Hi, no official solution or ACK for this problem til now :-(
Currently I use the following homebrew workaround to get debug messages with trace level 4 in private log clauses: # Gimmick to trick &main::willLog # has an unnecessary processing component, I know, but ... <Log FILE> Trace 4 Identifier NULL-LOGGER-GIMMICK Filename /dev/null </Log> # more global loggers for errors, warnings and notices: <Log FILE> Trace 2 Identifier radiatorlog Filename %L/radiatorlog </Log> <Log SYSLOG> Trace 2 IgnorePacketTrace ... </Log> Best Regards Charly > Hi RADIATOR Team, > > I would like to dump the packet attributes within ServerRADSEC or > AuthRADSEC but without overwhelming packet hexdumps. > > Therefore I can't/won't use PacketTrace in the clauses. > > I configured a clause specific Logger with 'Trace 4' but the 'sub > main::willLog' doesn't honor the settings in the clause loggers, instead > it checks just the global logger(s) und shortcuts the calls to > recv_debug_dump in the Modules: > >> Radius/AuthRADIUS.pm: $p->recv_debug_dump($self) if >> (main::willLog($main::LOG_DEBUG, $p)); >> Radius/AuthRADSEC.pm: $p->recv_debug_dump($self) if >> (main::willLog($main::LOG_DEBUG, $p)); >> Radius/Client.pm: $p->recv_debug_dump($self) if >> (main::willLog($main::LOG_DEBUG, $p)); >> Radius/ServerRADSEC.pm: $tp->recv_debug_dump($self) if >> (main::willLog($main::LOG_DEBUG, $tp)); >> >> ##################################################################### >> # Return true if at least one logger is required to log >> # Can be a shortcut to prevent length logging calculations >> sub main::willLog >> { >> my ($priority, $p) = @_; >> return 1 >> if ($main::config->{LogStdout}&& ($priority <= $main::config->{Trace} >> || ($p && $p->{PacketTrace}))) >> || grep $_->willLog($priority, $p), @{$main::config->{Log}}; >> } > > > ################################################################################ > Please see my stripped down test setting: > ################################################################################ > >> BindAddress 127.0.0.1 >> AuthPort 1812 >> AcctPort 1813 >> >> LogDir /tmp/radiator/log >> DbDir /tmp/radiator/etc >> >> >> # disable global logfile for tests, in production I use a global file logger >> and syslog logger with Trace 2 >> LogFile >> # I'll just see warnings and errors in the global log or during this tests >> on stdout >> Trace 2 >> Foreground >> LogStdout >> >> PidFile %D/radiusd.pid >> DictionaryFile %D/my-very-short-dict-for-running-under-perl-debugger >> >> # AuthBy gimmick to define referable, non global loggers, thanks Hugh! >> <AuthBy GROUP> >> <Log FILE> >> Identifier DEBUG-LOGGER >> Trace 4 >> Filename %L/debug-logger >> </Log> >> </AuthBy> >> >> <AuthBy TEST> >> Identifier AUTHBY_TEST >> </AuthBy> >> >> <AuthBy RADSEC> >> # I'm interested in the radius code and attributes, not in SSL hexdumps >> Log DEBUG-LOGGER >> Secret radsec >> Identifier AUTHBY_RADSEC >> >> UseStatusServerForFailureDetect >> KeepaliveTimeout 10 >> FailureBackoffTime 10 >> NoreplyTimeout 10 >> >> LocalAddress 127.0.0.1 >> Host 127.0.0.1 >> >> # test settings, in production use valid certs and CN checks!!! >> UseTLS >> TLS_CAFile %D/certificates/demoCA/cacert.pem >> TLS_ExpectedPeerName .* >> >> TLS_CertificateFile %D/certificates/cert-clt.pem >> TLS_CertificateType PEM >> TLS_PrivateKeyFile %D/certificates/cert-clt.pem >> TLS_PrivateKeyPassword whatever >> </AuthBy> >> >> ################################################################################# >> >> <Handler Connect-Info=RADSEC> >> Identifier HANDLER_FROM_RADSEC >> AuthBy AUTHBY_TEST >> </Handler> >> >> <Handler Realm=radsec> >> Identifier HANDLER_TO_RADSEC >> AuthBy AUTHBY_RADSEC >> </Handler> >> >> <Handler> >> Identifier HANDLER_DEFAULT >> AuthBy AUTHBY_TEST >> </Handler> >> >> ################################################################################# >> >> <Client DEFAULT> >> Identifier DEFAULT >> Secret mysecret >> Log DEBUG-LOGGER >> </Client> >> >> <ServerRADSEC> >> # I'm interested in the radius code and attributes, not in SSL hexdumps >> Log DEBUG-LOGGER >> >> Identifier RADSEC_SERVER >> BindAddress 127.0.0.1 >> Port 2083 >> Secret radsec >> >> AddToRequest Connect-Info=RADSEC >> AddToReply Connect-Info=RADSEC >> >> UseTLS >> TLS_CAFile %D/certificates/demoCA/cacert.pem >> TLS_CertificateFile %D/certificates/cert-srv.pem >> TLS_CertificateType PEM >> TLS_PrivateKeyFile %D/certificates/cert-srv.pem >> TLS_PrivateKeyPassword whatever >> TLS_RequireClientCert >> TLS_ExpectedPeerName .* >> </ServerRADSEC> >> #################################################################### > > > > and then test it with radpwtst > >> $ radpwtst -bind_address 127.0.0.1 -s 127.0.0.1 -noacct -auth_port 1812 >> -user foo@radsec > > Any hint how to solve this problem? > > Please rethink your &main::willLog(...) and btw, in my opinion, the > whole logging deserves refactoring ;-( > > Maybe, supporting module specific $self->willLog would be proper a path > to go. > > Best Regards > Charly Gaissmaier > _______________________________________________ _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator