Ok, violations is still very unhappy :^).
First, when I set or turn "off" a violation, it does not reset the port on the
machine that I modified the violation on. To make it change the port requires
manually disconnecting and moving the machine to another port to trigger that
logic. There is a comment in the "action.pm" for "action_trap" (which appears
to be the correct place to move the VLAN) that trapping is handled by
pf::enforcement and called by pfcmd, but I cannot find the logic that does that
(or any comments to the effect that it is to be done). If you can help me
figure out what I need to look at, I'll see if I can't fix something.
Second, one of the machines on my network get a "rogue dhcp" violation (it's
our main dhcp server) and when I attempted to turn it off (after adding that
machine to our DHCP Servers list), I got the following error:
httpd.admin(0) INFO: loading Net::MAC::Vendor cache from
/usr/local/pf/conf/oui.txt (pf::util::load_oui)
httpd.admin(0) INFO: violation for mac 00:24:7e:68:fc:c3 vid 2000000 modified
(pf::violation::violation_modify)
httpd.admin(0) INFO: "defaults" found (pfappserver::Base::Model::Config::hasId)
httpd.admin(0) ERROR: Argument "defaults" isn't numeric in numeric eq (==) at
/usr/local/pf/lib/pf/violation.pm line 419.
(pfappserver::__ANON__)
I've looked at the line in question:
if ( $vid == $portscan_sid ) {
in "violation_add()", but it's not obvious to me from the surrounding code
whether the problem is with $vid or with $portscan_sid, or even where these are
coming from. The biggest hint I think is that it happens in pfappserver the
most likely culprit is
"/usr/local/pf/html/pfappserver/lib/pfappserver/Model/Node.pm".
I think this may be beyond my level of knowledge at this moment. Let me know
if there's anything you need to isolate this one.
Don
------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
