Hello Jeremy -
You are correct - if you put a <Log FILE> inside an object - you only get the
logging for that object.
It is generally preferable to use Identifiers for this sort of thing:
<AuthBy GROUP>
<Log FILE>
Identifer MyLogger
Filename .....
Trace ...
</Log>
</AuthBy>
<AuthBy ....>
Identifier MyAuthBy
.....
Log MyLogger
.....
</AuthBy>
<Handler ....>
AuthBy MyAuthBy
.....
</Handler>
This makes it *much* easier to understand and maintain.
NB - the <Log FILE> is defined inside an AuthBy GROUP so it does not become
another global logger.
TFAP (tricks for advanced players)
:-)
regards
Hugh
BTW - you can now use Radar with Radiator 3.0 to do much, much more than was
ever possible previously with traces and debugging.
http://www.open.com.au/radar
On Mon, 29 Apr 2002 17:18, Jeremy Burton wrote:
> Hi Hugh,
> If you look closely in the two files, one of them does indeed include
> all logging (the global logfile). The second one *only* contains the
> following line for each request:
>
> Mon Apr 29 17:10:32 2002: DEBUG: Handling with Radius::AuthGROUP
>
> and nothing more.... it is the details for the AuthGROUP that i am
> indeed after (which should be in here, given that the <Log FILE></Log>
> is contained within the <AuthBy GROUP></AuthBy> and not any other <AuthBy>
> stuff...)
> a little more probing has found that if I then go and put a <Log
> FILE></Log> into the <AuthBy FILE></AuthBy> I get that info.. so am i
> misinterpreting that the <Log FILE> isn't inherited by the "children"
> authby's of an <AuthBy GROUP>?
>
> Thanks
>
> Jeremy
>
> On Mon, Apr 29, 2002 at 04:37:01PM +1000, Hugh Irvine wrote:
> > Hello Jeremy -
> >
> > There are a few things wrong with the configuration file, but you should
> > be getting two different logfiles:
> >
> > /etc/raddb/logfile.testing-normal
> >
> > and
> >
> > %D/logfile.testing-adsl
> >
> > where %D = /etc/raddb
> >
> > The first one should contain everything, and the second one should
> > contain a subset corresponding to the <Realm adsl>.
> >
> > I have just been testing this here and it works correctly with the
> > configuration file that I will attach to this mail.
> >
> > BTW - here is the ls -l log*:
> >
> > ls -l log*
> > -rw-r--r-- 1 root root 14994 Apr 29 16:32 logfile
> > -rw-r--r-- 1 root root 195 Apr 29 16:31
> > logfile.testing-adsl
> >
> >
> > regards
> >
> > Hugh
> >
> > On Mon, 29 Apr 2002 15:59, Jeremy Burton wrote:
> > > Hi All,
> > > I've just upgraded from Radiator 2.17.1 to Radiator 3.0.
> > > I am trying to log different parts of the config to different log
> > > files, and am having no luck at all - everything just ends up in the
> > > global logfile. Attached is my config file - this isn't actually my
> > > main config file, but a smaller one which replicates the problem. Also
> > > I'll attach the default entries for the users.dialup and users.adsl...
> > > Basically, anyone know why I'm only getting one log file, not two, as i
> > > would expect from the additional <Log FILE></Log> directive?
> > >
> > > radius.cfg:
> > >
> > > # $Revision: 1.7 $
> > > # $Date: 2001/06/28 08:31:35 $
> > > #
> > > #Foreground
> > > #LogStdout
> > > Trace 3
> > >
> > > # NOTE: Anywhere that
> > > # PreHandlerHook sub { ${$_[0]}->add_attr('Client-Port-DNIS',
> > > '55555550');} # appears is so that eXtremes can log onto analogue
> > > equipment..
> > >
> > > PidFile /etc/raddb/radiusd.testing.pid
> > > AuthPort 1645
> > > AcctPort 1646
> > > LogDir /var/radacct
> > > LogFile /etc/raddb/logfile.testing-normal
> > > DbDir /etc/raddb
> > > DictionaryFile /etc/raddb/dictionary.ascend
> > >
> > > <Client 210.15.210.5>
> > > FramedGroupBaseAddress 10.200.0.0
> > > Secret XXXXXXXXX
> > > DupInterval 10
> > > </Client>
> > >
> > > <Realm WhoShotAdsl>
> > > # You can group multiple AuthBy methods with AuthBy GROUP
> > > <AuthBy GROUP>
> > > Identifier AdslSystem
> > > AuthByPolicy ContinueWhileAccept
> > > <AuthBy SQL>
> > > # AuthSelect with empty string means dont do auth
> > > AuthSelect SELECT password, radius.check_items_new('%n',
>'%N',
> > > '%{Client-Port-DNIS}'), radius.reply_items_new('%n', '%N') FROM
> > > SA.Clients, sa.adsl where username = '%n' and adsl.userid =
> > > clients.userid AuthColumnDef 0, User-Password, check
> > > AuthColumnDef 1, GENERIC, check
> > > AuthColumnDef 2, GENERIC, reply
> > > DBSource dbi:Oracle:SOME_SID
> > > DBUsername SOME_USER
> > > DBAuth SOME_PASS
> > > AccountingTable
> > > Timeout 10000
> > > FailureBackoffTime 300
> > > </AuthBy>
> > > </AuthBy>
> > > </Realm>
> > >
> > > <Realm WhoShotWho>
> > > # You can group multiple AuthBy methods with AuthBy GROUP
> > > <AuthBy GROUP>
> > > Identifier System
> > > AuthByPolicy ContinueWhileAccept
> > > <AuthBy SYSTEM>
> > > UseGetspnam
> > > </AuthBy>
> > > <AuthBy SQL>
> > > # AuthSelect with empty string means dont do auth
> > > AuthSelect SELECT radius.check_items_new('%n', '%N',
> > > '%{Client-Port-DNIS}'), radius.reply_items_new('%n', '%N') FROM
> > > SA.Clients where username = '%n' AuthColumnDef 0, GENERIC, check
> > > AuthColumnDef 1, GENERIC, reply
> > > DBSource dbi:Oracle:SOME_SID
> > > DBUsername SOME_USER
> > > DBAuth SOME_PASS
> > > AccountingTable
> > > Timeout 10000
> > > FailureBackoffTime 300
> > > </AuthBy>
> > > </AuthBy>
> > > </Realm>
> > >
> > > <Realm adsl>
> > > RejectHasReason
> > > RewriteUsername s/\@adsl//
> > > AcctLogFileName %L/adsl/%C/%v%f-%i-%H
> > > PasswordLogFileName /etc/raddb/password.adsl
> > > <AuthBy GROUP>
> > > AuthByPolicy ContinueWhileAccept
> > > <Log FILE>
> > > Trace 3
> > > Filename %D/logfile.testing-adsl
> > > </Log>
> > > <AuthBy RADIUS>
> > > NoForwardAuthentication
> > > Host secondhost.seconddomain.com
> > > Secret XXXXXXXXX
> > > </AuthBy>
> > > <AuthBy FILE>
> > > Filename %D/users.adsl
> > > </AuthBy>
> > > </AuthBy>
> > > </Handler>
> > >
> > > <Handler Realm=>
> > > RejectHasReason
> > > AuthByPolicy ContinueWhileIgnore
> > > AcctLogFileName %L/%C/%v%f-%i-%H
> > > <AuthBy GROUP>
> > > <AuthBy FILE>
> > > Filename %D/users.check
> > > </AuthBy>
> > > <AuthBy FILE>
> > > Filename %D/users.dialup
> > > </AuthBy>
> > > </AuthBy>
> > > </Handler>
> > >
> > > users.dialup:
> > > DEFAULT Auth-Type = System
> > >
> > > users.adsl:
> > > DEFAULT Auth-Type = AdslSystem
> > >
> > > thanks
> > >
> > > Jeremy
> >
> > --
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > -
> > Nets: internetwork inventory and management - graphical, extensible,
> > flexible with hardware, software, platform and database independence.
> >
> > LogDir .
> > DbDir .
> >
> > Trace 4
> > Foreground
> > LogStdout
> >
> > <Client localhost>
> > Secret mysecret
> > DupInterval 0
> > </Client>
> >
> > <Realm adsl>
> > RejectHasReason
> > <AuthBy GROUP>
> > AuthByPolicy ContinueWhileAccept
> > <Log FILE>
> > Trace 4
> > Filename %D/logfile.testing-adsl
> > </Log>
> > <AuthBy FILE>
> > Filename %D/users.adsl
> > </AuthBy>
> > </AuthBy>
> > </Realm>
> >
> > <Realm>
> > <AuthBy FILE>
> > Filename %D/users
> > </AuthBy>
> > </Realm>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
