Hi Fabrice,
I actually stumbled across Julien's reply in the other
thread, but I'm not seeing the duplicates in the node table, so I think
that this may be a different issue.
mysql> select * from node where
mac='30:8d:99:16:ba:d0';
+-------------------+------+-------------+---------------------+---------------------+---------------------+---------------------+--------------+-------------------+--------+----------------------------------------------------------------------------------------------------------------+--------------+-------+---------------------+---------------------+----------------------------------------+-------------------+-------------+------------------+-------------+--------------+-------------+------+---------+-----------+--------------------------------+----------------+
|
mac | pid | category_id | detect_date | regdate | unregdate | lastskip
| time_balance | bandwidth_balance | status | user_agent | computername
| notes | last_arp | last_dhcp | dhcp_fingerprint | dhcp6_fingerprint |
dhcp_vendor | dhcp6_enterprise | device_type | device_class |
bypass_vlan | voip | autoreg | sessionid | machine_account |
bypass_role_id
|
+-------------------+------+-------------+---------------------+---------------------+---------------------+---------------------+--------------+-------------------+--------+----------------------------------------------------------------------------------------------------------------+--------------+-------+---------------------+---------------------+----------------------------------------+-------------------+-------------+------------------+-------------+--------------+-------------+------+---------+-----------+--------------------------------+----------------+
|
30:8d:99:16:ba:d0 | test | 1 | 2016-01-11 11:14:17 | 0000-00-00
00:00:00 | 0000-00-00 00:00:00 | 0000-00-00 00:00:00 | NULL | NULL |
unreg | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/47.0.2526.106 Safari/537.36 | DARALP03 | NULL |
0000-00-00 00:00:00 | 2016-01-14 10:52:55 |
1,15,3,6,44,46,47,31,33,121,249,252,43 | 24,23,17,39 | MSFT 5.0 | 311 |
Windows | Windows | NULL | no | no | | host/TESTLP03.ad.example.org |
NULL
|
+-------------------+------+-------------+---------------------+---------------------+---------------------+---------------------+--------------+-------------------+--------+----------------------------------------------------------------------------------------------------------------+--------------+-------+---------------------+---------------------+----------------------------------------+-------------------+-------------+------------------+-------------+--------------+-------------+------+---------+-----------+--------------------------------+----------------+
1
row in set (0.00 sec)
mysql> select count(*) from node where
voip='';
+----------+
| count(*) |
+----------+
| 0 |
+----------+
1 row
in set (0.00 sec)
Thanks,
Andrew
On 14.01.2016 23:50, Durand
fabrice wrote:
> Ok so there is 2 open entries in the locationlog.
>
> Can you do that:
> select * from node where mac="
30:8d:99:16:ba:d0";
> and check the voip status, if it's undef then you
will have to clean the database.
>
> Here the solution Julien wrote in
another thread:
>
> For your issues of duplicate nodes, you are seeing
them because multiple locationlog entries are opened for the same
device
>
> You can confirm it easily by executing the following query
in your database :
> mysql > select count(*) from node where voip='';
>
> If the count is higher than 0 then you are affected by the issue
described above
>
> To fix it please do the following :
> In your
MySQL database
> mysql > UPDATE node set voip='no' where voip='';
>
>
Then download the following script in /usr/local/pf/addons/
fix_duplicate_locationlog.pl
>
https://gist.github.com/julsemaan/6c7676561d2458e8288c [4]
>
> Then
execute it :
> perl /usr/local/pf/addons/fix_duplicate_locationlog.pl
>
> This should close and reopen all your locationlog entries and your
duplicate nodes won't appear anymore.
>
> Obviously, the script comes
without any warranty :)
>
> Cheers !
>
> - Julien
>
> Fabrice
>
> Le
2016-01-13 21:51, Andrew Jones a écrit :
>
>> Hi Fabrice,
>> Please
see the result of the query you've asked for here:
>>
http://pastebin.com/raw/ceTwt5PG [3]
>>
>> Thanks,
>> Andrew
>>
>>
On 14.01.2016 13:26, Fabrice Durand wrote:
>>
>>> For the duplicate
Mac, can you do a sql request in the database like:
>>>
>>> select *
from locationlog where mac="xx:yy...";
>>>
>>> And paste me the
result.
>>>
>>> Regards
>>>
>>> Fabrice
>>> Le 13 janv. 2016 9:08
PM, [email protected] a écrit :
>>> Hi Fabrice, thanks for the
information, that makes sense. I guess
>>> there could be plenty of
situations where you wouldn't be able to know
>>> that a device had
gone offline, but in the case of radius where you
>>> should receive an
accounting stop record, it will be great to see that
>>> the node's
node active anymore.
>>>
>>> The reason I noticed this is that I
hacked together a firewall sso
>>> module for juniper srx firewalls,
and was hoping wondering why entries
>>> were being added correctly,
but not removed when I unplugged the
>>> device.
>>>
>>> Any idea
about the duplicate node records?
>>>
>>> Thanks,
>>> Andrew
>>>
>>> On 14 January 2016 12:53:42 PM AEDT, Durand fabrice
<[email protected]> wrote:
>>>
>>>> Hello Andrew,
>>>>
>>>> there
is no notification that the device is still online or offline in
>>>>
PacketFence.
>>>> It's funny because one of my client ask me something
about that.
>>>> The goal is to have the ability to know if a device is
still online or
>>>> offline and to have an history of the time a
device was connected.
>>>>
>>>> It will not be really complicate and
will be based on the accounting
>>>> data.
>>>>
>>>> It is not a
feature that will be ready tomorrow but this is something
>>>> that we
will probably looking about.
>>>>
>>>> Regards
>>>> Fabrice
>>>>
>>>> Le 2016-01-13 19:15, Andrew Jones a écrit :
>>>>
>>>>> Hi all,
>>>>> I've just upgraded my setup to 5.6.0 but the same issues persist.
>>>>> Thanks,
>>>>> Andrew
>>>>>
>>>>> On 14.01.2016 09:25, Andrew
Jones wrote:
>>>>>
>>>>>> Hi all,
>>>>>> I have a packetfence (5.5.2)
installation running on debian, in vlan
>>>>>> enforcement mode with a
Juniper ex2200 running junos 12.3R11.2 using
>>>>>> 802.1x and Mac
Auth. For the most part it's working well, but I have
>>>>>> a
>>>>>>
couple of issues that I've noticed:
>>>>>> 1. Nodes' sessions, once
authenticated, don't appear to end as far
>>>> as
>>>>
>>>>>>
packetfence is concerned until the same node authenticates again,
>>>>>> either
>>>>>> on the same port, or elsewhere. This can be seen
from the either the
>>>>>> 'IP
>>>>>> address' or 'location' tabs of
the node status page, there is no end
>>>>>> date for either. It
doesn't matter whether this connection was mac
>>>>>> auth
>>>>>> or
802.1x (EAP-TLS), the end timestamp doesn't appear until the node
>>>>>> re-authenticates, despite the radius server having closed out
the
>>>>>> session:
>>>>>> mysql> select * from radacct where
radacctid=107G
>>>>>> *************************** 1. row
***************************
>>>>>> radacctid: 107
>>>>>>
acctsessionid: 8O2.1x81ed00d60005f22d
>>>>>> acctuniqueid:
e416089bd67238bf
>>>>>> username: 308d9916bad0
>>>>>> groupname:
>>>>>> realm:
>>>>>> nasipaddress: 172.31.1.51
>>>>>> nasportid: 74
>>>>>> nasporttype: Ethernet
>>>>>> acctstarttime: 2016-01-13 17:59:33
>>>>>> acctstoptime: 2016-01-13 17:59:45
>>>>>> acctsessiontime: 12
>>>>>> acctauthentic:
>>>>>> connectinfo_start:
>>>>>>
connectinfo_stop:
>>>>>> acctinputoctets: 1690207
>>>>>>
acctoutputoctets: 3273920
>>>>>> calledstationid: 288a1c01b600
>>>>>>
callingstationid: 308d9916bad0
>>>>>> acctterminatecause: Admin-Reboot
>>>>>> servicetype:
>>>>>> framedprotocol:
>>>>>> framedipaddress:
>>>>>> acctstartdelay: 0
>>>>>> acctstopdelay: 0
>>>>>>
xascendsessionsvrkey:
>>>>>> 1 row in set (0.00 sec)
>>>>>>
>>>>>>
I'm not quite sure how freeradius notifies pf that the session has
>>>>>> ended, but whatever this mechanism is, it doesn't appear to be
>>>>>> working
>>>>>> correctly in my setup.
>>>>>>
>>>>>> 2. Each
authenticated node appears twice in the node list in the web
>>>>>>
interface, but only during an authenticated session, all details of
>>>>>> both
>>>>>> entries are identical. The radacct table only shows
a single radius
>>>>>> session for the conenction, so it doesn't appear
that the switch is
>>>>>> sending radius requests twice, or anything
like that.
>>>>>>
>>>>>> If anyone has any suggestions regarding these
issues, I'll be very
>>>>>> grateful.
>>>>>>
>>>>>> Thanks,
>>>>>>
Andrew
>>>>
------------------------------------------------------------------------------
Links:
------
[1]
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
[2]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[3]
http://pastebin.com/raw/ceTwt5PG
[4]
https://gist.github.com/julsemaan/6c7676561d2458e8288c
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
