|
|
|
| ||||
| ||||
| Question: PPPoE-Server : Howto Log user login failed |
This method how to log user login failed i set up on ubuntu 9.04 server i386 ppp 2.4.5 rp-pppoe 3.10 freeradius 2.1.0
1. config your freeradius on /etc/freeradius/siteenabled/default
Post-Auth-Type REJECT {
attr_filter.access_reject
#add sql to tell server record reject auth
sql
}
2. config /etc/freeradius/sql.conf this sql.conf i copy from freeradius 1.7 so it will defferrent from freeradius 2. edit on the line
#comment the last one
# postauth_query = "INSERT into ${postauth_table} (id, user, pass, reply, date) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', NOW())"
#add the new one
postauth_query = "INSERT into ${acct_table2} (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay ,AcctStatusType) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0}) SECOND), '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{reply:Reply-Message}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}' ,'Stop')"
3. restart freeradius and then test by login to PPPoE-Server you will get the 3 message =0D=0AYou are already logged in ==>when you already login and some try to do the same
Password Has Expired=0D=0A ==> when password expired there is no message for wrong username or password !! Oh god.
Let resolve on step - =0D=0AYou are already logged in , what is the message =0D=0A we don't need it. we need only You are already logged in.
so how we resolve it . look below use this sql to update and remove unneed message update radacct set AcctTerminateCause='You are already logged in' where AcctTerminateCause like '%=0D=0AYou are already logged in%' update radacct set AcctTerminateCause='Password Has Expired' where AcctTerminateCause like '%Password Has Expired=0D=0A%'
Next step how we know which log tell that user types wrong password/username.
use this and think man...
update radacct set AcctTerminateCause='Wrong password/username' where AcctStatusType='Stop' and AcctTerminateCause='' and AcctSessionId=''
see you next article
Chuan Chudabut EasyZoneCorp.net
by: EasyZone วันที่ 11/9/2553 - 05:05:03 |
