RE: Iffy idea engineering using freeradius :-)

Right, but how can you programmatically pick apart something that looks
like this:

Packet-Type =3D Access-Request
Wed Feb 16 11:11:42 2005
User-Name =3D "aweaver"
User-Password =3D "1234"
NAS-IP-Address =3D 209.190.177.72
Client-IP-Address =3D 209.190.70.72
Stripped-User-Name =3D "aweaver"
Realm =3D "NULL"
Realm =3D "NULL"
Proxy-State =3D 0x3433

[root@localhost raddb]# more /radprxy.log
Packet-Type =3D Access-Request
Wed Feb 16 11:11:42 2005
User-Name =3D "aweaver"
User-Password =3D "1234"
NAS-IP-Address =3D 209.190.177.72
Client-IP-Address =3D 209.190.70.72
Stripped-User-Name =3D "aweaver"
Realm =3D "NULL"
Realm =3D "NULL"
Proxy-State =3D 0x3433

Packet-Type =3D Access-Request
Wed Feb 16 11:12:56 2005
User-Name =3D "aweaver"
User-Password =3D "diediedie"
NAS-IP-Address =3D 209.190.177.72
Client-IP-Address =3D 209.190.70.72
Stripped-User-Name =3D "aweaver"
Realm =3D "NULL"
Realm =3D "NULL"
Proxy-State =3D 0x3434

Plus, its logging failed requests also, which means im going to end up
with bad passwords in my database and there is no way for me to know
which ones are good or bad

It is like 9000000 times easier to do it to something that looks like
this

Wed Feb 16 12:07:32 2005 : Auth: Login OK: [username/password] (from
client 216.126.204.153 port 40326 cli 7406787400)

Is there a way to make FreeRadius log proxy requests in a manner that
resembles the AUTH log mechanism and will only log "accepted" requests?
Or would that be source code modification?

I wrote a php script that would parse the radius.log for Login OK: and
then throw all the usernames/passwords in a SQL DB, but i don't know how
it will be possible using the module provided considering it logs
whether or not the authentication attempt was successful.

Can anyone assist me please?

I've spent a ton of time on this project.
-----Original Message-----
From: freeradius-users-admin@lists.freeradius.org
[mailto:freeradius-users-admin@lists.freeradius.org] On Behalf Of Dustin
Doris
Sent: Wednesday, February 16, 2005 12:04 PM
To: freeradius-users@lists.freeradius.org
Subject: RE: Iffy idea engineering using freeradius :-)

On Wed, 16 Feb 2005, Drew Weaver wrote:

> Ack, I got this all working then I realized that freeradius doesn't
log
> proxy requests..
>
>
>
> ...


Actually, it can.

Download the most recent version of freeradius. In the radiusd.conf
file,
check out the section on detail pre_proxy_log. That will do what you
need for your project.


-=20
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

Right, but how can you programmatically pick apart something that looks
like this:

Packet-Type =3D Access-Request
Wed Feb 16 11:11:42 2005
User-Name =3D "aweaver"
User-Password =3D "1234"
NAS-IP-Address =3D 209.190.177.72
Client-IP-Address =3D 209.190.70.72
Stripped-User-Name =3D "aweaver"
Realm =3D "NULL"
Realm =3D "NULL"
Proxy-State =3D 0x3433

[root@localhost raddb]# more /radprxy.log
Packet-Type =3D Access-Request
Wed Feb 16 11:11:42 2005
User-Name =3D "aweaver"
User-Password =3D "1234"
NAS-IP-Address =3D 209.190.177.72
Client-IP-Address =3D 209.190.70.72
Stripped-User-Name =3D "aweaver"
Realm =3D "NULL"
Realm =3D "NULL"
Proxy-State =3D 0x3433

Packet-Type =3D Access-Request
Wed Feb 16 11:12:56 2005
User-Name =3D "aweaver"
User-Password =3D "diediedie"
NAS-IP-Address =3D 209.190.177.72
Client-IP-Address =3D 209.190.70.72
Stripped-User-Name =3D "aweaver"
Realm =3D "NULL"
Realm =3D "NULL"
Proxy-State =3D 0x3434

Plus, its logging failed requests also, which means im going to end up
with bad passwords in my database and there is no way for me to know
which ones are good or bad

It is like 9000000 times easier to do it to something that looks like
this

Wed Feb 16 12:07:32 2005 : Auth: Login OK: [username/password] (from
client 216.126.204.153 port 40326 cli 7406787400)

Is there a way to make FreeRadius log proxy requests in a manner that
resembles the AUTH log mechanism and will only log "accepted" requests?
Or would that be source code modification?

I wrote a php script that would parse the radius.log for Login OK: and
then throw all the usernames/passwords in a SQL DB, but i don't know how
it will be possible using the module provided considering it logs
whether or not the authentication attempt was successful.

Can anyone assist me please?

Thanks,
-Drew

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html