[RADIATOR] Log messages for Authby Group

Hugh Irvine hugh at open.com.au
Wed Mar 18 19:25:37 CST 2009


Hello Markus, Hello Martin -

Thanks for your thoughts and suggestions.

We are reviewing the logging options for the next version of Radiator  
- the trick is to avoid massive amounts of overhead.

regards

Hugh


On 19 Mar 2009, at 02:01, Wallner Martin wrote:

> Just to add my 2cents...
>
> Great Idea. Makes the Grouped Auths readable. Nevertheless I would  
> suggest to keep this on 'debug' level (trace 4+) in the 'Accept'  
> cases, because AuthGroup is also needed for example when you have  
> one general clause for handling Accounting Packets in a seperate  
> AuthBy clause which you then combine with the authenticate-AuthBy.  
> It would clutter your normal log with too much 'Accept' infos...
>
> =mw=
>
>
> -----Ursprüngliche Nachricht-----
> Von: radiator-bounces at open.com.au [mailto:radiator- 
> bounces at open.com.au] Im Auftrag von Markus Moeller
> Gesendet: Mittwoch, 18. März 2009 10:26
> An: radiator at open.com.au
> Betreff: Re: [RADIATOR] Log messages for Authby Group
>
> For version 4.2 I was thinking something like:
>
>
> # diff -c AuthGROUP.pm  AuthGROUP-new.pm
> *** AuthGROUP.pm        Wed Mar 18 09:18:42 2009
> --- AuthGROUP-new.pm    Wed Mar 18 09:23:13 2009
> ***************
> *** 166,193 ****
> --- 166,205 ----
>        if ($self->{AuthByPolicy} eq 'ContinueWhileIgnore')
>        {
>            $stop = ($handled != $main::IGNORE);
> +             $self->log($main::LOG_INFO, "AuthBy $handler- 
> >{Identifier} returned $Radius::AuthGeneric::reasons[$handled],  
> Reason: $reason", $p)
> +                    if (!$stop);
>        }
>        elsif ($self->{AuthByPolicy} eq 'ContinueUntilIgnore')
>        {
>            $stop = ($handled == $main::IGNORE);
> +             $self->log($main::LOG_INFO, "AuthBy $handler- 
> >{Identifier} returned $Radius::AuthGeneric::reasons[$handled],  
> Reason: $reason", $p)
> +                    if (!$stop);
>        }
>        elsif ($self->{AuthByPolicy} eq 'ContinueWhileAccept')
>        {
>            $stop = ($handled != $main::ACCEPT);
> +             $self->log($main::LOG_INFO, "AuthBy $handler- 
> >{Identifier} returned $Radius::AuthGeneric::reasons[$handled],  
> Reason: $reason", $p)
> +                    if (!$stop);
>        }
>        elsif ($self->{AuthByPolicy} eq 'ContinueUntilAccept')
>        {
>            $stop = ($handled == $main::ACCEPT);
> +             $self->log($main::LOG_INFO, "AuthBy $handler- 
> >{Identifier} returned $Radius::AuthGeneric::reasons[$handled],  
> Reason: $reason", $p)
> +                    if (!$stop);
>        }
>        elsif ($self->{AuthByPolicy} eq 'ContinueWhileReject')
>        {
>            $stop = ($handled != $main::REJECT
>                     && $handled != $main::REJECT_IMMEDIATE);
> +             $self->log($main::LOG_INFO, "AuthBy $handler- 
> >{Identifier} returned $Radius::AuthGeneric::reasons[$handled],  
> Reason: $reason", $p)
> +                    if (!$stop);
>        }
>        elsif ($self->{AuthByPolicy} eq 'ContinueUntilReject')
>        {
>            $stop = ($handled == $main::REJECT
>                     || $handled == $main::REJECT_IMMEDIATE);
> +             $self->log($main::LOG_INFO, "AuthBy $handler- 
> >{Identifier} returned $Radius::AuthGeneric::reasons[$handled],  
> Reason: $reason", $p)
> +                    if (!$stop);
>        }
>        last if $stop;
>      }
> #
>
> This will create an Info message if the Authby is not the last.
>
> Markus
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.





More information about the radiator mailing list