Instead of always taking, I thought I would give, the little that I have.
I'm no programmer or web guy, so what I have may not be the pretties or most
efficient, but it works.
Little background.
In our environment we can't deploy NAC in a way that is visible to the user
(political reasons at this time). So I've been trying to manipulate
packetfence to provide a passive device to tell me what is on the network,
where it is on the network, and then a simplistic way to engage a response
team to track a violator down. So with that in mind here is what I've come
up with.
What I've done
I've modified a few of the packetfence files to provide the following.
- receive linkup/linkdown, mac notification traps from switches,
populate the location in the database - but it doesn't take any action
- For some reason a switch in testing mode wasn't doing this, so all
my switches are in production mode but again it doesn't take any
snmp write
action.
- Given the large number of various VLANs in our environment, I
removed the checking of managed VLANS, this way packetfence
updates the VLAN
information without the need to manually plug in all managed
VLANS into each
of the switches in switch.conf
- This is really a lot like Cisco Works IP tracking, but packetfence
makes it much better since it does the DHCP fingerprinting
- created additional tables in the pf db
- a switch table with such information like switch name, address,
location, business unit
- a vlan table that has vlan descriptions populated
- modified the node/lookup.php
- displays the additional related switch information from the switch
table
- displays the additional vlan description
- executes a snmp get to grab the port description and displays on
this lookup page
- added an email form
- Email form
- popup window (like the help) has an php email form that pulls the
node details from the lookup and places in the body of the email.
- Allows the user to pick the type of subject and who to mail to.
I know this an overview, but I just wanted to let everyone know, so if
someone else is trying to tackle something like it, there is no need to
reinvent the wheel. Let me know and I can provide the modified and
additional files.
Josh
------------------------------------------------------------------------------
Special Offer -- Download ArcSight Logger for FREE!
Finally, a world-class log management solution at an even better
price-free! And you'll get a free "Love Thy Logs" t-shirt when you
download Logger. Secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsisghtdev2dev
_______________________________________________
Packetfence-devel mailing list
Packetfence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
