(RADIATOR) Debug-Featurerequest
Bjoern A. Zeeb
bz-lists at cksoft.de
Tue Apr 29 04:25:13 CDT 2008
On Tue, 29 Apr 2008, Wallner Martin wrote:
Hi Martin,
> trace_nasidentifier
> trace_nasipaddress
> and a trace_regexuser (so one can search for f.e. '*@nasrealm')
What I have done in the past (as people often want to have those things
in the logs, like to repeatedly get traces, .. for post-"incident"
analyses;-) was a PreClientHook (or at a later stage depending on
requirements) which would enable packet tracing for the particular
request based on a criteria in a cached input file, that I check
every n seconds for a change and re-read it if needed.
So if you, for exmaple, have 20 NAS devices on a single radius server
instance that reduces the logging to only the one IP you are currently
interested in.
One thing you can do is to centrally deploy that file to all radius
servers. Might be easier to analyse things if your NAS/Radius-Server
pairs are busy, than to have multiple windows open watching where
the requests come in, especially if you are doing round-robin
distribution from the NAS to the Radius servers.
For extending Monitor, I think you could use the (undocumented?)
TRACE_PREDICATE command to actually do most/all of what you asked for,
like
TRACE_PREDICATE Nas-IP-Address=="192.0.2.17",User-Name=="foo"
or
TRACE_PREDICATE Nas-Identifier=="EXAMPLE-NAS",User-Name=~"\@example.net"
I haven't tested this myself, so maybe you wan to try that on your
lab machine first;-)
Greetings
Bjoern
--
Dipl. Ing. (BA) Bjoern A. Zeeb Research & Development
CK Software GmbH http://www.cksoft.de/
Schwarzwaldstr. 31 Phone: +49 7452 889 135
D-71131 Jettingen Fax: +49 7452 889 136
HRB245288, Amtsgericht Stuttgart Geschaeftsfuehrer: Christian Kratzer
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list