Hi Juan,
i have just change a line but the code look good.
What you have to check is if the module appear in the module list in the
admin gui (Switch config).
And did you enable RFC 3576 on the access point, and do you have traffic
on the udp port 3799 from pf to the access point ?
Fabrice
package pf::SNMP::Cisco::Aironet_1210;
=head1 NAME
pf::SNMP::Cisco::Aironet_1210 - Object oriented module to access SNMP
enabled Cisco Aironet 1210 APs
=head1 SYNOPSIS
The pf::SNMP::Cisco::Aironet_1210 module implements an object oriented
interface
to access SNMP enabled Cisco Aironet_1210 APs.
This modules extends pf::SNMP::Cisco::Aironet
=cut
use strict;
use warnings;
use Log::Log4perl;
use Net::SNMP;
use pf::config;
use base ('pf::SNMP::Cisco::Aironet');
sub description { 'Cisco Aironet 1210' }
=item deauthenticateMacDefault
De-authenticate a MAC address from wireless network (including 802.1x).
Diverges from L<pf::SNMP::Cisco::WLC> in the following aspects:
=over
=item No Service-Type
=item Called-Station-Id in the Cisco format (aabb.ccdd.eeff)
=back
=cut
sub deauthenticateMacDefault {
my ( $self, $mac, $is_dot1x ) = @_;
my $logger = Log::Log4perl::get_logger(__PACKAGE__);
if ( !$self->isProductionMode() ) {
$logger->info("not in production mode... we won't perform
deauthentication");
return 1;
}
if (!defined($self)) {
$logger->error("deauthentication impossible, could not find AP
for MAC $mac");
return;
}
$logger->debug("deauthenticate $mac on AP $ap_ip using RADIUS
Disconnect-Request deauth method");
return $self->radiusDisconnect($mac);
}
=item deauthTechniques
Return the reference to the deauth technique or the default deauth
technique.
We implement the RADIUS technique using a PoD server in the AP.
=cut
sub deauthTechniques {
my ($this, $method) = @_;
my $logger = Log::Log4perl::get_logger( ref($this) );
my $default = $SNMP::RADIUS;
my %tech = (
$SNMP::RADIUS => \&deauthenticateMacDefault,
);
if (!defined($method) || !defined($tech{$method})) {
$method = $default;
}
return $method,$tech{$method};
}
=head1 AUTHOR
Inverse inc. <i...@inverse.ca>
=head1 COPYRIGHT
Copyright (C) 2005-2014 Inverse inc.
=head1 LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
USA.
=cut
1;
Le 2014-04-01 09:02, Juan Camilo Valencia a écrit :
Hi Fabrice,
sure Here it is,
This is based on the Aironet_WDS that I work like two years ago with
Olivier, the device is a Aironet 1210 with IOS, in the AP you need to
configure normally without the need of SNMP lines and you need to add
the following line, "aaa pod server clients x.x.x.x por 3799 auth-type
any server-key StrOnGSecreT" where x.x.x.x is the IP of the PF BOX.
This is the Aironet_1210.pm that I thinking,
package pf::SNMP::Cisco::Aironet_1210;
=head1 NAME
pf::SNMP::Cisco::Aironet_1210 - Object oriented module to access SNMP
enabled Cisco Aironet 1210 APs
=head1 SYNOPSIS
The pf::SNMP::Cisco::Aironet_1210 module implements an object oriented
interface
to access SNMP enabled Cisco Aironet_1210 APs.
This modules extends pf::SNMP::Cisco::Aironet
=cut
use strict;
use warnings;
use Log::Log4perl;
use Net::SNMP;
use pf::config;
use pf::util qw(format_mac_as_cisco);
use base ('pf::SNMP::Cisco::Aironet');
sub description { 'Cisco Aironet 1210' }
=item deauthenticateMacDefault
De-authenticate a MAC address from wireless network (including 802.1x).
Diverges from L<pf::SNMP::Cisco::WLC> in the following aspects:
=over
=item No Service-Type
=item Called-Station-Id in the Cisco format (aabb.ccdd.eeff)
=back
=cut
sub deauthenticateMacDefault {
my ( $self, $mac, $is_dot1x ) = @_;
my $logger = Log::Log4perl::get_logger(__PACKAGE__);
if ( !$self->isProductionMode() ) {
$logger->info("not in production mode... we won't perform
deauthentication");
return 1;
}
if (!defined($self)) {
$logger->error("deauthentication impossible, could not find AP
for MAC $mac");
return;
}
$logger->debug("deauthenticate $mac on AP $ap_ip using RADIUS
Disconnect-Request deauth method");
my $mac_for_deauth = format_mac_as_cisco($mac);
return $self->radiusDisconnect($mac, {
'NAS-IP-Address' => $ap_ip,
'Calling-Station-Id' => $mac_for_deauth,
});
}
=item deauthTechniques
Return the reference to the deauth technique or the default deauth
technique.
We implement the RADIUS technique using a PoD server in the AP.
=cut
sub deauthTechniques {
my ($this, $method) = @_;
my $logger = Log::Log4perl::get_logger( ref($this) );
my $default = $SNMP::RADIUS;
my %tech = (
$SNMP::RADIUS => \&deauthenticateMacDefault,
);
if (!defined($method) || !defined($tech{$method})) {
$method = $default;
}
return $method,$tech{$method};
}
=head1 AUTHOR
Inverse inc. <i...@inverse.ca <mailto:i...@inverse.ca>>
=head1 COPYRIGHT
Copyright (C) 2005-2014 Inverse inc.
=head1 LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
USA.
=cut
1;
I need to contribute the doc of the Aironet WDS modules, I will try to
have a time for that and the doc of this module to if it works.
Best Regards and thanks for your advance,
On Tue, Apr 1, 2014 at 6:59 AM, Fabrice DURAND <fdur...@inverse.ca
<mailto:fdur...@inverse.ca>> wrote:
Hi Juan,
can you paste your module ?
Regards
Fabrice
Hi Guys,
I trying to test a new ap module in packetfence, an aironet 1210
with radius deauth, i have created the perl package, my question
is, what are the steps necessaries to make packetfence recognize
that. I was reading the developers guide but didn't see how.
Thanks foir your advance,
Best regards,
--
JUAN CAMILO VALENCIA VARGAS
Ingeniero de Operaciones
SeguraTec S.A.S
Calle 11 # 43B-50 of 307
Medelllín Colombia
*"Choose a job you love, and you will never have to work a day in
your life"*
------------------------------------------------------------------------------
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
<mailto:PacketFence-devel@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
--
Fabrice Durand
fdur...@inverse.ca <mailto:fdur...@inverse.ca> ::+1.514.447.4918
<tel:%2B1.514.447.4918> (x135) ::www.inverse.ca <http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
<mailto:PacketFence-devel@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
--
JUAN CAMILO VALENCIA VARGAS
Ingeniero de Operaciones
SeguraTec S.A.S
Calle 11 # 43B-50 of 307
Medelllín Colombia
*"Choose a job you love, and you will never have to work a day in your
life"*
------------------------------------------------------------------------------
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
