radstock

Radstock is primarily a sysadmins tool to diagnose problems with
radius server configurations. It was written because I always found
snoop/tcpdump to be a poor alternative, and trying to use these on
heavily loaded, complex radius servers proved to be a nightmare.

It provides the ability to fully decode each packet. Here is some
sample output. 

unix# radstock
 
interface: hme0 (1.2.3.0/255.255.255.0)     filter: udp and port 1645
Auth-Request(134) - 10.1.3.6:60284 -> 1.2.3.4:1645              
  User-Name              Len 29         "bobby@dummy.org"
  CHAP-Password          Len 19         "*****`*p*M|**l**N"
  NAS-IP-Address         Len  6         10.1.3.6
  NAS-Port-Id            Len  6         117
  Service-Type           Len  6         Framed-User
  Framed-Protocol        Len  6         PPP
  Called-Station-Id      Len  8         "9876"
  Calling-Station-Id     Len 12         "12345678"
  NAS-Port-Type          Len  6         Async
Auth-Reject (35) - 1.2.3.4:1645 -> 10.1.3.8:60284              
Auth-Request(113) - 10.1.1.1:36332 -> 1.2.3.4:1645              
  User-Name              Len  8         "paul"
  CHAP-Password          Len 19         "****Y***W*>N****d"
  NAS-IP-Address         Len  6         10.1.1.1
  NAS-Port-Id            Len  6         93
  Service-Type           Len  6         Framed-User
  Framed-Protocol        Len  6         PPP
  Called-Station-Id      Len  8         "9876"
  Calling-Station-Id     Len 12         "12345679"
  NAS-Port-Type          Len  6         Async
Auth-Accept (59) - 1.2.3.4:1645 -> 10.1.1.1:36332              
  Service-Type           Len  6         Framed-User
  Framed-Protocol        Len  6         PPP
  Framed-IP-Address      Len  6         255.255.255.254
  Ascend-Idle-Limit      Len  6         1200

However, the key feature of radstock is its ability to filter the
packets shown based on any attribute. It will also listen out for
responses to matched packets and display these as well. An example
filter would be (all on one line):

   radstock -e "(user-name = paul or user-name = bob) and 
   exists nas-port-id"

You can also get radstock to read filters from the command line or
stdin. For further details on how to write a radius filter, see the
manual page.

For those of you who are interested as to the name - here's a
clue. This program was written to replace a program called radsnoop.

COMPILING

To compile radstock you need the following

  o  libpcap
  o  flex or lex
  o  bison/yacc

Once you have these, the following three commands should do just about
all you need.

	./configure 
	make 
	make install

It has been successfully compiled on Linux and Solaris
platforms. Whether it works on them is a completely different story.



