API tools faq
paste
Advertisement
Guest User

with accounting packet debug

a guest
Aug 1st, 2013
121
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.57 KB | None | 0 0
raw download clone embed print report
  1. type = "auth"
  2. ipaddr = 127.0.0.1
  3. port = 18120
  4. }
  5. ... adding new socket proxy address * port 34514
  6. Listening on authentication address * port 1812
  7. Listening on accounting address * port 1813
  8. Listening on command file /var/run/radiusd/radiusd.sock
  9. Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
  10. Listening on proxy address * port 1814
  11. Ready to process requests.
  12. rad_recv: Access-Request packet from host 10.141.1.128 port 49154, id=0, length=94
  13. User-Name = "quidillaatmaax"
  14. User-Password = "xxxxx"
  15. Cisco-AVPair = "shell:priv-lvl=1"
  16. NAS-IP-Address = 10.141.1.128
  17. Acct-Session-Id = "0500007F"
  18. # Executing section authorize from file /etc/raddb/sites-enabled/default
  19. +- entering group authorize {...}
  20. ++- entering policy filter_username {...}
  21. +++? if (User-Name =~ /^ /)
  22. ? Evaluating (User-Name =~ /^ /) -> FALSE
  23. +++? if (User-Name =~ /^ /) -> FALSE
  24. +++? if (User-Name =~ / $$/)
  25. ? Evaluating (User-Name =~ / $$/) -> FALSE
  26. +++? if (User-Name =~ / $$/) -> FALSE
  27. +++? if (User-Name != "%{tolower:%{User-Name}}")
  28. expand: %{User-Name} -> quidillaatmaax
  29. expand: %{tolower:%{User-Name}} -> quidillaatmaax
  30. ? Evaluating (User-Name != "%{tolower:%{User-Name}}") -> FALSE
  31. +++? if (User-Name != "%{tolower:%{User-Name}}") -> FALSE
  32. ++- policy filter_username returns notfound
  33. ++[preprocess] returns ok
  34. [auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/10.141.1.128/auth-detail-20130801
  35. [auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/10.141.1.128/auth-detail-20130801
  36. [auth_log] expand: %t -> Thu Aug 1 14:47:15 2013
  37. ++[auth_log] returns ok
  38. ++[chap] returns noop
  39. ++[mschap] returns noop
  40. ++[digest] returns noop
  41. [suffix] No '@' in User-Name = "quidillaatmaax", looking up realm NULL
  42. [suffix] No such realm "NULL"
  43. ++[suffix] returns noop
  44. [eap] No EAP-Message, not doing EAP
  45. ++[eap] returns noop
  46. ++[files] returns noop
  47. [sql] expand: %{User-Name} -> quidillaatmaax
  48. [sql] sql_set_user escaped user --> 'quidillaatmaax'
  49. rlm_sql (sql): Reserving sql socket id: 3
  50. [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'quidillaatmaax' ORDER BY id
  51. rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'quidillaatmaax' ORDER BY id
  52. [sql] User found in radcheck table
  53. [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'quidillaatmaax' ORDER BY id
  54. rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM radreply WHERE username = 'quidillaatmaax' ORDER BY id
  55. [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'quidillaatmaax' ORDER BY priority
  56. rlm_sql_mysql: query: SELECT groupname FROM radusergroup WHERE username = 'quidillaatmaax' ORDER BY priority
  57. [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'Netops - Exp 29 Nov 2013' ORDER BY id
  58. rlm_sql_mysql: query: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'Netops - Exp 29 Nov 2013' ORDER BY id
  59. rlm_sql (sql): Released sql socket id: 3
  60. ++[sql] returns ok
  61. ++[expiration] returns noop
  62. ++[logintime] returns noop
  63. [pap] Normalizing MD5-Password from hex encoding
  64. ++[pap] returns updated
  65. Found Auth-Type = PAP
  66. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  67. !!! Replacing User-Password in config items with Cleartext-Password. !!!
  68. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  69. !!! Please update your configuration so that the "known good" !!!
  70. !!! clear text password is in Cleartext-Password, and not in User-Password. !!!
  71. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  72. # Executing group from file /etc/raddb/sites-enabled/default
  73. +- entering group PAP {...}
  74. [pap] login attempt with password "xxxxx"
  75. [pap] Using MD5 encryption.
  76. [pap] User authenticated successfully
  77. ++[pap] returns ok
  78. Login OK: [quidillaatmaax] (from client MAAX port 0)
  79. # Executing section post-auth from file /etc/raddb/sites-enabled/default
  80. +- entering group post-auth {...}
  81. [sql] expand: %{User-Name} -> quidillaatmaax
  82. [sql] sql_set_user escaped user --> 'quidillaatmaax'
  83. [sql] expand: %{User-Password} -> xxxxx
  84. [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'quidillaatmaax', 'xxxxx', 'Access-Accept', '2013-08-01 14:47:15')
  85. [sql] expand: /var/log/radius/sqltrace.sql -> /var/log/radius/sqltrace.sql
  86. rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'quidillaatmaax', 'xxxxx', 'Access-Accept', '2013-08-01 14:47:15')
  87. rlm_sql (sql): Reserving sql socket id: 2
  88. rlm_sql_mysql: query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'quidillaatmaax', 'xxxxx', 'Access-Accept', '2013-08-01 14:47:15')
  89. rlm_sql (sql): Released sql socket id: 2
  90. ++[sql] returns ok
  91. ++[exec] returns noop
  92. Sending Access-Accept of id 0 to 10.141.1.128 port 49154
  93. Service-Type = Administrative-User
  94. Finished request 0.
  95. Going to the next request
  96. Waking up in 4.9 seconds.
  97. rad_recv: Accounting-Request packet from host 10.141.1.128 port 49154, id=0, length=91
  98. User-Name = "quidillaatmaax"
  99. NAS-IP-Address = 10.141.1.128
  100. Called-Station-Id = "10.141.1.128"
  101. Calling-Station-Id = "10.141.59.3"
  102. Acct-Status-Type = Start
  103. Acct-Session-Id = "0500007F"
  104. Acct-Authentic = RADIUS
  105. # Executing section preacct from file /etc/raddb/sites-enabled/default
  106. +- entering group preacct {...}
  107. ++[preprocess] returns ok
  108. expand: %{Acct-Session-Time} ->
  109. ... expanding second conditional
  110. expand: %{Acct-Delay-Time} ->
  111. ... expanding second conditional
  112. expand: %l - %{%{Acct-Session-Time}:-0} - %{%{Acct-Delay-Time}:-0} -> 1375339635 - 0 - 0
  113. expand: %{expr: %l - %{%{Acct-Session-Time}:-0} - %{%{Acct-Delay-Time}:-0}} -> 1375339635
  114. ++[request] returns ok
  115. [acct_unique] WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent
  116. [acct_unique] Hashing ',Client-IP-Address = 10.141.1.128,NAS-IP-Address = 10.141.1.128,Acct-Session-Id = "0500007F",User-Name = "quidillaatmaax"'
  117. [acct_unique] Acct-Unique-Session-ID = "1fbd6f4030deecf4".
  118. ++[acct_unique] returns ok
  119. [suffix] No '@' in User-Name = "quidillaatmaax", looking up realm NULL
  120. [suffix] No such realm "NULL"
  121. ++[suffix] returns noop
  122. ++[files] returns noop
  123. # Executing section accounting from file /etc/raddb/sites-enabled/default
  124. +- entering group accounting {...}
  125. [detail] expand: %{Packet-Src-IP-Address} -> 10.141.1.128
  126. [detail] expand: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/radius/radacct/10.141.1.128/detail-20130801
  127. [detail] /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/radius/radacct/10.141.1.128/detail-20130801
  128. [detail] expand: %t -> Thu Aug 1 14:47:15 2013
  129. ++[detail] returns ok
  130. ++[unix] returns noop
  131. [radutmp] expand: /var/log/radius/radutmp -> /var/log/radius/radutmp
  132. [radutmp] expand: %{User-Name} -> quidillaatmaax
  133. rlm_radutmp: No NAS-Port seen. Cannot do anything.
  134. rlm_radumtp: WARNING: checkrad will probably not work!
  135. ++[radutmp] returns noop
  136. [sql] expand: %{User-Name} -> quidillaatmaax
  137. [sql] sql_set_user escaped user --> 'quidillaatmaax'
  138. [sql] expand: %{Acct-Delay-Time} ->
  139. [sql] ... expanding second conditional
  140. [sql] expand: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',
  141. [sql] expand: /var/log/radius/sqltrace.sql -> /var/log/radius/sqltrace.sql
  142. rlm_sql (sql): Reserving sql socket id: 1
  143. rlm_sql_mysql: query: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('0500007F', '1fbd6f4030deecf4', 'quidillaatmaax', '', '10.141.1.128', '', '', '2013-08-01 14:47:15', NULL, '0', 'RADIUS', '', '', '0', '0', '10.141.1.128', '10.141.59.3', '', '', '', '', '0', '0', '')
  144. rlm_sql (sql): Released sql socket id: 1
  145. ++[sql] returns ok
  146. ++? if (noop)
  147. ? Evaluating (noop) -> FALSE
  148. ++? if (noop) -> FALSE
  149. ++[exec] returns noop
  150. [attr_filter.accounting_response] expand: %{User-Name} -> quidillaatmaax
  151. attr_filter: Matched entry DEFAULT at line 12
  152. ++[attr_filter.accounting_response] returns updated
  153. Sending Accounting-Response of id 0 to 10.141.1.128 port 49154
  154. Finished request 1.
  155. Cleaning up request 1 ID 0 with timestamp +22
  156. Going to the next request
  157. Waking up in 4.9 seconds.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!