Re: [PacketFence-users] SSID message Error on PF from Cisco ap1242 and iphone mobile phone

2014-07-08 Thread Matteo Pidalà 
Perfect!
It's working well!!

Thank you!

Matteo


2014-07-03 15:30 GMT+02:00 Matteo Pidalà :

> ah ok! I will try next week, I will be far away from my server until
> Monday...
>
> Thanks once again Fabrice,
>
> regards
>
> Matteo
>
>
> 2014-07-03 1:10 GMT+02:00 Durand fabrice :
>
>  My fault, it´s just a little syntax error, try this:
>>
>>
>> sub extractSsid {
>> my ($this, $radius_request) = @_;
>> my $logger = Log::Log4perl::get_logger(ref($this));
>>
>> if (defined($radius_request->{'Cisco-AVPair'})) {
>> if (ref($radius_request->{'Cisco-AVPair'}) eq 'ARRAY') {
>> foreach my $ciscoAVPair
>> (@{$radius_request->{'Cisco-AVPair'}}) {
>> $logger->trace("Cisco-AVPair: ".$ciscoAVPair);
>>
>> if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair =
>> "ssid=PacketFence-Secure"
>> return $1;
>> } else {
>> $logger->info("Unable to extract SSID of
>> Cisco-AVPair: ".$ciscoAVPair);
>> }
>> }
>> } else {
>> if ($radius_request->{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
>> ex: Cisco-AVPair = "ssid=PacketFence-Secure"
>> return $1;
>> } else {
>> $logger->info("Unable to extract SSID of Cisco-AVPair:
>> ".$radius_request->{'Cisco-AVPair'});
>>
>> }
>> }
>> }
>>
>> $logger->warn(
>> "Unable to extract SSID for module " . ref($this) . ". SSID-based
>> VLAN assignments won't work. "
>> . "Make sure you enable Vendor Specific Attributes (VSA) on the
>> AP if you want them to work."
>> );
>> return;
>> }
>>
>> Fabrice
>>
>> Le 2014-07-02 16:21, Matteo Pidalà a écrit :
>>
>> Hi Fabrice,
>> I'm sorry to disturb you once again, but after the function change, I
>> receive a new error from packetfence.log after trying to connect my laptop
>> in wifi:
>>  *Jul 03 00:19:33 httpd.webservices(3047) INFO: Unable to extract MAC
>> from Called-Station-Id: 0021.1be9.8770
>> (pf::radius::extractApMacFromRadiusRequest)*
>> *Jul 03 00:19:33 httpd.webservices(3047) ERROR: Can not load perl module
>> for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
>> type is unknown or the perl module has compilation errors. Read the
>> following message for details:  (pf::SwitchFactory::instantiate)*
>> *Jul 03 00:19:33 httpd.webservices(3047) WARN: Can't instantiate switch
>> 10.0.1.10. This request will be failed. Are you sure your switches.conf is
>> correct? (pf::radius::authorize)*
>> *Jul 03 00:19:36 httpd.webservices(3047) INFO: Unable to extract MAC from
>> Called-Station-Id: 0021.1be9.8770
>> (pf::radius::extractApMacFromRadiusRequest)*
>> *Jul 03 00:19:36 httpd.webservices(3047) ERROR: Can not load perl module
>> for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
>> type is unknown or the perl module has compilation errors. Read the
>> following message for details:  (pf::SwitchFactory::instantiate)*
>> *Jul 03 00:19:36 httpd.webservices(3047) WARN: Can't instantiate switch
>> 10.0.1.10. This request will be failed. Are you sure your switches.conf is
>> correct? (pf::radius::authorize)*
>> *Jul 03 00:19:39 httpd.webservices(3047) INFO: Unable to extract MAC from
>> Called-Station-Id: 0021.1be9.8770
>> (pf::radius::extractApMacFromRadiusRequest)*
>> *Jul 03 00:19:39 httpd.webservices(3047) ERROR: Can not load perl module
>> for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
>> type is unknown or the perl module has compilation errors. Read the
>> following message for details:  (pf::SwitchFactory::instantiate)*
>> *Jul 03 00:19:39 httpd.webservices(3047) WARN: Can't instantiate switch
>> 10.0.1.10. This request will be failed. Are you sure your switches.conf is
>> correct? (pf::radius::authorize)*
>> *Jul 03 00:19:43 httpd.webservices(3047) INFO: Unable to extract MAC from
>> Called-Station-Id: 0021.1be9.8770
>> (pf::radius::extractApMacFromRadiusRequest)*
>> *Jul 03 00:19:43 httpd.webservices(3047) ERROR: Can not load perl module
>> for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
>> type is unknown or the perl module has compilation errors. Read the
>> following message for details:  (pf::SwitchFactory::instantiate)*
>> *Jul 03 00:19:43 httpd.webservices(3047) WARN: Can't instantiate switch
>> 10.0.1.10. This request will be failed. Are you sure your switches.conf is
>> correct? (pf::radius::authorize)*
>>
>>  The configuration is still like my first mail.
>>
>>  Any suggestion are welcome!!
>>
>>  Regards
>>
>>  Mattteo
>>
>>
>> 2014-07-01 23:49 GMT+02:00 Durand fabrice :
>>
>>>  Hello Matteo,
>>>
>>> can you edit Aironet.pm and replace the function extractSsid with that
>>> code and retry :
>>>
>>>
>>> sub extractSsid {
>>> my ($this, $radius_request) = @_;
>>> my $logger = Log::Log4perl::get_logger(ref($this));
>>>
>>> if (defined($radius_request->{'Cisco-AVPair'})) {
>>> i

Re: [PacketFence-users] Expiring Nodes and Database Maintenance script

2014-07-08 Thread Fabrice DURAND 

Hello Jeremy,

In fact end_time in locationlog will be set if a new locationlog entry 
is insert.
And if you check in node.pm -> node_cleanup you can see that pf try to 
remove only unreg nodes.


What you can do is to play with iplog instead but be sure that the 
production dhcp traffic is forwarded to the management interface. 
pfdhcplistener will update iplog table and you will be able to know 
exactly when the device was on the network and will be able to remove it 
based on the end_time + 2 months.


Regards
Fabrice


Le 2014-07-07 22:41, Jeremy Plumley a écrit :


Thanks Fabrice,


I have the expiration settings setup and have rebooted the pfmon 
service but I haven't notice any reduction in the number of nodes in 
our database. I looked at the database-and-maintenance.sh script and 
the locationlog cleanup looks at the end_time column but all of my 
entries show NULL so nothing gets removed. That is why I wondered if 
end_time was the unregistered date of the node possibly. Most our 
nodes have unreg dates of five years since we don't replace systems 
until they break most of the time. However we would like for them to 
be removed if they never touch the network in two months because we do 
get rid of equipment.



I'm thinking of modifying the script to look at the start_time since I 
can see nodes have multiple times a day recorded in the locationlog. 
No need to keep more that 30 days of start times it seems. Would this 
cause any issues that you are aware of? Thanks.




Jeremy Plumley

ITS Network Technician

Guilford Technical Community College, www.GTCC.edu 

601 High Point Road, Jamestown, NC 27282

Office -- 336.334.4822 ext 50428


*From:* Fabrice DURAND 
*Sent:* Monday, July 7, 2014 8:27 AM
*To:* packetfence-users@lists.sourceforge.net
*Subject:* Re: [PacketFence-users] Expiring Nodes and Database 
Maintenance script

Hello Jeremy,

setting expiration to 60 days for nodes and 30 for location log is a 
good idea.
What you have to take care is what technology you are using for the 
access (Port-Sec, mac-auth ...)
In the case of the port-securty, you have be sure that the expiration 
on the location log is a little bit more than the maximum access 
duration of a node.

Of course don´t forget to restart pfmon to use the new values you defined.

Other thing use database-backup-and-maintenance.sh for maintenance.

Regards
Fabrice

Le 2014-07-06 16:53, Jeremy Plumley a écrit :


Hello,


I have been trying to research on how to do maintenance on our 
packetfence database. Wanted to delete out nodes from our database 
that hasn't connected to the network in two months. I tried setting 
the expiring dates of 60 days for nodes and 30 days for the location 
log but nothing seems to be getting cleared out. At this moment I see 
some people use a cron job to delete nodes based on the last dhcp 
date which I will probably work on. However there is already a script 
in addons for locationlog maintenance but it goes by end_date. What 
is the end_date? All of my entries show NULL and the script only 
deletes those that are 1 month old. Is this the deregistration date? 
Thanks.



Jeremy Plumley

ITS Network Technician

Guilford Technical Community College, www.GTCC.edu 

601 High Point Road, Jamestown, NC 27282

Office -- 336.334.4822 ext 50428



--
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



--
Fabrice Durand
fdur...@inverse.ca  ::  +1.514.447.4918 (x135) ::www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)


--
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



--
Fabrice Durand
fdur...@inverse.ca ::  +1.514.447.4918 (x135) ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)

--
Open sou

Re: [PacketFence-users] Expiring Nodes and Database Maintenance script

2014-07-08 Thread Jeremy Plumley 
Thanks Fabrice,


I have the expiration settings setup and have rebooted the pfmon service but I 
haven't notice any reduction in the number of nodes in our database. I looked 
at the database-and-maintenance.sh script and the locationlog cleanup looks at 
the end_time column but all of my entries show NULL so nothing gets removed. 
That is why I wondered if end_time was the unregistered date of the node 
possibly. Most our nodes have unreg dates of five years since we don't replace 
systems until they break most of the time. However we would like for them to be 
removed if they never touch the network in two months because we do get rid of 
equipment.


I'm thinking of modifying the script to look at the start_time since I can see 
nodes have multiple times a day recorded in the locationlog. No need to keep 
more that 30 days of start times it seems. Would this cause any issues that you 
are aware of? Thanks.


Jeremy Plumley
ITS Network Technician
Guilford Technical Community College, www.GTCC.edu
601 High Point Road, Jamestown, NC 27282
Office - 336.334.4822 ext 50428

From: Fabrice DURAND 
Sent: Monday, July 7, 2014 8:27 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Expiring Nodes and Database Maintenance script

Hello Jeremy,

setting expiration to 60 days for nodes and 30 for location log is a good idea.
What you have to take care is what technology you are using for the access 
(Port-Sec, mac-auth ...)
In the case of the port-securty, you have be sure that the expiration on the 
location log is a little bit more than the maximum access duration of a node.
Of course don´t forget to restart pfmon to use the new values you defined.

Other thing use database-backup-and-maintenance.sh for maintenance.

Regards
Fabrice

Le 2014-07-06 16:53, Jeremy Plumley a écrit :

Hello,


I have been trying to research on how to do maintenance on our packetfence 
database. Wanted to delete out nodes from our database that hasn't connected to 
the network in two months. I tried setting the expiring dates of 60 days for 
nodes and 30 days for the location log but nothing seems to be getting cleared 
out. At this moment I see some people use a cron job to delete nodes based on 
the last dhcp date which I will probably work on. However there is already a 
script in addons for locationlog maintenance but it goes by end_date. What is 
the end_date? All of my entries show NULL and the script only deletes those 
that are 1 month old. Is this the deregistration date? Thanks.

Jeremy Plumley
ITS Network Technician
Guilford Technical Community College, www.GTCC.edu
601 High Point Road, Jamestown, NC 27282
Office - 336.334.4822 ext 50428



--
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft



___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users




--
Fabrice Durand
fdur...@inverse.ca ::  +1.514.447.4918 (x135) ::  
www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)
--
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users