search

ValdikSS / openvpn-radiusplugin

Radiusplugin with various patches and fixes
GNU General Public License v2.0
43 stars 41 forks source link

openvpn private IP not visible in Accounting logs after using this patched plugin #2

Open ghost opened 8 years ago

ghost commented 8 years ago

Sir, I have used both the plugins one offered by nongnu.org and by you, with Debian 8 - openvpn 2.3.10, and I have learned that with your plugin, IP address section in Accounting for Users in Daloradius is missing which use to be Private IP of the openvpn server for that particular client.

What is problem?

Also, I would like it such that I can Public IP of an authenticated user visible in IP address section instead of Private IP of openvpn server, currently the public IP of a user is visible under "Session Info's MAC ( PUBLIC IP )" in accounting.

Thanks

ValdikSS commented 8 years ago

That's a daloradius problem, it seems that daloradius is unable to handle IPv4-mapped IPv6 addresses (::ffff:1.2.3.4).

ValdikSS commented 7 years ago

Is the problem still persist?

Russell-IO commented 7 years ago

@ValdikSS I'm having a similar issue with OpenVPN 2.4.3 on Enterprise Linux 7 (I'm using CentOS) but I'm seeing this, 

Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND: OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY is called.
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND THREAD: client_connect thread started.
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Waiting for new accounting user.
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND: Commonname set to Username
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND: StatusFileKey: testuser,1.2.3.4:56789
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND: Key: 1.2.3.4:56789.
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Auth_user_pass_verify thread started.
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND THREAD: New user from OpenVPN!
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND THREAD: New user.
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: FOREGROUND THREAD: New user: username: testuser, password: *****, newuser ip: 1.2.3.4, newuser port:5678 .
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: BACKGROUND  AUTH: New user auth: username: testuser, password: *****, calling station: 1.2.3.4, commonname: testuser.
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: radius_server().
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: Build password packet:  password: *****, sharedSecret: *****.
Sun Aug 13 21:19:05 2017 RADIUS-PLUGIN: Send packet to radiusIP.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: Get ACCESS_ACCEPT-Packet.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: parse_response_packet().
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND AUTH: routes: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND AUTH: framed ip: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND AUTH: framed ipv6 route: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND AUTH: framed IPv6: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND AUTH: Acct Interim Interval: 300.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: Client config file was not written, overwriteccfiles is false
.Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND  AUTH: Auth succeeded in radius_server().
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Authentication succeeded!
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Received routes for user: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Received framed ip for user: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Received IPv6 routes for user: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Received framed IPv6 for user: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Receive acctinteriminterval 300 sec from backgroundprocess.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Add user to map.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Waiting for new user.
Sun Aug 13 21:19:07 2017 us=652274 75.114.158.38:56126 PLUGIN_CALL: POST /opt/radius-plugin/radiusplugin.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
Sun Aug 13 21:19:07 2017 us=652417 75.114.158.38:56126 TLS: Username/Password authentication succeeded for username 'testuser' [CN SET]
WRWRSun Aug 13 21:19:07 2017 us=797017 1.2.3.4:56789 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384
Sun Aug 13 21:19:07 2017 us=797101 1.2.3.4:56789 [testuser] Peer Connection Initiated with [AF_INET]1.2.3.4:56789
Sun Aug 13 21:19:07 2017 us=797168 testuser/1.2.3.4:56789 MULTI_sva: pool returned IPv4=5.6.7.8, IPv6=(Not enabled)
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND: OPENVPN_PLUGIN_CLIENT_CONNECT is called.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND: Commonname set to Username
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND: StatusFileKey: testuser,1.2.3.4:56789
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND: Key: 1.2.3.4:56789.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Set FramedIP to the IP () OpenVPN assigned to the user testuser
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Add user for accounting: username: testuser, commonname: testuser
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND ACCT: Get a command.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND ACCT: New User.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND ACCT: New user acct: username: testuser, interval: 300, calling station: 1.2.3.4, commonname: testuser, framed ip: , framed ipv6: .
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND-ACCT:  Get ACCOUNTING_RESPONSE-Packet.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND ACCT: Start packet was send.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND ACCT: User was added to accounting scheduler.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND-ACCT:  No routes for user.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: BACKGROUND-ACCT:  No IPv6 routes for user.
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Accounting succeeded!
Sun Aug 13 21:19:07 2017 RADIUS-PLUGIN: FOREGROUND THREAD: Waiting for new accounting user.