Make radius.log visible in webGUI like STATUS -> System Logs. php question

Nachtfalke · Sep 11, 2011, 8:25 PM

Hi,

I want to create an extra tab in the freeradius package for the freeradius logs. Actually the is the possibility to log everything in /var/log/radius.log or in STATUS -> System Logs -> System.

But if you have many clients authentication on freeradius then the systemlogs will be spammed with freeradius messages.

So I created - or better copied an existing logging .php and modified it to use /var/log/radius.log as sourcefile.

The .php file above is the /usr/local/www/diag_logs.php file which I just modified and saved as "freeradius_logs.php"

/* $Id$ */
/*
	diag_logs.php
	Copyright (C) 2004-2009 Scott Ullrich
	All rights reserved.

	originally part of m0n0wall (http://m0n0.ch/wall)
	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
	All rights reserved.

	Redistribution and use in source and binary forms, with or without
	modification, are permitted provided that the following conditions are met:

	1\. Redistributions of source code must retain the above copyright notice,
	   this list of conditions and the following disclaimer.

	2\. Redistributions in binary form must reproduce the above copyright
	   notice, this list of conditions and the following disclaimer in the
	   documentation and/or other materials provided with the distribution.

	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	POSSIBILITY OF SUCH DAMAGE.
*/

/*		
	pfSense_MODULE:	system
*/

##|+PRIV
##|*IDENT=page-diagnostics-logs-system
##|*NAME=Diagnostics: Logs: System page
##|*DESCR=Allow access to the 'Diagnostics: Logs: System' page.
##|*MATCH=diag_logs.php*
##|-PRIV

require("guiconfig.inc");

$radius_logfile = "{$g['varlog_path']}/radius.log";

$nentries = $config['syslog']['nentries'];
if (!$nentries)
	$nentries = 50;

if ($_POST['clear']) 
	clear_log_file($radius_logfile);

if ($_GET['filtertext'])
	$filtertext = htmlspecialchars($_GET['filtertext']);

if ($_POST['filtertext'])
	$filtertext = htmlspecialchars($_POST['filtertext']);

if ($filtertext)
	$filtertextmeta="?filtertext=$filtertext";

$pgtitle = array(gettext("FreeRADIUS"),gettext("Log"));
include("head.inc");

?>

	$tab_array = array();
	$tab_array[] = array(gettext("User"), false, "/pkg.php?xml=freeradius.xml");
	$tab_array[] = array(gettext("Clients"), false, "/pkg.php?xml=freeradiusclients.xml");
	$tab_array[] = array(gettext("Settings"), false, "/pkg_edit.php?xml=freeradiussettings.xml&id=0");
	$tab_array[] = array(gettext("Log"), true, "/freeradius_logs.php");
	display_top_tabs($tab_array);
?>
		 |		

					if($filtertext)
						dump_clog($radius_logfile, $nentries, true, array("$filtertext"), array("ppp"));
					else
						dump_clog($radius_logfile, $nentries, true, array(), array("ppp"));
				?>

					  |												

<form id="filterform" name="filterform" action="freeradius_logs.php" method="post" style="margin-top: 14px;">
              				" />
						</form>

					 |					 

<form id="clearform" name="clearform" action="freeradius_logs.php" method="post" style="margin-top: 14px;">

              				" />
						</form>

					 |							

		 |</mk@neon1.net>

The .php file is only working if I change the following line:

$radius_logfile = "{$g['varlog_path']}/radius.log";

and using "sysem.log" or "dhcpd.log" instead of "radius.log".
So the .php file is working but the must be a difference in the log files but I do not know where, why and what.

Perhaps someone could help me or explain to me why it is not working and/or will never work.
Thanks

marcelloc · Sep 13, 2011, 4:51 AM

Nachtfalke,

If freeradius uses syslog facilities, you may need to include it in /etc/syslogd.conf

take a look at postfix.inc file.

att,
Marcello Coutinho

Nachtfalke · Sep 13, 2011, 7:43 AM

Hi,

thanks for your reply.

I can change if freeRADIUS logs it files to /var/lag/radius.log or to syslog. But when logging to syslog then it saves all logs in /var/log/system.log I would like to redirect it to another file so that I could create a different tab only for radius logs.

But I will have a look at the postfix.inc.
Thank you.

marcelloc · Sep 13, 2011, 7:13 PM

that's the point.

If freeradius is able to write to syslog daemon and you include a syslog facility 'radius', you will be able to log to radius.log using syslog.

jimp · Sep 14, 2011, 5:01 PM

I don't recall the specific details of how it works, but there is Diagnostics > Package Logs that is made for packages to hook into this way.

Nachtfalke · Sep 14, 2011, 7:42 PM

I played around with "diag_pkglogs.php" because I found that arpwatch is logging there.
I am no coding pro so I just replaced "arpwatch" with "radius" and so on but didn't work.

Not sure if it is enough to add

 <logging><facilityname>freeRADIUS</facilityname>
<logfilename>radius.log</logfilename></logging>

to the config.xml or if there is more to do. Didn't want to add it because I do not want to break the package (again).

jimp · Sep 15, 2011, 12:38 PM

That doesn't get added to config.xml directly, it's part of the package definition in pkg_config.8.xml and such. There are several packages that have it set there. Not sure how well it works, if it works at all, but others are doing it.

wagonza · Sep 16, 2011, 12:44 PM

It works perfectly. This is what I used for the Unbound package


 <logging><facilityname>unbound</facilityname>
  <logfilename>unbound.log</logfilename>
  <logtab>Unbound</logtab></logging>

You can then view it via Status->Package Logs. So just modify the above to suit your needs.

Nachtfalke · Sep 16, 2011, 6:01 PM

Hi, I added this to the pkg.config.8.xml.amd64

 <logging><facilityname>freeradius</facilityname>
  <logfilename>radius.log</logfilename>
  <logtab>freeRADIUS</logtab></logging>

There is no tab in "Package logs" and of course no logging.

jimp · Sep 16, 2011, 6:04 PM

Did you reinstall the package after that was added? When you do, it will end up in config.xml but as a part of the <package>tag for it.

(Also make sure you wait for ~10 minutes after the commit actually was approved so the package repo has a chance to sync up the new commits)</package>

wagonza · Sep 16, 2011, 6:25 PM

Have you configured freeRADIUS to log to syslog and ensure it starts up with the syslog options?

Dont forget to update pkg.config.8.xml as well, so i386 also gets some logging love.

Nachtfalke · Sep 16, 2011, 7:11 PM

This is in /etc/syslog.conf

!freeradius
*.*                                              %/var/log/radius.log

The process name of freeradius is "radiusd" should this be in syslog.conf instead of "freeradius" ?

to change between logging to "radius.log" or to "syslog" I only have to change one line in freeradius.inc which effects /usr/local/etc/raddb/radiusd.conf

/var/log/radius.log

logdir = /var/log

syslog:

logdir = syslog

wagonza · Sep 27, 2011, 4:39 PM

did you get this working?

Nachtfalke · Sep 27, 2011, 5:39 PM

Sorry I didn't.
For me it seems like the output in the radius.log file in /var/log isn't in the correct format to make it visible in GUI.

As an example I copied system.log to radius.log and than it was visible in GUI (Package Logs). But I don't know how to fix it. I still have to less coding skills to make this work.