Thanks for info. By following your suggestion I have setup 802.1X. Now I am testing violations checks. For some reason although I see that user used more than allowed bandwidth, he is not cutted off (violation did not trigger). I wanted to setup custom violation which cut's off after used has used more than 10MB per hour. Here is my definition:
[root@pf-zen-esx logs]# cat ../conf/violations.conf [1100012] desc=Bandwidth Limit (10MB/hour) enabled=Y actions=email,log,trap window=dynamic vclose= url=/remediation.php?template=bandwidth_limit trigger=Accounting::TOT10MBh grace=1m I do see something strange in packetfence.log: Sep 04 12:16:59 pfmon(1) INFO: getting violations triggers for accounting cleanup (pf::accounting::acct_maintenance) Sep 04 12:16:59 pfmon(1) INFO: Calling node acct maintenance total with monthly and 1 for 21474836480 (pf::accounting::acct_maintenance) Sep 04 12:16:59 pfmon(1) INFO: Calling node acct maintenance total with and 1 for 10485760 (pf::accounting::acct_maintenance) Sep 04 12:16:59 pfmon(1) WARN: database query failed because statement handler was undefined or invalid, will try again (pf::db::db_query_execute) Sep 04 12:16:59 pfmon(1) WARN: database query failed because statement handler was undefined or invalid, will try again (pf::db::db_query_execute) Sep 04 12:16:59 pfmon(1) WARN: database query failed because statement handler was undefined or invalid, will try again (pf::db::db_query_execute) Sep 04 12:16:59 pfmon(1) ERROR: Database issue: We tried 3 times to serve query acct_maintenance_bw__all called from pf::db::db_data and we failed. Is the database running? (pf::db::db_query_execute) Sep 04 12:16:59 pfmon(0) ERROR: cleanup thread finished - this is bad (main::) Do you have any ideas/suggestions? -----Original Message----- From: Francois Gaudreault [mailto:[email protected]] Sent: Tuesday, September 04, 2012 4:18 PM To: [email protected] Subject: Re: [PacketFence-users] Catalyst 2960 and accounting setup Hi, Accounting will only work if you use AAA (so MAB or 802.1X). It won't work with port-security. Apparently, we have some feature to grab data using SNMP, but those have not been maintained since a while. Use MAB instead of port-security if you want to use accounting data. On 2012-09-04 10:05 AM, Marko Mrvelj wrote: > Hi all, > > I am trying to get accounting for traffic on packetfence with cisco > catalyst switch (2960). I have port security configured and working > correctly on the switch. > > Can somebody give me directions how to tell switch to send accounting > data? > > Thanks, > > Marko Mrvelj > > > ---------------------------------------------------------------------- > -------- > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. > Discussions will include endpoint security, mobile security and the > latest in malware threats. > http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
