[RADIATOR] MessageLog for Server RADSEC and AuthBy RADSEC seems to logg incoming only

Karl Gaissmaier karl.gaissmaier at uni-ulm.de
Mon Aug 14 14:17:39 UTC 2017


Hi Heikki,

Am 14.08.2017 um 15:52 schrieb Heikki Vatiainen:
> On 11.8.2017 16.09, Karl Gaissmaier wrote:
>
>> But, it seems that <Server RADSEC> and <AuthBy RADSEC> logs only 
>> incoming packets with MessageLog, I need also the outgoing packets 
>> logged.
>>
>> Please verify it and if it's a mistake, please patch it.
>
> This seems to be correct. The first target for message logging was 
> plain RADIUS and I think it's fine to make it work with RadSect too. 
> The shared code already allows it to work for incoming requests but 
> the stream sending seems to need a bit more.

we need it especially for RADSEC (Server AND AuthBy) because we can't 
decode the sniffered but encrypted RADSEC traffic without the TLS 
session keys.

RADIUS traffic can be sniffed and decoded by wireshark without any 
elaborated tricks.

Thanks
    Charly

-- 
Karl Gaissmaier
Universität Ulm
kiz, Kommunikations und Informationszentrum
89069 Ulm
Tel.: 49(0)731/50-22499
Fax : 49(0)731/50-12-22499



More information about the radiator mailing list