(RADIATOR) Troubles with <AuthLog SYSLOG>

Hugh Irvine hugh at open.com.au
Tue Jun 22 01:18:03 CDT 2004 

Hello Jan -

I wonder if you could do a simple test with an AuthLog FILE clause 
instead of AuthLog SYSLOG?

This is just to make sure the AuthLog part is working before we worry 
about the SYSLOG part.

regards

Hugh


On 22 Jun 2004, at 01:58, Jan Tomasek wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
> I'm right now evaluating Radiator here at CESNET. Everything is going 
> fine,
> comparing to freeradius it's almost unbelivable how fine it is gonig ;)
>
> Now I hited troubles I can't resolve with info from docs/faqs. I hope 
> here
> will be somebody who might be able to help me.
>
> Begining of configuration file is:
>
> Foreground
> LogStdout
> Trace		4
> LogDir		/var/log/radiator
> DbDir		/home/semik/iproj/Radiator-Demo-3.9
>
> <AuthLog SYSLOG>
> 		Facility	local7
> 		LogSuccess	1
> 		LogFailure	1
> 		SuccessFormat	'%l:%U:%P:OK'
> 		FailureFormat	'%l:%U:%P:FAIL'
> </AuthLog>
> <Log SYSLOG>
> 		Facility	local7
> 		LogIdent	radiator
> 		Trace		4
> </Log>
>
> AuthPort	1645,1812
> AcctPort	1646,1813
>
>
> To console it writes:
>
> Mon Jun 21 17:47:48 2004: DEBUG: Packet dump:
> *** Received from 195.113.134.138 port 33995 ....
> Code:       Access-Request
> Identifier: 201
> Authentic:  /U<194><137><132><231>\!i<11><220><171>.<136>a"
> Attributes:
>         User-Name = "semik at radius1.cesnet.cz"
>         User-Password = "U<144><184>H-2<223><160>u<219>Tb?_}z"
>         NAS-IP-Address = 255.255.255.255
>         NAS-Port = 0
>
> Mon Jun 21 17:47:48 2004: DEBUG: Handling request with Handler
> 'Realm=/^cesnet\.cz$|^radius1\.cesnet\.cz$/'
> Mon Jun 21 17:47:48 2004: DEBUG: Rewrote user name to semik
> Mon Jun 21 17:47:48 2004: DEBUG: Rewrote user name to semik
> Mon Jun 21 17:47:48 2004: DEBUG:  Deleting session for
> semik at radius1.cesnet.cz, 255.255.255.255, 0
> Mon Jun 21 17:47:48 2004: DEBUG: Handling with Radius::AuthLDAP2:
> Mon Jun 21 17:47:48 2004: INFO: Connecting to localhost, port 389
> Mon Jun 21 17:47:48 2004: INFO: Attempting to bind to LDAP server 
> localhost:389)
> Mon Jun 21 17:47:48 2004: DEBUG: LDAP got result for
> uid=semik,ou=People,dc=cesnet,dc=cz
> Mon Jun 21 17:47:48 2004: DEBUG: LDAP got radiusPassword: heslo
> Mon Jun 21 17:47:48 2004: DEBUG: Radius::AuthLDAP2 looks for match 
> with semik
> Mon Jun 21 17:47:48 2004: DEBUG: Radius::AuthLDAP2 REJECT: Bad Password
> Mon Jun 21 17:47:48 2004: INFO: Connecting to localhost, port 389
> Mon Jun 21 17:47:48 2004: INFO: Attempting to bind to LDAP server 
> localhost:389)
> Mon Jun 21 17:47:48 2004: DEBUG: No entries for DEFAULT found in LDAP 
> database
> Mon Jun 21 17:47:48 2004: INFO: Access rejected for semik: Bad Password
> Mon Jun 21 17:47:48 2004: DEBUG: Packet dump:
> *** Sending to 195.113.134.138 port 33995 ....
> Code:       Access-Reject
> Identifier: 201
> Authentic:  /U<194><137><132><231>\!i<11><220><171>.<136>a"
> Attributes:
>         Reply-Message = "Request Denied"
>
>
> Syslog receives all that DEBUG/INFO messages but nothing matching
> '%l:%U:%P:FAIL', if I disable <Log SYSLOG> it simply stays quiet. I 
> propably
> somewhere something overlooked, but I can't find it on my own.
>
> I'm running version 3.9 with patches I've got with it at 15.06.2004.
>
> Thanks for any help.
> - --
> - --------------------------------------------------------------
> Jan Tomasek aka Semik           work: CESNET, z.s.p.o.
> http://www.tomasek.cz/                Zikova 4, 160 00 Praha 6
>                                       Czech Republic
> phone(work): +420 2 2435 5279         http://www.cesnet.cz/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
> iD8DBQFA1wW979++DGvj6tMRAv5UAJ9ZJqVNN3ZpmN333oWeIQNb5+orkwCgjm1Q
> 94JJAMmABkzquATikKiEJhI=
> =NRRX
> -----END PGP SIGNATURE-----
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list