Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Ready to process requests
- (0) Received Access-Request Id 106 from 10.10.10.104:34064 to 10.10.10.104:1812 length 77
- (0) User-Name = "user-name"
- (0) User-Password = "5737186334"
- (0) NAS-IP-Address = 10.10.10.104
- (0) NAS-Port = 1812
- (0) Message-Authenticator = 0x160b568d59b0c41a4913e2bb32f12b72
- (0) # Executing section authorize from file /etc/raddb/sites-enabled/default
- (0) authorize {
- (0) policy filter_username {
- (0) if (&User-Name) {
- (0) if (&User-Name) -> TRUE
- (0) if (&User-Name) {
- (0) if (&User-Name =~ / /) {
- (0) if (&User-Name =~ / /) -> FALSE
- (0) if (&User-Name =~ /@[^@]*@/ ) {
- (0) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
- (0) if (&User-Name =~ /\.\./ ) {
- (0) if (&User-Name =~ /\.\./ ) -> FALSE
- (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
- (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
- (0) if (&User-Name =~ /\.$/) {
- (0) if (&User-Name =~ /\.$/) -> FALSE
- (0) if (&User-Name =~ /@\./) {
- (0) if (&User-Name =~ /@\./) -> FALSE
- (0) } # if (&User-Name) = notfound
- (0) } # policy filter_username = notfound
- (0) [preprocess] = ok
- (0) [chap] = noop
- (0) [mschap] = noop
- (0) [digest] = noop
- (0) suffix: Checking for suffix after "@"
- (0) suffix: No '@' in User-Name = "a121246", looking up realm NULL
- (0) suffix: No such realm "NULL"
- (0) [suffix] = noop
- (0) eap: No EAP-Message, not doing EAP
- (0) [eap] = noop
- (0) [files] = noop
- (0) [expiration] = noop
- (0) [logintime] = noop
- (0) multiotp: Executing: /usr/local/bin/multiotp/multiotp.php %{User-Name} %{User-Password} -reque st-nt-key -src=%{Packet-Src-IP-Address} -chap-challenge=%{CHAP-Challenge} -chap-password=%{CHAP-Pa ssword} -ms-chap-challenge=%{MS-CHAP-Challenge} -ms-chap-response=%{MS-CHAP-Response} -ms-chap2-re sponse=%{MS-CHAP2-Response}:
- (0) multiotp: EXPAND %{User-Name}
- (0) multiotp: --> user-name
- (0) multiotp: EXPAND %{User-Password}
- (0) multiotp: --> 5737186334
- (0) multiotp: EXPAND -src=%{Packet-Src-IP-Address}
- (0) multiotp: --> -src=10.10.10.104
- (0) multiotp: EXPAND -chap-challenge=%{CHAP-Challenge}
- (0) multiotp: --> -chap-challenge=
- (0) multiotp: EXPAND -chap-password=%{CHAP-Password}
- (0) multiotp: --> -chap-password=
- (0) multiotp: EXPAND -ms-chap-challenge=%{MS-CHAP-Challenge}
- (0) multiotp: --> -ms-chap-challenge=
- (0) multiotp: EXPAND -ms-chap-response=%{MS-CHAP-Response}
- (0) multiotp: --> -ms-chap-response=
- (0) multiotp: EXPAND -ms-chap2-response=%{MS-CHAP2-Response}
- (0) multiotp: --> -ms-chap2-response=
- nohup: redirecting stderr to stdout
- (0) multiotp: ERROR: Failed parsing output from: /usr/local/bin/multiotp/multiotp.php %{User-Name} %{User-Password} -request-nt-key -src=%{Packet-Src-IP-Address} -chap-challenge=%{CHAP-Challenge} -chap-password=%{CHAP-Password} -ms-chap-challenge=%{MS-CHAP-Challenge} -ms-chap-response=%{MS-CHA P-Response} -ms-chap2-response=%{MS-CHAP2-Response}: Invalid attribute name
- (0) multiotp: ERROR: Program returned code (0) and output ',LOG 2019-04-22 11:09:23 notice (user a 121246) User OK: User a121246 successfully logged in with TOTP token from 10.10.10.104,multiotp"0" ,Filter-Id += "otp" '
- (0) [multiotp] = fail
- (0) } # authorize = fail
- (0) Using Post-Auth-Type Reject
- (0) # Executing group from file /etc/raddb/sites-enabled/default
- (0) Post-Auth-Type REJECT {
- (0) attr_filter.access_reject: EXPAND %{User-Name}
- (0) attr_filter.access_reject: --> user-name
- (0) attr_filter.access_reject: Matched entry DEFAULT at line 11
- (0) [attr_filter.access_reject] = updated
- (0) [eap] = noop
- (0) policy remove_reply_message_if_eap {
- (0) if (&reply:EAP-Message && &reply:Reply-Message) {
- (0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
- (0) else {
- (0) [noop] = noop
- (0) } # else = noop
- (0) } # policy remove_reply_message_if_eap = noop
- (0) } # Post-Auth-Type REJECT = updated
- (0) Delaying response for 1.000000 seconds
- Waking up in 0.1 seconds.
- Waking up in 0.8 seconds.
- (0) Sending delayed response
- (0) Sent Access-Reject Id 106 from 10.10.10.104:1812 to 10.10.10.104:34064 length 20
- Waking up in 3.9 seconds.
- (0) Cleaning up request packet ID 106 with timestamp +270
- Ready to process requests
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement