[RADIATOR] COA log

[ONRUBIA AVILES Carlos (SPC/CSP)]

Dear all,

I have the following problem:

I can log authentification with the configuration here below,  it works 
correctly.
But if I use event_log identifier to log a COA (and not a normal  
Access-Request with Accept or Reject), nothing happens.

Can you indicate me how to log a COA with the answer (ACK or NACK)

Thanks in advance,



Handler User-Name = ABCD
AuthBy  toto
AuthLog event_log
/Handler

AuthLog FILE
Identifier  event_log
Filename%L/event_auth.log
SuccessFormat   %v %d 
%H:%M:%S,,%s,,%n,,HIDDEN,,%a,,PASS,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,
FailureFormat   %v %d 
%H:%M:%S,,%s,,%n,,HIDDEN,,none,,FAIL,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,%1
LogSuccess  1
   LogFailure  1
/AuthLog








* Disclaimer *
http://www.proximus.be/maildisclaimer
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] COA log

[Michael]

I personally log COA/POD requests using a very custom method.  This may 
not be desirable for others.  I do this by after processing the COA/POD 
normally, pass it to an AuthBy config that essentially changes it to an 
Accounting-Request packet, populates a few extra values, then passes it 
to my normal accounting log AuthBy.  This also requires adding custom 
values to the dictionary file.


AuthBy GROUP
  Identifier convert2accounting

 AuthBy INTERNAL
 OtherHook sub {\
   # some fancy code here.
 }
 /AuthBy

 # now that this packate has been converted to an accounting 
packet, it is ready to be logged.  pass it to the accounting log AuthBy
 AuthBy accounting_log
/AuthBy


an example result is something like this:

+--+-++---+--+
| username | timestamp   | type   | sess_time | term_cause   |
+--+-++---+--+
| username | 2015-01-05 15:04:09 | login  |  NULL | NULL |
| username | 2015-01-05 16:46:03 | info   |  NULL | rate-change  |
| username | 2015-01-05 16:47:02 | info   |  NULL | kick-request |
| username | 2015-01-05 16:47:02 | logout |  6173 | Admin-Reset  |
+--+-++---+--+





On 04/02/15 05:57 PM, Hugh Irvine wrote:
 Hello -

 As COA is not an authentication, it therefore follows that it will not be 
 logged by an AuthLog clause.

 To see what happens with a COA you will need to look at the log file (not the 
 authlog file).

 regards

 Hugh


 On 4 Feb 2015, at 20:49, ONRUBIA AVILES Carlos (SPC/CSP) 
 carlos.onrubia.avi...@proximus.com wrote:

 Dear all,

   

 I have the following problem:

   

 I can log authentification with the configuration here below,  it works 
 correctly.

 But if I use event_log identifier to log a COA (and not a normal  
 Access-Request with Accept or Reject), nothing happens.

   

 Can you indicate me how to log a COA with the answer (ACK or NACK)

   

 Thanks in advance,

   

   

   

 Handler User-Name = ABCD

  AuthBy  toto

  AuthLog event_log

 /Handler

   

 AuthLog FILE

  Identifier  event_log

  Filename%L/event_auth.log

  SuccessFormat   %v %d 
 %H:%M:%S,,%s,,%n,,HIDDEN,,%a,,PASS,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,

  FailureFormat   %v %d 
 %H:%M:%S,,%s,,%n,,HIDDEN,,none,,FAIL,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,%1

  LogSuccess  1

 LogFailure  1

 /AuthLog

   

   

   

   

   



 * Disclaimer *
 http://www.proximus.be/maildisclaimer
 ___
 radiator mailing list
 radiator@open.com.au
 http://www.open.com.au/mailman/listinfo/radiator

 --

 Hugh Irvine
 h...@open.com.au

 Radiator: the most portable, flexible and configurable RADIUS server
 anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
 Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
 TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
 DIAMETER, SIM, etc.
 Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.

 ___
 radiator mailing list
 radiator@open.com.au
 http://www.open.com.au/mailman/listinfo/radiator


___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] COA log

[Hugh Irvine]

Hi Michael -

Very nice.

BTW - there are a number of custom RADIUS attributes that are available for 
this sort of thing in the OSC vendor-specifics in the standard dictionary.

…..

#
# Open System Consultants VSA's for carrying user data
# from AuthBy PAM etc. OSC-AVPAIR is used to pass private data
# between instances of Radiator
#
VENDOR  OSC 9048
VENDORATTR  9048OSC-AVPAIR  0 string
VENDORATTR  9048OSC-Uid 1 integer
VENDORATTR  9048OSC-Gid 2 integer
VENDORATTR  9048OSC-Home3 string
VENDORATTR  9048OSC-Shell   4 string
VENDORATTR  9048OSC-Integrity-Message   5 binary

# Experimental presence indicators, used to indictae whether and
# where the user was last logged in. USed By AuthPRESENCESQL.pm
VENDORATTR  9048OSC-User-Presence-Indicator 6 integer
VENDORATTR  9048OSC-User-Presence-Location  7 string
VENDORATTR  9048OSC-User-Presence-Timestamp 8 integer

VENDORATTR  9048OSC-Client-Identifier   9 string
VENDORATTR  9048OSC-Service-Identifier  10 string
VENDORATTR  9048OSC-Customer-Identifier 11 string
VENDORATTR  9048OSC-Provider-Identifier 12 string
VENDORATTR  9048OSC-Environment-Identifier  13 string
VENDORATTR  9048OSC-Version-Identifier  14 string
VENDORATTR  9048OSC-Session-Identifier  15 string
VENDORATTR  9048OSC-Device-Identifier   16 string
VENDORATTR  9048OSC-User-Identifier 17 string
VENDORATTR  9048OSC-Group-Identifier18 string
VENDORATTR  9048OSC-Acct-Input-Octets-6419 integer64
VENDORATTR  9048OSC-Acct-Output-Octets-64   20 integer64
VENDORATTR  9048OSC-Authorize-Group 21 string

VALUE   OSC-User-Presence-Indicator NotPresent  0
VALUE   OSC-User-Presence-Indicator Present 1
VALUE   OSC-User-Presence-Indicator Unsure  2

# Attributes to help exporting information from SIM/USIM authentication
VENDORATTR  9048OSC-SIM-IMSI80 string
VENDORATTR  9048OSC-SIM-MSIDSN  81 string
VENDORATTR  9048OSC-SIM-Identity82 string
VENDORATTR  9048OSC-SIM-TMSI83 string
VENDORATTR  9048OSC-SIM-FastReauthId84 string
VENDORATTR  9048OSC-SIM-Method  85 integer

VALUE   OSC-SIM-Method  EAP-SIM 18
VALUE   OSC-SIM-Method  EAP-AKA 23
VALUE   OSC-SIM-Method  EAP-AKA-PRIME   50

# The following are derived from Tacacs+ requests per draft-grant-tacacs-02
VENDORATTR  9048OSC-TACACS-Action   100 integer
VENDORATTR  9048OSC-TACACS-Privilege-Level  101 integer
VENDORATTR  9048OSC-TACACS-Authen-Type  102 integer
VENDORATTR  9048OSC-TACACS-Service  103 integer
VENDORATTR  9048OSC-TACACS-Authen-Method104 integer

VALUE   OSC-TACACS-Action   Login   1
VALUE   OSC-TACACS-Action   Chpass  2
VALUE   OSC-TACACS-Action   Sendpass3
VALUE   OSC-TACACS-Action   Sendauth4

VALUE   OSC-TACACS-Privilege-Level  Max 15
VALUE   OSC-TACACS-Privilege-Level  Root15
VALUE   OSC-TACACS-Privilege-Level  User1
VALUE   OSC-TACACS-Privilege-Level  Min 0

VALUE   OSC-TACACS-Authen-Type  ASCII   1
VALUE   OSC-TACACS-Authen-Type  PAP 2
VALUE   OSC-TACACS-Authen-Type  CHAP3
VALUE   OSC-TACACS-Authen-Type  ARAP4
VALUE   OSC-TACACS-Authen-Type  MSCHAP  5

VALUE   OSC-TACACS-Service  None0
VALUE   OSC-TACACS-Service  Login   1
VALUE   OSC-TACACS-Service  Enable  2
VALUE   OSC-TACACS-Service  PPP 3
VALUE   OSC-TACACS-Service  ARAP4
VALUE   OSC-TACACS-Service  PT  5
VALUE   OSC-TACACS-Service  RCMD6
VALUE   OSC-TACACS-Service  X25 7
VALUE   OSC-TACACS-Service  NASIq   8
VALUE   OSC-TACACS-Service  FWPROXY 9

VALUE   OSC-TACACS-Authen-MethodNot_Set 0
VALUE   OSC-TACACS-Authen-MethodNone

Re: [RADIATOR] COA log

[Hugh Irvine]

Hello -

As COA is not an authentication, it therefore follows that it will not be 
logged by an AuthLog clause.

To see what happens with a COA you will need to look at the log file (not the 
authlog file).

regards

Hugh


 On 4 Feb 2015, at 20:49, ONRUBIA AVILES Carlos (SPC/CSP) 
 carlos.onrubia.avi...@proximus.com wrote:
 
 Dear all,
 
  
 
 I have the following problem:
 
  
 
 I can log authentification with the configuration here below,  it works 
 correctly.
 
 But if I use event_log identifier to log a COA (and not a normal  
 Access-Request with Accept or Reject), nothing happens.
 
  
 
 Can you indicate me how to log a COA with the answer (ACK or NACK)
 
  
 
 Thanks in advance,
 
  
 
  
 
  
 
 Handler User-Name = ABCD
 
 AuthBy  toto
 
 AuthLog event_log
 
 /Handler
 
  
 
 AuthLog FILE
 
 Identifier  event_log
 
 Filename%L/event_auth.log
 
 SuccessFormat   %v %d 
 %H:%M:%S,,%s,,%n,,HIDDEN,,%a,,PASS,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,
 
 FailureFormat   %v %d 
 %H:%M:%S,,%s,,%n,,HIDDEN,,none,,FAIL,,%N,,%c,,%{Type},,%{Connect-Info},,%{Calling-Station-Id},,%{GlobalVar:servername}%{GlobalVar:suffixfon},,%{GlobalVar:authPort},,%1
 
 LogSuccess  1
 
LogFailure  1
 
 /AuthLog
 
  
 
  
 
  
 
  
 
  
 
 
 
 * Disclaimer *
 http://www.proximus.be/maildisclaimer
 ___
 radiator mailing list
 radiator@open.com.au
 http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
h...@open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.

___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator