Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

raddebug(8) [debian man page]

RADDEBUG(8)							 FreeRADIUS Daemon						       RADDEBUG(8)

NAME

       raddebug - Display debugging output from a running server.

SYNOPSIS

       raddebug [-c condition] [-d config_directory] [-i ipv4-address] [-I ipv6-address] [-f socket_file] [-t timeout] [-u user-name]

DESCRIPTION

       raddebug  is  a shell script wrapper around radmin that automates the process of obtaining debugging output from a running server.  It does
       this without impacting service availability, unlike using radiusd -X.  There are a number of prerequisites that are required for its proper
       operation:

	  * radmin must be available in the PATH.
	  * The user running raddebug must have permission to connect to
	    the server control socket.
	  * The control socket must be configured.  For instructions, see
	    raddb/sites-available/control-socket
	  * The control socket must be marked as "mode = rw".
	  * The user running raddebug must have permission to read and
	    write files in the "logdir" directory.  This is usually
	    /var/log/radiusd.

       For  a  number  of reasons, the debugging output is placed in an intermediate file, rather than being sent directly to standard output.	In
       order to prevent this file from growing too large, the raddebug program is automatically terminated after 10 seconds.  This timeout can	be
       changed via the "-t" parameter.

       When the script exits, debug mode in the server is disabled, and the intermediate file is deleted.

       Debug output from a live server can be redirected to only one location.	If a second instance of raddebug is started while the first one is
       still running, the later one will over-ride the first one, and the first will stop producing output.

OPTIONS

       -c condition
	      Set a specific debug condition.  The format of the condition is as specified in the CONDITIONS section of the unlang manual page.

       -f socket_file
	      The path to the control socket.  See the radmin manual page for more description of this option.

       -i ipv4-address
	      Show debug output for the client having the given IPv4 address.  This option is equivalent to using:
		 -c '(Packet-Src-IP-Address == ipv4-address)'

       -d config directory
	      The radius configuration directory, usually /etc/raddb.  See the radmin manual page for more description of this option.

       -I ipv6-address
	      Show debug output for the client having the given IPv6 address.  This option is equivalent to using:
		 -c '(Packet-Src-IPv6-Address == ipv6-address)'

       -t timeout
	      Stop printing debug output after "timeout" seconds.  The default timeout is sixty (60) seconds.  Use "-t 0" to print debugging  out-
	      put forever, or until the script exits.

       -u name
	      Show debug output for users having the given name.  This option is equivalent to using:
		 -c '(User-Name == name)'

SEE ALSO

       radmin(8),  raddb/sites-available/control-socket, unlang(5), radiusd.conf(5)

AUTHORS

       Alan DeKok <aland@freeradius.org>

								 1 September 2010						       RADDEBUG(8)

Check Out this Related Man Page

RADZAP(1)							 FreeRadius Daemon							 RADZAP(1)

NAME

       radzap - remove rogue entries from the active sessions database

SYNOPSIS

       radzap [-d raddb_directory] [-h] [-N nas_ip_address] [-P nas_port] [-u user] [-U user] [-x] server[:port] secret

DESCRIPTION

       The  FreeRadius	server can be configured to maintain an active session database in a file called radutmp. Commands like radwho(1) use this
       database. Sometimes that database can get out of sync, and then it might contain rogue entries. radzap can clean up this database.

       As of FreeRADIUS 1.1.0, radzap is a simple shell-script wrapper around radwho(1) and radclient(1).

       The sessions are "zapped" by sending an Accounting-Request packet which contains the information necessary for the  server  to  delete  the
       session	record.   radzap  sends a packet to the server, rather than writing to radutmp directly, because session records may also be main-
       tained in SQL.

OPTIONS

       -d raddb_directory
	      The directory that contains the RADIUS configuration files.  radzap reads radiusd.conf to determine  the	location  of  the  radutmp
	      file.

       -h     Print usage help information.

       -N nas_ip_address
	      Zap the entries which match the given NAS IP address.

       -P nas_port
	      Zap the entries which match the given NAS port.

       -u user
	      Zap the entries which match the given username (case insensitive).

       -U user
	      Zap the entries which match the given username (case sensitive).

       -x     Enable debugging output.

       server[:port]
	      The  hostname  or IP address of the remote server. Optionally a UDP port can be specified. If no UDP port is specified, it is looked
	      up in /etc/services. The service name looked for is radacct for accounting packets, and radius for all other requests. If a  service
	      is not found in /etc/services, 1813 and 1812 are used respectively.

       secret The  shared  secret  for	this client.  It needs to be defined on the radius server side too, for the IP address you are sending the
	      radius packets from.

SEE ALSO

       radwho(1), radclient(1), radiusd(8), radiusd.conf(5).

AUTHOR

       Alan DeKok <aland@ox.org>

								   8 April 2005 							 RADZAP(1)
Man Page