So... restarting PF after logging the violation allows it to kick in, but
obviously I don't want to restart PF every time someone gets a violation
against them.
Thanks,
Joshua Nathan
IT Administrator
Black Forest Academy
+49 (0) 7626-916123
On Fri, Jan 31, 2014 at 11:15 AM, Josh Nathan <[email protected]>wrote:
> Hello,
>
> So here's my situation. We want to enforce that some software is running
> on all Windows and Mac computers. We opted for doing an SNMP query for
> running processes to accomplish this. Back in PF 3.x, I would then run a
> MySQL query to log a violation if the software was not found. This worked
> beautifully.
>
> However, in PF 4.1 it doesn't seem to be behaving quite right. The
> violation is set to "Trap" and "Log" on occurrence. The reality is that it
> also de-registers the offending computer, but the computer STILL can access
> the Internet without any trouble. Any guidance on how to occomplish this?
> Below is the MySQL query I'm running if that helps. It is constructed/run
> in a Perl script.
>
> INSERT INTO violation (mac,vid,start_date,status,notes) VALUES("' .
> $ipresults[1] . '", 1500077, NOW(), "open", "Not Running Impero.")
>
> Thanks,
> Joshua Nathan
> IT Administrator
> Black Forest Academy
> +49 (0) 7626-916123
>
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
