[RADIATOR] COA log
Dear all, I have the following problem: I can log authentification with the configuration here below, it works correctly. But if I use event_log identifier to log a COA (and not a normal Access-Request with Accept or Reject), nothing happens. Can you indicate me how to log a COA with the answer (ACK or NACK) Thanks in advance, Handler User-Name = ABCD AuthBy toto AuthLog event_log /Handler AuthLog FILE Identifier event_log Filename%L/event_auth.log SuccessFormat %v %d %H:%M:%S,,%s,,%n,,HIDDEN,,%a,,PASS,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},, FailureFormat %v %d %H:%M:%S,,%s,,%n,,HIDDEN,,none,,FAIL,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,%1 LogSuccess 1 LogFailure 1 /AuthLog * Disclaimer * http://www.proximus.be/maildisclaimer ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] COA log
I personally log COA/POD requests using a very custom method. This may not be desirable for others. I do this by after processing the COA/POD normally, pass it to an AuthBy config that essentially changes it to an Accounting-Request packet, populates a few extra values, then passes it to my normal accounting log AuthBy. This also requires adding custom values to the dictionary file. AuthBy GROUP Identifier convert2accounting AuthBy INTERNAL OtherHook sub {\ # some fancy code here. } /AuthBy # now that this packate has been converted to an accounting packet, it is ready to be logged. pass it to the accounting log AuthBy AuthBy accounting_log /AuthBy an example result is something like this: +--+-++---+--+ | username | timestamp | type | sess_time | term_cause | +--+-++---+--+ | username | 2015-01-05 15:04:09 | login | NULL | NULL | | username | 2015-01-05 16:46:03 | info | NULL | rate-change | | username | 2015-01-05 16:47:02 | info | NULL | kick-request | | username | 2015-01-05 16:47:02 | logout | 6173 | Admin-Reset | +--+-++---+--+ On 04/02/15 05:57 PM, Hugh Irvine wrote: Hello - As COA is not an authentication, it therefore follows that it will not be logged by an AuthLog clause. To see what happens with a COA you will need to look at the log file (not the authlog file). regards Hugh On 4 Feb 2015, at 20:49, ONRUBIA AVILES Carlos (SPC/CSP) carlos.onrubia.avi...@proximus.com wrote: Dear all, I have the following problem: I can log authentification with the configuration here below, it works correctly. But if I use event_log identifier to log a COA (and not a normal Access-Request with Accept or Reject), nothing happens. Can you indicate me how to log a COA with the answer (ACK or NACK) Thanks in advance, Handler User-Name = ABCD AuthBy toto AuthLog event_log /Handler AuthLog FILE Identifier event_log Filename%L/event_auth.log SuccessFormat %v %d %H:%M:%S,,%s,,%n,,HIDDEN,,%a,,PASS,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},, FailureFormat %v %d %H:%M:%S,,%s,,%n,,HIDDEN,,none,,FAIL,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,%1 LogSuccess 1 LogFailure 1 /AuthLog * Disclaimer * http://www.proximus.be/maildisclaimer ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator -- Hugh Irvine h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc. Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] COA log
Hi Michael - Very nice. BTW - there are a number of custom RADIUS attributes that are available for this sort of thing in the OSC vendor-specifics in the standard dictionary. ….. # # Open System Consultants VSA's for carrying user data # from AuthBy PAM etc. OSC-AVPAIR is used to pass private data # between instances of Radiator # VENDOR OSC 9048 VENDORATTR 9048OSC-AVPAIR 0 string VENDORATTR 9048OSC-Uid 1 integer VENDORATTR 9048OSC-Gid 2 integer VENDORATTR 9048OSC-Home3 string VENDORATTR 9048OSC-Shell 4 string VENDORATTR 9048OSC-Integrity-Message 5 binary # Experimental presence indicators, used to indictae whether and # where the user was last logged in. USed By AuthPRESENCESQL.pm VENDORATTR 9048OSC-User-Presence-Indicator 6 integer VENDORATTR 9048OSC-User-Presence-Location 7 string VENDORATTR 9048OSC-User-Presence-Timestamp 8 integer VENDORATTR 9048OSC-Client-Identifier 9 string VENDORATTR 9048OSC-Service-Identifier 10 string VENDORATTR 9048OSC-Customer-Identifier 11 string VENDORATTR 9048OSC-Provider-Identifier 12 string VENDORATTR 9048OSC-Environment-Identifier 13 string VENDORATTR 9048OSC-Version-Identifier 14 string VENDORATTR 9048OSC-Session-Identifier 15 string VENDORATTR 9048OSC-Device-Identifier 16 string VENDORATTR 9048OSC-User-Identifier 17 string VENDORATTR 9048OSC-Group-Identifier18 string VENDORATTR 9048OSC-Acct-Input-Octets-6419 integer64 VENDORATTR 9048OSC-Acct-Output-Octets-64 20 integer64 VENDORATTR 9048OSC-Authorize-Group 21 string VALUE OSC-User-Presence-Indicator NotPresent 0 VALUE OSC-User-Presence-Indicator Present 1 VALUE OSC-User-Presence-Indicator Unsure 2 # Attributes to help exporting information from SIM/USIM authentication VENDORATTR 9048OSC-SIM-IMSI80 string VENDORATTR 9048OSC-SIM-MSIDSN 81 string VENDORATTR 9048OSC-SIM-Identity82 string VENDORATTR 9048OSC-SIM-TMSI83 string VENDORATTR 9048OSC-SIM-FastReauthId84 string VENDORATTR 9048OSC-SIM-Method 85 integer VALUE OSC-SIM-Method EAP-SIM 18 VALUE OSC-SIM-Method EAP-AKA 23 VALUE OSC-SIM-Method EAP-AKA-PRIME 50 # The following are derived from Tacacs+ requests per draft-grant-tacacs-02 VENDORATTR 9048OSC-TACACS-Action 100 integer VENDORATTR 9048OSC-TACACS-Privilege-Level 101 integer VENDORATTR 9048OSC-TACACS-Authen-Type 102 integer VENDORATTR 9048OSC-TACACS-Service 103 integer VENDORATTR 9048OSC-TACACS-Authen-Method104 integer VALUE OSC-TACACS-Action Login 1 VALUE OSC-TACACS-Action Chpass 2 VALUE OSC-TACACS-Action Sendpass3 VALUE OSC-TACACS-Action Sendauth4 VALUE OSC-TACACS-Privilege-Level Max 15 VALUE OSC-TACACS-Privilege-Level Root15 VALUE OSC-TACACS-Privilege-Level User1 VALUE OSC-TACACS-Privilege-Level Min 0 VALUE OSC-TACACS-Authen-Type ASCII 1 VALUE OSC-TACACS-Authen-Type PAP 2 VALUE OSC-TACACS-Authen-Type CHAP3 VALUE OSC-TACACS-Authen-Type ARAP4 VALUE OSC-TACACS-Authen-Type MSCHAP 5 VALUE OSC-TACACS-Service None0 VALUE OSC-TACACS-Service Login 1 VALUE OSC-TACACS-Service Enable 2 VALUE OSC-TACACS-Service PPP 3 VALUE OSC-TACACS-Service ARAP4 VALUE OSC-TACACS-Service PT 5 VALUE OSC-TACACS-Service RCMD6 VALUE OSC-TACACS-Service X25 7 VALUE OSC-TACACS-Service NASIq 8 VALUE OSC-TACACS-Service FWPROXY 9 VALUE OSC-TACACS-Authen-MethodNot_Set 0 VALUE OSC-TACACS-Authen-MethodNone
Re: [RADIATOR] COA log
Hello - As COA is not an authentication, it therefore follows that it will not be logged by an AuthLog clause. To see what happens with a COA you will need to look at the log file (not the authlog file). regards Hugh On 4 Feb 2015, at 20:49, ONRUBIA AVILES Carlos (SPC/CSP) carlos.onrubia.avi...@proximus.com wrote: Dear all, I have the following problem: I can log authentification with the configuration here below, it works correctly. But if I use event_log identifier to log a COA (and not a normal Access-Request with Accept or Reject), nothing happens. Can you indicate me how to log a COA with the answer (ACK or NACK) Thanks in advance, Handler User-Name = ABCD AuthBy toto AuthLog event_log /Handler AuthLog FILE Identifier event_log Filename%L/event_auth.log SuccessFormat %v %d %H:%M:%S,,%s,,%n,,HIDDEN,,%a,,PASS,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},, FailureFormat %v %d %H:%M:%S,,%s,,%n,,HIDDEN,,none,,FAIL,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,%1 LogSuccess 1 LogFailure 1 /AuthLog * Disclaimer * http://www.proximus.be/maildisclaimer ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator -- Hugh Irvine h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc. Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator