Hi team,
OK - tried the pfcmd method which didnt work for me... I have had a bit of
a go at the code to make it work as it wasn't adding entries to ipset
correctly (inline, I know there have been issues with this in the past)
which may have broken something.
I've now written a perl script that I run via cron:
#!/usr/bin/perl
## script to unregister all hosts - run this by cron at end of lesson.
## 1 - set all nodes' status to unreg in DB
## 2 - flush reg ipset table.
## DB bit:
use DBI;
my $dbServer="127.0.0.1";
my $uid="root";
my $pwd="password1withacapitalP";
my $db="pf";
my $dsn = "DBI:mysql:database=$db;host=$dbServer";
my $dbHandle = DBI->connect("$dsn", "$uid", "$pwd")
or die "Cannot log into $dbServer\n";
my $query = "UPDATE pf.node SET status='unreg'";
my $qHandle = $dbHandle->prepare ($query);
$qHandle->execute ();
$dbHandle->disconnect;
## ipset bit:
`/usr/sbin/ipset flush pfsession_Reg_10.15.228.0`;
Early indications suggest this works...
thanks,
Jim Potter
Network Manager
Oasis Brislington (formerly Brislington Enterprise College)
On 25 May 2015 at 11:06, Nathan, Josh <josh.nat...@bfacademy.de> wrote:
> Oh, I did forget to mention! If we unregister too many people at a time,
> we have to restart the PacketFence service. Not sure what the conflict is,
> but running that command a couple hundred times corrupts one of the running
> files or something, and then nothing can register until it's restarted. We
> really only do a mass deregister once a week, so we do it in the middle of
> the night, and then restart the services. But I don't know if that issue
> persists with newer versions of PacketFence, and I've only ever run
> PacketFence on Centos 6.x.
>
> Thanks,
> Joshua Nathan
> IT Administrator
> Black Forest Academy
> +49 (0) 7626-916123
>
>
> On Mon, May 25, 2015 at 12:02 PM, Nathan, Josh <josh.nat...@bfacademy.de>
> wrote:
>
>> We do something similar to this, actually. However, while we used to run
>> a query against the database, something changed with the upgrade to 4.0
>> that caused that to stop working. They'd be listed as "unregistered" in the
>> database, but still have access. I was able to put together a pfcmd
>> command that would do it, though. Here's what I have:
>>
>> /usr/local/pf/bin/pfcmd node edit [mac address]
>> status="unreg",unregdate="[datetime in YearMonthDayHourMinuteSecond format]"
>>
>>
>> We use a Perl script to generate the list of Mac addresses, and then loop
>> through them with this command.
>>
>> Thanks,
>> Joshua Nathan
>> IT Administrator
>> Black Forest Academy
>> +49 (0) 7626-916123
>>
>>
>> On Sun, May 24, 2015 at 4:04 PM, Jason 'XenoPhage' Frisvold <
>> xenoph...@godshell.com> wrote:
>>
>>> > On May 22, 2015, at 18:17, Mr J Potter <jpotter...@because.org.uk>
>>> wrote:
>>> >
>>> > Hi Jason,
>>> >
>>> > Did you find a way of doing this? I need to deregister all users
>>> periodically (plan is 7 times a day), and being able to do this via cron
>>> would be great.
>>>
>>> There's no built-in way to do this easily, but you can manipulate the
>>> database and perform the same process. Just build a query that finds the
>>> devices you're looking to deregister and then put them all in a state of
>>> unregistered.
>>>
>>> That said, it may be worth re-thinking things a little. The automatic
>>> mechanisms within Packetfence are pretty good. You can probably set the
>>> timers for 7 days and have the system handle this for you.
>>>
>>> > thanks,
>>> >
>>> > Jim Pott
>>>
>>> Jason 'XenoPhage' Frisvold
>>> xenoph...@godshell.com
>>>
>>> ------------------------------------------------------------------------------
>>> One dashboard for servers and applications across Physical-Virtual-Cloud
>>> Widest out-of-the-box monitoring support with 50+ applications
>>> Performance metrics, stats and reports that give you Actionable Insights
>>> Deep dive visibility with transaction tracing using APM Insight.
>>> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>
>>
>
>
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
