Hi Fabrice, ok, that sounds simple. :-)
Tried adding a violation, but: > Oct 28 22:08:55 httpd.admin(9509) WARN: database query failed with: Cannot > add or update a child row: a foreign key constraint fails (`pf`.`violation`, > CONSTRAINT `0_61` FOREIGN KEY (`vid`) REFERENCES `class` (`vid`) ON DELETE > CASCADE ON UPDATE CASCADE) (errno: 1452), will try again > (pf::db::db_query_execute) > Oct 28 22:08:55 httpd.admin(9509) WARN: database query failed with: Cannot > add or update a child row: a foreign key constraint fails (`pf`.`violation`, > CONSTRAINT `0_61` FOREIGN KEY (`vid`) REFERENCES `class` (`vid`) ON DELETE > CASCADE ON UPDATE CASCADE) (errno: 1452), will try again > (pf::db::db_query_execute) > Oct 28 22:08:55 httpd.admin(9509) WARN: database query failed with: Cannot > add or update a child row: a foreign key constraint fails (`pf`.`violation`, > CONSTRAINT `0_61` FOREIGN KEY (`vid`) REFERENCES `class` (`vid`) ON DELETE > CASCADE ON UPDATE CASCADE) (errno: 1452), will try again > (pf::db::db_query_execute) > Oct 28 22:08:55 httpd.admin(9509) ERROR: Database issue: We tried 3 times to > serve query violation_add_sql called from pf::violation::violation_add and we > failed. Is the database running? (pf::db::db_query_execute) > Oct 28 22:08:55 httpd.admin(9509) ERROR: unknown error adding violation > 1500002 for e8:91:20:0f:ee:92 (pf::violation::violation_add) Yes, the database appears to be running, the complete system seems to work fine. This is pf 5.3.1 on wheezy. Any ideas? On 10/28/2015 09:56 PM, Durand fabrice wrote: > Hi, > > simply trigger a violation on it where the target vlan is isolation vlan. > > regards > Fabrice > > Le 2015-10-28 16:50, mourik jan heupink a écrit : >> Hi, >> >> This question is _very_ basic, but... we have been using pf for a while >> now, and I have recently been informed about an infected inline client. >> >> Now I want to isolate that inline client, I have it's mac, and I can see >> it under 'nodes'. >> >> Now... how can I deny/block its access / isolate it? >> >> I see how I can unregister it (but the user would simply register >> again), 'reevaluate access' (which i guess is alo not what I want), and >> delete it. (which I'm sure will give the 'node it still active' error, >> plus the user would simply register it again) >> >> So...what to do to manually isolate/deny access to a client? >> >> MJ >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
