Hi,
it´s probably a cache issue, let´s try bin/pfcmd configreload hard
Also for the cooldown period, you can create a violation with an auto
release of 1 hour and trigger it when packetfence unreg the device.
To do that, edit node.pm
and change node_maintenance like that:
sub nodes_maintenance {
my $logger = Log::Log4perl::get_logger(__PACKAGE__);
$logger->debug("nodes_maintenance called");
my $expire_unreg_query = db_query_execute(NODE, $node_statements,
'node_expire_unreg_field_sql') || return (0);
while (my $row = $expire_unreg_query->fetchrow_hashref()) {
my $currentMac = $row->{mac};
node_deregister($currentMac);
require pf::enforcement;
use pf::api::jsonrpcclient;
my $apiclient = pf::api::jsonrpcclient->new;
$apiclient->notify('trigger_violation', $currentMac, '1100011',
'INTERNAL' );
pf::enforcement::reevaluate_access( $currentMac,
'manage_deregister' );
$logger->info("modified $currentMac from status 'reg' to
'unreg' based on unregdate colum" );
}
return (1);
}
and create the violation:
[1100011]
desc=CoolDown
template=cooldown
trigger=internal::1100011
actions=email,log,trap
enabled=Y
...
regards
Fabrice
Le 2014-11-15 06:41, Håvard Birkeland a écrit :
Hi.
I’m trying to set up a captive portal that is just “check to accept
terms and click OK to access”.
I’m using the default “null” source, but I get this error in the browser:
“Sorry!
You have reached the maximum number of devices you are able to
register with this username.”
Checking the packetfence.log I find this:
Nov 15 11:24:21 httpd.portal(20983) INFO: [00:26:82:19:bc:ef] Updating
node user_agent with useragent: 'Mozilla/5.0 (Windows NT 6.1;
Trident/7.0; rv:11.0) like Gecko'
(captiveportal::PacketFence::Controller::CaptivePortal::nodeRecordUser
Agent)
Nov 15 11:24:21 httpd.portal(20983) INFO: Static User-Agent lookup
data initialized (pf::useragent::_init)
Nov 15 11:24:22 httpd.portal(20983) INFO: [00:26:82:19:bc:ef]
redirected to default
(captiveportal::PacketFence::Controller::CaptivePortal::checkIfNeedsToRegister)
Nov 15 11:24:22 httpd.portal(20983) INFO: [00:26:82:19:bc:ef]
redirected to authentication page
(captiveportal::PacketFence::Controller::CaptivePortal::checkIfNeedsToRegister)
Nov 15 11:24:25 httpd.portal(22655) INFO: Authentication successful
for in source null (Null) (pf::authentication::authenticate)
*Nov 15 11:24:25 httpd.portal(22655) WARN: No role specified or found
for pid source_id (MAC 00:26:82:19:bc:ef); assume maximum number of
registered nodes is reached (pf::node::is_max_reg_nodes_reached)*
**
My authentication.conf has these lines for Null:
[null]
description=Null Source
type=Null
email_required=no
[null rule Catchall]
description=
match=all
action0=set_role=guest
action1=set_access_duration=1h
The rule isn’t default, I tried adding that myself, I get the same
error with and without the rule.
My lab setup is inline, I have 192.168.10.10 on the packetfence
interface, a router with 192.168.10.1 and 192.168.11.1 in-between, and
my clients in 192.168.11.0/24.
Any ideas?
Also, next step will be having a “cooldown” period after the initial 1
hour of access, you’ll be blocked 1 hour, any hints on how to do this
would be appreciated too.
Regards,
Håvard Birkeland
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users