Thanks.
I should have mentioned that I have rebooted the server and restarted all
services, and this null authentication has never worked.
The bin/pfcmd configreload hard didnt help.
Regards,
Håvard
From: Durand fabrice [mailto:[email protected]]
Sent: 15. november 2014 13:43
To: [email protected]
Subject: Re: [PacketFence-users] Null authentication on Captive Portal (PF
4.5.0)
Hi,
it´s probably a cache issue, let´s try bin/pfcmd configreload hard
Also for the cooldown period, you can create a violation with an auto
release of 1 hour and trigger it when packetfence unreg the device.
To do that, edit node.pm
and change node_maintenance like that:
sub nodes_maintenance {
my $logger = Log::Log4perl::get_logger(__PACKAGE__);
$logger->debug("nodes_maintenance called");
my $expire_unreg_query = db_query_execute(NODE, $node_statements,
'node_expire_unreg_field_sql') || return (0);
while (my $row = $expire_unreg_query->fetchrow_hashref()) {
my $currentMac = $row->{mac};
node_deregister($currentMac);
require pf::enforcement;
use pf::api::jsonrpcclient;
my $apiclient = pf::api::jsonrpcclient->new;
$apiclient->notify('trigger_violation', $currentMac, '1100011',
'INTERNAL' );
pf::enforcement::reevaluate_access( $currentMac, 'manage_deregister'
);
$logger->info("modified $currentMac from status 'reg' to 'unreg'
based on unregdate colum" );
}
return (1);
}
and create the violation:
[1100011]
desc=CoolDown
template=cooldown
trigger=internal::1100011
actions=email,log,trap
enabled=Y
...
regards
Fabrice
Le 2014-11-15 06:41, Håvard Birkeland a écrit :
Hi.
Im trying to set up a captive portal that is just check to accept terms
and click OK to access.
Im using the default null source, but I get this error in the browser:
Sorry!
You have reached the maximum number of devices you are able to register with
this username.
Checking the packetfence.log I find this:
Nov 15 11:24:21 httpd.portal(20983) INFO: [00:26:82:19:bc:ef] Updating node
user_agent with useragent: 'Mozilla/5.0 (Windows NT 6.1; Trident/7.0;
rv:11.0) like Gecko'
(captiveportal::PacketFence::Controller::CaptivePortal::nodeRecordUser
Agent)
Nov 15 11:24:21 httpd.portal(20983) INFO: Static User-Agent lookup data
initialized (pf::useragent::_init)
Nov 15 11:24:22 httpd.portal(20983) INFO: [00:26:82:19:bc:ef] redirected to
default
(captiveportal::PacketFence::Controller::CaptivePortal::checkIfNeedsToRegist
er)
Nov 15 11:24:22 httpd.portal(20983) INFO: [00:26:82:19:bc:ef] redirected to
authentication page
(captiveportal::PacketFence::Controller::CaptivePortal::checkIfNeedsToRegist
er)
Nov 15 11:24:25 httpd.portal(22655) INFO: Authentication successful for in
source null (Null) (pf::authentication::authenticate)
Nov 15 11:24:25 httpd.portal(22655) WARN: No role specified or found for pid
source_id (MAC 00:26:82:19:bc:ef); assume maximum number of registered nodes
is reached (pf::node::is_max_reg_nodes_reached)
My authentication.conf has these lines for Null:
[null]
description=Null Source
type=Null
email_required=no
[null rule Catchall]
description=
match=all
action0=set_role=guest
action1=set_access_duration=1h
The rule isnt default, I tried adding that myself, I get the same error
with and without the rule.
My lab setup is inline, I have 192.168.10.10 on the packetfence interface, a
router with 192.168.10.1 and 192.168.11.1 in-between, and my clients in
192.168.11.0/24.
Any ideas?
Also, next step will be having a cooldown period after the initial 1 hour
of access, youll be blocked 1 hour, any hints on how to do this would be
appreciated too.
Regards,
Håvard Birkeland
----------------------------------------------------------------------------
--
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111
<http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktr
k> &iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
