Time for action – incorporating expiration and linelog modules
Isaac suspects that some of the students at the university have tried to gain Wi-Fi access illegally. He would like to log all the failed authentication attempts to a dedicated log file. While he is at it, he would also like to add an expiry date to each student to prevent them from gaining access to the network after the end of the semester. To implement this, he makes use of the expiration
and linelog
modules in FreeRADIUS. Let's see how it's done:
- Edit the
linelog
file inside themodules
sub-directory under the FreeRADIUS configuration directory. Change the following line:Access-Request = "Requested access: %{User-Name}"
to:
Access-Request = "Request access: %{User-Name} %{User-Password} from %{NAS-IP-Address} %{reply:Reply-Message}"
- Edit the
sites-enabled/default
file under the FreeRADIUS configuration directory. Change the following part in thepost-auth
section from:Post-Auth-Type REJECT...