API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 27th, 2018
140
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 21.44 KB | None | 0 0
raw download clone embed print report
  1. root@ndpl:/usr/local/nodeny # radiusd -X
  2. radiusd: FreeRADIUS Version 2.2.9, for host amd64-portbld-freebsd10.4, built on Feb 17 2018 at 19:49:49
  3. Copyright (C) 1999-2015 The FreeRADIUS server project and contributors.
  4. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
  5. PARTICULAR PURPOSE.
  6. You may redistribute copies of FreeRADIUS under the terms of the
  7. GNU General Public License.
  8. For more information about these matters, see the file named COPYRIGHT.
  9. Starting - reading configuration files ...
  10. including configuration file /usr/local/etc/raddb/radiusd.conf
  11. including configuration file /usr/local/etc/raddb/proxy.conf
  12. including configuration file /usr/local/etc/raddb/clients.conf
  13. including files in directory /usr/local/etc/raddb/modules/
  14. including configuration file /usr/local/etc/raddb/modules/always
  15. including configuration file /usr/local/etc/raddb/modules/attr_filter
  16. including configuration file /usr/local/etc/raddb/modules/attr_rewrite
  17. including configuration file /usr/local/etc/raddb/modules/cache
  18. including configuration file /usr/local/etc/raddb/modules/chap
  19. including configuration file /usr/local/etc/raddb/modules/checkval
  20. including configuration file /usr/local/etc/raddb/modules/counter
  21. including configuration file /usr/local/etc/raddb/modules/cui
  22. including configuration file /usr/local/etc/raddb/modules/detail
  23. including configuration file /usr/local/etc/raddb/modules/detail.example.com
  24. including configuration file /usr/local/etc/raddb/modules/detail.log
  25. including configuration file /usr/local/etc/raddb/modules/dhcp_sqlippool
  26. including configuration file /usr/local/etc/raddb/sql/mysql/ippool-dhcp.conf
  27. including configuration file /usr/local/etc/raddb/modules/digest
  28. including configuration file /usr/local/etc/raddb/modules/dynamic_clients
  29. including configuration file /usr/local/etc/raddb/modules/echo
  30. including configuration file /usr/local/etc/raddb/modules/etc_group
  31. including configuration file /usr/local/etc/raddb/modules/exec
  32. including configuration file /usr/local/etc/raddb/modules/expiration
  33. including configuration file /usr/local/etc/raddb/modules/expr
  34. including configuration file /usr/local/etc/raddb/modules/files
  35. including configuration file /usr/local/etc/raddb/modules/inner-eap
  36. including configuration file /usr/local/etc/raddb/modules/ippool
  37. including configuration file /usr/local/etc/raddb/modules/krb5
  38. including configuration file /usr/local/etc/raddb/modules/ldap
  39. including configuration file /usr/local/etc/raddb/modules/linelog
  40. including configuration file /usr/local/etc/raddb/modules/logintime
  41. including configuration file /usr/local/etc/raddb/modules/otp
  42. including configuration file /usr/local/etc/raddb/modules/mac2ip
  43. including configuration file /usr/local/etc/raddb/modules/mac2vlan
  44. including configuration file /usr/local/etc/raddb/modules/mschap
  45. including configuration file /usr/local/etc/raddb/modules/ntlm_auth
  46. including configuration file /usr/local/etc/raddb/modules/opendirectory
  47. including configuration file /usr/local/etc/raddb/modules/pam
  48. including configuration file /usr/local/etc/raddb/modules/pap
  49. including configuration file /usr/local/etc/raddb/modules/passwd
  50. including configuration file /usr/local/etc/raddb/modules/perl
  51. including configuration file /usr/local/etc/raddb/modules/policy
  52. including configuration file /usr/local/etc/raddb/modules/preprocess
  53. including configuration file /usr/local/etc/raddb/modules/radrelay
  54. including configuration file /usr/local/etc/raddb/modules/radutmp
  55. including configuration file /usr/local/etc/raddb/modules/realm
  56. including configuration file /usr/local/etc/raddb/modules/redis
  57. including configuration file /usr/local/etc/raddb/modules/rediswho
  58. including configuration file /usr/local/etc/raddb/modules/replicate
  59. including configuration file /usr/local/etc/raddb/modules/smbpasswd
  60. including configuration file /usr/local/etc/raddb/modules/smsotp
  61. including configuration file /usr/local/etc/raddb/modules/soh
  62. including configuration file /usr/local/etc/raddb/modules/sql_log
  63. including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
  64. including configuration file /usr/local/etc/raddb/modules/sradutmp
  65. including configuration file /usr/local/etc/raddb/modules/unix
  66. including configuration file /usr/local/etc/raddb/modules/wimax
  67. including configuration file /usr/local/etc/raddb/modules/acct_unique
  68. including configuration file /usr/local/etc/raddb/eap.conf
  69. including configuration file /usr/local/etc/raddb/sql.conf
  70. including configuration file /usr/local/etc/raddb/policy.conf
  71. including files in directory /usr/local/etc/raddb/sites-enabled/
  72. including configuration file /usr/local/etc/raddb/sites-enabled/default
  73. including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
  74. including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
  75. main {
  76. allow_core_dumps = no
  77. }
  78. including dictionary file /usr/local/etc/raddb/dictionary
  79. main {
  80. name = "radiusd"
  81. prefix = "/usr/local"
  82. localstatedir = "/var"
  83. sbindir = "/usr/local/sbin"
  84. logdir = "/var/log"
  85. run_dir = "/var/run/radiusd"
  86. libdir = "/usr/local/lib/freeradius-2.2.9"
  87. radacctdir = "/var/log/radacct"
  88. hostname_lookups = no
  89. max_request_time = 30
  90. cleanup_delay = 5
  91. max_requests = 1024
  92. pidfile = "/var/run/radiusd/radiusd.pid"
  93. checkrad = "/usr/local/sbin/checkrad"
  94. debug_level = 0
  95. proxy_requests = yes
  96. log {
  97. stripped_names = no
  98. auth = no
  99. auth_badpass = no
  100. auth_goodpass = no
  101. }
  102. security {
  103. max_attributes = 200
  104. reject_delay = 1
  105. status_server = yes
  106. allow_vulnerable_openssl = no
  107. }
  108. }
  109. radiusd: #### Loading Realms and Home Servers ####
  110. proxy server {
  111. retry_delay = 5
  112. retry_count = 3
  113. default_fallback = no
  114. dead_time = 120
  115. wake_all_if_all_dead = no
  116. }
  117. home_server localhost {
  118. ipaddr = 127.0.0.1
  119. port = 1812
  120. type = "auth"
  121. secret = "testing123"
  122. response_window = 20
  123. max_outstanding = 65536
  124. require_message_authenticator = yes
  125. zombie_period = 40
  126. status_check = "status-server"
  127. ping_interval = 30
  128. check_interval = 30
  129. num_answers_to_alive = 3
  130. num_pings_to_alive = 3
  131. revive_interval = 120
  132. status_check_timeout = 4
  133. coa {
  134. irt = 2
  135. mrt = 16
  136. mrc = 5
  137. mrd = 30
  138. }
  139. }
  140. home_server_pool my_auth_failover {
  141. type = fail-over
  142. home_server = localhost
  143. }
  144. realm example.com {
  145. auth_pool = my_auth_failover
  146. }
  147. realm LOCAL {
  148. }
  149. radiusd: #### Loading Clients ####
  150. client 127.0.0.1 {
  151. require_message_authenticator = no
  152. secret = "hardpass5"
  153. shortname = "NoDenyDB"
  154. nastype = "cisco"
  155. }
  156. client 93.170.1.245 {
  157. require_message_authenticator = no
  158. secret = "bras"
  159. shortname = "bras-ya"
  160. nastype = "cisco"
  161. }
  162. radiusd: #### Instantiating modules ####
  163. instantiate {
  164. Module: Linked to module rlm_exec
  165. Module: Instantiating module "exec" from file /usr/local/etc/raddb/modules/exec
  166. exec {
  167. wait = no
  168. input_pairs = "request"
  169. shell_escape = yes
  170. timeout = 10
  171. }
  172. Module: Linked to module rlm_expr
  173. Module: Instantiating module "expr" from file /usr/local/etc/raddb/modules/expr
  174. Module: Linked to module rlm_expiration
  175. Module: Instantiating module "expiration" from file /usr/local/etc/raddb/modules/expiration
  176. expiration {
  177. reply-message = "Password Has Expired "
  178. }
  179. Module: Linked to module rlm_logintime
  180. Module: Instantiating module "logintime" from file /usr/local/etc/raddb/modules/logintime
  181. logintime {
  182. reply-message = "You are calling outside your allowed timespan "
  183. minimum-timeout = 60
  184. }
  185. }
  186. radiusd: #### Loading Virtual Servers ####
  187. server { # from file /usr/local/etc/raddb/radiusd.conf
  188. modules {
  189. Module: Creating Auth-Type = digest
  190. Module: Checking authenticate {...} for more modules to load
  191. Module: Linked to module rlm_pap
  192. Module: Instantiating module "pap" from file /usr/local/etc/raddb/modules/pap
  193. pap {
  194. encryption_scheme = "auto"
  195. auto_header = no
  196. }
  197. Module: Linked to module rlm_chap
  198. Module: Instantiating module "chap" from file /usr/local/etc/raddb/modules/chap
  199. Module: Linked to module rlm_mschap
  200. Module: Instantiating module "mschap" from file /usr/local/etc/raddb/modules/mschap
  201. mschap {
  202. use_mppe = yes
  203. require_encryption = no
  204. require_strong = no
  205. with_ntdomain_hack = no
  206. allow_retry = yes
  207. }
  208. Module: Linked to module rlm_digest
  209. Module: Instantiating module "digest" from file /usr/local/etc/raddb/modules/digest
  210. Module: Linked to module rlm_unix
  211. Module: Instantiating module "unix" from file /usr/local/etc/raddb/modules/unix
  212. unix {
  213. radwtmp = "/var/log/radwtmp"
  214. }
  215. Module: Linked to module rlm_eap
  216. Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.conf
  217. eap {
  218. default_eap_type = "md5"
  219. timer_expire = 60
  220. ignore_unknown_eap_types = no
  221. cisco_accounting_username_bug = no
  222. max_sessions = 1024
  223. }
  224. Module: Linked to sub-module rlm_eap_md5
  225. Module: Instantiating eap-md5
  226. Module: Linked to sub-module rlm_eap_leap
  227. Module: Instantiating eap-leap
  228. Module: Linked to sub-module rlm_eap_gtc
  229. Module: Instantiating eap-gtc
  230. gtc {
  231. challenge = "Password: "
  232. auth_type = "PAP"
  233. }
  234. Module: Linked to sub-module rlm_eap_tls
  235. Module: Instantiating eap-tls
  236. tls {
  237. rsa_key_exchange = no
  238. dh_key_exchange = yes
  239. rsa_key_length = 512
  240. dh_key_length = 512
  241. verify_depth = 0
  242. CA_path = "/usr/local/etc/raddb/certs"
  243. pem_file_type = yes
  244. private_key_file = "/usr/local/etc/raddb/certs/server.pem"
  245. certificate_file = "/usr/local/etc/raddb/certs/server.pem"
  246. CA_file = "/usr/local/etc/raddb/certs/ca.pem"
  247. private_key_password = "whatever"
  248. dh_file = "/usr/local/etc/raddb/certs/dh"
  249. fragment_size = 1024
  250. include_length = yes
  251. check_crl = no
  252. check_all_crl = no
  253. cipher_list = "DEFAULT"
  254. make_cert_command = "/usr/local/etc/raddb/certs/bootstrap"
  255. ecdh_curve = "prime256v1"
  256. cache {
  257. enable = no
  258. lifetime = 24
  259. max_entries = 255
  260. }
  261. verify {
  262. }
  263. ocsp {
  264. enable = no
  265. override_cert_url = yes
  266. url = "http://127.0.0.1/ocsp/"
  267. use_nonce = yes
  268. timeout = 0
  269. softfail = no
  270. }
  271. }
  272. Module: Linked to sub-module rlm_eap_ttls
  273. Module: Instantiating eap-ttls
  274. ttls {
  275. default_eap_type = "md5"
  276. copy_request_to_tunnel = no
  277. use_tunneled_reply = no
  278. virtual_server = "inner-tunnel"
  279. include_length = yes
  280. }
  281. Module: Linked to sub-module rlm_eap_peap
  282. Module: Instantiating eap-peap
  283. peap {
  284. default_eap_type = "mschapv2"
  285. copy_request_to_tunnel = no
  286. use_tunneled_reply = no
  287. proxy_tunneled_request_as_eap = yes
  288. virtual_server = "inner-tunnel"
  289. soh = no
  290. }
  291. Module: Linked to sub-module rlm_eap_mschapv2
  292. Module: Instantiating eap-mschapv2
  293. mschapv2 {
  294. with_ntdomain_hack = no
  295. send_error = no
  296. }
  297. Module: Checking authorize {...} for more modules to load
  298. Module: Linked to module rlm_preprocess
  299. Module: Instantiating module "preprocess" from file /usr/local/etc/raddb/modules/preprocess
  300. preprocess {
  301. huntgroups = "/usr/local/etc/raddb/huntgroups"
  302. hints = "/usr/local/etc/raddb/hints"
  303. with_ascend_hack = no
  304. ascend_channels_per_line = 23
  305. with_ntdomain_hack = no
  306. with_specialix_jetstream_hack = no
  307. with_cisco_vsa_hack = no
  308. with_alvarion_vsa_hack = no
  309. }
  310. reading pairlist file /usr/local/etc/raddb/huntgroups
  311. reading pairlist file /usr/local/etc/raddb/hints
  312. Module: Linked to module rlm_realm
  313. Module: Instantiating module "suffix" from file /usr/local/etc/raddb/modules/realm
  314. realm suffix {
  315. format = "suffix"
  316. delimiter = "@"
  317. ignore_default = no
  318. ignore_null = no
  319. }
  320. Module: Linked to module rlm_files
  321. Module: Instantiating module "files" from file /usr/local/etc/raddb/modules/files
  322. files {
  323. usersfile = "/usr/local/etc/raddb/users"
  324. acctusersfile = "/usr/local/etc/raddb/acct_users"
  325. preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
  326. compat = "no"
  327. }
  328. reading pairlist file /usr/local/etc/raddb/users
  329. reading pairlist file /usr/local/etc/raddb/acct_users
  330. reading pairlist file /usr/local/etc/raddb/preproxy_users
  331. Module: Linked to module rlm_sql
  332. Module: Instantiating module "sql" from file /usr/local/etc/raddb/sql.conf
  333. sql {
  334. driver = "rlm_sql_mysql"
  335. server = "localhost"
  336. port = "3306"
  337. login = "nodeny"
  338. password = "hardpass"
  339. radius_db = "nodeny"
  340. read_groups = yes
  341. sqltrace = no
  342. sqltracefile = "/var/log/sqltrace.sql"
  343. readclients = no
  344. deletestalesessions = yes
  345. num_sql_socks = 5
  346. lifetime = 0
  347. max_queries = 0
  348. sql_user_name = ""
  349. default_user_profile = ""
  350. nas_query = "SELECT id,nasname,shortname,type,secret FROM nas"
  351. authorize_check_query = "call radcheck('%{User-Name}')"
  352. authorize_reply_query = "call radreply('%{User-Name}')"
  353. authorize_group_check_query = ""
  354. authorize_group_reply_query = ""
  355. accounting_onoff_query = ""
  356. accounting_update_query = "call radupdate('%{User-Name}','%{Framed-IP-Address}', 'nas=%{NAS-IP-Address}')"
  357. accounting_update_query_alt = ""
  358. accounting_start_query = ""
  359. accounting_start_query_alt = ""
  360. accounting_stop_query = ""
  361. accounting_stop_query_alt = ""
  362. connect_failure_retry_delay = 60
  363. simul_count_query = ""
  364. simul_verify_query = ""
  365. postauth_query = "call radupdate('%{User-Name}','%{reply:Framed-IP-Address}', 'nas=%{NAS-IP-Address}')"
  366. safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
  367. }
  368. rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
  369. rlm_sql (sql): Attempting to connect to nodeny@localhost:3306/nodeny
  370. rlm_sql (sql): starting 0
  371. rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
  372. rlm_sql_mysql: Starting connect to MySQL server for #0
  373. rlm_sql (sql): Connected new DB handle, #0
  374. rlm_sql (sql): starting 1
  375. rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
  376. rlm_sql_mysql: Starting connect to MySQL server for #1
  377. rlm_sql (sql): Connected new DB handle, #1
  378. rlm_sql (sql): starting 2
  379. rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
  380. rlm_sql_mysql: Starting connect to MySQL server for #2
  381. rlm_sql (sql): Connected new DB handle, #2
  382. rlm_sql (sql): starting 3
  383. rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
  384. rlm_sql_mysql: Starting connect to MySQL server for #3
  385. rlm_sql (sql): Connected new DB handle, #3
  386. rlm_sql (sql): starting 4
  387. rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
  388. rlm_sql_mysql: Starting connect to MySQL server for #4
  389. rlm_sql (sql): Connected new DB handle, #4
  390. Module: Checking preacct {...} for more modules to load
  391. Module: Linked to module rlm_acct_unique
  392. Module: Instantiating module "acct_unique" from file /usr/local/etc/raddb/modules/acct_unique
  393. acct_unique {
  394. key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port"
  395. }
  396. Module: Checking accounting {...} for more modules to load
  397. Module: Linked to module rlm_detail
  398. Module: Instantiating module "detail" from file /usr/local/etc/raddb/modules/detail
  399. detail {
  400. detailfile = "/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
  401. header = "%t"
  402. detailperm = 384
  403. dirperm = 493
  404. locking = no
  405. log_packet_header = no
  406. escape_filenames = no
  407. }
  408. Module: Linked to module rlm_attr_filter
  409. Module: Instantiating module "attr_filter.accounting_response" from file /usr/local/etc/raddb/modules/attr_filter
  410. attr_filter attr_filter.accounting_response {
  411. attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
  412. key = "%{User-Name}"
  413. relaxed = no
  414. }
  415. reading pairlist file /usr/local/etc/raddb/attrs.accounting_response
  416. Module: Checking session {...} for more modules to load
  417. Module: Linked to module rlm_radutmp
  418. Module: Instantiating module "radutmp" from file /usr/local/etc/raddb/modules/radutmp
  419. radutmp {
  420. filename = "/var/log/radutmp"
  421. username = "%{User-Name}"
  422. case_sensitive = yes
  423. check_with_nas = yes
  424. perm = 384
  425. callerid = yes
  426. }
  427. Module: Checking post-proxy {...} for more modules to load
  428. Module: Checking post-auth {...} for more modules to load
  429. Module: Instantiating module "attr_filter.access_reject" from file /usr/local/etc/raddb/modules/attr_filter
  430. attr_filter attr_filter.access_reject {
  431. attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
  432. key = "%{User-Name}"
  433. relaxed = no
  434. }
  435. reading pairlist file /usr/local/etc/raddb/attrs.access_reject
  436. } # modules
  437. } # server
  438. server inner-tunnel { # from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
  439. modules {
  440. Module: Checking authenticate {...} for more modules to load
  441. Module: Checking authorize {...} for more modules to load
  442. Module: Checking session {...} for more modules to load
  443. Module: Checking post-proxy {...} for more modules to load
  444. Module: Checking post-auth {...} for more modules to load
  445. } # modules
  446. } # server
  447. radiusd: #### Opening IP addresses and Ports ####
  448. listen {
  449. type = "auth"
  450. ipaddr = *
  451. port = 0
  452. }
  453. listen {
  454. type = "acct"
  455. ipaddr = *
  456. port = 0
  457. }
  458. listen {
  459. type = "control"
  460. listen {
  461. socket = "/var/run/radiusd/radiusd.sock"
  462. }
  463. }
  464. listen {
  465. type = "auth"
  466. ipaddr = 127.0.0.1
  467. port = 18120
  468. }
  469. ... adding new socket proxy address * port 55446
  470. Listening on authentication address * port 1812
  471. Listening on accounting address * port 1813
  472. Listening on command file /var/run/radiusd/radiusd.sock
  473. Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
  474. Listening on proxy address * port 1814
  475. Ready to process requests.
  476.  
  477.  
  478.  
  479.  
  480. rad_recv: Access-Request packet from host 93.170.1.245 port 31626, id=1, length=135
  481. User-Name = "d6:79:07:63:3a:52"
  482. NAS-Identifier = "bras_ya"
  483. NAS-IP-Address = 93.170.1.245
  484. NAS-Port = 151
  485. NAS-Port-Id = "ipoe0"
  486. NAS-Port-Type = Ethernet
  487. Calling-Station-Id = "d6:79:07:63:3a:52"
  488. Called-Station-Id = "eth5.11"
  489. User-Password = "d6:79:07:63:3a:52"
  490. # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
  491. +group authorize {
  492. ++[preprocess] = ok
  493. ++[chap] = noop
  494. ++[mschap] = noop
  495. ++[digest] = noop
  496. [suffix] No '@' in User-Name = "d6:79:07:63:3a:52", looking up realm NULL
  497. [suffix] No such realm "NULL"
  498. ++[suffix] = noop
  499. [eap] No EAP-Message, not doing EAP
  500. ++[eap] = noop
  501. ++[files] = noop
  502. rlm_sql (sql): Reserving sql socket id: 4
  503. [sql] expand: call radcheck('%{User-Name}') -> call radcheck('d6:79:07:63:3a:52')
  504. [sql] User found in radcheck table
  505. [sql] expand: call radreply('%{User-Name}') -> call radreply('d6:79:07:63:3a:52')
  506. rlm_sql (sql): Released sql socket id: 4
  507. ++[sql] = ok
  508. ++[expiration] = noop
  509. ++[logintime] = noop
  510. ++[pap] = updated
  511. +} # group authorize = updated
  512. Found Auth-Type = PAP
  513. # Executing group from file /usr/local/etc/raddb/sites-enabled/default
  514. +group PAP {
  515. [pap] login attempt with password "d6:79:07:63:3a:52"
  516. [pap] Using clear text password ""
  517. [pap] Passwords don't match
  518. ++[pap] = reject
  519. +} # group PAP = reject
  520. Failed to authenticate the user.
  521. Using Post-Auth-Type Reject
  522. # Executing group from file /usr/local/etc/raddb/sites-enabled/default
  523. +group REJECT {
  524. [eap] Request didn't contain an EAP-Message, not inserting EAP-Failure
  525. ++[eap] = noop
  526. [attr_filter.access_reject] expand: %{User-Name} -> d6:79:07:63:3a:52
  527. attr_filter: Matched entry DEFAULT at line 11
  528. ++[attr_filter.access_reject] = updated
  529. +} # group REJECT = updated
  530. Delaying reject of request 0 for 1 seconds
  531. Going to the next request
  532. Waking up in 0.9 seconds.
  533. Sending delayed reject for request 0
  534. Sending Access-Reject of id 1 to 93.170.1.245 port 31626
  535. Waking up in 4.9 seconds.
  536. rad_recv: Access-Request packet from host 93.170.1.245 port 51382, id=1, length=135
  537. User-Name = "d6:79:07:63:3a:52"
  538. NAS-Identifier = "bras_ya"
  539. NAS-IP-Address = 93.170.1.245
  540. NAS-Port = 152
  541. NAS-Port-Id = "ipoe0"
  542. NAS-Port-Type = Ethernet
  543. Calling-Station-Id = "d6:79:07:63:3a:52"
  544. Called-Station-Id = "eth5.11"
  545. User-Password = "d6:79:07:63:3a:52"
  546. # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
  547. +group authorize {
  548. ++[preprocess] = ok
  549. ++[chap] = noop
  550. ++[mschap] = noop
  551. ++[digest] = noop
  552. [suffix] No '@' in User-Name = "d6:79:07:63:3a:52", looking up realm NULL
  553. [suffix] No such realm "NULL"
  554. ++[suffix] = noop
  555. [eap] No EAP-Message, not doing EAP
  556. ++[eap] = noop
  557. ++[files] = noop
  558. rlm_sql (sql): Reserving sql socket id: 3
  559. [sql] expand: call radcheck('%{User-Name}') -> call radcheck('d6:79:07:63:3a:52')
  560. [sql] User found in radcheck table
  561. [sql] expand: call radreply('%{User-Name}') -> call radreply('d6:79:07:63:3a:52')
  562. rlm_sql (sql): Released sql socket id: 3
  563. ++[sql] = ok
  564. ++[expiration] = noop
  565. ++[logintime] = noop
  566. ++[pap] = updated
  567. +} # group authorize = updated
  568. Found Auth-Type = PAP
  569. # Executing group from file /usr/local/etc/raddb/sites-enabled/default
  570. +group PAP {
  571. [pap] login attempt with password "d6:79:07:63:3a:52"
  572. [pap] Using clear text password ""
  573. [pap] Passwords don't match
  574. ++[pap] = reject
  575. +} # group PAP = reject
  576. Failed to authenticate the user.
  577. Using Post-Auth-Type Reject
  578. # Executing group from file /usr/local/etc/raddb/sites-enabled/default
  579. +group REJECT {
  580. [eap] Request didn't contain an EAP-Message, not inserting EAP-Failure
  581. ++[eap] = noop
  582. [attr_filter.access_reject] expand: %{User-Name} -> d6:79:07:63:3a:52
  583. attr_filter: Matched entry DEFAULT at line 11
  584. ++[attr_filter.access_reject] = updated
  585. +} # group REJECT = updated
  586. Delaying reject of request 1 for 1 seconds
  587. Going to the next request
  588. Waking up in 0.9 seconds.
  589.  
  590. Sending delayed reject for request 1
  591. Sending Access-Reject of id 1 to 93.170.1.245 port 51382
  592. Waking up in 1.9 seconds.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!