Hello Dustin,
it could be done with the github branch
https://github.com/inverse-inc/packetfence/tree/feature/iplog_accounting
In fact you will use accounting information to fill out your database
(probably have to add a function to add the device if it doesn't exist
in the database) , declare your switch in the conf to as a production
switch with all the parameter to interact with it and don't forget to
forward the dhcp traffic to packetfence.
With that way you will have a database with all your devices and where
they are and will have the possibility to put them in the isolation vlan
if you trigger manually a violation or automatically (snort, suricata,
accounting violation ...)
And of course it could be sponsored development.
Regards
Fabrice
Le 2013-06-29 14:05, Dustin Schuemann a écrit :
This can't be done just with the SNMP notifications. What I want to do
is have a database of all the devices. If a device needs to be in the
isolation vlan I would put it in there and then when the device is
plugged in packet fence would set the vlan for that switch interface.
On Jun 29, 2013 1:56 PM, "Fabrice Durand" <[email protected]
<mailto:[email protected]>> wrote:
Hello,
you mean without registration process and with an ids like snort ?
If it that case, packetfence must have to know where the device is
(switch interface) and forward the dhcp traffic to packetfence to
be able for it to resolv mac by ip.
If you do that , it's possible.
Regards
Fabrice
Le 2013-06-29 13:26, Dustin Schuemann a écrit :
Can packetfence use one interface? I only want to do vlan
isolation with MAC traps. Is this possible?
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
