[PacketFence-users] Using vlan_filter & device registration

Wed, 19 Aug 2015 05:27:09 -0700 

Hi all,
I'm having an issue on a new PF box running 5.0.1 (this is the version we have 
in dev). Currently I'm using vlan_filters to decide whether a user is a home 
user, or an eduroam visiting user, and assign the correct role based on this. 
However I've just added the device-registration option, and the vlan_filter is 
taking over this, registering the device with the owner as "default".

I presume this is something to do with my regex filtering within 
vlan_filter.conf as the device matches the visiting_user filter, and is given 
this vlan instead of the one it should be given. I've tried to account for this 
by telling the filter not to trigger when the username is a mac address, which 
it appears to be when the device logs in, but I'm still seeing this match the 
visiting_user filter.

My vlan_filter.conf is:
[home_user]
filter = username
operator = match
value = ^(.+@cardiffmet\.ac\.uk$|.+@uwic\.ac\.uk$)

[visiting_user]
filter = username
operator = match_not
value = 
^(.+@cardiffmet\.ac\.uk$|.+@uwic\.ac\.uk$|([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$)

[autoreg:home_user]
scope = AutoRegister
role = eduroam_home

[autoreg:visiting_user]
scope = AutoRegister
role = eduroam_visitors

[2:home_user]
scope = NormalVlan
role = eduroam_home
action = modify_node
action_param = mac = $mac , unregdate = 2015-09-0923:59:59

[2:visiting_user]
scope = NormalVlan
role = eduroam_visitors
action = modify_node
action_param = mac = $mac , unregdate = 2015-09-0923:59:59

Anyone have any ideas about this?

Cheers,
Andi

-------------------------------------
Andi Morris
IT Security Officer
Cardiff Metropolitan University
T: 02920 205720
E: [email protected]<mailto:[email protected]>
--------------------------------------

________________________________

[Cardiff Metropolitan University - 150 years of nurturing 
talent]<http://www.cardiffmet.ac.uk/cardiffmet150>

------------------------------------------------------------------------------

_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to