Actually, looking through the code, no patch will be required for MAC-based
SSID evaluation, its already there and should work (It already does with
802.1x)
We are on SD 5.3.xyz right now and RADIUS deauth does work.
Drop this in a file called /usr/local/pf/lib/pf/SNMP/Meru/MC_MCC.pm
Minus the cut lines obviously. In switch config, you'll have the option
for Meru MC_MCC. It will do radius de-auths instead of the Telnet/SSH
method. Much faster, much lighter weight.
^^^^^^^^^^^^^CUT^^^^^^^^^^^
package pf::SNMP::Meru::MC_MCC;
=head1 NAME
pf::SNMP::Meru::MC_MCC - Object oriented module to access MC series
controllers
=head1 SYNOPSIS
Known to work with RADIUS deauth on System Director 5.3
=head1 STATUS
=cut
use strict;
use warnings;
use Log::Log4perl;
use base ('pf::SNMP::Meru');
sub description { 'Meru MC_MCC' }
sub deauthTechniques {
my ($this, $method) = @_;
my $logger = Log::Log4perl::get_logger( ref($this) );
my $default = $SNMP::RADIUS;
my %tech = (
$SNMP::RADIUS => \&deauthenticateMacRadius,
);
if (!defined($method) || !defined($tech{$method})) {
$method = $default;
}
return $method,$tech{$method};
}
sub deauthenticateMacRadius {
my ( $self, $mac, $is_dot1x ) = @_;
my $logger = Log::Log4perl::get_logger( ref($self) );
if ( !$self->isProductionMode() ) {
$logger->info("not in production mode... we won't perform
deauthentication");
return 1;
}
$logger->debug("deauthenticate $mac using RADIUS Disconnect-Request
deauth method");
return $self->radiusDisconnect($mac);
}
=head1 AUTHOR
Tim DeNike <[email protected]>
=cut
1;
^^^^^^^^^^^^^CUT^^^^^^^^^^^
On Thu, Mar 6, 2014 at 10:11 AM, Arthur Emerson III <[email protected]
> wrote:
> On Mar 6, 2014, at 9:28 AM, Tim DeNike <[email protected]> wrote:
>
> > Awesome. I have a case open with them about that right now. Spring
> > break next week. I'll post a new module with radius deauth and that
> > extract said sub soon!
>
> Was RADIUS deauth the reason why we have to use ssh to force disconnects?
> I thought that it was something missing from SNMP, but I'm probably going
> crazy. I know that it was a long-standing feature request in Meru's
> product roadmap, and it would be nice if this was included in the V6
> release.
>
> As for upgrading to V6, we'll be sitting on the sidelines until
> summer waiting to hear about problems encountered by early adopters.
> Maybe it is just our user base, but we encounter weird connectivity
> problems with a fresh handful of odd devices every time that a new
> controller update is applied.....
>
> -Arthur
>
> -------------------------------------------------------------------------
> Arthur Emerson III Email: [email protected]
> Network Administrator InterNIC: AE81
> Mount Saint Mary College MaBell: (845) 561-0800 Ext. 3109
> 330 Powell Ave. Fax: (845) 562-6762
> Newburgh, NY 12550 SneakerNet: Aquinas Hall Room 11
>
>
>
> ------------------------------------------------------------------------------
> Subversion Kills Productivity. Get off Subversion & Make the Move to
> Perforce.
> With Perforce, you get hassle-free workflows. Merge that actually works.
> Faster operations. Version large binaries. Built-in WAN optimization and
> the
> freedom to use Git, Perforce or both. Make the move to Perforce.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
------------------------------------------------------------------------------
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries. Built-in WAN optimization and the
freedom to use Git, Perforce or both. Make the move to Perforce.
http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
