Hello Arun,
sorry for the late reply.
Can you add just before this line:
https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/role.pm#L737
use Data;;Dumper;
$logger->warn(Dumper $args);
then restart httpd.aaa and retry.
You should be able to see all the args in the logs. (if you can
Hi Fabrice,
Update no 2:
I could be wrong but I think for some reason "condition=security_event.id
== "308"" is not honoured (On GUI I can see security even is in "open"
state). Because just to verify I changed "condition=username == "hodtest""
and form the logs I see that condition is
Fabrice,
The Problem is I don't see security even getting triggered. What i mean is,
*for example*, i don't see security event trigger message like the one
below (this one is for random_mac) in the packetfence.log for
event_id=308
2021-09-16T19:09:43+05:30aolicnacpfqueuepfqueueinfo
Sorry Fabrice, filter for the packefence.log was wrong so please ignore the
earlier email.
Update is, I see the security event triggered but node is not assigned to
Isolation VLAN:
Sep 17 00:59:13 aolicnac packetfence_httpd.aaa[250198]: httpd.aaa(249065)
INFO: [mac:38:ba:f8:de:a7:10] handling
In fact it´s a little bit more complicate since you do autoregistration.
What you can do is to trigger the security event with action isolate.
Then create a vlan filter that disable the autoregistration if the security
event is open for this device.
Then the first request will be rejected
Thanks a lot for your help Fabrice. I patched my server. Will do some
testing and let you know.
Regards,
- Arun
On Mon, Sep 13, 2021 at 5:56 AM Fabrice Durand wrote:
> Hello Arun,
>
> try that.
> cd /usr/local/pf
> patch -p1 --dry-run < max_node.diff
> if there is no error:
> patch -p1 <
Hello Arun,
try that.
cd /usr/local/pf
patch -p1 --dry-run < max_node.diff
if there is no error:
patch -p1 < max_node.diff
Then restart packetfence.
Regards
Fabrice
Le sam. 11 sept. 2021 à 10:40, Arun Kangle a écrit :
> Hi Fabrice,
> Thanks for your reply. I will need help on this.
>
>
Hi Fabrice,
Thanks for your reply. I will need help on this.
Thanks again,
- Arun
On Sat, Sep 11, 2021 at 7:25 AM Fabrice Durand wrote:
> Hello Arun,
>
> there is no security event that trigger that but it´s not something really
> complicate to add in packetfence.
>
> If you look at
Hello Arun,
there is no security event that trigger that but it´s not something really
complicate to add in packetfence.
If you look at is_max_reg_nodes_reached in node.pm, you can trigger a
security event from there.
Let me know if you need help on that, it won´t take me so much time to code
Hello All,
I went through the install guide and this list but I did not find
information on how to configure a customer security event.
Basically I wanted to trigger a custom security event when " max nodes per
pid met or exceeded" and move the node to the isolation vlan so that the
user can
10 matches
Mail list logo