On 17/01/12 9:36 AM, Stefano Zanarini wrote: > are there any ways to achive similar results without using the > "shouldautoregister" function , avoiding the issue (I was thinking > to violations with "autoreg" action). > > What should be the ususal way to scan 802.1x authenticated users' machines ? > Making them register throught the captive portal ? >
On the shouldAutoRegister or getNodeInfoForAutoreg hooks you could execute the scan command in a non-blocking fashion. Using perl's exec() or maybe with & at the end of the command. If you block (system(), pf_run(), etc.) VLAN assignment will fail Command looks like: # pfcmd schedule now <ip-to-scan> The IP to scan might be hard to fetch as it will probably not be assigned.. That's the difficulty. Look at the pf::iplog module for helper function to get an IP from a MAC. If you get it to work reliably and cleanly consider contributing a patch to the project! Cheers! p.s.: this feature would be open for sponsorship also -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
