(RADIATOR) Change in logging behaviour

Hugh Irvine hugh at open.com.au
Thu Aug 10 18:57:10 CDT 2006 

Hello Peter -

Radiator 3.15 with the following configuration file works as expected.

# simple.cfg
#
# Example Radiator configuration file.
# This very simple file will allow you to get started with
# a simple system. You can then add and change features.
# We suggest you start simple, prove to yourself that it
# works and then develop a more complicated configuration.
#
# This example will authenticate from a standard users file in
# the current directory and log accounting to a file in the current
# directory.
# It will accept requests from any client and try to handle request
# for any realm.
# And it will print out what its doing in great detail.
#
# See radius.cfg for more complete examples of features and
# syntax, and refer to the reference manual for a complete description
# of all the features and syntax.
#
# You should consider this file to be a starting point only
# $Id: simple.cfg,v 1.4 2001/04/25 23:47:13 mikem Exp $

Foreground
LogStdout
LogDir          .
DbDir           .
# User a lower trace level in production systems:
Trace           4

# You will probably want to add other Clients to suit your site,
# one for each NAS you want to work with
<Client DEFAULT>
         Secret  mysecret
         DupInterval 0
</Client>

<Realm DEFAULT>
         <AuthBy FILE>
                 Filename ./users
         </AuthBy>
         # Log accounting to a detail file
         AcctLogFileName ./detail
</Realm>


This is the "%L/logfile" that is produced with radpwtst (with all  
defaults):


Radiator-3.15 hugh$ cat logfile
Fri Aug 11 09:20:20 2006: DEBUG: Finished reading configuration file  
'simple.cfg'
Fri Aug 11 09:20:20 2006: DEBUG: Reading dictionary file './dictionary'
Fri Aug 11 09:20:20 2006: DEBUG: Creating authentication port  
0.0.0.0:1645
Fri Aug 11 09:20:29 2006: DEBUG: Finished reading configuration file  
'simple.cfg'
Fri Aug 11 09:20:29 2006: DEBUG: Reading dictionary file './dictionary'
Fri Aug 11 09:20:29 2006: DEBUG: Creating authentication port  
0.0.0.0:1645
Fri Aug 11 09:20:29 2006: DEBUG: Creating accounting port 0.0.0.0:1646
Fri Aug 11 09:20:29 2006: NOTICE: Server started: Radiator 3.15 on  
titi.irvine.com.au
Fri Aug 11 09:20:43 2006: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 51986 ....
Code:       Access-Request
Identifier: 42
Authentic:  1234567890123456
Attributes:
         User-Name = "mikem"
         Service-Type = Framed-User
         NAS-IP-Address = 203.63.154.1
         NAS-Identifier = "203.63.154.1"
         NAS-Port = 1234
         Called-Station-Id = "123456789"
         Calling-Station-Id = "987654321"
         NAS-Port-Type = Async
         User-Password = <159><249>:<201><175> 
\<4><246><188>8<9><160><216>}x<153>

Fri Aug 11 09:20:43 2006: DEBUG: Handling request with Handler  
'Realm=DEFAULT'
Fri Aug 11 09:20:43 2006: DEBUG:  Deleting session for mikem,  
203.63.154.1, 1234
Fri Aug 11 09:20:43 2006: DEBUG: Handling with Radius::AuthFILE:
Fri Aug 11 09:20:43 2006: DEBUG: Reading users file ./users
Fri Aug 11 09:20:43 2006: DEBUG: Radius::AuthFILE looks for match  
with mikem [mikem]
Fri Aug 11 09:20:43 2006: DEBUG: Radius::AuthFILE ACCEPT: : mikem  
[mikem]
Fri Aug 11 09:20:43 2006: DEBUG: AuthBy FILE result: ACCEPT,
Fri Aug 11 09:20:43 2006: DEBUG: Access accepted for mikem
Fri Aug 11 09:20:43 2006: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 51986 ....
Code:       Access-Accept
Identifier: 42
Authentic:  1234567890123456
Attributes:
         Framed-Protocol = PPP
         Service-Type = Framed-User

Fri Aug 11 09:20:43 2006: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 51986 ....
Code:       Accounting-Request
Identifier: 43
Authentic:   
<0><145><0><206><253><129><172>><237><217>1<236><149><214><190>R
Attributes:
         User-Name = "mikem"
         Service-Type = Framed-User
         NAS-IP-Address = 203.63.154.1
         NAS-Identifier = "203.63.154.1"
         NAS-Port = 1234
         NAS-Port-Type = Async
         Acct-Session-Id = "00001234"
         Acct-Status-Type = Start
         Called-Station-Id = "123456789"
         Calling-Station-Id = "987654321"
         Acct-Delay-Time = 0

Fri Aug 11 09:20:43 2006: DEBUG: Handling request with Handler  
'Realm=DEFAULT'
Fri Aug 11 09:20:43 2006: DEBUG:  Adding session for mikem,  
203.63.154.1, 1234
Fri Aug 11 09:20:43 2006: DEBUG: Handling with Radius::AuthFILE:
Fri Aug 11 09:20:43 2006: DEBUG: AuthBy FILE result: ACCEPT,
Fri Aug 11 09:20:43 2006: DEBUG: Accounting accepted
Fri Aug 11 09:20:43 2006: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 51986 ....
Code:       Accounting-Response
Identifier: 43
Authentic:   
<0><145><0><206><253><129><172>><237><217>1<236><149><214><190>R
Attributes:

Fri Aug 11 09:20:43 2006: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 51986 ....
Code:       Accounting-Request
Identifier: 44
Authentic:  <144><19><223>$3fy<155><198>)_<7>O<183><205>-
Attributes:
         User-Name = "mikem"
         Service-Type = Framed-User
         NAS-IP-Address = 203.63.154.1
         NAS-Identifier = "203.63.154.1"
         NAS-Port = 1234
         NAS-Port-Type = Async
         Acct-Session-Id = "00001234"
         Acct-Status-Type = Stop
         Called-Station-Id = "123456789"
         Calling-Station-Id = "987654321"
         Acct-Delay-Time = 0
         Acct-Session-Time = 1000
         Acct-Input-Octets = 20000
         Acct-Output-Octets = 30000

Fri Aug 11 09:20:43 2006: DEBUG: Handling request with Handler  
'Realm=DEFAULT'
Fri Aug 11 09:20:43 2006: DEBUG:  Deleting session for mikem,  
203.63.154.1, 1234
Fri Aug 11 09:20:43 2006: DEBUG: Handling with Radius::AuthFILE:
Fri Aug 11 09:20:43 2006: DEBUG: AuthBy FILE result: ACCEPT,
Fri Aug 11 09:20:43 2006: DEBUG: Accounting accepted
Fri Aug 11 09:20:43 2006: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 51986 ....
Code:       Accounting-Response
Identifier: 44
Authentic:  <144><19><223>$3fy<155><198>)_<7>O<183><205>-
Attributes:


I am guessing there is something in your configuration file(s) that  
is causing this behaviour.

The simplest way to see what is happening in testing is to run  
radiusd like this:

	cd /your/Radiator/distribution

	perl radiusd -foreground -log_stdout -trace 4 -config_file /your/ 
configuration/file

regards

Hugh


On 10 Aug 2006, at 21:20, Peter Bates wrote:

>
> Hello all...
>
> Apologies if this is a FAQ.
>
> I'm running Radiator on a slightly old RedHat box
> that should really be upgraded.
>
> Anyway, I was trying to move from:
> Radiator-3.14-1
> to
> Radiator-3.15-1
> (both from RPMs)
>
> I kept the same /etc/radiator/radius.cfg file.
>
> I have
> LogDir /var/log/radius
> Trace 4
>
> With 3.14, information was happily being logged to %L/logfile
> even though I don't see that specified particularly in radius.cfg
>
> I see for example:
>
> Thu Aug 10 10:19:47 2006: NOTICE: Server started: Radiator 3.14 on
> x.lshtm.
> ac.uk
>
> When I upgraded to 3.15, I got:
>
> Thu Aug 10 10:27:51 2006: DEBUG: include /etc/radiator/lshtm-ldap.cfg
> Thu Aug 10 10:27:51 2006: DEBUG: include
> /etc/radiator/lshtm-ldap-wireless.cfg
> Thu Aug 10 10:27:51 2006: DEBUG: include
> /etc/radiator/lshtm-switches.cfg
> Thu Aug 10 10:27:51 2006: DEBUG: Finished reading configuration file
> '/etc/radia
> tor/radius.cfg'
>
> But then nothing else, including, it would seem, any logging of
> accesses.
>
> I've looked at the release notes but for now have returned to 3.14.
>
> Am I missing something obvious?
>
>
>
> ---------------------------------------------------------------------- 
> ----------------------------->
> Peter Bates, Systems Support Officer, IT Services.
> London School of Hygiene & Tropical Medicine.
> Telephone:0207-958 8353 / Fax: 0207- 636 9838
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list