(RADIATOR) raddump RADIUS packet analyzer

Jonathan Moore jonm at isc.upenn.edu
Wed Sep 22 10:54:15 CDT 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folks,

I'd like to announce the availability of the raddump RADIUS packet 
analyzer which may be useful for debugging your RADIUS infrastructure. 
Please see the project homepage at 
https://sourceforge.net/projects/raddump/ for more details.

It is GPL'ed and available as:
http://prdownloads.sourceforge.net/raddump/raddump-0.2.1.tar.gz?download

What is raddump? From the man page:

        raddump(1)  interprets  captured  RADIUS  packets to print
        details about them, including a timestamp, packet lengths,
        RADIUS  packet  type,  source  and  destination  hosts and
        ports, and included attribute names and values. It is pri-
        marily  useful in conjunction with packet capture programs
        such as tcpdump(1) or snoop(1M), and can be used either on
        a  saved file or in a pipeline to monitor ongoing communi-
        cations.

        raddump(1) currently understands packet  traces  that  are
        RFC  1761-compliant  (e.g.  those produced by snoop v2) as
        well as those that are stored in the libpcap format  (e.g.
        those  produced by tcpdump). raddump(1) is able to distin-
        guish these file formats on the fly, so it is  not  neces-
        sary to indicate which type of trace you are feeding it.

Example output:
[fred: ~/src/raddump]$ ./raddump -vs < snoopv2.pkts
Looks like a(n) RFC 1761 (snoop v2) packet trace
10:07:58.916467 radius DUMBLEDORE:60818 > knockknock:1645 
Access-Request 32
   User-Name = netmon
   User-Password = <16 bytes>
   NAS-IP-Address = 128.91.254.254
10:08:00.089439 radius knockknock:1645 > DUMBLEDORE:60818 Access-Accept 
16
   Vendor-Specific = PennID = XXXXXXXX

You may find this useful for debugging your RADIUS server by monitoring 
traffic in real time, or for doing offline examination of a problematic 
session. For example, we have already found it useful here at UPenn to 
be able to say: "do a tcpdump while you try to hit our RADIUS server 
and then send us the saved packets."

The current version should build on Solaris, Mac OS X, and Linux.

Cheers,
Jon Moore
- --
Jon Moore
ISC Networking & Telecommunications
University of Pennsylvania
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)

iD8DBQFBUaApx8TaElR3qMMRAvFaAKCqdBV9A27wxK0FSPcfY0zFwjpSnACgi1Yc
pKcAPiZR8xXI3SZPHx6K4/I=
=fM6u
-----END PGP SIGNATURE-----

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list