OUR SITES NetworkRADIUS FreeRADIUS

Detail Module (Log Sample)

More examples of doing detail logs.

For a full explanation of the configuration options, please see the detail module.

Configuration Settings

Access-Request

Many people want to log authentication requests. Different instances of the detail module can be used to log the authentication requests to one or more files.

You will also need to un-comment the auth_log line in the recv Access-Request section of raddb/sites-enabled/default.
suppress { …​ }

This will stop passwords being written to the log.

Access-Accept

This module logs authentication reply packets sent to a NAS. Both Access-Accept and Access-Reject packets are logged.

You will also need to un-comment the 'reply_log' line in the send Access-Accept section of raddb/sites-enabled/default.

pre_proxy

This module logs packets proxied to a home server.

You will need to call it before rlm_radius is used for proxying. See the example in raddb/sites-available/default.

post_proxy

This module logs response packets from a home server.

You will need to call it after rlm_radius is used for proxying. See the example in raddb/sites-available/default.

Default Configuration

detail auth_log {
	filename = ${radacctdir}/%{Net.Src.IP}/auth-detail-%Y-%m-%d
	permissions = 0600
	suppress {
		User-Password
	}
}
detail reply_log {
	filename = ${radacctdir}/%{Net.Src.IP}/reply-detail-%Y-%m-%d
	permissions = 0600
}
detail pre_proxy_log {
	filename = ${radacctdir}/%{Net.Src.IP}/pre-proxy-detail-%Y-%m-%d
	permissions = 0600
#	suppress {
#		User-Password
#	}
}
detail post_proxy_log {
	filename = ${radacctdir}/%{Net.Src.IP}/post-proxy-detail-%Y-%m-%d
	permissions = 0600
}