'm sure there must be something out there already to convert dhcpd logs into sql rows... If not it'd be pretty trivial to do in PHP...
A few vendors now have integrated DHCP snooping and RADIUS Accounting on their switches and wireless access points, so that the Accounting records generated also include the IP address learned via DHCP snooping. IMHO this is a much cleaner way to achieve what you're attempting, so i'd check if your NAS vendor supports this.
Ones i've come across so far are HP ProCurve switches (2600+)(though it's slightly broken), and Trapeze wireless controllers.
Regards, Arran -- Arran Cudbard-Bell ([email protected]), Authentication, Authorisation and Accounting Officer, Infrastructure Services (IT Services), E1-1-08, Engineering 1, University Of Sussex, Brighton, BN1 9QT DDI+FAX: +44 1273 873900 | INT: 3900 GPG: 86FF A285 1AA1 EE40 D228 7C2E 71A9 25BB 1E68 54A2 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
