Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- (1) Received Access-Request Id 121 FROM 10.0.1.138:60734 TO 10.0.13.40:1812 LENGTH 186
- (1) User-Name = "E8:9D:87:02:7D:2C"
- (1) User-Password = ""
- (1) Acct-Session-Id = "1A082C7D02879DE8"
- (1) NAS-IP-Address = 10.29.11.3
- (1) NAS-Port-TYPE = Virtual
- (1) NAS-Port = 37
- (1) VasExperts-Service-TYPE = DHCP
- (1) VasExperts-DHCP-Request = Discover
- (1) VasExperts-DHCP-Hostname = 0x776977692d74657374
- (1) VasExperts-DHCP-ClientId = 0x01e89d87027d2c
- (1) VasExperts-DHCP-ClassId = 0x4d53465420352e30
- (1) Chargeable-User-IDENTITY = 0x00
- (1) Message-Authenticator = 0x83d60f89585e1e9fe12c1b86ba8dd973
- (1) # Executing SECTION authorize FROM file /etc/freeradius/3.0/sites-enabled/SQL
- (1) authorize {
- (1) policy filter_username {
- (1) IF (&User-Name) {
- (1) IF (&User-Name) -> TRUE
- (1) IF (&User-Name) {
- (1) IF (&User-Name =~ / /) {
- (1) IF (&User-Name =~ / /) -> FALSE
- (1) IF (&User-Name =~ /@[^@]*@/ ) {
- (1) IF (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (1) IF (&User-Name =~ /\.\./ ) {
- (1) IF (&User-Name =~ /\.\./ ) -> FALSE
- (1) IF ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (1) IF ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (1) IF (&User-Name =~ /\.$/) {
- (1) IF (&User-Name =~ /\.$/) -> FALSE
- (1) IF (&User-Name =~ /@\./) {
- (1) IF (&User-Name =~ /@\./) -> FALSE
- (1) } # IF (&User-Name) = notfound
- (1) } # policy filter_username = notfound
- (1) [preprocess] = ok
- (1) [chap] = noop
- (1) [mschap] = noop
- (1) suffix: Checking FOR suffix after "@"
- (1) suffix: No '@' IN User-Name = "E8:9D:87:02:7D:2C", looking up realm NULL
- (1) suffix: No such realm "NULL"
- (1) [suffix] = noop
- (1) eap: No EAP-Message, NOT doing EAP
- (1) [eap] = noop
- (1) SQL: EXPAND %{User-Name}
- (1) SQL: --> E8:9D:87:02:7D:2C
- (1) SQL: SQL-User-Name SET TO 'E8:9D:87:02:7D:2C'
- rlm_sql (SQL): Reserved connection (3)
- (1) SQL: EXPAND SELECT id, username, attribute, VALUE, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id
- (1) SQL: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'E8:9D:87:02:7D:2C' ORDER BY id
- (1) SQL: Executing SELECT query: SELECT id, username, attribute, VALUE, op FROM radcheck WHERE username = 'E8:9D:87:02:7D:2C' ORDER BY id
- (1) SQL: USER found IN radcheck TABLE
- (1) SQL: Conditional CHECK items matched, merging assignment CHECK items
- (1) SQL: Cleartext-Password := "VasExperts.FastDPI"
- (1) SQL: EXPAND SELECT id, username, attribute, VALUE, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id
- (1) SQL: --> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'E8:9D:87:02:7D:2C' ORDER BY id
- (1) SQL: Executing SELECT query: SELECT id, username, attribute, VALUE, op FROM radreply WHERE username = 'E8:9D:87:02:7D:2C' ORDER BY id
- (1) SQL: USER found IN radreply TABLE, merging reply items
- (1) SQL: Framed-IP-Address = 10.230.51.15
- (1) SQL: Framed-IP-Netmask = 255.255.255.0
- (1) SQL: VasExperts-DHCP-Gateway = 10.230.51.1
- (1) SQL: EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority
- (1) SQL: --> SELECT groupname FROM radusergroup WHERE username = 'E8:9D:87:02:7D:2C' ORDER BY priority
- (1) SQL: Executing SELECT query: SELECT groupname FROM radusergroup WHERE username = 'E8:9D:87:02:7D:2C' ORDER BY priority
- (1) SQL: USER found IN the GROUP TABLE
- (1) SQL: EXPAND SELECT id, groupname, attribute, VALUE, op FROM radgroupcheck WHERE groupname = '%{SQL-Group}' ORDER BY id
- (1) SQL: --> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'ips' ORDER BY id
- (1) SQL: Executing SELECT query: SELECT id, groupname, attribute, VALUE, op FROM radgroupcheck WHERE groupname = 'ips' ORDER BY id
- (1) SQL: GROUP "ips": Conditional CHECK items matched
- (1) SQL: GROUP "ips": Merging assignment CHECK items
- (1) SQL: EXPAND SELECT id, groupname, attribute, VALUE, op FROM radgroupreply WHERE groupname = '%{SQL-Group}' ORDER BY id
- (1) SQL: --> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'ips' ORDER BY id
- (1) SQL: Executing SELECT query: SELECT id, groupname, attribute, VALUE, op FROM radgroupreply WHERE groupname = 'ips' ORDER BY id
- (1) SQL: GROUP "ips": Merging reply items
- (1) SQL: VasExperts-DHCP-DNS = 10.0.2.2
- (1) SQL: VasExperts-DHCP-DNS = 10.0.2.5
- (1) SQL: Session-Timeout = 2592000
- rlm_sql (SQL): Released connection (3)
- (1) [SQL] = ok
- (1) [expiration] = noop
- (1) [logintime] = noop
- (1) [pap] = updated
- (1) } # authorize = updated
- (1) Found Auth-TYPE = PAP
- (1) # Executing GROUP FROM file /etc/freeradius/3.0/sites-enabled/SQL
- (1) Auth-TYPE PAP {
- (1) pap: ERROR: Password must NOT be empty
- (1) [pap] = invalid
- (1) } # Auth-TYPE PAP = invalid
- (1) Failed TO authenticate the USER
- (1) USING Post-Auth-TYPE Reject
- (1) # Executing GROUP FROM file /etc/freeradius/3.0/sites-enabled/SQL
- (1) Post-Auth-TYPE REJECT {
- (1) SQL: EXPAND .query
- (1) SQL: --> .query
- (1) SQL: USING query template 'query'
- rlm_sql (SQL): Reserved connection (4)
- (1) SQL: EXPAND %{User-Name}
- (1) SQL: --> E8:9D:87:02:7D:2C
- (1) SQL: SQL-User-Name SET TO 'E8:9D:87:02:7D:2C'
- (1) SQL: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}
- (1) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'E8:9D:87:02:7D:2C', '', 'Access-Reject', '2017-10-17 15:56:44')
- (1) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'E8:9D:87:02:7D:2C', '', 'Access-Reject', '2017-10-17 15:56:44')
- (1) sql: SQL query returned: success
- (1) sql: 1 record(s) updated
- rlm_sql (sql): Released connection (4)
- (1) [sql] = ok
- (1) attr_filter.access_reject: EXPAND %{User-Name}
- (1) attr_filter.access_reject: --> E8:9D:87:02:7D:2C
- (1) attr_filter.access_reject: Matched entry DEFAULT at line 11
- (1) [attr_filter.access_reject] = updated
- (1) if ( &VasExperts-Service-Type == 0 ) {
- (1) if ( &VasExperts-Service-Type == 0 ) -> FALSE
- (1) [eap] = noop
- (1) policy remove_reply_message_if_eap {
- (1) if (&reply:EAP-Message && &reply:Reply-Message) {
- (1) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
- (1) else {
- (1) [noop] = noop
- (1) } # else = noop
- (1) } # policy remove_reply_message_if_eap = noop
- (1) } # Post-Auth-Type REJECT = updated
- (1) Delaying response for 1.000000 seconds
- Waking up in 0.3 seconds.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement