> possible bug in PF 2.2.2 We already released that version? I thought we were at 2.2.1 ;)
> I don’t know if this is a bug or not but it is interesting: > > My wifi equipment (Xirrus) does not send the radius value for NAS-Port > when using RADIUS MAC (read NOT 802.1x but still RADIUS) This causes an > entry not to be made in the locationlog table in the DB since the port > field is not allowed to be null. The user will be able to register as > if everything is normal but when PF goes to flip the vlan it will fail > because of the missing locationlog entry. > Good catch! > > A simple fix for me was to remove the no null restriction from the > column in the table but that may cause problems for wired deployments. > A better fix might be to use the radius attributes to sense if the user > is on a wireless connection and IF the port value is blank, populate it > with some generic value since the actual value is not important to the NAS. > Yes, NAS-Port to ifIndex translation (ports stored are actually ifIndexes) is a responsability of the network device module (AP in your case). So what I'll do is set ifIndex to 1 if NAS-Port doesn't exist. I'll also update my developer's guide to validate the fact that NAS-Port is populated properly on both open and secured SSIDs when supporting new devices and implement the workaround if required. > As time permits I will see if I can cobble together a patch for the > community and Inverse to review, but if someone at inverse or another > (more competent) perl programmer wants to take a crack at it first > please be my guest : ) > Please file a ticket in our issue tracker (packetfence.org/bugs) and I'll make you a patch to test out, once confirmed it'll go in the 2.x stable branch. Thanks! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
