I am slowly getting to grips with the system. Everything makes a lot more sense
when the IPLOG table is consistent with reality. I have configured the
UDP_Reflector on
our production DHCP server so that PF sees everything that is happening on the
network.
What I really want to do now is prevent 'pfqueue' from updating IPLOG entries
in the database
>From subnets that have nothing to do with Packetfence operations (ie. subnets
>that are not used
during VLAN reassignment etc.). We now have a database with over 14,000 entries
in it but only
about 4000 of these are important (aka - Public WiFi networks) to PF. I could
run a scheduled 'purge'
of the unused subnets but this seems a bit of a fudge.
Is there a way of 'filtering' the DHCP stuff so that only IP addresses (and
their MACs) that are of
interest to PF are inserted into the database? I know I can always tweak the
code in /usr/local/pf/lib/pf/iplog.pm,
but I would rather do it at a higher level (preferably the GUI).
Andrew
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
