Hello Andrew,
since it's just cisco wlc related, then you can put this function in WLC.pm
instead.
What you can do is to open a PR on github with your change, we will review
it and merge it in the code base.
Regards
Fabrice
Le lun. 27 févr. 2023 à 16:14, Andrew Torry via PacketFence-users <
packetfence-users@lists.sourceforge.net> a écrit :
> RESTRICTED
>
> Greetings fellow PF users,
>
>
>
> We have an issue that I was wondering if there is any chance of someone
> from the dev team to look at for me.
>
>
>
> The Cisco WLC provide for the transmission of the CalledStationID field of
> a RADIUS packet to be based on different formats:-
>
>
>
>
>
> In our specific case with a campus stretched out over a huge areas
> containing about 1300 AP’s it is very useful to have the RADIUS logs refer
> to the NAME of an AP rather than simply it’s MAC address.
>
>
>
> This works find with all our systems except PF.
>
>
>
> The code inside Switch.pm is hardwired to recognise XX:XX:XX:XX:XX:XX:SSID
> or XXXXXXXXXXXX:SSDI or XX-XX-XX-XX-XX-XX:SSID but rejects any other format
> (such as AP Name:SSID) above.
>
>
>
> This renders our WLC configuration incompatible with PF.
>
>
>
> There is a simple tweak to the code that we can perform by replacing the
> REGEXP in the code from:-
>
>
>
> sub extractSSIDFromCalledStationId {
>
> my ($self, $radius_request) = @_;
>
> # it's put in Called-Station-Id
>
> # ie: Called-Station-Id = "aa-bb-cc-dd-ee-ff:Secure SSID" or
> "aa:bb:cc:dd:ee:ff:Secure SSID"
>
> if (defined($radius_request->{'Called-Station-Id'})) {
>
> if ($radius_request->{'Called-Station-Id'} =~ /^
>
> # below is MAC Address with supported separators: :, - or
> nothing
>
>
> [a-f0-9]{2}[-:]?[a-f0-9]{2}[-:]?[a-f0-9]{2}[-:]?[a-f0-9]{2}[-:]?[a-f0-9]{2}[-:]?[a-f0-9]{2}
>
> :
>
> #
> : delimiter
>
>
> (.*)
> # SSID
>
> $/ix) {
>
> return $1;
>
> } else {
>
> my $logger = $self->logger;
>
> $logger->info("Unable to extract SSID of Called-Station-Id:
> ".$radius_request->{'Called-Station-Id'});
>
> }
>
> }
>
>
>
> return undef;
>
> }
>
>
>
> To:-
>
>
>
> sub extractSSIDFromCalledStationId {
>
> my ($self, $radius_request) = @_;
>
> # it's put in Called-Station-Id
>
> # ie: Called-Station-Id = "aa-bb-cc-dd-ee-ff:Secure SSID" or
> "aa:bb:cc:dd:ee:ff:Secure SSID"
>
> if (defined($radius_request->{'Called-Station-Id'})) {
>
> if ($radius_request->{'Called-Station-Id'} =~ /^
>
> # below is MAC Address with supported separators: :, - or
> nothing
>
> #
> [a-f0-9]{2}[-:]?[a-f0-9]{2}[-:]?[a-f0-9]{2}[-:]?[a-f0-9]{2}[-:]?[a-f0-9]{2}[-:]?[a-f0-9]{2}
>
> .*
>
> :
> # : delimiter
>
>
> (.*)
> # SSID
>
> $/ix) {
>
> return $1;
>
> } else {
>
> my $logger = $self->logger;
>
> $logger->info("Unable to extract SSID of Called-Station-Id:
> ".$radius_request->{'Called-Station-Id'});
>
> }
>
> }
>
>
>
> return undef;
>
> }
>
>
>
> But we are reluctant to modify CORE code as this will be lost at upgrades.
>
>
>
> What would be nice is to have some sort of ‘Called-Station-ID format
> specifier’ included in the Configuration system.
>
>
>
> Andrew
>
> RESTRICTED
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
