Hello Arun, sorry for the late reply.
Can you add just before this line: https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/role.pm#L737 use Data;;Dumper; $logger->warn(Dumper $args); then restart httpd.aaa and retry. You should be able to see all the args in the logs. (if you can paste them). Regards Fabrice Le dim. 19 sept. 2021 à 08:15, Arun Kangle <akan...@gmail.com> a écrit : > Hi Fabrice, > Update no 2: > > I could be wrong but I think for some reason "condition=security_event.id > == "3000008"" is not honoured (On GUI I can see security even is in "open" > state). Because just to verify I changed "condition=username == "hodtest"" > and form the logs I see that condition is honored and node is assigned to > "isolation" vlan. > > > Logs: > Sep 19 17:30:58 aolicnac packetfence_httpd.aaa[284027]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] handling radius autz request: from switch_ip > => (192.168.2.27), connection_type => Wireless-802.11-EAP,switch_mac => > (00:4e:35:cc:8d:ee), mac => [38:ba:f8:de:a7:10], port => 0, username => > "hodtest", ssid => aolicnet (pf::radius::authorize) > Sep 19 17:30:58 aolicnac packetfence_httpd.aaa[284027]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] Instantiate profile dot1x-eap > (pf::Connection::ProfileFactory::_from_profile) > > *Sep 19 17:30:58 aolicnac packetfence_httpd.aaa[284027]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] Match rule Disable_auto_reg > (pf::access_filter::test)*Sep 19 17:30:58 aolicnac > packetfence_httpd.aaa[284027]: httpd.aaa(249065) INFO: > [mac:38:ba:f8:de:a7:10] highest priority security_event is 3000008. Target > Role for security_event: isolation (pf::role::getIsolationRole) > Sep 19 17:30:58 aolicnac packetfence_httpd.aaa[284027]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] (192.168.2.27) Added VLAN 19 to the returned > RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept) > Sep 19 17:30:58 aolicnac packetfence_httpd.aaa[284027]: httpd.aaa(249065) > WARN: [mac:38:ba:f8:de:a7:10] No parameter isolationRole found in > conf/switches.conf for the switch 192.168.2.27 (pf::Switch::getRoleByName) > Sep 19 17:31:06 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] Updating locationlog from accounting request > (pf::api::handle_accounting_metadata) > Sep 19 17:31:06 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > WARN: [mac:38:ba:f8:de:a7:10] Firewall SSO Notify > (pf::api::firewallsso_accounting) > Sep 19 17:31:06 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] Sending a firewall SSO 'Update' request for > MAC '38:ba:f8:de:a7:10' and IP '192.168.10.58' (pf::firewallsso::do_sso) > Sep 19 17:31:06 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] Request to /api/v1/firewall_sso/update is > unauthorized, will perform a login (pf::api::unifiedapiclient::call) > Sep 19 17:31:07 aolicnac pfqueue[476302]: pfqueue(476302) INFO: > [mac:38:ba:f8:de:a7:10] Sending a firewall SSO 'Update' request for MAC > '38:ba:f8:de:a7:10' and IP '192.168.10.58' (pf::firewallsso::do_sso) > Sep 19 17:31:07 aolicnac pfqueue[476302]: pfqueue(476302) WARN: > [mac:38:ba:f8:de:a7:10] Unable to match MAC address to IP '192.168.10.58' > (pf::ip4log::ip2mac) > Sep 19 17:31:07 aolicnac pfqueue[478327]: pfqueue(478327) INFO: > [mac:38:ba:f8:de:a7:10] Instantiate profile dot1x-eap > (pf::Connection::ProfileFactory::_from_profile) > Sep 19 17:31:14 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > WARN: [mac:38:ba:f8:de:a7:10] Firewall SSO Notify > (pf::api::firewallsso_accounting) > Sep 19 17:31:14 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] Sending a firewall SSO 'Stop' request for MAC > '38:ba:f8:de:a7:10' and IP '192.168.10.58' (pf::firewallsso::do_sso) > Sep 19 17:31:14 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] Updating locationlog from accounting request > (pf::api::handle_accounting_metadata) > Sep 19 17:31:14 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > WARN: [mac:38:ba:f8:de:a7:10] Firewall SSO Notify > (pf::api::firewallsso_accounting) > Sep 19 17:31:14 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > INFO: [mac:38:ba:f8:de:a7:10] Sending a firewall SSO 'Update' request for > MAC '38:ba:f8:de:a7:10' and IP '192.168.10.58' (pf::firewallsso::do_sso) > Sep 19 17:31:15 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > WARN: [mac:38:ba:f8:de:a7:10] Unable to pull accounting history for device > 38:ba:f8:de:a7:10. The history set doesn't exist yet. > (pf::accounting_events_history::latest_mac_history) > Sep 19 17:31:15 aolicnac pfqueue[476998]: pfqueue(476998) INFO: > [mac:38:ba:f8:de:a7:10] Sending a firewall SSO 'Update' request for MAC > '38:ba:f8:de:a7:10' and IP '192.168.10.58' (pf::firewallsso::do_sso) > Sep 19 17:31:15 aolicnac packetfence_httpd.aaa[463999]: httpd.aaa(249065) > WARN: [mac:38:ba:f8:de:a7:10] Unable to pull accounting history for device > 38:ba:f8:de:a7:10. The history set doesn't exist yet. > (pf::accounting_events_history::latest_mac_history) > Sep 19 17:31:15 aolicnac pfqueue[478332]: pfqueue(478332) INFO: > [mac:38:ba:f8:de:a7:10] Instantiate profile dot1x-eap > (pf::Connection::ProfileFactory::_from_profile) > Sep 19 17:31:16 aolicnac packetfence_httpd.portal[476285]: > httpd.portal(476285) INFO: [mac:38:ba:f8:de:a7:10] Instantiate profile > dot1x-eap (pf::Connection::ProfileFactory::_from_profile) > Sep 19 17:31:16 aolicnac packetfence_httpd.portal[476292]: > httpd.portal(476292) INFO: [mac:38:ba:f8:de:a7:10] Instantiate profile > dot1x-eap (pf::Connection::ProfileFactory::_from_profile) > Sep 19 17:31:16 aolicnac packetfence_httpd.portal[476292]: > httpd.portal(476292) INFO: [mac:38:ba:f8:de:a7:10] Showing the > security_events/banned_os.html remediation page. > (captiveportal::PacketFence::Controller::SecurityEvent::index) > Sep 19 17:31:30 aolicnac pfqueue[476506]: pfqueue(476506) INFO: > [mac:38:ba:f8:de:a7:10] Sending a firewall SSO 'Update' request for MAC > '38:ba:f8:de:a7:10' and IP '192.168.10.58' (pf::firewallsso::do_sso) > > > more /usr/local/pf/conf/security_events.conf > > [3000008] > access_duration=12h > enabled=Y > trigger=internal::is_max_reg_nodes_reached > desc=Max nodes reached > actions=reevaluate_access > > > more /usr/local/pf/conf/vlan_filters.conf > > [Disable_auto_reg] > status=enabled > condition=username == "hodtest" > run_actions=enabled > scopes=AutoRegister > top_op=and > > Thanks, > - Arun > > On Fri, Sep 17, 2021 at 1:03 AM Arun Kangle <akan...@gmail.com> wrote: > >> Sorry Fabrice, filter for the packefence.log was wrong so please ignore >> the earlier email. >> >> Update is, I see the security event triggered but node is not assigned to >> Isolation VLAN: >> >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> INFO: [mac:38:ba:f8:de:a7:10] handling radius autz request: from switch_ip >> => (192.168.2.27), connection_type => Wireless-802.11-EAP,switch_mac => >> (00:4e:35:cc:8d:ee), mac => [38:ba:f8:de:a7:10], port => 0, username => >> "hodtest", ssid => aolicnet (pf::radius::authorize) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> INFO: [mac:38:ba:f8:de:a7:10] Instantiate profile dot1x-eap >> (pf::Connection::ProfileFactory::_from_profile) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> INFO: [mac:38:ba:f8:de:a7:10] Found authentication source(s) : >> 'set-group-based-role' for realm 'null' >> (pf::config::util::filter_authentication_sources) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> INFO: [mac:38:ba:f8:de:a7:10] Using sources set-group-based-role for >> matching (pf::authentication::match2) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> WARN: [mac:38:ba:f8:de:a7:10] [set-group-based-role set-role-Bypassed] >> Searching for >> (&(sAMAccountName=hodtest)(memberOf=CN=Bypassed,OU=AOL-Group,DC=AOLIC,DC=NET)), >> from DC=AOLIC,DC=NET, with scope sub >> (pf::Authentication::Source::LDAPSource::match_in_subclass) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> WARN: [mac:38:ba:f8:de:a7:10] [set-group-based-role set-role-HOD] Searching >> for >> (&(sAMAccountName=hodtest)(memberOf=CN=HOD,OU=AOL-Group,DC=AOLIC,DC=NET)), >> from DC=AOLIC,DC=NET, with scope sub >> (pf::Authentication::Source::LDAPSource::match_in_subclass) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> INFO: [mac:38:ba:f8:de:a7:10] Matched rule (set-role-HOD) in source >> set-group-based-role, returning actions. >> (pf::Authentication::Source::match_rule) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> INFO: [mac:38:ba:f8:de:a7:10] Matched rule (set-role-HOD) in source >> set-group-based-role, returning actions. (pf::Authentication::Source::match) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> INFO: [mac:38:ba:f8:de:a7:10] per-role max nodes per-user limit reached: 1 >> are already registered to pid hodtest for role HOD >> (pf::node::is_max_reg_nodes_reached) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> WARN: [mac:38:ba:f8:de:a7:10] Unable to pull accounting history for device >> 38:ba:f8:de:a7:10. The history set doesn't exist yet. >> (pf::accounting_events_history::latest_mac_history) >> >> *Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: >> httpd.aaa(249065) INFO: [mac:38:ba:f8:de:a7:10] security_event 3000008 >> (trigger internal::is_max_reg_nodes_reached) already exists for >> 38:ba:f8:de:a7:10, not adding again >> (pf::security_event::security_event_trigger)*Sep 17 00:59:13 aolicnac >> packetfence_httpd.aaa[250198]: httpd.aaa(249065) ERROR: >> [mac:38:ba:f8:de:a7:10] max nodes per pid met or exceeded - registration of >> 38:ba:f8:de:a7:10 to hodtest failed >> (pf::registration::setup_node_for_registration) >> Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065) >> ERROR: [mac:38:ba:f8:de:a7:10] auto-registration of node failed max nodes >> per pid met or exceeded (pf::radius::authorize) >> >> >> root@aolicnac:/usr/local/pf/conf# more security_events.conf >> >> [3000008] >> access_duration=12h >> enabled=Y >> trigger=internal::is_max_reg_nodes_reached >> desc=Max nodes reached >> actions=reevaluate_access >> window=dynamic >> >> >> root@aolicnac:/usr/local/pf/conf# more vlan_filters.conf >> >> [Disable_auto_reg] >> status=enabled >> condition=security_event.id == "3000008" >> run_actions=enabled >> scopes=AutoRegister >> top_op=and >> description=Disable auto registration on security event >> role=REJECT >> >> On Thu, Sep 16, 2021 at 7:23 PM Arun Kangle <akan...@gmail.com> wrote: >> >>> Fabrice, >>> The Problem is I don't see security even getting triggered. What i mean >>> is, *for example*, i don't see security event trigger message like the >>> one below (this one is for random_mac) in the packetfence.log for >>> event_id=3000008 >>> >>> 2021-09-16T19:09:43+05:30aolicnacpfqueuepfqueueinfo pfqueue(234785) >>> INFO: [mac:d2:41:be:48:3a:1f] calling security_event_add with >>> security_event_id=3000007 mac=d2:41:be:48:3a:1f release_date=0000-00-00 >>> 00:00:00 (trigger internal::new_dhcp_info) >>> (pf::security_event::security_event_trigger) >>> >>> And because of that under report or under node, I don't see any >>> "Security events" entry. >>> >>> root@aolicnac:/usr/local/pf/conf# more security_events.conf >>> [3000007] >>> desc=Private MAC Address detection >>> actions=log,reevaluate_access >>> enabled=Y >>> whitelisted_roles=default,v-guest,r-guest,registration >>> >>> [3000008] >>> access_duration=12h >>> enabled=Y >>> trigger=internal::is_max_reg_nodes_reached >>> desc=Max nodes reached >>> actions=reevaluate_access >>> window=dynamic >>> >>> >>> root@aolicnac:/usr/local/pf/conf# more vlan_filters.conf >>> [ster,RegistrationRole >>> >>> [Disable_auto_reg] >>> status=enabled >>> condition=security_event.id == "3000008" >>> run_actions=enabled >>> scopes=AutoRegister >>> top_op=and >>> description=Disable auto registration on security event >>> role=REJECT >>> >>> Thanks in advance, >>> - Arun >>> >>> On Wed, Sep 15, 2021 at 7:21 PM Fabrice Durand <oeufd...@gmail.com> >>> wrote: >>> >>>> In fact it´s a little bit more complicate since you do autoregistration. >>>> >>>> What you can do is to trigger the security event with action isolate. >>>> Then create a vlan filter that disable the autoregistration if the >>>> security event is open for this device. >>>> >>>> Then the first request will be rejected (security event triggered) and >>>> once the device reconnect it will go in the isolation vlan. >>>> >>>> >>>> Vlan filter: >>>> >>>> [Disable_Auto_reg] >>>> description=Disable Auto Reg on security event >>>> run_actions=enabled >>>> status=enabled >>>> condition=security_event.id == "3000009" >>>> top_op=and >>>> scopes=AutoRegister >>>> role=REJECT >>>> >>>> Security event: >>>> >>>> [3000009] >>>> trigger=internal::is_max_reg_nodes_reached >>>> desc=Max node >>>> access_duration=12h >>>> actions=reevaluate_access >>>> window=dynamic >>>> enabled=Y >>>> >>>> >>>> >>>> Le lun. 13 sept. 2021 à 13:04, Arun Kangle <akan...@gmail.com> a >>>> écrit : >>>> >>>>> Hi Fabrice, >>>>> I did quick testing, it's not triggering. I am using V 11.0, upgraded >>>>> from 10.3.9 >>>>> 1) while creating the security event, GUI shows the error (attached >>>>> screenshot) but event is created successfully >>>>> 2) event is not getting triggered, so no further actions (like >>>>> assign isoalation role and not getting redirected to web-page) >>>>> >>>>> security_event.conf >>>>> more security_events.conf >>>>> [3000007] >>>>> desc=Private MAC Address detection >>>>> actions=log,reevaluate_access >>>>> enabled=Y >>>>> whitelisted_roles=default,v-guest,r-guest,registration >>>>> >>>>> [3000008] >>>>> access_duration=12h >>>>> enabled=Y >>>>> template=banned_os >>>>> trigger=internal::is_max_reg_nodes_reached >>>>> desc=Max nodes reached >>>>> actions=reevaluate_access >>>>> # Copyright (C) Inverse inc. >>>>> >>>>> >>>>> Logs: >>>>> >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> INFO: [mac:38:ba:f8:de:a7:10] handling radius autz request: from switch_ip >>>>> => (192.168.2.27), connection_type => Wireless-802.11-EAP,switch_mac => >>>>> (00:4e:35:cc:8d:ee), mac => [38:ba:f8:de:a7:10], port => 0, username => >>>>> "hodtest", ssid => aolicnet (pf::radius::authorize) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> INFO: [mac:38:ba:f8:de:a7:10] Instantiate profile dot1x-eap >>>>> (pf::Connection::ProfileFactory::_from_profile) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> INFO: [mac:38:ba:f8:de:a7:10] Found authentication source(s) : >>>>> 'set-group-based-role' for realm 'null' >>>>> (pf::config::util::filter_authentication_sources) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> INFO: [mac:38:ba:f8:de:a7:10] Using sources set-group-based-role for >>>>> matching (pf::authentication::match2) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> WARN: [mac:38:ba:f8:de:a7:10] [set-group-based-role set-role-Bypassed] >>>>> Searching for >>>>> (&(sAMAccountName=hodtest)(memberOf=CN=Bypassed,OU=AOL-Group,DC=AOLIC,DC=NET)), >>>>> from DC=AOLIC,DC=NET, with scope sub >>>>> (pf::Authentication::Source::LDAPSource::match_in_subclass) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> WARN: [mac:38:ba:f8:de:a7:10] [set-group-based-role set-role-HOD] >>>>> Searching >>>>> for >>>>> (&(sAMAccountName=hodtest)(memberOf=CN=HOD,OU=AOL-Group,DC=AOLIC,DC=NET)), >>>>> from DC=AOLIC,DC=NET, with scope sub >>>>> (pf::Authentication::Source::LDAPSource::match_in_subclass) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> INFO: [mac:38:ba:f8:de:a7:10] Matched rule (set-role-HOD) in source >>>>> set-group-based-role, returning actions. >>>>> (pf::Authentication::Source::match_rule) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> INFO: [mac:38:ba:f8:de:a7:10] Matched rule (set-role-HOD) in source >>>>> set-group-based-role, returning actions. >>>>> (pf::Authentication::Source::match) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> INFO: [mac:38:ba:f8:de:a7:10] per-role max nodes per-user limit reached: 1 >>>>> are already registered to pid hodtest for role HOD >>>>> (pf::node::is_max_reg_nodes_reached) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> WARN: [mac:38:ba:f8:de:a7:10] Unable to pull accounting history for device >>>>> 38:ba:f8:de:a7:10. The history set doesn't exist yet. >>>>> (pf::accounting_events_history::latest_mac_history) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> INFO: [mac:38:ba:f8:de:a7:10] security_event 3000008 (trigger >>>>> internal::is_max_reg_nodes_reached) already exists for 38:ba:f8:de:a7:10, >>>>> not adding again (pf::security_event::security_event_trigger) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> ERROR: [mac:38:ba:f8:de:a7:10] max nodes per pid met or exceeded - >>>>> registration of 38:ba:f8:de:a7:10 to hodtest failed >>>>> (pf::registration::setup_node_for_registration) >>>>> Sep 13 22:27:49 aolicnac packetfence_httpd.aaa[3379]: httpd.aaa(2029) >>>>> ERROR: [mac:38:ba:f8:de:a7:10] auto-registration of node failed max nodes >>>>> per pid met or exceeded (pf::radius::authorize) >>>>> >>>>> >>>>> On Mon, Sep 13, 2021 at 1:33 PM Arun Kangle <akan...@gmail.com> wrote: >>>>> >>>>>> Thanks a lot for your help Fabrice. I patched my server. Will do some >>>>>> testing and let you know. >>>>>> >>>>>> Regards, >>>>>> - Arun >>>>>> >>>>>> On Mon, Sep 13, 2021 at 5:56 AM Fabrice Durand <oeufd...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> Hello Arun, >>>>>>> >>>>>>> try that. >>>>>>> cd /usr/local/pf >>>>>>> patch -p1 --dry-run < max_node.diff >>>>>>> if there is no error: >>>>>>> patch -p1 < max_node.diff >>>>>>> >>>>>>> Then restart packetfence. >>>>>>> >>>>>>> Regards >>>>>>> Fabrice >>>>>>> >>>>>>> Le sam. 11 sept. 2021 à 10:40, Arun Kangle <akan...@gmail.com> a >>>>>>> écrit : >>>>>>> >>>>>>>> Hi Fabrice, >>>>>>>> Thanks for your reply. I will need help on this. >>>>>>>> >>>>>>>> Thanks again, >>>>>>>> - Arun >>>>>>>> >>>>>>>> On Sat, Sep 11, 2021 at 7:25 AM Fabrice Durand <oeufd...@gmail.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hello Arun, >>>>>>>>> >>>>>>>>> there is no security event that trigger that but it´s >>>>>>>>> not something really complicate to add in packetfence. >>>>>>>>> >>>>>>>>> If you look at is_max_reg_nodes_reached in node.pm, you can >>>>>>>>> trigger a security event from there. >>>>>>>>> >>>>>>>>> Let me know if you need help on that, it won´t take me so much >>>>>>>>> time to code it. >>>>>>>>> >>>>>>>>> Regards >>>>>>>>> Fabrice >>>>>>>>> >>>>>>>>> >>>>>>>>> Le mer. 25 août 2021 à 05:54, Arun Kangle via PacketFence-users < >>>>>>>>> packetfence-users@lists.sourceforge.net> a écrit : >>>>>>>>> >>>>>>>>>> Hello All, >>>>>>>>>> I went through the install guide and this list but I did not find >>>>>>>>>> information on how to configure a customer security event. >>>>>>>>>> Basically I wanted to trigger a custom security event when " max >>>>>>>>>> nodes per pid met or exceeded" and move the node to the isolation >>>>>>>>>> vlan so >>>>>>>>>> that the user can deregister one of the nodes to proceed. >>>>>>>>>> >>>>>>>>>> Thanks on advance, >>>>>>>>>> - Arun >>>>>>>>>> _______________________________________________ >>>>>>>>>> PacketFence-users mailing list >>>>>>>>>> PacketFence-users@lists.sourceforge.net >>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>>>>>>> >>>>>>>>>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
