On Wed, 8 Jan 1997, Dale E. Reed Jr. wrote:
> If you wanted to stick with the detail file, and really save some space,
> try moidyfing your radiusd to log the attribute NUMBER rather than the
> name. There is SO much wasted/repeated information its terrible.
> Since you most likely are not parsing the file by hand, its an easy
> mod.
I'm of the opinion that RADIUS (auth&acct) should not use the dictionary
at all. Alot of time is wasted looking things up in the dictionaries and
parsing things. The users database should be preparsed into a machine
readable format very similar to the packets that will be sent to the
client. I bet the improvement in performance would be very dramatic.
(Logging would similarly be basically authenticating the signature and
dumping the packet raw into a logfile. A seperate program could easily
use the dictionary to render it human readable as necessary.)
I don't have time to develop it, but I think its the right direction to
go.
- ----------------------------------------------------------------------------
Steven P. Crain scrain@shore.net http://www.shore.net/~scrain
Shore.Net Unix Development and Administration
An ISP with Excellence in the Greater Boston Area.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Finger me for a public key.
iQB1AwUBMtU3xI0DAXSiDippAQHlhwL/emEWpQGtB5iJDJaSr9qBNieFhT83zChq
2TgH8oZfYHbIeyD2dh33Woi1YH7hl7vyseNlnjSL2p3F/jyKcA+VgFurIUK+/YIq
knPCudSRqgNGv3WG5t6SveWGgM4CCILO
=uZJq
-----END PGP SIGNATURE-----