Hello Juhani,
thanks to report the bug, but i think i has already been fixed in devel. https://github.com/inverse-inc/packetfence/commit/a6e6889f00ada38cc14eeb6630560da5b3c6d762#diff-f144a41067669bd88ecefd23565699f2 Regards Fabrice Le 2016-08-18 à 02:00, Juhani Puska a écrit : > This combination does not work with vanilla installation... it needs > some fixing. > > 1) HP 2530 sends TRAPs with a little bit another format than older switches > > 2016-08-14|15:57:43|UDP: > [192.168.254.250]:161->[192.168.254.254]:162|192.168.254.250|BEGIN TYPE > 6 END TYPE BEGIN SUBTYPE .1 END SUBTYPE BEGIN VARIABLEBINDINGS > .1.3.6.1.4.1.11.2.14.2.10.2.1.2.1.7 = INTEGER: > 1|.1.3.6.1.4.1.11.2.14.2.10.2.1.3.1.7 = INTEGER: > 7|.1.3.6.1.4.1.11.2.14.2.10.2.1.4.1.7 = Hex-STRING: 3C 97 0E 21 40 DA > |.1.3.6.1.4.1.11.2.14.2.10.2.1.6.1.7 = INTEGER: > 1|.1.3.6.1.4.1.11.2.14.2.10.2.1.7.1.7 = INTEGER: 1 END VARIABLEBINDINGS > > 2016-08-14|15:57:43|UDP: > [192.168.254.250]:161->[192.168.254.254]:162|192.168.254.250|BEGIN TYPE > 6 END TYPE BEGIN SUBTYPE .5 END SUBTYPE BEGIN VARIABLEBINDINGS > .1.3.6.1.4.1.11.2.14.11.1.7.2.1.4.45 = INTEGER: > 12|.1.3.6.1.4.1.11.2.14.11.1.7.2.1.5.45 = INTEGER: > 2|.1.3.6.1.4.1.11.2.14.11.1.7.2.1.6.45 = INTEGER: > 2|.1.3.6.1.4.1.11.2.14.11.1.7.3.0.45 = STRING: > "http://192.168.254.250/cgi/fDetail?index=45";|.1.3.6.1.4.1.11.2.14.11.1.7.2.1.3.45 > = INTEGER: 7 END VARIABLEBINDING > > packetfence has original regex-pattern, which does not take these trap > lines "in" (gives error on log) > --> /usr/local/pf/sbin/pfsetvlan > > # building trap-matcher regexp > my $TRAP_PATTERN = qr/ > ^\d{4}-\d{2}-\d{2}\|\d{2}:\d{2}:\d{2}\| # date|time > (?:UDP:\ \[)? # Optional > "UDP: [" (since v2 traps I think) > (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) # network > device ip address > (?:\]:\d+)? # Optional > "]:port" (since v2 traps I think) > (?:\-\>\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\])? # Optional > "->[ip address]" (since net-snmp 5.4) > \|([^|]*)\| # Used to carry > network device ip if it's a local trap > (.+)$ # Trap message > /sx; # s for multiline support (if we encounter an Hex 0a which is > encoded as a newline in STRING) > > > Pattern does not handle target port at all, so I add it there (target > ip:port): > > # building trap-matcher regexp > my $TRAP_PATTERN = qr/ > ^\d{4}-\d{2}-\d{2}\|\d{2}:\d{2}:\d{2}\| # date|time > (?:UDP:\ \[)? # Optional > "UDP: [" (since v2 traps I think) > (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) # network > device ip address > (?:\]:\d+)? # Optional > "]:port" (since v2 traps I think) > (?:\-\>\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})? # Optional "->[ip > address]" (since net-snmp 5.4) > (?:\]:\d+)? # New target > port "]:port" > \|([^|]*)\| # Used to carry > network device ip if it's a local trap > (.+)$ # Trap message > /sx; # s for multiline support (if we encounter an Hex 0a which is > encoded as a newline in STRING) > > > That should be think a little bit more flexible regex code, with or > without port... but anyway, the second on HP2530 with newest firmware, > you should use model HP2600 on swithes.conf-configuration... > > [192.168.254.250] > description=Local HP Switch > mode=production > type=HP::Procurve_2600 > > > Then PF6 communication works like any other switch before... > ------------------------------------------------------------------------------ _______________________________________________ PacketFence-devel mailing list PacketFence-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-devel
