(RADIATOR) AuthLog not logging password

Matthew Trout MatthewTrout at businessserve.co.uk
Thu Oct 2 06:14:56 CDT 2003


You probably won't be getting the password from the NAS in the first place.

If you're using a challenge-response based auth scheme the password is never
sent.

> -----Original Message-----
> From: Herman verschooten [mailto:H.verschooten at webvisie.net] 
> Sent: 02 October 2003 11:32
> To: radiator at open.com.au
> Subject: (RADIATOR) AuthLog not logging password
> 
> 
> Hi,
>  
> I am trying to log the password in an AuthLog FILE-clausule, but the
> field is left blank?
> 
> What I get in the log.txt-file is
> 
> FAIL:Thu Oct  2 12:31:06 2003:A03245014::FAIL
> FAIL:Thu Oct  2 12:31:15 2003:A03266007::FAIL
> 
> Any help would be appreciated.
> 
> Herman
>  
> 
> 
> # Radius.cfg
> #
> #	N	E	T	4	A	L	L
> #
> 
> Foreground
> LogStdout
> LogDir          d:/radius/log
> DbDir		c:/Program Files/Radiator
> 
> BindAddress     XX.YY.96.20
> AuthPort        1812,1645
> AcctPort        1813,1646
> 
> LogFile		%L/log%Y%m%d.log
> 
> Trace 4
> 
> SnmpgetProg	c:/Program Files/Radiator/net-snmp/snmpget.exe
> 
> #Strip realm
> RewriteUsername s/^([^@]+).*/$1/
> 
> # Allow only these chars in the username
> #UsernameCharset a-zA-Z0-9\.-_@
> 
> # You will probably want to change this to suit your site.
> <Client XX.YY.96.128>
> 	# Cisco 5300 & Ras
> 	Identifier 		DIALUP
> 	Secret			
> 	DupInterval 	10
> #	NasType	   		Cisco
> 	IdenticalClients XX.YY.96.5
> 	IdenticalClients XX.YY.96.3
> </Client>
> <Client XX.YY.ZZ.249>
> 	# Scarlet DSL
> 	Identifier 2UDSL
> 	Secret	
> 	DupInterval 10
> 	IdenticalClients XX.YY.ZZ.241
> </Client>
> 
> <Handler Client-Identifier=DIALUP>
> 	AcctLogFileName %L/%Y%m%d.log
> 	AuthByPolicy 	ContinueWhileAccept
> 	SessionDatabase	DIAL
> 	<AuthBy SQL>
> 		DBSource	dbi:ODBC:Radiator
> 		DBUsername	
> 		DBAuth		
> 		AuthSelect	select PASSWORD,CHECKATTR, REPLYATTR
> From SUBSCRIBERS where USERNAME=%0
> 		DefaultSimultaneousUse	1
> #		Accounting
> 		DateFormat  %b %e, %Y %H:%M:%S
> 		AccountingTable	Calls
> 		AcctColumnDef	NASIdentifier,NAS-Identifier
> 		AcctColumnDef	NASIdentifier,NAS-IP-Address
> 		AcctColumnDef	NASPort,NAS-Port,integer
> 		AcctColumnDef	AcctSessionId,Acct-Session-Id
> 		AcctColumnDef	AcctStatusType,Acct-Status-Type,integer
> 		AcctColumnDef	CallDate,Timestamp,integer-date
> 		AcctColumnDef	UserName,User-Name
> 		AcctColumnDef	AcctDelayTime,Acct-Delay-Time,integer
> 		AcctColumnDef
> AcctSessionTime,Acct-Session-Time,integer
> 		AcctColumnDef	FramedAddress,Framed-IP-Address
> 		AcctColumnDef
> AcctTerminateCause,Acct-Terminate-Cause,integer
> 		AcctColumnDef	ConnectInfo,Connect-Info,string
> 		AcctColumnDef	CallerID,Calling-Station-Id,string
> 		AcctColumnDef
> AcctInputOctets,Acct-Input-Octets,integer
> 		AcctColumnDef
> AcctOutputOctets,Acct-Output-Octets,integer
> 		AcctColumnDef
> AcctInputOctets,RB-Acct-Input-Octets-64,integer
> 		AcctColumnDef
> AcctOutputOctets,RB-Acct-Output-Octets-64,integer
> 	</AuthBy>
> 	<AuthBy FILE>
> 		Filename %D/Profile.cfg
> 		StripFromReply Profile
> 	</AuthBy>
> 	<AuthLog FILE>
> 		Filename 	D:/radius/log.Txt
> 		LogFailure 	1
> 		FailureFormat	FAIL:%l:%n:%P:FAIL
> 	</AuthLog FILE> 
> 	<AuthLog REMOTESYSLOG>
>                 SysLogHost XX.YY.ZZ.8
> 		LogSuccess 1
> 		LogFailure 1
> 		FailureFormat	FAIL:%l:%n:%P:FAIL
> 	</AuthLog>
> 	<AuthLog SQL>
> 		DBSource	dbi:ODBC:Radiator
> 		DBUsername	
> 		DBAuth		
> 		LogSuccess	1
> 		LogFailure 	1
>     </AuthLog>
> </Handler>
> <Handler>
> 	AcctLogFileName %L/%Y%m%d.log
> 	AuthByPolicy 	ContinueWhileAccept
> 	SessionDatabase	ADSL
> 	<AuthBy SQL>
> 		DBSource	dbi:ODBC:Radiator
> 		DBUsername	
> 		DBAuth		
> 		AuthSelect	select PASSWORD,CHECKATTR, REPLYATTR
> From SUBSCRIBERS where USERNAME=%0
> 		DefaultSimultaneousUse	1
> #		Accounting
> 		DateFormat  %b %e, %Y %H:%M:%S
> 		AccountingTable	Calls
> 		AcctColumnDef	NASIdentifier,NAS-Identifier
> 		AcctColumnDef	NASIdentifier,NAS-IP-Address
> 		AcctColumnDef	NASPort,NAS-Port,integer
> 		AcctColumnDef	AcctSessionId,Acct-Session-Id
> 		AcctColumnDef	AcctStatusType,Acct-Status-Type,integer
> 		AcctColumnDef	CallDate,Timestamp,integer-date
> 		AcctColumnDef	UserName,User-Name
> 		AcctColumnDef	AcctDelayTime,Acct-Delay-Time,integer
> 		AcctColumnDef
> AcctSessionTime,Acct-Session-Time,integer
> 		AcctColumnDef	FramedAddress,Framed-IP-Address
> 		AcctColumnDef
> AcctTerminateCause,Acct-Terminate-Cause,integer
> 		AcctColumnDef	ConnectInfo,Connect-Info,string
> 		AcctColumnDef	CallerID,Calling-Station-Id,string
> 		AcctColumnDef
> AcctInputOctets,Acct-Input-Octets,integer
> 		AcctColumnDef
> AcctOutputOctets,Acct-Output-Octets,integer
> 		AcctColumnDef
> AcctInputOctets,RB-Acct-Input-Octets-64,integer
> 		AcctColumnDef
> AcctOutputOctets,RB-Acct-Output-Octets-64,integer
> 	</AuthBy>
> 	<AuthBy FILE>
> 		Filename %D/Profile.cfg
> 		StripFromReply Profile
> 	</AuthBy>
> 	<AuthLog FILE>
> 		Filename 	D:/radius/log.Txt
> 		LogFailure 	1
> 		FailureFormat	FAIL:%l:%n:%P:FAIL
> 	</AuthLog FILE> 
> 	<AuthLog REMOTESYSLOG>
>                 SysLogHost XX.YY.ZZ.8
> 		LogSuccess 1
> 		LogFailure 1
> 		FailureFormat	FAIL:%l:%n:%P:FAIL
> 	</AuthLog>
> 	<AuthLog SQL>
> 		DBSource	dbi:ODBC:Radiator
> 		DBUsername	sa
> 		DBAuth		velvet
> 		LogSuccess	1
> 		LogFailure 	1
>     </AuthLog>
> </Handler>
> 
> <Log REMOTESYSLOG>
>         SysLogHost XX.YY.ZZ.8
> 	Trace 3
> </Log>
> <Log SQL>
> 	DBSource	dbi:ODBC:Radiator
> 	DBUsername	
> 	DBAuth		
> 	Trace		3	
> <Monitor>
> 	Username	
> 	Password	
> </Monitor>
> <SessionDatabase SQL>
> 	Identifier	DIAL
> 	DBSource	dbi:ODBC:Radiator
> 	DBUsername	
> 	DBAuth		
> 	AddQuery	insert into RADONLINE (USERNAME, NASIDENTIFIER,
> NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE,
> SERVICETYPE, CALLERID) 			values 
> ('%n','%N', 0%{NAS-Port},
> '%{Acct-Session-Id}', %{Timestamp}, '%{Framed-IP-Address}',
> '%{NAS-Port-Type}','%{Service-Type}', '%{Calling-Station-Id}')
> #	DeleteQuery delete from RADONLINE where NASIDENTIFIER = '%1' AND
> NASPORT = %2
> </SessionDatabase>
> <SessionDatabase SQL>
> 	Identifier	ADSL
> 	DBSource	dbi:ODBC:Radiator
> 	DBUsername	
> 	DBAuth		
> 	AddQuery	insert into RADONLINE (USERNAME, NASIDENTIFIER,
> NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE,
> SERVICETYPE, CALLERID) 			values 
> ('%n','%N', 0%{NAS-Port},
> '%{Acct-Session-Id}', %{Timestamp}, '%{Framed-IP-Address}',
> '%{NAS-Port-Type}','%{Service-Type}', '%{Calling-Station-Id}')
> 	DeleteQuery	delete from RADONLINE where NASIDENTIFIER = '%1'
> AND CALLERID = '%{Calling-Station-Id}' 
> 	CountQuery	select NASIDENTIFIER, NASPORT, ACCTSESSIONID
> from RADONLINE where USERNAME='%n' and not(CALLERID =
> '%{Calling-Station-Id}')
> </SessionDatabase>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list