hi,
i have a problem with the special character "%R". the users of our network
have a lot of different user realms where the realm format is specified as:
dnnnknnnnnnnn (for example d001k12345678) ore Knnnnnnnn (for example
K12345678).
for handeling all the requests with one handler we constructed this handler.
<Handler Realm=/(^[d]\d{3}[k]\d{8}$)|(^[K]\d{8}$)/,
Service-Type=Framed-User>
<AuthBy FILE>
Filename /usr/local/lib/radiator/users/%R
</AuthBy>
</Handler>
and now the problem:
it seems, that if there are many request with different realms, the pointer
( /usr/local/lib/radiator/users/%R) loks at the wrong file to match the
request.
we use radiator 2.18.
by debugging sometimes the file radiator try to match the request is shown
and somtimes not. by rejekt's this information is newer shown, so i can't
check, if radiator looks in the right file or not.
some debugs are attached.
hope you can help me.
best regards
emin
<<att-20011209.txt>>
Emin Bozkurt
System Technik
riodata GmbH
Hessenring 13 a
64546 M�rfelden
Fon +49 6105 2843 812
Mobile +49 163 2843 184
Fax +49 6105 2843 777
www.riodata.de
ACCESS ACCEPT:
*** Received from 10.0.5.5 port 1029 ....
Code: Access-Request
Identifier: 22
Authentic: .<139><195>;<129>Ts=<6><227><222><184><247><191>jZ
Attributes:
User-Name = "T000102650001@d001k00010967"
CHAP-Password =
"<1><173><8>g<3><205><146><214><219>S<26><202><170><177><21><249><179>"
NAS-IP-Address = 10.100.14.1
NAS-Port = 1
NAS-Port-Type = 2
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "xxx"
Called-Station-Id = "xxx"
Acct-Session-Id = "376703097"
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=local,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=VPN, Service-Type=Framed-User,
NAS-IP-Address=10.100.14.1 should be used to handle this request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=rioras,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=d001riocon,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=riodata,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=insiders,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=dial_test,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=vpn_test,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=local,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=VPN, Service-Type=Login-User,
NAS-IP-Address=10.100.14.1 should be used to handle this request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=rioras,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=d001riocon,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=riodata,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=insiders,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=dial_test,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=vpn_test,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Framed-User should be used to handle this request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler Realm=lite, Service-Type=Framed-User
should be used to handle this request
Sun Dec 9 02:40:36 2001: DEBUG: Check if Handler
Realm=/(^[d]\d{3}[k]\d{8}$)|(^[K]\d{8}$)/, NAS-IP-Address=10.100.14.1 should be used
to handle this request
Sun Dec 9 02:40:36 2001: DEBUG: Handling request with Handler
'Realm=/(^[d]\d{3}[k]\d{8}$)|(^[K]\d{8}$)/, NAS-IP-Address=10.100.14.1'
Sun Dec 9 02:40:36 2001: DEBUG: Deleting session for T000102650001@d001k00010967,
10.100.14.1, 1
Sun Dec 9 02:40:36 2001: ERR: Attribute number 211 (vendor ) is not defined in your
dictionary
Sun Dec 9 02:40:36 2001: DEBUG: Handling with Radius::AuthFILE
Sun Dec 9 02:40:36 2001: DEBUG: Radius::AuthFILE looks for match with
T000102650001@d001k00010967
Sun Dec 9 02:40:36 2001: DEBUG: Radius::AuthFILE ACCEPT:
Sun Dec 9 02:40:36 2001: DEBUG: Access accepted for T000102650001@d001k00010967
Sun Dec 9 02:40:36 2001: DEBUG: Packet dump:
*** Sending to 10.0.5.5 port 1029 ....
Code: Access-Accept
Identifier: 22
Authentic: .<139><195>;<129>Ts=<6><227><222><184><247><191>jZ
Attributes:
Service-Type = 2
Framed-Protocol = PPP
Tunnel-Type = L2TP
Tunnel-Medium-Type = IP
Tunnel-Client-Auth-ID = "ras1.p002.69000.riodata.de"
Tunnel-Server-Auth-ID = "sms1.p002.69000.riodata.de"
Tunnel-Server-Endpoint = "62.16.150.132"
Tunnel-Client-Endpoint = "62.16.150.131"
Tunnel-Password =
"<0><248>=e\<230><206><251><180><184>5u<21><150><245>u<177><227>w"
ACCESS ACCEPT with file in witch radiator looks for match:
*** Received from 10.0.5.5 port 1029 ....
Code: Access-Request
Identifier: 179
Authentic: p6<201>F<152><141><182><146><199>X<15>I<6><255><201><184>
Attributes:
User-Name = "T00010164@d001k00010579"
CHAP-Password = "<1><142>{<183>WO<b<148><205>c&<195>g<231>y<5>"
NAS-IP-Address = 10.100.14.1
NAS-Port = 3
NAS-Port-Type = 2
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "2142066075"
Called-Station-Id = "069222271000"
Acct-Session-Id = "376703264"
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=local,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=VPN, Service-Type=Framed-User,
NAS-IP-Address=10.100.14.1 should be used to handle this request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=rioras,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=d001riocon,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=riodata,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=insiders,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=dial_test,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=vpn_test,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=local,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=VPN, Service-Type=Login-User,
NAS-IP-Address=10.100.14.1 should be used to handle this request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=rioras,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=d001riocon,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=riodata,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=insiders,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=dial_test,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=vpn_test,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Framed-User should be used to handle this request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler Realm=lite, Service-Type=Framed-User
should be used to handle this request
Sun Dec 9 02:49:28 2001: DEBUG: Check if Handler
Realm=/(^[d]\d{3}[k]\d{8}$)|(^[K]\d{8}$)/, NAS-IP-Address=10.100.14.1 should be used
to handle this request
Sun Dec 9 02:49:28 2001: DEBUG: Handling request with Handler
'Realm=/(^[d]\d{3}[k]\d{8}$)|(^[K]\d{8}$)/, NAS-IP-Address=10.100.14.1'
Sun Dec 9 02:49:28 2001: DEBUG: Deleting session for T00010296@d001k00011818,
10.100.14.1, 1
Sun Dec 9 02:49:28 2001: ERR: Attribute number 211 (vendor ) is not defined in your
dictionary
Sun Dec 9 02:49:28 2001: DEBUG: Handling with Radius::AuthFILE
Sun Dec 9 02:49:28 2001: DEBUG: Reading users file
/usr/local/lib/radiator/max-users/d001k00011818
Sun Dec 9 02:49:28 2001: DEBUG: Radius::AuthFILE looks for match with
T00010296@d001k00011818
Sun Dec 9 02:49:28 2001: DEBUG: Radius::AuthFILE ACCEPT:
Sun Dec 9 02:49:28 2001: DEBUG: Access accepted for T00010296@d001k00011818
Sun Dec 9 02:49:28 2001: DEBUG: Packet dump:
*** Sending to 10.0.5.5 port 1029 ....
Code: Access-Accept
Identifier: 180
Authentic: <250>u<148><131><212>(UE9<179><142><11><211><225><22><223>
Attributes:
Service-Type = 2
Framed-Protocol = PPP
Tunnel-Type = L2TP
Tunnel-Medium-Type = IP
Tunnel-Client-Auth-ID = "ras1.p002.69000.riodata.de"
Tunnel-Server-Auth-ID = "sms1.p002.69000.riodata.de"
Tunnel-Server-Endpoint = "62.16.150.132"
Tunnel-Client-Endpoint = "62.16.150.131"
Tunnel-Password = "<0><135><127><233>7(<135><189><0><18>:<253>tp&<189>s<5>L"
ACCESS REJECT:
*** Received from 10.0.5.5 port 1029 ....
Code: Access-Request
Identifier: 24
Authentic: <202>$<166><3>c<21><7><245>.=2<172>N<5><154><215>
Attributes:
User-Name = "T00010180@d001k00010579"
CHAP-Password = "<1><178>_<16><212><146>/<168>L<140><22><165>w<0><235>(<240>"
NAS-IP-Address = 10.100.14.1
NAS-Port = 3
NAS-Port-Type = 2
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "xxx"
Called-Station-Id = "xxx"
Acct-Session-Id = "376703099"
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=local,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=VPN, Service-Type=Framed-User,
NAS-IP-Address=10.100.14.1 should be used to handle this request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=rioras,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=d001riocon,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=riodata,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=insiders,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=dial_test,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=vpn_test,
Service-Type=Framed-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=local,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=local,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=VPN, Service-Type=Login-User,
NAS-IP-Address=10.100.14.1 should be used to handle this request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=rioras,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=d001riocon,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=riodata,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=insiders,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=dial_test,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=vpn_test,
Service-Type=Login-User, NAS-IP-Address=10.100.14.1 should be used to handle this
request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=riocon,
Service-Type=Framed-User should be used to handle this request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler Realm=lite, Service-Type=Framed-User
should be used to handle this request
Sun Dec 9 02:40:49 2001: DEBUG: Check if Handler
Realm=/(^[d]\d{3}[k]\d{8}$)|(^[K]\d{8}$)/, NAS-IP-Address=10.100.14.1 should be used
to handle this request
Sun Dec 9 02:40:49 2001: DEBUG: Handling request with Handler
'Realm=/(^[d]\d{3}[k]\d{8}$)|(^[K]\d{8}$)/, NAS-IP-Address=10.100.14.1'
Sun Dec 9 02:40:49 2001: DEBUG: Deleting session for T00010180@d001k00010579,
10.100.14.1, 3
Sun Dec 9 02:40:49 2001: ERR: Attribute number 211 (vendor ) is not defined in your
dictionary
Sun Dec 9 02:40:49 2001: DEBUG: Handling with Radius::AuthFILE
Sun Dec 9 02:40:49 2001: DEBUG: Radius::AuthFILE looks for match with
T00010180@d001k00010579
Sun Dec 9 02:40:49 2001: INFO: Access rejected for T00010180@d001k00010579: No such
user
Sun Dec 9 02:40:49 2001: DEBUG: Packet dump:
*** Sending to 10.0.5.5 port 1029 ....
Code: Access-Reject
Identifier: 24
Authentic: <202>$<166><3>c<21><7><245>.=2<172>N<5><154><215>
Attributes:
Reply-Message = "Request Denied"
Sun Dec 9 02:40:54 2001: DEBUG: Packet dump:
