Gitiles
Code Review Sign In
gerrit.opencord.org / cord-tester / c713e45847bd378a3b734e97bc32e4df8514519c / . / src / test / setup / radius-config / freeradius / mods-available / linelog
blob: d1b68bf09860c6f20b815860895e5cb9a3fbd4b5 [file] [log] [blame]
Chetan Gaonker7f4bf742016-05-04 15:56:08 -0700[diff] [blame]1# -*- text -*-
2#
3# $Id: 779752bc10c156ba1981810186a4af828a18c014 $
4
5#
6# The "linelog" module will log one line of text to a file.
7# Both the filename and the line of text are dynamically expanded.
8#
9# We STRONGLY suggest that you do not use data from the
10# packet as part of the filename.
11#
12linelog {
13 #
14 # The file where the logs will go.
15 #
16 # If the filename is "syslog", then the log messages will
17 # go to syslog.
18 filename = ${logdir}/linelog
19
20 #
21 # The Unix-style permissions on the log file.
22 #
23 # Depending on format string, the log file may contain secret or
24 # private information about users. Keep the file permissions as
25 # restrictive as possible.
26 permissions = 0600
27
28 #
29 # The Unix group which owns the log file.
30 #
31 # The user that freeradius runs as must be in the specified
32 # group, otherwise it will not be possible to set the group.
33 #
34 # group = ${security.group}
35
36 #
37 # If logging via syslog, the facility can be set here. Otherwise
38 # the syslog_facility option in radiusd.conf will be used.
39 #
40 # syslog_facility = daemon
41
42 #
43 # The default format string.
44 format = "This is a log message for %{User-Name}"
45
46 #
47 # This next line can be omitted. If it is omitted, then
48 # the log message is static, and is always given by "format",
49 # above.
50 #
51 # If it is defined, then the string is dynamically expanded,
52 # and the result is used to find another configuration entry
53 # here, with the given name. That name is then used as the
54 # format string.
55 #
56 # If the configuration entry cannot be found, then no log
57 # message is printed.
58 #
59 # i.e. You can have many log messages in one "linelog" module.
60 # If this two-step expansion did not exist, you would have
61 # needed to configure one "linelog" module for each log message.
62
63 #
64 # Reference the Packet-Type (Access-Request, etc.) If it doesn't
65 # exist, reference the "format" entry, above.
66 reference = "messages.%{%{Packet-Type}:-default}"
67
68 #
69 # The messages defined here are taken from the "reference"
70 # expansion, above.
71 #
72 messages {
73 default = "Unknown packet type %{Packet-Type}"
74
75 Access-Request = "Requested access: %{User-Name}"
76 Access-Reject = "Rejected access: %{User-Name}"
77 Access-Challenge = "Sent challenge: %{User-Name}"
78 }
79}
80
81#
82# Another example, for accounting packets.
83#
84linelog log_accounting {
85 #
86 # Used if the expansion of "reference" fails.
87 #
88 format = ""
89
90 filename = ${logdir}/linelog-accounting
91
92 permissions = 0600
93
94 reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}"
95
96 #
97 # Another example:
98 #
99 #
100 Accounting-Request {
101 Start = "Connect: [%{User-Name}] (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} ip %{Framed-IP-Address})"
102 Stop = "Disconnect: [%{User-Name}] (did %{Called-Station-Id} cli %{Calling-Station-Id} port %{NAS-Port} ip %{Framed-IP-Address}) %{Acct-Session-Time} seconds"
103
104 # Don't log anything for these packets.
105 Alive = ""
106
107 Accounting-On = "NAS %{Packet-Src-IP-Address} (%{NAS-IP-Address}) just came online"
108 Accounting-Off = "NAS %{Packet-Src-IP-Address} (%{NAS-IP-Address}) just went offline"
109
110 # don't log anything for other Acct-Status-Types.
111 unknown = "NAS %{Packet-Src-IP-Address} (%{NAS-IP-Address}) sent unknown Acct-Status-Type %{Acct-Status-Type}"
112 }
113}