求助,关于radius和hostapd的

bryant24_li

我的毕设题目是基于linux的无线接入点实现
OS:CentOS4.2，，用来做软AP的网卡是TPLWN550G，是r5212的，，我用madwifi做驱动，并测试成功。

我用brctl将ath0口与eth0口桥接成br0,IP为192.168.1.1
具体是这样的    认证者                     认证服务器
                      MADWIFI+HOSTAPD          freeRadius

二者是在同一台机子上的，，使用的是eap-tls
在clients.conf里面将AP的地址设为192.168.1.1,,
hostapd.confi里将认证服务器地址设为127.0.0.1，现在将客户端IP设成192.168.1.2,,已能认证上去,并显示已连接,,但不知道为啥就是PING不通网桥,,看hostapd的debut信息可以发现,客户端连上认证后,立即就丢失连接,,不知道为什么,,另外一个奇怪的地方是,用iwconfig查看,显示的RATE是0Mbit/s,hostapd也显示不支持的频道,,,详见下面debug的红字部分

而且若在BR0口上启用DHCP的话,客户端是获取不到IP地址的,,,

下面给出我的radiusd和hostapd的debug信息,大家帮我分析一下,多谢了,,附件内为我的eap.conf,radiusd.conf,,users.hostapd.conf

#radius log
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /usr/local/etc/raddb/proxy.conf
Config:   including file: /usr/local/etc/raddb/clients.conf
Config:   including file: /usr/local/etc/raddb/snmp.conf
Config:   including file: /usr/local/etc/raddb/eap.conf
Config:   including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = yes
main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
pap: auto_header = yes
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "tls"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/usr/local/etc/raddb/radius.pem"
tls: certificate_file = "/usr/local/etc/raddb/radius.pem"
tls: CA_file = "/usr/local/etc/raddb/root.pem"
tls: private_key_password = "whatever"
tls: dh_file = "/usr/local/etc/raddb/DH"
tls: random_file = "/usr/local/etc/raddb/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
tls: cipher_list = "(null)"
tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
WARNING: rlm_eap_tls: Unable to set DH parameters.  DH cipher suites may not work!
WARNING: Fix this by running the OpenSSL command listed in eap.conf
rlm_eap: Loaded and initialized type tls
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:32776, id=0, length=157
        User-Name = "liaiqiang"
        NAS-IP-Address = 192.168.1.1
        NAS-Port = 0
        Called-Station-Id = "00-1D-0F-30-4D-BB:eaptest"
        Calling-Station-Id = "00-1D-60-B1-AF-8B"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 0Mbps 802.11"
        EAP-Message = 0x0201000e016c6961697169616e67
        Message-Authenticator = 0x2a2996bc0dda8b625e90ee4265e06979
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "liaiqiang", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 1 length 14
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
    users: Matched entry DEFAULT at line 168
    users: Matched entry liaiqiang at line 226
  modcall[authorize]: module "files" returns ok for request 0
rlm_pap: WARNING! No "known good" password found for the user.  Authentication may fail because of this.
  modcall[authorize]: module "pap" returns noop for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
  rlm_eap: EAP Identity
  rlm_eap: processing type tls
rlm_eap_tls: Requiring client certificate
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
  modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 0 to 127.0.0.1 port 32776
        EAP-Message = 0x010200060d20
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xefc1e00abaf08d878bd0d78b1c2a0b18
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32776, id=1, length=273
        User-Name = "liaiqiang"
        NAS-IP-Address = 192.168.1.1
        NAS-Port = 0
        Called-Station-Id = "00-1D-0F-30-4D-BB:eaptest"
        Calling-Station-Id = "00-1D-60-B1-AF-8B"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 0Mbps 802.11"
        EAP-Message = 0x020200700d800000006616030100610100005d03014832d2ff7801067d800efd54b212f7e30a15dd7f86e0ac5864c7395c6ca879ec206ed60f1f24d3b7e266cea31888456e85ad232b06ffac7ad9d99f3f154a8dd8f0001600040005000a000900640062000300060013001200630100
        State = 0xefc1e00abaf08d878bd0d78b1c2a0b18
        Message-Authenticator = 0xaf7c84ebcba0cb334e7a6780d17fe075
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: No '@' in User-Name = "liaiqiang", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: EAP packet type response id 2 length 112
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 1
    users: Matched entry DEFAULT at line 168
    users: Matched entry liaiqiang at line 226
  modcall[authorize]: module "files" returns ok for request 1
rlm_pap: WARNING! No "known good" password found for the user.  Authentication may fail because of this.
  modcall[authorize]: module "pap" returns noop for request 1
modcall: leaving group authorize (returns updated) for request 1
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11
    (other): before/accept initialization
    TLS_accept: before/accept initialization
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello  
    TLS_accept: SSLv3 read client hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello  
    TLS_accept: SSLv3 write server hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0552], Certificate  
    TLS_accept: SSLv3 write certificate A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0071], CertificateRequest  
    TLS_accept: SSLv3 write certificate request A
    TLS_accept: SSLv3 flush data
    TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode  
  eaptls_process returned 13
  modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 1 to 127.0.0.1 port 32776
        EAP-Message = 0x0103040a0dc00000061c160301004a0200004603014832d2abe8c9e85bc0cfed5d4896c7371323f55af6b127afede3c6f25a1ba5a4202e5013218084ddbf4f2f223f313e2d3d07940be5af3deeb8e16a8e8e459a9ce400040016030105520b00054e00054b00024e3082024a308201b3a003020102020101300d06092a864886f70d01010405003060310b300906035504061302434e310f300d0603550408130646756a69616e310f300d060355040713065869616d656e310c300a060355040a13034a4d55310d300b060355040b13043034313131123010060355040313096c6961697169616e67301e170d3038303531393131333832375a170d30
        EAP-Message = 0x39303531393131333832375a305d310b300906035504061302434e310f300d0603550408130646756a69616e310f300d060355040713065869616d656e310c300a060355040a13034a4d55310d300b060355040b130430343131310f300d0603550403130672616469757330819f300d06092a864886f70d010101050003818d0030818902818100d47d235280cede142872c8a2eafb339fcfc0690c387fde10514691b280b9617ec74bdea39ef7dd925d97fd16e9596e0141b26d27e2bfe4f534a39cf36e288ab344fa8eb03881b22287b48a338bb14a8f4acbe1ed2174b5ea5c45ba6274d10888786b255ead2e012b76c332b7974a78b8c6eee7e397
        EAP-Message = 0x716001d067e3dfb0cfb0b10203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d01010405000381810060dda8f8976050c711eb900a672e57fc4a1260ff8b603a85f7c7d3ef44d2fef9e37c9f18f56869d1c44f566d4e02bbb1a161a186b76e5f49fb8ab709df39d9e22670c1f8c3986bf83fc0bf5962e9d61dd2ca50eb309aa49031f3913af983a4724e61914af06ed63ea36c704fc239c00c8e78830c651fe7b50baaf75f4b99a3ab0002f7308202f33082025ca003020102020100300d06092a864886f70d01010405003060310b300906035504061302434e310f300d0603550408130646756a6961
        EAP-Message = 0x6e310f300d060355040713065869616d656e310c300a060355040a13034a4d55310d300b060355040b13043034313131123010060355040313096c6961697169616e67301e170d3038303531393131333535345a170d3038303631383131333535345a3060310b300906035504061302434e310f300d0603550408130646756a69616e310f300d060355040713065869616d656e310c300a060355040a13034a4d55310d300b060355040b13043034313131123010060355040313096c6961697169616e6730819f300d06092a864886f70d010101050003818d0030818902818100c44738fe7ca0999e8cef48e6b6a3c79ae74944656efce3835e5e57
        EAP-Message = 0x465ce4f05150140140cf1c1088276d5bc1067b810a52
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x73461179ce92d4cb3e3fd02df2fb8fd3
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32776, id=2, length=167
        User-Name = "liaiqiang"
        NAS-IP-Address = 192.168.1.1
        NAS-Port = 0
        Called-Station-Id = "00-1D-0F-30-4D-BB:eaptest"
        Calling-Station-Id = "00-1D-60-B1-AF-8B"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 0Mbps 802.11"
        EAP-Message = 0x020300060d00
        State = 0x73461179ce92d4cb3e3fd02df2fb8fd3
        Message-Authenticator = 0xdbe238a2eb51cfdd3eaab919fa88f8c6
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
  modcall[authorize]: module "chap" returns noop for request 2
  modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "liaiqiang", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: EAP packet type response id 3 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 2
    users: Matched entry DEFAULT at line 168
    users: Matched entry liaiqiang at line 226
  modcall[authorize]: module "files" returns ok for request 2
rlm_pap: WARNING! No "known good" password found for the user.  Authentication may fail because of this.
  modcall[authorize]: module "pap" returns noop for request 2
modcall: leaving group authorize (returns updated) for request 2
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1
  eaptls_process returned 13
  modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 2 to 127.0.0.1 port 32776
        EAP-Message = 0x010402260d800000061c1e39aa2e53984350d3da4afa502e511d8fffc273a7b37a554794e9cc5336d5b0d28cb7fe4af9a84eee470ba060c942d0a684ff437c6ffe239623eab16697ae1601a1b14f110f351d9e31ae6edc8d470203010001a381bc3081b9301d0603551d0e04160414a83e1a397a9bd42ea1d22389e7fc8195be0377013081890603551d23048181307f8014a83e1a397a9bd42ea1d22389e7fc8195be037701a164a4623060310b300906035504061302434e310f300d0603550408130646756a69616e310f300d060355040713065869616d656e310c300a060355040a13034a4d55310d300b060355040b1304303431313112301006
        EAP-Message = 0x0355040313096c6961697169616e67820100300c0603551d13040530030101ff300d06092a864886f70d010104050003818100b00fa2b3e9b6c60bd446a687e9031488cf7bcb3ff59077f6091b67d485c0e753a5c3c7b73c3094d4bc7d37b2aa3b2d65b964a2a292e34874b3b600f4f995f4b89e4b73d13ac685491eb229fe1b62ecb65c5b156df5d8eea7fe17429869faa96f7353c986cde1169742437ae141a24c52ba3f027cda139838a6a864c5fe845f9e16030100710d000069020102006400623060310b300906035504061302434e310f300d0603550408130646756a69616e310f300d060355040713065869616d656e310c300a060355040a
        EAP-Message = 0x13034a4d55310d300b060355040b13043034313131123010060355040313096c6961697169616e670e000000
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x6f1a7a29b6a93cb85187980d10f49af2
Finished request 2
Going to the next request

[ 本帖最后由 bryant24_li 于 2008-5-21 15:50 编辑 ]

bryant24_li

接上
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32776, id=3, length=1096
        User-Name = "liaiqiang"
        NAS-IP-Address = 192.168.1.1
        NAS-Port = 0
        Called-Station-Id = "00-1D-0F-30-4D-BB:eaptest"
        Calling-Station-Id = "00-1D-60-B1-AF-8B"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 0Mbps 802.11"
        EAP-Message = 0x020403a10d800000039716030103670b0002570002540002513082024d308201b6a003020102020102300d06092a864886f70d01010405003060310b300906035504061302434e310f300d0603550408130646756a69616e310f300d060355040713065869616d656e310c300a060355040a13034a4d55310d300b060355040b13043034313131123010060355040313096c6961697169616e67301e170d3038303531393131333931385a170d3039303531393131333931385a3060310b300906035504061302434e310f300d0603550408130646756a696e61310f300d060355040713065869616d656e310c300a060355040a13034a4d55310d300b
        EAP-Message = 0x060355040b13043034313131123010060355040313096c6961697169616e6730819f300d06092a864886f70d010101050003818d0030818902818100cf0c9d7f29f9a5331f26c061148a54a8875dd7b806c7dffba934b4a669700b05e6c052867cce93ecece8236e69760d83a13c34972352a8ab268a25c9426bbfbe01355d5a57e6c418b28f8a2e4d27722f0ea22f02a51cfde01d321072e8ab61a12d83616adf8e7e31de54a9038a8c827278d50da8b9a9c893bfb4a31c4a6c7d5f0203010001a317301530130603551d25040c300a06082b06010505070302300d06092a864886f70d010104050003818100ac5fe3f5f6895a56325d6e35af9af26d
        EAP-Message = 0x4fde0bfffe7e6addddc3e2536ff4980de48d43e1744adc10d3e46d010fb40fb48f71abbd08ff271101f8dc567a26925882e722cb2db55e20184b2493869a8bbe6c6ba27ae38ebdeebf93693bb061c6c43ee1644d320125228a81a48f597d0e92e7d4bcc9f3bc986d4f59168b820b29531000008200800bcec4c73376b2a7271a698bc7471f808552e0353452ed02b7dcc0d88eb716288c2ac3443ac0167014c9b60dbfe06204f5cf7d2ac98cdae627787c99c15ffcebfb02e4bc95e9c64fbd6729c6e35575b1ea3d3fd68c5339d8b4e1967bd6393a73cc987ba1eab377b8804088bab0b7a8b3c840138e4886c49bd57eb863d5cd677c0f00008200800e
        EAP-Message = 0xa2f7a7d0df2a8f9bd5607322aa64c2b18547d2089dc33b40512720eff313bdf9d58df7ff2359ba41cd03f3c1c62a14f033362bf07341afa82494482de9ab647e16d86887ca945dec1013e36458cd72ea4b7e5fb001346632f7a94044b739cf122c299ae436a62f2a85c4fbf1a31433c76a7e50398b98ee863a91323370aa5b140301000101160301002001cf3cfa8b181870cf60ee4e3c2ff9792793490bc37d4981b108b622471838ef
        State = 0x6f1a7a29b6a93cb85187980d10f49af2
        Message-Authenticator = 0xa02b686e319e8e484214997ed133aba9
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
  modcall[authorize]: module "preprocess" returns ok for request 3
  modcall[authorize]: module "chap" returns noop for request 3
  modcall[authorize]: module "mschap" returns noop for request 3
    rlm_realm: No '@' in User-Name = "liaiqiang", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 3
  rlm_eap: EAP packet type response id 4 length 253
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 3
    users: Matched entry DEFAULT at line 168
    users: Matched entry liaiqiang at line 226
  modcall[authorize]: module "files" returns ok for request 3
rlm_pap: WARNING! No "known good" password found for the user.  Authentication may fail because of this.
  modcall[authorize]: module "pap" returns noop for request 3
modcall: leaving group authorize (returns updated) for request 3
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 025b], Certificate  
chain-depth=1,
error=0
--> User-Name = liaiqiang
--> BUF-Name = liaiqiang
--> subject = /C=CN/ST=Fujian/L=Xiamen/O=JMU/OU=0411/CN=liaiqiang
--> issuer  = /C=CN/ST=Fujian/L=Xiamen/O=JMU/OU=0411/CN=liaiqiang
--> verify return:1
chain-depth=0,
error=0
--> User-Name = liaiqiang
--> BUF-Name = liaiqiang
--> subject = /C=CN/ST=Fujina/L=Xiamen/O=JMU/OU=0411/CN=liaiqiang
--> issuer  = /C=CN/ST=Fujian/L=Xiamen/O=JMU/OU=0411/CN=liaiqiang
--> verify return:1
    TLS_accept: SSLv3 read client certificate A
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange  
    TLS_accept: SSLv3 read client key exchange A
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], CertificateVerify  
    TLS_accept: SSLv3 read certificate verify A
  rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]  
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished  
    TLS_accept: SSLv3 read finished A
  rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]  
    TLS_accept: SSLv3 write change cipher spec A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished  
    TLS_accept: SSLv3 write finished A
    TLS_accept: SSLv3 flush data
    (other): SSL negotiation finished successfully
SSL Connection Established
  eaptls_process returned 13
  modcall[authenticate]: module "eap" returns handled for request 3
modcall: leaving group authenticate (returns handled) for request 3
Sending Access-Challenge of id 3 to 127.0.0.1 port 32776
        EAP-Message = 0x010500350d800000002b1403010001011603010020781ac2ed1d1a3e58fc64b5adf70050e2fb599aa13fb097c64901471236d7e511
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x1f61a512f661e0a33e075333ca443d3a
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:32776, id=4, length=167
        User-Name = "liaiqiang"
        NAS-IP-Address = 192.168.1.1
        NAS-Port = 0
        Called-Station-Id = "00-1D-0F-30-4D-BB:eaptest"
        Calling-Station-Id = "00-1D-60-B1-AF-8B"
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 0Mbps 802.11"
        EAP-Message = 0x020500060d00
        State = 0x1f61a512f661e0a33e075333ca443d3a
        Message-Authenticator = 0x7e1da4fba9457b2c02de75560bef97c4
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
  modcall[authorize]: module "preprocess" returns ok for request 4
  modcall[authorize]: module "chap" returns noop for request 4
  modcall[authorize]: module "mschap" returns noop for request 4
    rlm_realm: No '@' in User-Name = "liaiqiang", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 4
  rlm_eap: EAP packet type response id 5 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 4
    users: Matched entry DEFAULT at line 168
    users: Matched entry liaiqiang at line 226
  modcall[authorize]: module "files" returns ok for request 4
rlm_pap: WARNING! No "known good" password found for the user.  Authentication may fail because of this.
  modcall[authorize]: module "pap" returns noop for request 4
modcall: leaving group authorize (returns updated) for request 4
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/tls
  rlm_eap: processing type tls
  rlm_eap_tls: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake is finished
  eaptls_verify returned 3
  eaptls_process returned 3
  rlm_eap: Freeing handler
  modcall[authenticate]: module "eap" returns ok for request 4
modcall: leaving group authenticate (returns ok) for request 4
Sending Access-Accept of id 4 to 127.0.0.1 port 32776
        MS-MPPE-Recv-Key = 0xa9a45ab91420b6b1c8631eb5a2b774c573530323f60fbdccd8367f8f2a703bb1
        MS-MPPE-Send-Key = 0x10c44c8d6ac955f3ef7855888ebe8fb783d9d5918d8cc9abeb7af9d40c82fc3a
        EAP-Message = 0x03050004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "liaiqiang"
Finished request 4
Going to the next request

bryant24_li

#hostapd log 省略一些无意义的信息
Configuration file: madwifi.conf
Configure bridge br0 for EAPOL traffic.
madwifi_set_iface_flags: dev_up=0
madwifi_set_privacy: enabled=0
BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits)
ath0: IEEE 802.11 Fetching hardware channel/rate support not supported.
Flushing old station entries
madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 3)
Could not connect to kernel driver.
Deauthenticate all stations
madwifi_set_privacy: enabled=0
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=0
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=1
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=2
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=3
madwifi_set_key: alg=WEP addr=00:00:00:00:00:00 key_idx=1
madwifi_set_privacy: enabled=1
Using interface ath0 with hwaddr 00:1d:0f:30:4d:bb and ssid 'eaptest'
ath0: RADIUS Authentication server 127.0.0.1:1812
madwifi_set_ieee8021x: enabled=1
madwifi_set_iface_flags: dev_up=1
ath0: Setup of interface done.
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:1d:60:b1:af:8b IEEE 802.11: associated
  New STA
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: start authentication
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_KEY_TX entering state NO_KEY_TRANSMIT
IEEE 802.1X: 00:1d:60:b1:af:8b KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:1d:60:b1:af:8b CTRL_DIR entering state IN_OR_BOTH
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state IDLE
IEEE 802.1X: 00:1d:60:b1:af:8b KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:1d:60:b1:af:8b CTRL_DIR entering state FORCE_BOTH
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b KEY_RX entering state NO_KEY_RECEIVE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state DISCONNECTED
madwifi_set_sta_authorized: addr=00:1d:60:b1:af:8b authorized=0
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: unauthorizing port
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state RESTART
IEEE 802.1X: station 00:1d:60:b1:af:8b - new auth session, clearing State
IEEE 802.1X: Generated EAP Request-Identity for 00:1d:60:b1:af:8b (identifier 0, timeout 30)
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:1d:60:b1:af:8b (identifier 0)
TX EAPOL - hexdump(len=23): 00 1d 60 b1 af 8b 00 1d 0f 30 4d bb 88 8e 02 00 00 05 01 00 00 05 01
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 5 bytes from 00:1d:60:b1:af:8b
   IEEE 802.1X: version=1 type=1 length=0
   ignoring 1 extra octets after IEEE 802.1X packet
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: received EAPOL-Start from STA
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state ABORTING
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state INITIALIZE
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: aborting authentication
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state RESTART
IEEE 802.1X: station 00:1d:60:b1:af:8b - new auth session, clearing State
IEEE 802.1X: Generated EAP Request-Identity for 00:1d:60:b1:af:8b (identifier 1, timeout 30)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state IDLE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:1d:60:b1:af:8b (identifier 1)
TX EAPOL - hexdump(len=23): 00 1d 60 b1 af 8b 00 1d 0f 30 4d bb 88 8e 02 00 00 05 01 01 00 05 01
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 18 bytes from 00:1d:60:b1:af:8b
   IEEE 802.1X: version=1 type=0 length=14
   EAP: code=2 identifier=1 length=14 (response)
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: received EAP packet (code=2 id=1 len=14) from STA: EAP Response-Identity (1)
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: STA identity 'liaiqiang'
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
ath0: RADIUS Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=0 length=157
   Attribute 1 (User-Name) length=11
      Value: 'liaiqiang'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 192.168.1.1
   Attribute 5 (NAS-Port) length=6
      Value: 0
   Attribute 30 (Called-Station-Id) length=27
      Value: '00-1D-0F-30-4D-BB:eaptest'
   Attribute 31 (Calling-Station-Id) length=19
      Value: '00-1D-60-B1-AF-8B'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 77 (Connect-Info) length=22
      Value: 'CONNECT 0Mbps 802.11'
   Attribute 79 (EAP-Message) length=16
      Value: 02 01 00 0e 01 6c 69 61 69 71 69 61 6e 67
   Attribute 80 (Message-Authenticator) length=18
      Value: 35 2a 77 83 0b 48 da 70 57 9d 6b 12 83 71 f5 3a
ath0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
ath0: RADIUS Received 64 bytes from RADIUS server
ath0: RADIUS Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=0 length=64
   Attribute 79 (EAP-Message) length=8
      Value: 01 02 00 06 0d 20
   Attribute 80 (Message-Authenticator) length=18
      Value: 07 7c 22 94 cf 2e 83 40 37 b3 23 70 55 eb 8d 18
   Attribute 24 (State) length=18
      Value: 08 4d 4d 8f 70 dc 39 a7 c4 94 81 2f 54 6d 71 5c
ath0: STA 00:1d:60:b1:af:8b RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.00 sec
RADIUS packet matching with station 00:1d:60:b1:af:8b
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: using EAP timeout of 30 seconds
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: decapsulated EAP packet (code=1 id=2 len=6) from RADIUS server: EAP-Request-TLS (13)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:1d:60:b1:af:8b (identifier 2)
TX EAPOL - hexdump(len=24): 00 1d 60 b1 af 8b 00 1d 0f 30 4d bb 88 8e 02 00 00 06 01 02 00 06 0d 20
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 116 bytes from 00:1d:60:b1:af:8b
   IEEE 802.1X: version=1 type=0 length=112
   EAP: code=2 identifier=2 length=112 (response)
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: received EAP packet (code=2 id=2 len=112) from STA: EAP Response-TLS (13)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
ath0: RADIUS Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=1 length=273
   Attribute 1 (User-Name) length=11
      Value: 'liaiqiang'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 192.168.1.1
   Attribute 5 (NAS-Port) length=6
      Value: 0
   Attribute 30 (Called-Station-Id) length=27
      Value: '00-1D-0F-30-4D-BB:eaptest'
   Attribute 31 (Calling-Station-Id) length=19
      Value: '00-1D-60-B1-AF-8B'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 77 (Connect-Info) length=22
      Value: 'CONNECT 0Mbps 802.11'
   Attribute 79 (EAP-Message) length=114
      Value: 02 02 00 70 0d 80 00 00 00 66 16 03 01 00 61 01 00 00 5d 03
   Attribute 24 (State) length=18
      Value: 08 4d 4d 8f 70 dc 39 a7 c4 94 81 2f 54 6d 71 5c
   Attribute 80 (Message-Authenticator) length=18
      Value: fa 1b e5 f1 c3 93 11 51 22 f1 fd 55 13 0a a3 0d
ath0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
ath0: RADIUS Received 1100 bytes from RADIUS server
ath0: RADIUS Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=1 length=1100
   Attribute 79 (EAP-Message) length=255

[ 本帖最后由 bryant24_li 于 2008-5-21 15:48 编辑 ]

bryant24_li

接上:
Value: 01 03 04 0a 0d c0 00 00 06 1c 16 03 01 00 4a 02 00 00 46 03  30
   Attribute 79 (EAP-Message) length=255
      Value: 39 30 35 31 39 31 31 33 38 32 37 5a 30 5d 31 0b 30 09 06 03 55 04 06 13  97
   Attribute 79 (EAP-Message) length=255
      Value: 71 6 61
   Attribute 79 (EAP-Message) length=255
      Value: 6e 31 0f 30 0d 06 03 55 04 07 13 06 58 69 61 6d 65 6e 31 0c 30 0a 06 03 55 e 57
   Attribute 79 (EAP-Message) length=24
      Value: 46 5c e4 f0 51 50 14 01 40 cf 1c 10 88 27 6d 5b c1 06 7b 81 0a 52
   Attribute 80 (Message-Authenticator) length=18
      Value: d9 da bd 5f 2e ad 35 90 73 21 db 35 24 de 03 42
   Attribute 24 (State) length=18
      Value: e9 02 e3 f4 70 b5 2d fb 30 71 8b a1 a5 e4 2c 00
ath0: STA 00:1d:60:b1:af:8b RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.00 sec
RADIUS packet matching with station 00:1d:60:b1:af:8b
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: using EAP timeout of 30 seconds
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: decapsulated EAP packet (code=1 id=3 len=1034) from RADIUS server: EAP-Request-TLS (13)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:1d:60:b1:af:8b (identifier 3)
TX EAPOL - hexdump(len=1052): 00 1d a 52
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 10 bytes from 00:1d:60:b1:af:8b
   IEEE 802.1X: version=1 type=0 length=6
   EAP: code=2 identifier=3 length=6 (response)
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: received EAP packet (code=2 id=3 len=6) from STA: EAP Response-TLS (13)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
ath0: RADIUS Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=2 length=167
   Attribute 1 (User-Name) length=11
      Value: 'liaiqiang'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 192.168.1.1
   Attribute 5 (NAS-Port) length=6
      Value: 0
   Attribute 30 (Called-Station-Id) length=27
      Value: '00-1D-0F-30-4D-BB:eaptest'
   Attribute 31 (Calling-Station-Id) length=19
      Value: '00-1D-60-B1-AF-8B'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 77 (Connect-Info) length=22
      Value: 'CONNECT 0Mbps 802.11'
   Attribute 79 (EAP-Message) length=8
      Value: 02 03 00 06 0d 00
   Attribute 24 (State) length=18
      Value: e9 02 e3 f4 70 b5 2d fb 30 71 8b a1 a5 e4 2c 00
   Attribute 80 (Message-Authenticator) length=18
      Value: 4f 1c cf 28 06 38 d7 92 2e fe 4b 9c 7a 8c 1a fa
ath0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
ath0: RADIUS Received 612 bytes from RADIUS server
ath0: RADIUS Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=2 length=612
   Attribute 79 (EAP-Message) length=255
      Value: 01 04 02 26 0d 80 00 00 06 1c 1e 39 aa 2e 53 98 43 50 d3 da 4a fa 50 2e 51 06
   Attribute 79 (EAP-Message) length=255
      Value: 03 5504 0a
   Attribute 79 (EAP-Message) length=46
      Value: 13 03 4a 4d 55 31 0d 30 0b 06 03 55 04 0b 13 04 30 34 31 31 31 12 30 10 06 03 55 04 03 13 09 6c 69 61 69 71 69 61 6e 67 0e 00 00 00
   Attribute 80 (Message-Authenticator) length=18
      Value: d7 a1 85 d9 50 70 04 8a 4c df 46 2f da 00 b9 ff
   Attribute 24 (State) length=18
      Value: 0c 88 1b 43 f1 3d cd da 6e c7 5c 76 4c 72 e8 cc
ath0: STA 00:1d:60:b1:af:8b RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.00 sec
RADIUS packet matching with station 00:1d:60:b1:af:8b
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: using EAP timeout of 30 seconds
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: decapsulated EAP packet (code=1 id=4 len=550) from RADIUS server: EAP-Request-TLS (13)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:1d:60:b1:af:8b (identifier 4)
TX EAPOL - hexdump(len=56: 00 1d  00 00
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 933 bytes from 00:1d:60:b1:af:8b
   IEEE 802.1X: version=1 type=0 length=929
   EAP: code=2 identifier=4 length=929 (response)
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: received EAP packet (code=2 id=4 len=929) from STA: EAP Response-TLS (13)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
ath0: RADIUS Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=3 length=1096
   Attribute 1 (User-Name) length=11
      Value: 'liaiqiang'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 192.168.1.1
   Attribute 5 (NAS-Port) length=6
      Value: 0
   Attribute 30 (Called-Station-Id) length=27
      Value: '00-1D-0F-30-4D-BB:eaptest'
   Attribute 31 (Calling-Station-Id) length=19
      Value: '00-1D-60-B1-AF-8B'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 77 (Connect-Info) length=22
      Value: 'CONNECT 0Mbps 802.11'
   Attribute 79 (EAP-Message) length=255
      Value: 02 04 03 4a 4d 55 31 0d 30 0b
   Attribute 79 (EAP-Message) length=255
      Value: 06 03  6d
   Attribute 79 (EAP-Message) length=255
      Value: 4f de  81
   Attribute 79 (EAP-Message) length=172
      Value: d9 24 5b 1c
   Attribute 24 (State) length=18
      Value: 0c 88 1b 43 f1 3d cd da 6e c7 5c 76 4c 72 e8 cc
   Attribute 80 (Message-Authenticator) length=18
      Value: 30 c7 3d d3 84 72 b1 61 05 5a f5 1a 61 43 58 0f
ath0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
ath0: RADIUS Received 111 bytes from RADIUS server
ath0: RADIUS Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=3 length=111
   Attribute 79 (EAP-Message) length=55
      Value: 01 05  f6
   Attribute 80 (Message-Authenticator) length=18
      Value: ec 87 f5 1d 22 d5 97 a0 44 47 3d 15 aa a5 1f 88
   Attribute 24 (State) length=18
      Value: 8e fc 4c 97 c8 eb 0b 36 2b 76 07 14 21 f2 f3 21
ath0: STA 00:1d:60:b1:af:8b RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.00 sec
RADIUS packet matching with station 00:1d:60:b1:af:8b
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: using EAP timeout of 30 seconds
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: decapsulated EAP packet (code=1 id=5 len=53) from RADIUS server: EAP-Request-TLS (13)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state REQUEST
IEEE 802.1X: Sending EAP Packet to 00:1d:60:b1:af:8b (identifier 5)
TX EAPOL - hexdump(len=71): 00 1d 60 b1 af 8b 00 1d 0f 30 4d bb 88 8e 02  e1 80 f6
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 10 bytes from 00:1d:60:b1:af:8b
   IEEE 802.1X: version=1 type=0 length=6
   EAP: code=2 identifier=5 length=6 (response)
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: received EAP packet (code=2 id=5 len=6) from STA: EAP Response-TLS (13)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state RESPONSE
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
ath0: RADIUS Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=4 length=167
   Attribute 1 (User-Name) length=11
      Value: 'liaiqiang'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 192.168.1.1
   Attribute 5 (NAS-Port) length=6
      Value: 0
   Attribute 30 (Called-Station-Id) length=27
      Value: '00-1D-0F-30-4D-BB:eaptest'
   Attribute 31 (Calling-Station-Id) length=19
      Value: '00-1D-60-B1-AF-8B'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 77 (Connect-Info) length=22
      Value: 'CONNECT 0Mbps 802.11'
   Attribute 79 (EAP-Message) length=8
      Value: 02 05 00 06 0d 00
   Attribute 24 (State) length=18
      Value: 8e fc 4c 97 c8 eb 0b 36 2b 76 07 14 21 f2 f3 21
   Attribute 80 (Message-Authenticator) length=18
      Value: ed 57 d9 6f 77 84 35 db c6 b8 b4 95 c7 38 9f ab
ath0: RADIUS Next RADIUS client retransmit in 3 seconds

IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
ath0: RADIUS Received 171 bytes from RADIUS server
ath0: RADIUS Received RADIUS message
RADIUS message: code=2 (Access-Accept) identifier=4 length=171
   Attribute 26 (Vendor-Specific) length=58
      Value: 00  04 b6 2d 9e
   Attribute 26 (Vendor-Specific) length=58
      Value: 00  dd ba 34 3f
   Attribute 79 (EAP-Message) length=6
      Value: 03 05 00 04
   Attribute 80 (Message-Authenticator) length=18
      Value: a5 6c 7b e2 c4 5e 4d 85 00 3e 6a ce 37 1b 9d a5
   Attribute 1 (User-Name) length=11
      Value: 'liaiqiang'
ath0: STA 00:1d:60:b1:af:8b RADIUS: Received RADIUS packet matched with a pending request, round trip time 0.00 sec
RADIUS packet matching with station 00:1d:60:b1:af:8b
MS-MPPE-Send-Key - hexdump(len=32): [REMOVED]
MS-MPPE-Recv-Key - hexdump(len=32): [REMOVED]
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: old identity 'liaiqiang' updated with User-Name from Access-Accept 'liaiqiang'
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: decapsulated EAP packet (code=3 id=5 len=4) from RADIUS server: EAP Success
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state SUCCESS
IEEE 802.1X: Sending EAP Packet to 00:1d:60:b1:af:8b (identifier 5)
TX EAPOL - hexdump(len=22): 00 1d 60 b1 af 8b 00 1d 0f 30 4d bb 88 8e 02 00 00 04 03 05 00 04
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state AUTHENTICATED
madwifi_set_sta_authorized: addr=00:1d:60:b1:af:8b authorized=1
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: authorizing port
madwifi_sta_clear_stats: addr=00:1d:60:b1:af:8b
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: authenticated - EAP type: 13 (TLS)
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state IDLE
Wireless event: cmd=0x8c02 len=101
Custom wireless event: 'STA-TRAFFIC-STAT
mac=00:1d:60:b1:af:8b
rx_packets=6
rx_bytes=465
tx_packets=0
tx_bytes=0
'
Wireless event: cmd=0x8c04 len=20
ath0: STA 00:1d:60:b1:af:8b IEEE 802.11: disassociated
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:1d:60:b1:af:8b IEEE 802.11: associated
  New STA
ath0: STA 00:1d:60:b1:af:8b IEEE 802.1X: start authentication
IEEE 802.1X: 00:1d:60:b1:af:8b AUTH_PAE entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b BE_AUTH entering state INITIALIZE
IEEE 802.1X: 00:1d:60:b1:af:8b REAUTH_TIMER entering state INITIALIZE

[ 本帖最后由 bryant24_li 于 2008-5-21 15:48 编辑 ]

bryant24_li

大家帮帮忙吧,,,毕设就快交了..现在又在外面实习,,做的时间只有晚上下班的时候,,感激不尽

[ 本帖最后由 bryant24_li 于 2008-5-21 15:45 编辑 ]