Radius Password Logging ----------------------- This patch implements User-Password (Attribute #2) decryption according to RFC2865 (RADIUS). It utilizes a clients file containing the secrets for each client. Filters can also be applied to passwords. This patch was written by Viraj Alankar . Included in this distribution is a MD5 library by L. Peter Deutsch . Also included is the avlmap library (v 0.10.2) by Philip Howard . My patch makes use of both of the above tools. Thanks to them for making these tools available. Also of course thanks to the author of radstock, Paul Rhodes , for making this indispensible tool. This patch has been tested only with radstock v0.66 on Solaris 7 Redhat Linux 6.2, and Redhat Linux 7.3. On Solaris you will need to install GNU patch in order to apply the patches. It is available here: http://www.fsf.org/software/patch/patch.html Installation ------------ 1. Extract the radstock-0.66 sources. tar -xvzf radstock-0.66.tar.gz 2. Extract patches into radstock directory and apply them. cd radstock-0.66 tar -xvzf /path/to/radstock-0.66.password.patch-1.1.tar.gz patch -p1 < radstock-0.66.password.patch 3. Compile the avlmap library within the radstock directory. cd avlmap-0.10.2 ./Configure make You do not have to install the avlmap library via make install. You may get some shared library errors on Solaris, but I link directly with the .o files so these can be ignored. 4. Configure and make radstock as per its README. Example: cd .. ./configure make make install Usage ----- In order to view passwords, your radius clients file needs to be available with secrets. The file should be loaded with the -C option: radstock -C clients.cfg Format of Clients file ---------------------- 2 file formats are supported: 1. Radiator format Secret SECRET 2. Whitespace delimited format IP SECRET The format is auto-detected. Do not mix formats. Note that in both formats, the IP must be used, not hostname. Also, if the first non-whitespace character in a line is '#', the whole line is ignored.