Hello Dear PF Developers,
I have an Ubuntu box that has PF and OpenVAS installed.
In my setup, guests that are connected through wired 802.1X/MAB to the
PF system are put into the Registration VLAN.
In Registration VLAN, they are welcomed with the Captive Portal and
expected to sign-up with the system through Self-Email, SMS or
Sponsor-Email.
After registration, they are supposed to be scanned (in registration
VLAN) with OpenVAS in order to get to the guest VLAN.
However, in my setup, OpenVAS can not proceed and execute a scan...
I have enabled the TRACE level logs in order to find the reason, and
looks like, the Perl Regular Expression that extracts the Target_ID
and Response_Status is not correct, at least for my versions of
OpenVAS and PF.
File = lib/pf/scan/openvas.pm,
....
sub createTarget {
...
# Fetch response status and target id
my ($response, $target_id) = ($output =~ /<create_target_response\
status="([0-9]+)"\ # status code
id="([a-zA-Z0-9\-]+)" # task id
/x);
...
}
So, this is the response PF gets from the OpenVAS server when it
executes the create_target command with omp command;
<create_target_response id="22bbee8d-648e-4ac9-8be9-d961e99bc2c0"
status_text="OK, resource created"
status="201"></create_target_response>
However, the Regular Expression above can not correctly extract the
"id" and "status" fields from this response. Thus, PF thinks that the
command execution was unsuccessful even though it has succeeded.
------------------Here is the log entries in
logs/packetfence.log--------------------------
Aug 05 13:18:19 pfcmd.pl(5610) DEBUG: Scan target creation command:
omp -h 192.168.3.5 -p 9390 -u admin -w admin -X
'<create_target><name>14072698993ce7a</name><hosts>192.168.10.11</hosts></create_target>'
(pf::scan::openvas::createTarget)
Aug 05 13:18:19 pfcmd.pl(5610) DEBUG: Scan target creation output:
<create_target_response id="22bbee8d-648e-4ac9-8be9-d961e99bc2c0"
status_text="OK, resource created"
status="201"></create_target_response>
(pf::scan::openvas::createTarget)
Aug 05 13:18:19 pfcmd.pl(5610) DEBUG: Target_ID=--, Response=--
(pf::scan::openvas::createTarget)
After changing the RegExp as follows, it works fine;
my ($target_id, $status_text, $response ) = ($output =~
/<create_target_response \
id="([a-zA-Z0-9\-]+)"\ # task id
status_text="([a-zA-Z\,\ ]+)"\ # status_text
status="([0-9]+)" # status code
/x);
Thank you...
--ali
------------------------------------------------------------------------------
Infragistics Professional
Build stunning WinForms apps today!
Reboot your WinForms applications with our WinForms controls.
Build a bridge from your legacy apps to the future.
http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
