[RADIATOR] PacketTrace for Authby RADSEC does not dump receiving packets

Karl Gaissmaier karl.gaissmaier at uni-ulm.de
Fri Jul 12 08:07:04 CDT 2013


Hi radiator team,

I've a nasty problem between radiator and radsecproxy. I tried to dump
the receiving packets by AuthRADSEC, but no chance. Seems that the
PakcetTrace flag does not go transfered to the receiving packet.

Maybe this is a bug? Please see my config snippet.

The same is true for Server RADSEC, I never see Incoming packets dumped:

Version 4.11, patches from last week applied.

> <ServerRADSEC>
>     Secret                      radsec
>     Identifier                  FROM-DFN-PROXY
>     PacketTrace
>
>     <Log FILE>
>             Trace               5
>             Filename            %L/radsec-debug-logg
>             LogMicroseconds
>     </Log>
>
>     AddToRequest                Connect-Info=FROM-DFN-PROXY
>
>     UseTLS
>     TLS_CAFile                  %D/certificates/dfn-ca-chain.crt
>     TLS_CertificateFile         %D/certificates/radius.uni-ulm.de.crt
>     TLS_CertificateType         PEM
>     TLS_PrivateKeyFile          %D/certificates/radius.uni-ulm.de.key
>
> </ServerRADSEC>
>
> <AuthBy RADSEC>
>     Secret                      radsec
>     Identifier                  TO-DFN-PROXY
>     PacketTrace
 >
>     # not working, still searching for the bug in radsecproxy chain, sigh
>     # UseStatusServerForFailureDetect
>     # KeepaliveTimeout           10
>
>     <Log FILE>
>             Trace               5
>             Filename            %L/radsec-debug-logg
>             LogMicroseconds
>     </Log>
>
 >     # stupid workaround for open problems with upstream proxy
>     MaxFailedRequests           60
>     MaxFailedGraceTime          1
>     FailureBackoffTime          0
>     NoreplyTimeout              10
>
>     NoForwardAccounting
>
>     StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID
>
>     LocalAddress                134.60.X.Y
>
>     Host                        radius1.dfn.de
>     Host                        radius2.dfn.de
>
>     UseTLS
>     TLS_CAFile                  %D/certificates/dfn-ca-chain.crt
>     TLS_ExpectedPeerName        CN=.*\.dfn\.de
>
>     TLS_CertificateFile         %D/certificates/radius.uni-ulm.de.crt
>     TLS_CertificateType         PEM
>     TLS_PrivateKeyFile          %D/certificates/radius.uni-ulm.de.key
>
> </AuthBy>

-- 
Karl Gaissmaier
Universität Ulm/Germany


More information about the radiator mailing list