Hi, Maybe I spoke too fast. Maybe there is a way to do it without using violations. In fact, you can probably use the pf::vlan::shouldAutoRegister() method.
You might want to have a look into /usr/local/pf/lib/pf/vlan.pm. You could probably override this method in pf::vlan:custom with your own code. The only "problem" is that with this method, the host would need to be detected using the dhcp listeners prior receiving the first security SNMP trap. Otherwise, the autoreg would work only at the second time the user is seen. (ie. user plugs on a port, security trap is received, but it will not be autoreg. If the user change port some time after, the device would be autoreg) Let me know if you need more info. -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
