Re: [PacketFence-users] captive Portal radius login add to Guest Vlan

Tue, 23 Oct 2012 10:10:38 -0700 

Sallee, Stephen (Jake <Jake.Sallee@...> writes:

> 
Thanks for your help. I think I am getting close.  I am going to use radius for
my corporate auth and the ldap for my internet only auth.  I have this portion
done and working.  I just need an example for the vlan/custom.pm of how to
assign the category based on what auth method they choose.   

Here is what I currently have in my custom.pm

sub getNormalVlan {
#    #$switch is the switch object (pf::SNMP)
#    #$ifIndex is the ifIndex of the computer connected to
#    #$mac is the mac connected
#    #$node_info is the node info hashref (result of pf::node's node_attributes
on $mac)
#    #$conn_type is set to the connnection type expressed as the constant in
pf::config
#    #$user_name is set to the RADIUS User-Name attribute (802.1X Username or
MAC address under MAC Authentication)
#    #$ssid is the name of the SSID (Be careful: will be empty string if radius
non-wireless and undef if not radius)
    my ($this, $switch, $ifIndex, $mac, $node_info, $connection_type,
$user_name, $ssid) = @_;
    my $logger = Log::Log4perl->get_logger();
#
#    # custom example: admin category
#    # return customVlan5 to nodes in the admin category
    if (defined($node_info->{'category'}) && lc($node_info->{'category'}) eq
"guest") {
        return $switch->getVlanByName('guestVlan');
    }
#
#    # custom example: simple guest user
#    # return guestVlan for pid=nutraguest
    if (defined($node_info->{pid}) && $node_info->{pid} =~ /^nutraguest$/i) {
        return $switch->getVlanByName('guestVlan');
    }
#
#    # custom example: enforce a node's bypass VLAN
#    # If node record has a bypass_vlan prefer it over normalVlan
#    # Note: It might be made the default behavior one day
    if (defined($node_info->{'bypass_vlan'}) && $node_info->{'bypass_vlan'} ne 
'') {
        return $node_info->{'bypass_vlan'};
    }
#
#    # custom example: VLAN by SSID
#    # return customVlan1 if SSID is 'PacketFenceRocks'
#    if (defined($ssid) && $ssid eq 'PacketFenceRocks') {
#        return $switch->getVlanByName('customVlan1');
#    }
#
    return $switch->getVlanByName('normalVlan');
}



------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to